CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release

Attackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploiting a maximum-severity OS command injection flaw in Ivanti Sentry, tracked as CVE-2026-10520, that allows remote code execution with root privileges. “An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote […]

June 11, 2026
Read More >>

OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft

OnyxC2 is a MaaS stealer targeting 210+ apps, using DLL sideloading, encrypted payloads, and remote access features to evade detection. OnyxC2 appeared on a cybercrime forum earlier this year and is sold as a subscription service: $250 per month for the standard build, $500 for the premium tier that includes HVNC, and $6,000 for an […]

June 11, 2026
Read More >>

Healey quits as Defence Secretary over funding row

John Healey has resigned as Secretary of State for Defence, telling the Prime Minister that the financial settlement behind the long-awaited Defence Investment Plan falls well short of what the country needs and would force him into decisions that reduce the readiness of British forces, in a letter published on Thursday. Healey, who had served […]

The post Healey quits as Defence Secretary over funding row first appeared on UK Defence Journal.

June 11, 2026
Read More >>

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

GreatXML bypasses BitLocker via Defender offline scan artifacts, giving SYSTEM shell in Recovery Mode. No patch exists. Any machine that ran an offline scan is vulnerable. On June 10, security researcher Chaotic Eclipse (aka Nightmare Eclipse) published a new working exploit dubbed GreatXML that bypasses BitLocker and opens a command shell with full SYSTEM privileges […]

June 11, 2026
Read More >>