⚠️ Splunk Enterprise Pre-Auth RCE Chain Exposes Database With Zero Authentication Source: cybersecuritynews.com/splunk… A critical vulnerability chain in Splunk Enterprise has been disclosed, enabling unauthenticated attackers to achieve remote code execution (RCE) through a misconfigured PostgreSQL sidecar service. Tracked as CVE-2026-20253, the flaw has a CVSS score of 9.8 and affects Splunk Enterprise 10 and later. The issue originates from the PostgreSQL Sidecar Service, an internal component introduced in newer Splunk versions. While this service is not always enabled in on-premise deployments, it is active by default in Splunk Enterprise on AWS, making cloud deployments particularly exposed out of the box. #cybersecuritynews

GIGA-TRILLIONAIRE

🚨 Windows Defender 0-Day Exploit “RoguePlanet” Grants SYSTEM Access to Attackers Source: cybersecuritynews.com/window… A researcher known as Nightmare Eclipse has publicly released a new proof-of-concept (PoC) exploit named RoguePlanet, targeting a previously undisclosed race condition vulnerability in Microsoft Windows Defender. When successfully executed, the exploit spawns a command shell running under SYSTEM-level privileges, granting an attacker the highest possible access on a compromised Windows machine. The release, posted to GitHub, arrives on Patch Tuesday, June 10, 2026, adding urgency to an already escalating series of Defender-targeting disclosures. #cybersecuritynews