CISA Mandates Urgent Patches for Exploited Ivanti & Oracle Flaws; Global Crackdowns Target Cybercrime Infrastructure

Publication Date: June 13, 2026

Summary

This cybersecurity brief for June 13, 2026, covers a series of critical events, led by CISA's emergency directives for federal agencies to patch actively exploited vulnerabilities in Ivanti Sentry and Oracle PeopleSoft. The latter is being used by the ShinyHunters group to attack the education sector. Other major incidents include a pro-Iranian group's claimed attack on California water systems, a massive data breach fine for South Korean retailer Coupang, and a significant law enforcement takedown of the 'AudiA6' crypto laundering service. Reports also detail a new BitLocker bypass exploit, a supply chain attack on Linux developers, and a data breach at pharmaceutical giant Novo Nordisk.

Today New Articles

Pro-Iranian Group 'Handala' Claims 'Warning' Attack on California Water Systems

The pro-Iranian hacktivist group 'Handala' has claimed responsibility for a cyberattack against California water infrastructure. The group framed the intrusion as a retaliatory 'warning' to the U.S. for alleged strikes on Iranian water resources. While Handala...

Conti Ransomware Coder Pleads Guilty in U.S. Court for Wire Fraud Conspiracy

Oleksii Oleksiyovych Lytvynenko, a 44-year-old Ukrainian national, has pleaded guilty in a U.S. federal court to conspiracy to commit wire fraud. He admitted to his role in the notorious Conti ransomware gang, which was responsible for over $150 million in ran...

'Atomic Arch' Supply Chain Attack Hijacks Orphaned Linux Packages to Target Developers

A sophisticated supply chain attack dubbed 'Atomic Arch' is targeting Linux developers by hijacking trusted but orphaned packages in the Arch User Repository (AUR). Attackers claim ownership of these abandoned packages and modify their build scripts (PKGBUILD)...

FinCEN Issues New Guidance to Encourage Banks to Share Fraud-Related Information

The U.S. Treasury's Financial Crimes Enforcement Network (FinCEN) has released updated guidance to encourage financial institutions to voluntarily share information related to suspected fraud. The guidance clarifies that the safe harbor provisions of Section 3...

White House Overhauls Cybersecurity Policy for National Security Systems with NSPM-12

On June 12, 2026, President Donald J. Trump signed National Security Presidential Memorandum (NSPM-12), a new directive to overhaul the cybersecurity governance for America's most sensitive National Security Systems (NSS). The memo re-establishes the Committee...

Article Updates

Verizon DBIR 2026: Vulnerability Exploitation Now the #1 Path to Data Breaches

Update:The 2026 Verizon DBIR update provides more granular details on ransomware, noting its presence in 48% of all breaches (up from 44%), with the percentage of victims paying ransom dropping to 31% and the median payment slightly decreasing to $139,875. Additional...

Ivanti Patches Critical Sentry Flaws Allowing Root-Level RCE

Update:The critical Ivanti Sentry vulnerability, CVE-2026-10520, is now confirmed to be under active exploitation, leading the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities (KEV) catalog. CISA has issued...

Researcher Drops 'GreatXML' Zero-Day Exploit to Bypass Windows BitLocker

Update:New technical analysis of the 'GreatXML' exploit reveals specific attack steps, including planting both `unattend.xml` and `ReAgent.xml` files on the recovery partition. The exploit was demonstrated on Windows 11 24H2. The report details the process from gaini...

Oracle Rushes Emergency Patch for PeopleSoft Zero-Day Exploited by ShinyHunters

Update:The critical Oracle PeopleSoft zero-day, CVE-2026-35273, has been added to CISA's Known Exploited Vulnerabilities (KEV) catalog, requiring federal agencies to remediate by June 15, 2026. A joint report by Mandiant and Google confirms ShinyHunters breached over...