Cyber Tech Cafe

Critical Fortinet alert: ~74,000 firewalls compromised via credential spraying and hash extraction. If you use Fortinet SSL VPN, change passwords now and enable MFA.

For our MyIT clients: Our Threatfeed system leveraged fleet-wide data to detect and block coordinated attacks in real-time.

Full breakdown + what we're monitoring for next:

Massive Fortinet Breach: What Happened and What We’re Doing About It – Cyber Tech Cafe Massive Fortinet Breach: What Happened and What We’re Doing About It Jun, Thu, 2026 nathan Industry News , IT Nightmare , Mailing List , Tech news June 2026 — If your business uses a Fortinet firewall for remote access (SSL VPN), you need to know about a major security incident that just surface...

Heads up for dental practices using Dentrix: A recent Microsoft update broke Word document previews in the Document Center. Dentrix suggests uninstalling the update as a fix — but that patch protects against 72 security vulnerabilities. There's a safer workaround. Details in our latest post.

Dentrix Document Preview Issue: What Dental Practices Need to Know – Cyber Tech Cafe Dentrix Document Preview Issue: What Dental Practices Need to Know Jun, Thu, 2026 nathan Industry News , Mailing List , Tech news Update (June 2026): A recent Microsoft security update is affecting Word document previews in Dentrix’s Document Center. Here’s what you should know — and why we re...

We will be posting more about this as we get more information and are aggressively checking all of pur managed systems for indicators of compromise (IoC). We will be reaching put directly to any environments with concerns.

Massive breach spills credentials for thousands of sensitive networks - Ars Technica

Massive breach spills credentials for thousands of sensitive networks The affected include Oracle, Lenovo, FedEx, a NATO contractor, and Fortinet.

Supply Chain Security Alert: Malicious JetBrains Plugins Target AI API Keys

A sophisticated malware campaign has been discovered on the JetBrains Marketplace, where 15 malicious plugins posing as AI coding assistants have been secretly exfiltrating AI provider API keys since October 2025.

Key Details:
• Plugins masquerade as legitimate AI assistants (DeepSeek, CodeGPT variants)
• Over 25,000 downloads across infected plugins
• Credentials sent to attacker-controlled servers in plaintext
• Campaign demonstrates growing threat to developer environments

This incident underscores a critical reality: supply chain attacks are increasingly targeting development tools, which often house sensitive credentials, signing keys, and cloud access tokens.

What This Means for Your Business:
As organizations accelerate AI adoption, the tools developers use become high-value targets. A compromised plugin isn't just a developer issue — it's a potential gateway to your entire infrastructure.

How Proactive IT Management Helps:
- Continuous software inventory and risk assessment
- Security policies restricting unvetted plugins
- Monitoring for credential exposure
- Regular security awareness training for developers

At CTC, we believe security isn't reactive — it's built into how you manage IT every day.

Full story: The Hacker News

Send a message to learn more

ACTIVE EXPLOIT ALERT: Fortinet Vulnerabilities Being Attacked Right Now

Three critical security flaws in Fortinet FortiSandbox are being actively exploited by cybercriminals—including one that was just patched last week!

These vulnerabilities (rated 9.1/10 severity) let attackers:
- Execute unauthorized commands
- Bypass authentication completely
- Gain access without any credentials

The Reality Check: When threats move this fast, waiting to patch is risky business. This is exactly why proactive IT management matters.

With CTC's MyIT services, your systems get:
- Continuous security monitoring
- Rapid, prioritized patching
- Threat intelligence integration
- 24/7 protection

Stay safe out there!

Read more: The Hacker News

Send a message to learn more

PSA: Another Chrome Zero-Day Is Being Actively Exploited

Google just patched CVE-2026-11645—a high-severity vulnerability in Chrome's V8 engine that's already being exploited in the wild. This marks the 5th actively exploited Chrome zero-day patched this year alone.

What this means for businesses:

• Out-of-bounds memory access can lead to remote code ex*****on

• Simply visiting a malicious website could compromise your system

• Exploits are already circulating—patching isn't optional, it's urgent

The pattern we're seeing: Cybercriminals increasingly target widely-used enterprise software (browsers, VPNs, collaboration tools) because one vulnerability = access to thousands of organizations. Just last week, the ShinyHunters gang exploited an Oracle PeopleSoft flaw to breach 100+ organizations, mostly universities.

How proactive IT management helps:

Automated patch deployment ensures critical browser updates roll out immediately—not "when someone gets around to it"

Asset management tracks which versions are running where

Security monitoring catches anomalous activity before it becomes a breach

Your users shouldn't have to think about browser security. That's the point of managed IT.

Sources:

• The Hacker News:

https://thehackernews.com

• CISA KEV Catalog:

https://www.cisa.gov/known-exploited-vulnerabilities

We have lost power at the CTC Office and, with it, email, ticketing and phones. No additional info at the moment but any support requests sent via email will be queued and sent once the power is returned.

Send a message to learn more

Microsoft's AI Found 400+ Vulnerabilities Last Month. Here's What That Means for Your Business.

Microsoft's May Patch Tuesday wasn't business as usual. For the first time, the majority of discovered vulnerabilities came from AI-driven scanning—over 400 in a single cycle. Two are already flagged critical: CVE-2026-23663 (Global Secure Access) and CVE-2026-42901 (Entra ID), both allowing privilege escalation.

This isn't a one-off. Microsoft is signaling that AI-driven discovery means larger, more frequent security updates going forward.

What we're doing about it:

Our MyIT clients saw these patches prioritized within 48 hours. Not because we predicted the specific CVEs, but because our process treats patch management as infrastructure hygiene—not a reactive scramble when headlines drop.

The businesses that weather these accelerating discovery cycles won't be the ones with the best security tools. They'll be the ones with consistent processes that just work.

Sources:
→ Microsoft Security Response Center (MSRC) May 2026 Update
→ MSRC Blog: "AI-Driven Discovery Accelerating Security Releases"

June 2026 just set the record: 206 Microsoft vulnerabilities patched in a single month, including 36 critical bugs and 3 zero-days actively exploited in the wild (YellowKey, GreenPlasma, MiniPlasma).

That's not all:
• Critical RCE in Veeam Backup & Replication — attackers can own your backup servers
• Chrome zero-day (CVE-2026-11645) — being exploited now
• ServiceNow data breach — check your instances if you use on-prem/hybrid

Zero-day attacks are up 40% year-over-year. The bad guys aren't waiting for you to patch.

Our MyIT Program clients are already protected. If you're managing updates yourself, this is your wake-up call.

Full breakdown: https://www.ctc.co/2026/06/10/june-2026-news-updates/

June 2026 News & Updates – Cyber Tech Cafe June 2026 News & Updates Jun, Wed, 2026 nathan CTC NEWS , Industry News , Mailing List , Monthly Newsletters CTC News MyIT Program Pricing Reminder – Our new MyIT Program pricing went into effect on 1 June 2026. If you haven’t reviewed your service level yet, details are available here. Updates ...

This is why we talk about "pattern recognition" more than we talk about "alerts."

In 2015, security researchers found thousands of gas station tank gauges exposed to the internet—no passwords, no firewalls, just sitting there. We flagged it. Talked about it. Moved on.

Last week? Iranian hackers hit those exact same systems. It took us minutes to recognize it because we'd been tracking the landscape for a decade.

Staying invested in this stuff matters. Full post here:

Pattern Recognition: How Staying Invested Turned a Decade-Old Warning Into Actionable Intelligence – Cyber Tech Cafe Pattern Recognition: How Staying Invested Turned a Decade-Old Warning Into Actionable Intelligence Jun, Thu, 2026 nathan Industry News , IT Nightmare , Tech news In January 2015, Rapid7 published research on a vulnerability that now reads like prophecy—unless you were paying attention then. HD Moo...