Advisories 1 June 2026

Marimo Python Notebook Pre-Authentication RCE Now Weaponized with LLM-Driven Post-Exploitation (CVE-2026-39987)

Scope: Marimo Python Notebook Versions 0.20.4 and Earlier

Severity: Red

Advisories 1 June 2026
PAN-OS GlobalProtect Authentication Bypass Under Active Exploitation Added to CISA KEV (CVE-2026-0257)

Scope: Palo Alto Networks PAN-OS with GlobalProtect Portal or Gateway Configured

Advisories 1 June 2026
FBI Warning: Kali365 Phishing-as-a-Service Platform Bypasses MFA to Hijack Microsoft 365 Accounts

Scope: Microsoft 365 and Microsoft Entra ID (All Organizations)

Advisories 1 June 2026
Cybercriminals Targeting Formula 1 Fans with Fake Streaming Services, Counterfeit Merchandise, and Phishing Scams

Scope: Formula 1 Fans (Global)

Severity: Medium

Advisories 1 June 2026
Trend Micro Apex One Directory Traversal Zero-Day Added to CISA KEV (CVE-2026-34926)

Scope: Trend Micro Apex One On-Premises (Server and Agent Builds Below 17079)

Advisories 1 June 2026
Ghost CMS SQL Injection Actively Exploited in Large-Scale ClickFix Campaign (CVE-2026-26980)

Scope: Ghost CMS Versions 3.24.0 to 6.19.0

Severity: Red

Advisories 1 June 2026
Dutch FIOD Seizes 800 Servers Linked to Stark Industries Pro-Russian Cyber Infrastructure

Scope: Hosting Providers Stark Industries / WorkTitans B.V.

Subscribe to Advisories