TheCyberThrone

CISSP Executive Briefing: Complexity Debt

When Security Becomes Too Complex to Defend Complexity Is the Tax Organizations Pay for Uncontrolled Growth. Executive Reality Organizations rarely become insecure because they lack security controls. They become insecure…

PravinKarthik June 14, 2026

CVE-2026-20253 — Splunk Enterprise Unauthenticated RCE

Severity: CriticalCVSS v3.1 Score: 9.8CWE: CWE-306 — Missing Authentication for Critical FunctionVendor Advisory: SVD-2026-0603 What Is Vulnerable CVE-2026-20253 affects Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform…

PravinKarthik June 14, 2026

TCT Universe

TheCyberThrone Universe — Episode 3

Ghosts Inside Identity 04:38 AM — MSDCorp Global Operations Center The architecture map no longer looked like infrastructure. It looked like a crime scene. Lines of trust stretched across the…

PravinKarthik June 13, 2026

The End of CVSS: Why CISA Just Rewrote the Rules of Vulnerability Management

For nearly two decades, vulnerability management has been built around a simple assumption: Higher CVSS score equals higher priority. Security teams scan. Dashboards populate. Critical vulnerabilities rise to the top.…

PravinKarthik June 12, 2026

Oracle PeopleSoft Zero-Day Exploited by ShinyHunters — 100+ Organizations Breached

CVE-2026-35273 | CVSS 9.8 | Critical | Zero-Day | Active Exploitation Overview Oracle's PeopleSoft enterprise platform has been the target of a large-scale, coordinated mass-compromise campaign carried out by the…

PravinKarthik June 12, 2026

Ivanti June 2026 — Vulnerability Advisory Deep Dive

CVE-2026-10520 | Ivanti Sentry | CVSS 10.0 — OS Command Injection Vulnerability class: CWE-78 — OS Command InjectionAttack vector: Network | No authentication | No user interaction The flaw resides…

PravinKarthik June 11, 2026

CISA KEV Update — Cisco Catalyst SD-WAN, Google Chrome V8 & Arista EOS

CISA added three new vulnerabilities to its Known Exploited Vulnerabilities catalog on June 9, 2026: CVE-2026-20245 (Cisco Catalyst SD-WAN Manager), CVE-2026-11645 (Google Chromium V8), and CVE-2026-7473 (Arista Extensible Operating System).…

PravinKarthik June 10, 2026

Microsoft Patch Tuesday — June 2026

Microsoft's June 2026 Patch Tuesday is the largest release since the Patch Tuesday program began, surpassing the previous record of 167 CVEs set in October 2025. This month's release addresses…

PravinKarthik June 10, 2026