Jun 17, 2026 · #83 episode artwork

EPISODE · Jun 17, 2026 · 4 MIN

Jun 17, 2026 · #83

from Security Brief Daily · host Security Brief Daily

Episode 83 — 17 Jun 2026 1. Microsoft working on Defender patch for RoguePlanet zero-day Source: Bleeping Computer Microsoft confirmed that it's working on a security patch for a Defender zero-day vulnerability named "RoguePlanet," disclosed one week ago. The security researcher who published a RoguePlanet exploit during the June 2026 Patch Tuesday (known as Nightmare Eclipse) said it... 2. Kodak confirms data breach claimed by ShinyHunters extortion gang Source: Bleeping Computer Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data. Founded in 1880 as the Eastman Kodak Company and headquartered in Rochester, New York, Kodak has 79,000... 3. 144 Mastra npm Packages Compromised via Hijacked Contributor Account Source: The Hacker News As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed... 4. Critical Fortinet FortiSandbox flaws now exploited in attacks Source: Bleeping Computer Attackers are now exploiting several critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. Fortinet released security updates for these three critical-severity security flaws (tracked as... 5. Ransomware gang abuses Microsoft Teams relays to hide malicious traffic Source: Bleeping Computer DragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure. The backdoor abuses the Traversal Using Relays around NAT (TURN) protocol used by Microsoft Teams to distribute messages when a... 6. CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The... 7. ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures Source: The Hacker News Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks involving BabaDeda Loader,... 8. China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth Source: The Hacker News Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS," ESET said in a report shared with The Hacker...

Episode 83 — 17 Jun 2026 1. Microsoft working on Defender patch for RoguePlanet zero-day Source: Bleeping Computer Microsoft confirmed that it's working on a security patch for a Defender zero-day vulnerability named "RoguePlanet," disclosed one week ago. The security researcher who published a RoguePlanet exploit during the June 2026 Patch Tuesday (known as Nightmare Eclipse) said it... 2. Kodak confirms data breach claimed by ShinyHunters extortion gang Source: Bleeping Computer Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data. Founded in 1880 as the Eastman Kodak Company and headquartered in Rochester, New York, Kodak has 79,000... 3. 144 Mastra npm Packages Compromised via Hijacked Contributor Account Source: The Hacker News As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed... 4. Critical Fortinet FortiSandbox flaws now exploited in attacks Source: Bleeping Computer Attackers are now exploiting several critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. Fortinet released security updates for these three critical-severity security flaws (tracked as... 5. Ransomware gang abuses Microsoft Teams relays to hide malicious traffic Source: Bleeping Computer DragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure. The backdoor abuses the Traversal Using Relays around NAT (TURN) protocol used by Microsoft Teams to distribute messages when a... 6. CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution Source: The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The... 7. ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures Source: The Hacker News Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks involving BabaDeda Loader,... 8. China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth Source: The Hacker News Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS," ESET said in a report shared with The Hacker...

NOW PLAYING

Jun 17, 2026 · #83

0:00 4:30

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Brief Daily?

This episode is 4 minutes long.

When was this Security Brief Daily episode published?

This episode was published on June 17, 2026.

What is this episode about?

Episode 83 — 17 Jun 2026 1. Microsoft working on Defender patch for RoguePlanet zero-day Source: Bleeping Computer Microsoft confirmed that it's working on a security patch for a Defender zero-day vulnerability named "RoguePlanet," disclosed...

Can I download this Security Brief Daily episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!