Traveling soon? Scoop up these nifty gadgets ahead of your travels for less.

Some of my favorite practical Bluetooth gadgets are also on sale during Amazon Prime Day.

Once you ingest major telemetry sources, how can we add value for our Threat Hunters? Check out how we brought in potentially malicious sandbox submissions to the analysts’ queue for triage.

Posted by shj on Jun 20

------------------------------------------------------------------------
OpenBSD mpls_do_error: Remote Kernel Stack Disclosure via MPLS Label
Stack Over-read
------------------------------------------------------------------------

Affected:  OpenBSD -current prior to 2026-06-18 (fixed in -current)
Vendor:    OpenBSD
Severity:  Medium
Reporter:  Argus Systems
Date:      2026-06-12
CVE:       CVE-2026-56099

1. SUMMARY
==========

The...

Posted by shj on Jun 20

------------------------------------------------------------------------
OpenBSD sppp_pap_input: PAP Authentication Bypass via Zero-Length bcmp
------------------------------------------------------------------------

Affected:  OpenBSD all versions through 7.6 (fixed in -current)
Vendor:    OpenBSD
Severity:  High
Reporter:  Argus
Date:      2026-06-16

1. SUMMARY
==========

The sppp_pap_input() function in sys/net/if_spppsubr.c uses...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 20

SEC Consult Vulnerability Lab Security Advisory < 20260618-0 >
=======================================================================
title: Hardcoded Root Cloud Credentials in Application Binaries
product: Silver Leaf Technologies - Worksnaps.net Worksnaps
vulnerable version: <1.6.20260201
      fixed version: 1.6.20260201
         CVE number: CVE-2025-10560
impact: critical...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 20

SEC Consult Vulnerability Lab Security Advisory < 20260617-1 >
=======================================================================
title: Multiple Vulnerabilities
            product: Quanos Content Solutions - SCHEMA ST4
 vulnerable version: All versions of SCHEMA ST4 on-premises
    fixed version: Not applicable, see workaround section for mitigation.
CVE number: CVE-2026-11857, CVE-2026-11858...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 20

SEC Consult Vulnerability Lab Security Advisory < 20260617-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: Sprecher Automation SPRECON-E-C/-E-P/-E-T3
 vulnerable version: See vulnerable versions below
fixed version: See solution section below
         CVE number: CVE-2022-4333, CVE-2022-4332, CVE-2025-41741,
       ...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 20

SEC Consult Vulnerability Lab Security Advisory < 20260616-0 >
=======================================================================
title: Broken Access Control
            product: syracom AG Secure Login (2FA) for Atlassian Jira /
Confluence / Bitbucket
 vulnerable version: 3.4.0.x
      fixed version: 3.5.0.0
CVE number: CVE-2026-12225
             impact: High...

Posted by Apple Product Security via Fulldisclosure on Jun 20

APPLE-SA-06-16-2026-1 Beats Firmware Update 1B211

Beats Firmware Update 1B211 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/en-us/127557.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Bluetooth
Available for: Beats Studio Buds
Impact: An attacker within Bluetooth range may be able...

Posted by Khashayar Fereidani on Jun 20

# PHP 8.5.7 `levenshtein()` signed-integer overflow

**Author:** Khashayar Fereidani
**Disclosure Date:** 2026-06-18
**Advisory:** https://fereidani.com/php-857-levenshtein-signed-integer-overflow
**Contact:** https://fereidani.com/contact

## Description

The `levenshtein()` function calculates the Levenshtein distance
between two strings, optionally accepting custom costs for insertion,
replacement, and deletion operations. In PHP 8.5.7, the...

Posted by Khashayar Fereidani on Jun 20

# PHP 8.5.7 `dom_xml_serialization_algorithm()` stack-overflow

**Author:** Khashayar Fereidani
**Disclosure Date:** 2026-06-18
**Advisory:** https://fereidani.com/php-857-domxmlserializationalgorithm-stack-overflow
**Contact:** https://fereidani.com/contact

## Description

The `dom_xml_serialization_algorithm()` and
`dom_xml_serialize_element_node()` functions in
`ext/dom/xml_serializer.c` rely on unbounded recursion to serialize
XML nodes....

Posted by Khashayar Fereidani on Jun 20

# PHP 8.5.7 `mb_substr()` 'SJIS-mac' size_t underflow

**Author:** Khashayar Fereidani
**Disclosure Date:** 2026-06-18
**Advisory:** https://fereidani.com/php-857-mbsubstr-sjis-mac-sizet-underflow
**Contact:** https://fereidani.com/contact

## Description

The `mb_get_substr()` function in `ext/mbstring/mbstring.c`
deliberately skips an early empty return guard for the `SJIS-mac`
encoding when `from >= in_len`. As a result, it falls...

Posted by Khashayar Fereidani on Jun 20

# PHP 8.5.7 `FILTER_SANITIZE_ENCODED` uninitialized read

**Author:** Khashayar Fereidani
**Disclosure Date:** 2026-06-18
**Advisory:** https://fereidani.com/php-857-filtersanitizeencoded-uninitialized-read
**Contact:** https://fereidani.com/contact

## Description

In `ext/filter/sanitizing_filters.c`, the `php_filter_encode_url`
function leaves the `255`th byte (`0xFF`) of a transient array
uninitialized. An array of 256 bytes is populated...

Posted by Alessandro Bertoldi BCS via Fulldisclosure on Jun 20

CVE-2025-68624: Cross-Tenant Authentication Bypass by Spoofing in N-able Mail Assure

CVE ID: CVE-2025-68624
Status: DISPUTED
CWE: CWE-290 (Authentication Bypass by Spoofing)
Affected Product: N-able Mail Assure (formerly SolarWinds MSP Mail Assure)
Affected Service: N-able Mail Assure cloud-based multi-tenant SMTP relay infrastructure
Vendor: N-able Technologies
Initial Discovery: October 2018
Public Disclosure: November 2025, DeepSec Vienna...

ESET Research shares the results of a months-long investigation into the suite of EDR killers maintained by the RaaS gang Gentlemen

Cisco XDR Automate now uses AI to summarize workflow runs, speeding up troubleshooting and improving transparency across automation and agentic AI.

Many manufacturing plants depend on OT systems that stay in service for many years. That long run can hide significant cybersecurity risks.

ETD earned the AAA award in the May 2026 SE Labs Advanced Email Security Evaluation, achieving a 94% Total Accuracy Rating across all tested threat categories.

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced stealthiness