European Commission Data Breach: ShinyHunters Attack Confirmed — BleepingComputer

The European Commission has confirmed a data breach following a cyberattack by the ShinyHunters group on its Europa.eu platform. The breach involved unauthorized access to sensitive data, potentially affecting multiple systems and users. ShinyHunters, known for targeting high-profile organizations, claimed responsibility. Security teams should assess their exposure to similar threats and enhance monitoring of external-facing systems to mitigate risks.

Fortinet FortiClient EMS Flaw Exploited: Immediate Patch Required — BleepingComputer

A critical vulnerability in Fortinet's FortiClient EMS platform, identified as CVE-2026-21643, is under active exploitation. This flaw allows attackers to execute arbitrary code remotely, posing a severe risk to organizations using vulnerable versions. The exploitation of this vulnerability emphasizes the need for immediate patching and review of security configurations to prevent potential breaches.

Citrix NetScaler CVE-2026-3055 Exploited: Patch Now — BleepingComputer

Hackers are exploiting a critical vulnerability in Citrix NetScaler, tracked as CVE-2026-3055, which allows for unauthorized remote code execution. This vulnerability affects multiple versions of Citrix NetScaler, necessitating immediate patch application. Security teams should prioritize updating affected systems and monitoring for unusual activity to prevent exploitation.

• Healthcare tech firm CareCloud says hackers stole patient data [BleepingComputer]
• New RoadK1ll WebSocket implant used to pivot on breached networks [BleepingComputer]
• AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection [Dark Reading]
• OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability [The Hacker News]
• F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation [Dark Reading]