VulnHub

Real-time Cybersecurity News

EU Launches GCVE to Track Vulnerabilities Without Relying on US

Hackread – Cybersecurity News, Data Breaches, AI, and More

Overview

The European Union has launched a new project called GCVE, aimed at tracking software vulnerabilities independently of US databases. This initiative is part of a broader effort to decentralize cybersecurity efforts and enhance global security measures. By creating a system that doesn't rely on US sources, the EU hopes to improve the way vulnerabilities are monitored and addressed. This move is significant as it seeks to empower European countries and organizations to better manage their own cybersecurity risks. As cyber threats continue to evolve, having a self-sufficient approach to tracking and mitigating vulnerabilities can strengthen the overall security posture of the region.

Key Takeaways

  • Timeline: Newly disclosed

Original Article Summary

The new EU-funded GCVE project is breaking dependence on US databases to track software flaws. Discover how this decentralised system aims to ensure global cybersecurity.

Impact

Not specified

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Newly disclosed

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

New Rokarolla Android malware targets 217 banking, crypto apps

BleepingComputer

A new Android banking trojan named Rokarolla has emerged, targeting 217 banking and cryptocurrency applications. This malware operates with a sophisticated toolkit, utilizing 137 different commands to carry out its operations. Users of affected apps may be at risk of having their sensitive financial information compromised. As cybercriminals continue to develop more advanced tactics, it's crucial for users to stay vigilant and ensure they have proper security measures in place. The rise of such malware highlights the ongoing threat to mobile banking and cryptocurrency platforms, making it essential for both users and developers to prioritize security.

Jun 16, 2026

CISA warns of another cPanel plugin flaw exploited in attacks

BleepingComputer

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited vulnerability in the LiteSpeed cPanel user-end plugin, identified as CVE-2026-54420. This flaw poses a significant risk to U.S. government servers, prompting CISA to give agencies just three days to secure their systems. Attackers can exploit this vulnerability to gain unauthorized access, which could lead to data breaches or other malicious activities. The urgency of the warning highlights the need for prompt action to protect sensitive information and maintain system integrity. Agencies are advised to take immediate steps to patch their systems against this threat.

Jun 16, 2026

Ransomware gang abuses Microsoft Teams relays to hide malicious traffic

BleepingComputer

The DragonForce ransomware group has been found using a custom malware called 'Backdoor.Turn' to conceal their command-and-control traffic within Microsoft Teams relays. This tactic allows them to mask their activities, making it harder for security measures to detect their malicious actions. By leveraging the infrastructure of a widely-used collaboration tool, they are able to blend in with legitimate traffic, posing a significant challenge for cybersecurity professionals. This development raises concerns for organizations that utilize Microsoft Teams, as it highlights the potential for trusted platforms to be exploited for harmful purposes. Companies should remain vigilant and enhance their monitoring efforts to detect any unusual activities that could indicate an attack.

Jun 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

The Hacker News

Cybersecurity researchers have discovered new Windows versions of a backdoor known as SprySOCKS, which was previously thought to be limited to Linux systems. The variants, labeled WIN_DRV and WIN_PLUS, contain hard-coded command-and-control configurations and can communicate over TCP and UDP protocols. This development raises concerns as it indicates that attackers, likely linked to China, are expanding their malware capabilities to target Windows users. The existence of these variants could pose significant risks to organizations using Windows operating systems, as they may be vulnerable to unauthorized access and control. Users and companies should remain vigilant and update their security measures to prevent potential exploitation.

Jun 16, 2026

Critical Fortinet FortiSandbox flaws now exploited in attacks

BleepingComputer

Researchers at Defused have reported that attackers are actively exploiting multiple serious vulnerabilities in Fortinet's FortiSandbox, a platform designed for detecting cyber threats. These flaws could allow unauthorized access to systems that rely on FortiSandbox for security measures, potentially leading to significant breaches. Organizations using FortiSandbox should be particularly vigilant as these vulnerabilities are now being targeted in the wild. It's crucial for affected users to assess their exposure and implement recommended security measures promptly. The situation highlights the ongoing risks associated with cybersecurity tools, where vulnerabilities can be exploited by malicious actors.

Jun 16, 2026

iRhythm discloses data breach, says hackers stole patient info

BleepingComputer

iRhythm Holdings, a digital healthcare company, recently reported a data breach involving the theft of personal and health information of patients. The breach occurred through third-party-hosted business applications, raising concerns about data security in healthcare environments. Affected individuals may have had their sensitive information compromised, which could lead to identity theft or other privacy violations. This incident emphasizes the need for healthcare providers to strengthen their data protection measures, especially when relying on external services to manage patient information. As healthcare continues to digitize, incidents like this highlight the vulnerabilities that come with storing sensitive data online.

Jun 16, 2026