SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
vBulletin vulnerability
Researcher Egidio Romano has published details on a vulnerability affecting versions 4.x of the vBulletin forum software. According to the researcher, a flawed security patch created in 2014 introduced a new post-authentication PHP object injection vector, potentially allowing remote code execution. Romano recently detailed a vBulletin vulnerability that ended up being exploited in the wild.
Chinese hackers likely hit data center and residential ISPs
Digital Realty, a major data center provider, and Comcast were likely targeted by Salt Typhoon, the China-linked threat group known for hacking into the systems of major US telecom firms, Nextgov learned from unnamed sources. The NSA determined that Comcast was likely hit, while the potential Digital Realty compromise was determined by CISA.
New products from Cisco and Honeywell
Cisco this week announced new products in the Hybrid Mesh Firewall portfolio, along with new Universal Zero Trust Network Access (ZTNA) solutions that provide identity management across users, devices, and AI agents.
Honeywell introduced AI-powered security solutions for operational technology (OT) environments and expanded the Honeywell Digital Prime platform with engineering project testing capabilities.
CISA budget cut
The House Appropriations Subcommittee on Homeland Security has approved a fiscal 2026 funding bill that would cut the budget of the cybersecurity agency CISA by $135 million from fiscal 2025, CyberScoop reported. The budget cut is significantly less than the nearly half a billion previously proposed by the White House. CISA would get $2.7 billion.
ConnectWise rotates certificates
ConnectWise has updated the digital signing certificates for ScreenConnect, ConnectWise Automate, and RMM, due to security concerns, and announced ScreenConnect updates to improve configuration data management. The rotation is to be completed by June 13 at 8:00 p.m. ET (June 14, 12:00 a.m. UTC).
Cracked.io users identified by Dutch police
Dutch police announced that they have identified 126 users of the cybercrime forum Cracked, which was taken down in an international law enforcement operation in early 2025. Most of the identified suspects have only received notifications from the police, but some face prosecution or have already been convicted. The average age of the Cracked users identified in the Netherlands is 20, and the youngest is 11 years old.
Cyber incident puts a $10 million dent in Victoria’s Secret operating income
The May 28 cyber incident that forced Victoria’s Secret to take its website offline is expected to put a $10 million dent in the Ohio-based retailer’s Q2 operating income, RetailDive reports. The lingerie retailer held its Q1 earnings call on June 11, after postponing it due to the data incident.
Dark ad tech industry research
Brian Krebs has detailed what he describes as a dark ad tech empire involving compromised websites, traffic distribution systems, and malicious advertisers. One interesting aspect of these operations is the use of fake CAPTCHAs to trick users into enabling site notifications in their browsers.
Coordinated brute force attacks against Apache Tomcat Manager
GreyNoise warns of a coordinated spike in malicious activity against Apache Tomcat Manager interfaces between June 2 and June 9, potentially indicating fresh threats. Approximately 400 unique IPs were engaged in brute force and login attempts, most of them classified as malicious.
No cyberattack behind Cloudflare outage
Cloudflare says that the June 12 outage that lasted for roughly two and a half hours and impacted 10 critical services and their customers was not caused by a cyberattack. The web security and performance company blames the incident on a third-party vendor failure, saying that no data was lost in the incident.
Related: In Other News: PoC for Fortinet Bug, AI Model Subverts Shutdown, RAT Source Code Leaked
Related: In Other News: FBI Warns of BadBox 2, NSO Disputes WhatsApp Fine, 1,000 Leave CISA
