Oracle Zero-Day Breach, VPN Security Alert, ServiceNow Denies Breach – Cybersecurity News [June 08, 2026]
Quick Answer
What are the latest cybersecurity threats in June 2026? Recent threats include Oracle PeopleSoft zero-day exploits, Check Point VPN attacks linked to ransomware, major data breaches, AI-powered phishing scams, crypto-laundering networks, and supply chain attacks targeting organizations worldwide.
ShinyHunters Exploit Oracle PeopleSoft Zero-Day to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private, with the campaign hitting universities hardest. Google’s Mandiant attributes the activity to a group it tracks as UNC6240, dating the activity between May 27 and June 9, with the flaw (CVE-2026-35273) rated 9.8 out of 10 and requiring no login to take over a server. CISA added the flaw to its Known Exploited Vulnerabilities catalog this week.
CISA Issues Emergency Directive Over Check Point VPN Zero-Day Tied to Qilin Ransomware
CISA issued an emergency directive mandating all Federal Civilian Executive Branch agencies patch a critical zero-day vulnerability in Check Point VPN products within three days, with the flaw enabling unauthenticated attackers to bypass authentication and access internal networks via Check Point Remote Access VPN and Mobile Access gateways. The exploitation has been attributed to affiliates of the Qilin ransomware group, with confirmed breaches and ransomware deployments observed in the wild.
ServiceNow Disputes “Data Breach” Reports, Blames Researcher Activity
ServiceNow said two security researchers submitted a report to its bug bounty program on June 7, and based on its investigation, the company believes the observed activity can be attributed to security researchers or customers conducting their own research, while continuing its investigation.
French Government Messaging App Tchap Breached via Hijacked Account
DINUM, the digital affairs directorate of the French government, warned that hackers used a hijacked user account to breach Tchap, the French government’s encrypted messaging service.
South Korea Fines Coupang Record $409M Over Massive Data Breach
South Korea’s data protection regulator fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37 million customers.
Oxford University Discloses Breach via Third-Party Careers Platform
The University of Oxford disclosed a new data breach after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised, exposing first and last names, email addresses, and encrypted passwords for users not using Single Sign-On.
Council of Europe Hit by Major Ransomware Data Theft
Over 297 GB of Council of Europe HR and payroll data, comprising more than 429,000 files, was reportedly compromised in an attack discovered on June 14, with the attack estimated to have occurred on June 13.
GitHub to Disable npm Install Scripts by Default to Fight Supply Chain Attacks
GitHub announced “breaking changes” coming to npm version 12, including turning off install scripts by default to combat software supply chain threats and abuse of the “npm install” command via npm lifecycle hooks.
Europol Dismantles AudiA6 Crypto-Laundering Service Used by Ransomware Gangs
Authorities in Europe disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks, with Europol stating the takedown cut off “a key financial pipeline used to wash hundreds of millions in illicit profits,” estimated at more than €336 million (~$389 million) laundered since the service began. Western Illinois University
Hackers Use “Free Spotify Premium” TikTok Videos to Steal Passwords
Cybercriminals are using viral “hack” tutorials posted on TikTok and Instagram to trick users into downloading malware that can steal passwords, personal information, and crypto wallets, new research warns. Cybernews
Ukrainian National Pleads Guilty in US Over Conti Ransomware Role
Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide.
Google’s June 2026 Fraud Advisory Warns of AI-Powered “Calendar Phishing” and Quishing
Google’s latest Scams Advisory describes scammers abusing trusted cloud productivity suites to bypass security filters, including “Calendar Phishing” where fake renewal notices are added directly to Google Calendar invites, alongside sophisticated Adversary-in-the-Middle and QR-code phishing (“quishing”) attacks. The advisory details surging AI-powered scams including deepfakes, voice cloning, and synthetic identities, with industry reports showing 1,210% growth in such fraud.
New Windows Zero-Day Published on GitHub Hours After Patch Tuesday
Hours after Microsoft’s June 2026 Patch Tuesday, security researcher “Nightmare Eclipse” published a fresh Windows zero-day on GitHub despite having previously been publicly banned from the platform.
UK Cracks Down on Iran, Russia, North Korea, and China-Linked Cyber Operations
The UK is passing bills aimed at dealing with hostile foreign influence as state-sponsored hackers from Iran, Russia, North Korea, and China continue cyber operations against the country. Organizations should also strengthen their cyber defenses, as strong email security starts with proper DKIM and DMARC authentication.
General Manager
General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.
Secure your email infrastructure
Protect, authenticate, and deliver. Contact our team to find the right solution.