Jun 09, 2026 · #78 episode artwork

EPISODE · Jun 9, 2026 · 4 MIN

Jun 09, 2026 · #78

from Security Brief Daily · host Security Brief Daily

Episode 78 — 09 Jun 2026 1. Google patches new Chrome zero-day flaw exploited in the wild Source: Bleeping Computer Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the fifth such flaw patched since the start of the year. "Google is aware that an exploit for CVE-2026-11645 exists in the wild," the company said in a... 2. CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day Source: Bleeping Computer CISA has ordered U.S. government agencies to secure their Check Point Remote Access VPN and Mobile Access deployments against a critical vulnerability exploited in zero-day attacks by Qilin ransomware affiliates. Unauthenticated remote attackers can exploit this security flaw... 3. Critical UniFi OS bug lets hackers gain root without authentication Source: Bleeping Computer Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authentication. The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in... 4. LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-42271 (CVSS... 5. WhatsApp says it disrupted new NSO spyware phishing attacks Source: Bleeping Computer WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. The NSO Group is an Israeli commercial spyware vendor known for its advanced “Pegasus” tool that has been deployed... 6. One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public Source: The Hacker News Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw, CVE-2026-23111, sits in the kernel's nf_tables packet-filtering code and was patched... 7. VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances Source: The Hacker News A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a... 8. UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign Source: The Hacker News Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by...

Episode 78 — 09 Jun 2026 1. Google patches new Chrome zero-day flaw exploited in the wild Source: Bleeping Computer Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the fifth such flaw patched since the start of the year. "Google is aware that an exploit for CVE-2026-11645 exists in the wild," the company said in a... 2. CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day Source: Bleeping Computer CISA has ordered U.S. government agencies to secure their Check Point Remote Access VPN and Mobile Access deployments against a critical vulnerability exploited in zero-day attacks by Qilin ransomware affiliates. Unauthenticated remote attackers can exploit this security flaw... 3. Critical UniFi OS bug lets hackers gain root without authentication Source: Bleeping Computer Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authentication. The security issues are tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910. They have been addressed in... 4. LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-42271 (CVSS... 5. WhatsApp says it disrupted new NSO spyware phishing attacks Source: Bleeping Computer WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. The NSO Group is an Israeli commercial spyware vendor known for its advanced “Pegasus” tool that has been deployed... 6. One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public Source: The Hacker News Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw, CVE-2026-23111, sits in the kernel's nf_tables packet-filtering code and was patched... 7. VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances Source: The Hacker News A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a... 8. UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign Source: The Hacker News Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by...

NOW PLAYING

Jun 09, 2026 · #78

0:00 4:41

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on June 9, 2026.

What is this episode about?

Episode 78 — 09 Jun 2026 1. Google patches new Chrome zero-day flaw exploited in the wild Source: Bleeping Computer Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!