--- title: "Oracle Zero-Day Breach, VPN Security Alert, ServiceNow Denies Breach – Cybersecurity News [June 08, 2026] | DuoCircle" description: "Stay informed on the latest cyber threats, including Oracle zero-days, VPN exploits, ransomware attacks, data breaches, and phishing scams." image: "https://www.duocircle.com/images/og-default.png" canonical: "https://www.duocircle.com/blog/cybersecurity-news-update-week-24-of-2026/" --- Quick Answer What are the latest cybersecurity threats in June 2026? Recent threats include Oracle PeopleSoft zero-day exploits, Check Point VPN attacks linked to ransomware, major data breaches, AI-powered phishing scams, crypto-laundering networks, and supply chain attacks targeting organizations worldwide. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcybersecurity-news-update-week-24-of-2026%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Oracle%20Zero-Day%20Breach%2C%20VPN%20Security%20Alert%2C%20ServiceNow%20Denies%20Breach%20%E2%80%93%20Cybersecurity%20News%20%5BJune%2008%2C%202026%5D&url=undefined%2Fblog%2Fcybersecurity-news-update-week-24-of-2026%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcybersecurity-news-update-week-24-of-2026%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcybersecurity-news-update-week-24-of-2026%2F&title=Oracle%20Zero-Day%20Breach%2C%20VPN%20Security%20Alert%2C%20ServiceNow%20Denies%20Breach%20%E2%80%93%20Cybersecurity%20News%20%5BJune%2008%2C%202026%5D "Share on Reddit") [ ](mailto:?subject=Oracle%20Zero-Day%20Breach%2C%20VPN%20Security%20Alert%2C%20ServiceNow%20Denies%20Breach%20%E2%80%93%20Cybersecurity%20News%20%5BJune%2008%2C%202026%5D&body=Check out this article: undefined%2Fblog%2Fcybersecurity-news-update-week-24-of-2026%2F "Share via Email") ![cybersecurity news](https://media.mailhop.org/duocircle/spf-record-check-4564-1781517036276.jpg) ## ShinyHunters Exploit Oracle PeopleSoft Zero-Day to Breach Universities The [ShinyHunters extortion crew](https://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html) exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private, with the campaign hitting universities hardest. Google’s Mandiant attributes the activity to a group it tracks as UNC6240, dating the activity between **May 27 and June 9**, with the flaw (CVE-2026-35273) rated 9.8 out of 10 and requiring no login to take over a server. CISA added the flaw to its Known Exploited Vulnerabilities catalog this week. ## CISA Issues Emergency Directive Over Check Point VPN Zero-Day Tied to Qilin Ransomware CISA issued an emergency directive mandating all [Federal Civilian Executive Branch agencies](https://en.wikipedia.org/wiki/List%5Fof%5Ffederal%5Fagencies%5Fin%5Fthe%5FUnited%5FStates) patch a critical zero-day vulnerability in **Check Point VPN products** within three days, with the flaw enabling unauthenticated attackers to bypass authentication and access internal networks via [Check Point Remote Access](https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP%5FR81%5FMobileAccess%5FAdminGuide/Topics-MABG/CP-Remote-Access-Solutions.htm) VPN and Mobile Access gateways. The exploitation has been attributed to affiliates of the [Qilin ransomware group](https://www.securityweek.com/check-point-vpn-zero-day-exploited-in-qilin-ransomware-attacks/), with confirmed breaches and ransomware deployments observed in the wild. ![Sender Policy Framework 1508](https://media.mailhop.org/duocircle/sender-policy-framework-1508-1781517469531.jpg) ## ServiceNow Disputes “Data Breach” Reports, Blames Researcher Activity ServiceNow said **two security researchers** submitted a report to its [bug bounty program](https://en.wikipedia.org/wiki/Bug%5Fbounty%5Fprogram) on June 7, and based on its investigation, the company believes the observed activity can be attributed to security researchers or customers conducting their own research, while continuing its investigation. ## French Government Messaging App Tchap Breached via Hijacked Account DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked [user account to breach Tchap](https://www.bleepingcomputer.com/news/security/french-govt-messaging-service-breached-in-account-hijacking-attack/), the French government’s encrypted messaging service. ## South Korea Fines Coupang Record $409M Over Massive Data Breach [South Korea’s](https://www.insurancejournal.com/news/international/2026/06/12/873512.htm) data protection regulator **fined e-commerce giant** Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37 million customers. ![Spf Record 1507](https://media.mailhop.org/duocircle/spf-record-1507-1781517353368.jpg) ## Oxford University Discloses Breach via Third-Party Careers Platform The University of [Oxford disclosed a new data breach](https://www.bleepingcomputer.com/news/security/oxford-university-discloses-data-breach-after-careerconnect-platform-hack/) after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised, exposing first and last names, email addresses, and **encrypted passwords** for users not using [Single Sign-On](https://www.cloudflare.com/learning/access-management/what-is-sso/). ## Council of Europe Hit by Major Ransomware Data Theft Over 297 GB of **Council of Europe HR and payroll data**, comprising more than 429,000 files, was reportedly compromised in an attack discovered on June 14, with the attack estimated to have occurred on June 13. ## GitHub to Disable npm Install Scripts by Default to Fight Supply Chain Attacks GitHub announced “breaking changes” coming to npm version 12, including turning off install scripts by default to combat software supply chain threats and abuse of the “npm install” command via npm lifecycle hooks. ## Europol Dismantles AudiA6 Crypto-Laundering Service Used by Ransomware Gangs ![Dmarc Report 4673](https://media.mailhop.org/duocircle/dmarc-report-4673-1781517657153.jpg) Authorities in Europe disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks, with Europol stating the takedown cut off “a key financial pipeline used to wash hundreds of millions in illicit profits,” estimated at more than €336 million (\~$389 million) laundered since the service began. [Western Illinois University](https://www.wiu.edu/cybersecuritycenter/cybernews.php) ## Hackers Use “Free Spotify Premium” TikTok Videos to Steal Passwords Cybercriminals are using viral “hack” tutorials posted on TikTok and Instagram to trick users into downloading malware that can steal passwords, personal information, and crypto wallets, new research warns. [Cybernews](https://cybernews.com/security/) ## Ukrainian National Pleads Guilty in US Over Conti Ransomware Role Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide. ## Google’s June 2026 Fraud Advisory Warns of AI-Powered “Calendar Phishing” and Quishing [Google’s latest Scams Advisory](https://www.nytimes.com/2026/06/12/technology/google-lawsuit-china-ai-scams.html) describes scammers abusing trusted cloud productivity suites to **bypass security filters**, including “Calendar Phishing” where fake renewal notices are added directly to Google Calendar invites, alongside sophisticated Adversary-in-the-Middle and [QR-code phishing](https://www.usatoday.com/press-release/story/33874/quishing-surges-146-in-q1-2026-as-attackers-hide-behind-the-code/) (“quishing”) attacks. The advisory details surging AI-powered scams including deepfakes, voice cloning, and synthetic identities, with industry reports showing 1,210% growth in such fraud. ![Spf Validator 1509](https://media.mailhop.org/duocircle/spf-validator-1509-1781517413097.jpg) ## New Windows Zero-Day Published on GitHub Hours After Patch Tuesday Hours after **Microsoft’s June 2026 Patch Tuesday**, security researcher “[Nightmare Eclipse](https://cybernews.com/security/nightmare-eclipse-rogueplanet-zero-day/)” published a fresh Windows zero-day on GitHub despite having previously been publicly banned from the platform. ## UK Cracks Down on Iran, Russia, North Korea, and China-Linked Cyber Operations The UK is passing bills aimed at dealing with hostile foreign influence as [state-sponsored hackers from Iran](https://www.cybersecuritydive.com/news/iran-cyberattacks-espionage-us-israel-uae/820990/), Russia, North Korea, and China continue cyber operations against the country. Organizations should also **strengthen their cyber defenses**, as strong [email security](https://www.duocircle.com/) starts with proper [DKIM](https://www.duocircle.com/resources/what-is-dkim/) and [DMARC](https://www.duocircle.com/email/dmarc/) authentication. ![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) Brad Slavin General Manager General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio. ## Secure your email infrastructure Protect, authenticate, and deliver. Contact our team to find the right solution. [Contact Sales](/contact/) [Explore Products](/products/) ## Related Articles [ news Cisco SD-WAN Flaw, Critical NGINX Exploit, Foxconn Ransomware Attack – Cybersecurity News \[May 11, 2026\] May 18, 2026 ](/blog/cybersecurity-news-update-week-20-of-2026/)[ news GitHub Code Leak, 7-Eleven Breached, NYC Patient Exposure – Cybersecurity News \[May 18, 2026\] May 25, 2026 ](/blog/cybersecurity-news-update-week-21-of-2026/)[ news FBI Warns Firms, Carnival Data Breach, GlobalProtect Exploits Active – Cybersecurity News \[May 25, 2026\] Jun 1, 2026 ](/blog/cybersecurity-news-update-week-22-of-2026/)[ news DentaQuest Data Leak, Cisco Patch Pending, Instagram Security Bug – Cybersecurity News \[June 01, 2026\] Jun 8, 2026 ](/blog/cybersecurity-news-update-week-23-of-2026/) ```json {"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}} ``` ```json [{"@context":"https://schema.org","@type":"BlogPosting","headline":"Oracle Zero-Day Breach, VPN Security Alert, ServiceNow Denies Breach – Cybersecurity News [June 08, 2026]","description":"Stay informed on the latest cyber threats, including Oracle zero-days, VPN exploits, ransomware attacks, data breaches, and phishing scams.","url":"https://www.duocircle.com/blog/cybersecurity-news-update-week-24-of-2026/","datePublished":"2026-06-15T00:00:00.000Z","dateModified":"2026-06-15T00:00:00.000Z","dateCreated":"2026-06-15T00:00:00.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity-news-update-week-24-of-2026/"},"articleSection":"news","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/spf-record-check-4564-1781517036276.jpg","caption":"cybersecurity news"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"news"},{"@type":"ListItem","position":3,"name":"Oracle Zero-Day Breach, VPN Security Alert, ServiceNow Denies Breach – Cybersecurity News [June 08, 2026]","item":"https://www.duocircle.com/blog/cybersecurity-news-update-week-24-of-2026/"}]}] ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"news","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Oracle Zero-Day Breach, VPN Security Alert, ServiceNow Denies Breach – Cybersecurity News [June 08, 2026]","item":"https://www.duocircle.com/blog/cybersecurity-news-update-week-24-of-2026/"}]} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Oracle Zero-Day Breach, VPN Security Alert, ServiceNow Denies Breach – Cybersecurity News [June 08, 2026]","description":"Stay informed on the latest cyber threats, including Oracle zero-days, VPN exploits, ransomware attacks, data breaches, and phishing scams.","url":"https://www.duocircle.com/blog/cybersecurity-news-update-week-24-of-2026/","datePublished":"2026-06-15T00:00:00.000Z","dateModified":"2026-06-15T00:00:00.000Z","dateCreated":"2026-06-15T00:00:00.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity-news-update-week-24-of-2026/"},"articleSection":"news","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/spf-record-check-4564-1781517036276.jpg","caption":"cybersecurity news"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ```