Article Read Time

1. ShinyHunters Leaks Data on 42 Million Charter Communications Customers
The ShinyHunters extortion group published a trove allegedly stolen from Charter Communications, the telecom giant behind the Spectrum brand, after the company let a May 27 ransom deadline pass. The attackers say they gained entry through a voice-phishing (vishing) call that compromised an employee’s Microsoft Entra account, then pivoted into Charter’s Salesforce environment and exported more than 42 million customer records along with data on roughly 27,000 employees. Exposed details include names, email and physical addresses, and information from nearly 10 million support tickets — a phishing goldmine for follow-on attacks.
Source: TechRadar — https://www.techradar.com/pro/security/charter-communications-confirms-data-breach-shinyhunters-blamed-after-threat-to-leak-user-info-online
2. cPanel Auth-Bypass Flaw (CVE-2026-41940) Compromises 40,000+ Servers
A critical authentication bypass in cPanel and WebHost Manager (CVSS 9.8) remains under aggressive, ongoing exploitation, with more than 40,000 servers compromised. The flaw — rooted in a CRLF injection in session handling — lets a remote attacker log in without any credentials and seize administrative control of the host, its databases, and every site it manages. Despite a patch issued April 28, slow adoption has kept the door open, with attackers deploying “SORRY” ransomware and pulling servers into Mirai botnets.
Source: The Hacker News — https://thehackernews.com/2026/05/cpanel-cve-2026-41940-under-active.html
3. Cisco Patches Sixth Exploited SD-WAN Zero-Day of 2026
Cisco issued an emergency fix for a zero-day in its Catalyst SD-WAN Manager (CVE-2026-20245), actively exploited to achieve root-level privilege escalation. It is the sixth SD-WAN zero-day Cisco has had to patch under active attack this year alone — a pattern that points to sustained, targeted interest in enterprise network management infrastructure. Organizations running SD-WAN Manager should treat patching as urgent, not routine.
Source: SecurityWeek — https://www.securityweek.com/cisco-patches-another-sd-wan-zero-day-the-sixth-exploited-in-2026/
4. CISA Adds Exploited SolarWinds Serv-U Flaw to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency added a high-severity flaw in SolarWinds Serv-U file server software (CVE-2026-28318, CVSS 7.5) to its Known Exploited Vulnerabilities catalog. The denial-of-service bug crashes the service and is confirmed to be under active exploitation. Inclusion in the KEV catalog sets a federal remediation clock — and signals to private organizations that they should not wait either.
Source: SecurityWeek — https://www.securityweek.com/
5. FBI Warns of World Cup 2026 Fraud Wave Targeting Fans
With the World Cup arriving on home soil, the FBI and security researchers warn that a surge of FIFA-themed fraud is now hitting fans. The campaign spans thousands of lookalike FIFA domains designed to harvest credentials and payment data, plus banking malware hidden inside pirated streaming apps. Fans chasing tickets and free streams are the prime targets, making this a consumer-security story with real financial stakes.
Source: SharkStriker — https://sharkstriker.com/blog/june-2026-data-breaches/
