A critical heap buffer overread vulnerability, dubbed Squidbleed, has been discovered in the widely used Squid web proxy. This flaw, tracked as CVE-2026-47729, has existed in the software's FTP directory-listing parser since 1997. The vulnerability allows a trusted client to leak internal memory from the proxy, potentially exposing cleartext HTTP requests, passwords, and API keys.

Source

Systemd 261 introduces a new cloud Instance Metadata Service subsystem featuring the systemd-imdsd daemon. This service provides a unified local interface for accessing metadata across various providers like AWS, Azure, and Google Cloud, reducing the need for provider-specific tools. Administrators can now restrict direct network access to cloud metadata endpoints to enhance security against request forgery and unauthorized access.

Source

RIPE NCC is the Regional Internet Registry for Europe, the Middle East, and parts of Central Asia. It allocates and registers internet number resources such as IP addresses and AS numbers, and it keeps the related public registry up to date.

Source

Microsoft has identified a new self-propagating worm named Crypto Clipper that spreads primarily through infected USB drives. The malware monitors system clipboards for patterns matching cryptocurrency wallet addresses or recovery seed phrases. Once it detects sensitive financial data, the tool captures five screenshots within a ten-second window to gather additional context.

Source

Cisco has updated a critical security advisory to include the Catalyst SD-WAN Validator, formerly known as vBond, as a product vulnerable to a maximum-severity flaw. This vulnerability, tracked as CVE-2026-20127, involves an improper authentication issue that allows attackers to gain administrative rights and reconfigure the SD-WAN fabric. When combined with a secondary path traversal bug, unauthorized actors can achieve persistent root access to affected networking instances.

Source

HPE has unveiled a major expansion of its networking strategy at Discover 2026, positioning the network as the primary control plane for artificial intelligence. Following the $14 billion acquisition of Juniper Networks, the company is integrating specialized hardware like QFX switches to support AI training and inference. This shift aims to address the performance gap between rapidly advancing compute power and traditional networking infrastructure.

Source

Cloudflare has announced the general availability of its DMARC Management tool, providing a free solution for organizations to monitor and enforce email authentication. DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol that lets domain owners specify in DNS how receiving mail servers should handle messages that fail SPF and DKIM checks, helping prevent spoofing and phishing. SPF (Sender Policy Framework) checks whether the sending server is allowed to send mail for the domain, and DKIM (DomainKeys Identified Mail) uses a cryptographic signature to verify that the email’s content and claimed sender domain are authentic.

Source

Cisco has released urgent security updates for Catalyst SD-WAN Manager to address a zero-day vulnerability tracked as CVE-2026-20262. This network management software, formerly known as vManage, allows for the centralized control of thousands of software-defined networking devices. The flaw impacts all deployment types, including on-premises installations and various cloud-managed versions such as those used by government entities.

Source

DNS over HTTPS (DoH) -- a protocol that encrypts DNS queries inside HTTPS connections -- is now generally available for the Windows Server DNS Server role. Starting with the June 9, 2026 cumulative update for Windows Server 2025, you can deploy DoH on your on-premises DNS infrastructure without a third-party resolver. This article explains what DoH does, how it differs from traditional DNS, what the configuration requires, and what limitations currently apply.

Source

Microsoft is introducing a new feature for Microsoft Places and Teams that automatically updates a user's work location when they connect to a corporate Wi-Fi network. This workplace check-in capability aims to simplify in-person coordination by reducing the need for employees to manually adjust their status. The system builds upon existing presence signals like calendar availability and peripheral-based check-ins to provide real-time visibility of office attendance.

Source