Over 200 Microsoft Vulnerabilities Fixed in Patch Tuesday; Claude Fable 5 Released to Public; CISA Sets New Patch Prioritization Process

On Tuesday, June 9, Microsoft released fixes to address more than 200 vulnerabilities in a variety of products, making this month's release the largest on record. 38 of the flaws are considered critical, and three were previously disclosed. Among those is an actively exploited cross-site scripting issue in Microsoft Exchange Server that Microsoft first warned of in mid-May, and Microsoft offered mitigations for the vulnerability at that time. The high number of vulnerabilities addressed this month is attributable to the use of AI tools; Microsoft published a blog along with May's Patch Tuesday, which addressed nearly 140 vulnerabilities, noting that "Many of these were surfaced through AI investments and investigations across our engineering and research teams, including the use of Microsoft's new multi-model AI-driven scanning harness. A number were also credited to external researchers working in collaboration with AI."

Anthropic has announced that it is releasing new versions of its Claude Mythos AI models to both project Glasswing partners and to the public. Claude Mythos 5, which is described as "an upgrade to Claude Mythos Preview," will be made available to Project Glasswing partners who received access to Claude Mythos Preview in April, as well as to certain biology researchers. Claude Fable 5 will be made available to the public. Fable 5 is a Mythos-class AI model with guardrails. Anthropic acknowledges the risk inherent in releasing a model with this capability; the guardrails mean that "When Fable’s classifiers detect a request related to cybersecurity, biology and chemistry, or distillation, the response is automatically handled by Claude Opus 4.8 instead. Users will be informed whenever this occurs." WIRED journalists Lily Hay Newman and Maxwell Zeff level a measured eye at the model's release, noting "it remains to be seen how resistant Claude Fable 5’s safeguards are in the wild. Anthropic says in more than 1,000 hours of red-teaming, its testers found no universal jailbreaks for the model. Still, fears about the ability to develop adequate protections underpinned the company’s original justification for why it did not release Mythos-class models to the public in April, and these fears have seemingly persisted."

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk, which creates a rubric for helping civilian federal agencies (FCEBs) triage which vulnerabilities require urgent remediation. Four sequential criteria determine the required timeline for patching: whether the affected system is publicly exposed, whether the flaw is in the Known Exploited Vulnerabilities (KEV) catalog, whether exploitation is automatable, and whether the technical impact of exploitation gives an attacker full control versus partial control. These criteria are determined by CISA through their Vulnrichment program. The 16 possible timelines range between 3, 14, and 60 days, with the most urgent also requiring forensic triage, and the least urgent deemed "Fix on System Upgrade." This BOD supersedes 19-02 and 22-01, which set 15 or 30-day remediation timelines based on severity, and established the KEV and its requirements. BOD 26-04 also contains required actions for FCEBs and CISA to comply with and support the updated remediation requirements, and a visual representation of the criteria as a decision tree.

On June 8, Check Point disclosed a critical flaw in its Remote Access VPN and Mobile Access deployments configured to use the deprecated IKEv1 key exchange protocol, also stating that the flaw is being actively exploited. CVE-2026-50751, CVSS score 9.3, allows an unauthenticated remote attacker to bypass authentication requirements and establish a VPN session without a valid password, by exploiting a logic flaw in certificate validation. Check Point writes that "the observed exploitation has been limited to a few dozen targeted organizations globally," and assesses with medium confidence that the threat actor is financially motivated and uses Qilin ransomware. The company saw indications of suspicious activity on June 4, and subsequent investigation revealed exploitation as early as May 7, 2026; Check Point recommends incident responders prioritize forensic log audits and configuration reviews starting from this date. This flaw was added to the US Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog (CISA KEV), with a remediation deadline of June 11, three days from disclosure. Check Point Mobile Access, SSL VPN, Remote Access VPN, and Spark Firewall versions R80.20.X (EOS), R80.40 (EOS), R81 (EOS), R81.10 (EOS), R81.10.X, R81.20, R82, R82.00.X, and R82.10 configured for IKEv1 should be updated to Check Point's released hotfix. A second, high-severity flaw enabling man-in-the-middle attacks, disclosed in the same advisory, also stems from the IKEv1 protocol, but is not known to be exploited.

On Thursday, June 11, Oracle released a security alert to address a critical vulnerability in the Oracle PeopleSoft PeopleTools enterprise resource planning (ERP) software suite that is being actively exploited. The vulnerability (CVE-2026-35273, CVSS score 9.8) is identified as a missing authentication for critical function issue that can be exploited by an unauthenticated attacker with network access via HTTP to compromise vulnerable systems. The flaw affects PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. Earlier unsupported releases are likely vulnerable as well; users are urged to update to a supported version of PeopleSoft Enterprise PeopleTools. This advisory was released outside the regular cadence of Oracle's quarterly security updates and provides a link to a Patch Availability Document, which is accessible only to customers. The advisory follows reports that threat actors have been exploiting this vulnerability in attacks targeting educational institutions, including the University of Nottingham, covered in a separate story in this edition of NewsBites.

On Tuesday, June 9, Ivanti published a security advisory to address two critical vulnerabilities in the Ivanti Sentry (formerly known as MobileIron Sentry) mobile gateway. The first vulnerability (CVE-2026-10520, CVSS score 10.0) is an OS command injection issue that could be exploited by an unauthenticated attacker to achieve remote code execution with root level privileges. The vulnerability was exploited within 24 hours of its disclosure. In a June 10 post, the Shadowserver Foundation writes, "We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored." The second vulnerability (CVE-2026-10523, CVSS score 9.9) is an authentication bypass issue that could be exploited by an unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access. The vulnerabilities affect Ivanti Sentry versions 10.5.1, 10.6.1, 10.7.0 and prior, and the issues are resolved in Ivanti Sentry versions 10.5.2, 10.6.2 and 10.7.1. Researchers at watchTowr and Rapid7 have published write-ups of the vulnerabilities.

GitHub says it will change npm default settings to prevent the install command from running scripts automatically: preinstall, install, and postinstall from dependencies will not run unless explicitly allowed. The change is one of three npm install default changes that were announced as part of npm v12, which is expected to be released in July 2026. Maintainer Leo Balter writes that "Install-time lifecycle scripts are the single largest code-execution surface in the npm ecosystem." The other two default setting changes are: allow-git defaults to none — Git dependencies (direct or transitive) will not resolve unless allowed; and --allow-remote defaults to none — remote URL dependencies will not resolve unless allowed.

The US Federal Bureau of Investigation (FBI) has seized 13 domains that were allegedly being "used to target U.S. persons, including current and former security clearance holders with access to classified and sensitive U.S. government information." The domains were set up to appear as consulting companies offering employment and are believed to have been operated by state-sponsored threat actors with ties to China. The operation dates back to November 2023. The affidavit filed in support of the seizures "alleges that the conspirators offered money to applicants and recruits in exchange for sensitive information, paid for reports using online payment accounts in the names of fictitious individuals, and used cryptocurrency to conceal the conspirators’ identities and the true source of the payments. These payments allowed for the flow of money from places outside the United States to places inside the United States in furtherance of the conspiracy."

Mackay Sugar, a major Australian sugar producer, has disclosed that it has halted operations at two of its mills following a cybersecurity incident that has affected some of the company's operations. Mackay Sugar's sugar milling and cane haulage processes have been disrupted at the Farleigh and Racecourse mills, and Mackay has advised cane growers to cease harvesting until further notice. The shutdown comes at the start of the sugarcane crushing season. Production at Mackay's third sugar mill in Marian was not scheduled to start operations until next week. In a brief statement on the website, Mackay Sugar says they "have engaged specialist cyber security experts and are working closely with relevant authorities to investigate the incident and restore systems safely. Interim processes are in place to support critical business functions and minimise disruption where possible."

Great Marlow School in Buckinghamshire, England, sent home the majority of its students for two days this week following "a cybersecurity incident affecting [the high school's] ICT systems." The school allowed students sitting GCSE and A-Level exams to attend. According to a statement on the Great Marlow School website, the school "will be fully open and operational for all students on Friday 12th June 2026." The University of Nottingham has confirmed that threat actors accessed "a significant amount of data in [the university's] student record system." The university is investigating claims by threat actors that data of students at Nottingham's campuses in Malaysia and China were accessed as well. The Powys (Wales) Council also recently disclosed "a cyber security incident affecting some school systems, which has resulted in unauthorised access to some personal data."