Jun 04, 2026 · #76 episode artwork

EPISODE · Jun 4, 2026 · 4 MIN

Jun 04, 2026 · #76

from Security Brief Daily · host Security Brief Daily

Episode 76 — 04 Jun 2026 1. CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in... 2. Acer working to patch max severity zero-days in Wave 7 routers Source: Bleeping Computer Acer confirmed that it's working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. According to a Friday security advisory , the two security flaws were reported by security researcher Gergo Pap and affect Wave 7 routers running... 3. U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors Source: Bleeping Computer The U.S. Treasury's Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran's largest cryptocurrency exchange, for facilitating payments related to terrorist activities. Nobitex is believed to have helped evade economic sanctions and also... 4. VS Code zero-day lets hackers steal GitHub tokens in one click Source: Bleeping Computer A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. Microsoft classifies a software flaw as a zero-day if it is publicly... 5. Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited Source: The Hacker News !j> u5 C! Ζ$3OˠƏ9X8Kj| S Ee3NDD)&EʖcUqV-K%6YӹIڣxUow-ʗWwp%AٱZws- s2^c IRE-=]Gp=2T... 6. CISA warns of active attacks exploiting Android, Linux bugs Source: Bleeping Computer The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. The most recent flaw the agency added to its Known Exploited Vulnerabilities (KEV) catalog,... 7. Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The vulnerability, CVE-2024-21182... 8. Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT Source: The Hacker News Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT. "Before the victim ever reaches attacker-controlled infrastructure,...

Episode 76 — 04 Jun 2026 1. CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in... 2. Acer working to patch max severity zero-days in Wave 7 routers Source: Bleeping Computer Acer confirmed that it's working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. According to a Friday security advisory , the two security flaws were reported by security researcher Gergo Pap and affect Wave 7 routers running... 3. U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors Source: Bleeping Computer The U.S. Treasury's Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran's largest cryptocurrency exchange, for facilitating payments related to terrorist activities. Nobitex is believed to have helped evade economic sanctions and also... 4. VS Code zero-day lets hackers steal GitHub tokens in one click Source: Bleeping Computer A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. Microsoft classifies a software flaw as a zero-day if it is publicly... 5. Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited Source: The Hacker News !j> u5 C! Ζ$3OˠƏ9X8Kj| S Ee3NDD)&EʖcUqV-K%6YӹIڣxUow-ʗWwp%AٱZws- s2^c IRE-=]Gp=2T... 6. CISA warns of active attacks exploiting Android, Linux bugs Source: Bleeping Computer The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. The most recent flaw the agency added to its Known Exploited Vulnerabilities (KEV) catalog,... 7. Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The vulnerability, CVE-2024-21182... 8. Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT Source: The Hacker News Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection and ultimately deliver a remote access trojan (RAT) named DesckVB RAT. "Before the victim ever reaches attacker-controlled infrastructure,...

NOW PLAYING

Jun 04, 2026 · #76

0:00 4:33

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on June 4, 2026.

What is this episode about?

Episode 76 — 04 Jun 2026 1. CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!