AI Security Digest
Aggregated ecosystem risk analysis
Vendor Watchlist
Tracking 0 critical integrations
Threat Stream Feed
Real-time security logs and system alerts
GitHub - Disruption with some GitHub services - Signup Flow
Jun 30, 15:49 UTC Resolved - This incident has been resolved. Thank you for your patience and understanding as we addressed this issue. A detailed root cause analysis will be shared as soon as it is available. Jun 30, 15:38 UTC Investigating - We are investigating reports of impacted performance for some GitHub services.
Cloudflare - R2 Returning 503 for Buckets in WNAM
Jun 30, 14:19 UTC Investigating - Cloudflare is aware of, and is investigating, reports of R2 Buckets based in WNAM returning errors, like 503. Further updates to follow.
Cloudflare - MTLS Validation issues
Jun 30, 13:48 UTC Resolved - This incident has been resolved. Jun 30, 13:33 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jun 30, 13:11 UTC Identified - The issue has been identified and a fix is being implemented. Jun 30, 13:08 UTC Investigating - Cloudflare is aware of and investigating issues with forwarding cf-client-cert-* headers with mTLS.More updates to follow.
Cloudflare - Web Analytics Errors and Workers Smart Placement delays
Jun 30, 13:46 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jun 30, 13:42 UTC Identified - The issue has been identified and a fix is being implemented. Jun 30, 13:38 UTC Update - We are continuing to investigate this issue. Jun 30, 13:06 UTC Investigating - Cloudflare Web Analytics processing is returning errors for queries related to Workers and Pages. Changes made to Workers with Smart Placement enabled may see delays in Smart Placement taking effect. M...
Cloudflare - Cloudflare fonts issues
Jun 30, 13:30 UTC Investigating - Customers using Cloudflare fonts may experience difficulties in rendering fonts on Cloudflare hosted sites.
Twilio - SMS Delivery Delays and Failures from Twilio Phone Numbers to Yettel Bulgaria
Jun 30, 05:17 PDT Identified - Twilio customers may be experiencing SMS delivery delays and failures from Twilio Phone Numbers to Yettel network subscribers in Bulgaria. Our team has identified the cause, and is working to resolve the issue. We will provide another update in 1 hour or as soon as more information becomes available. Jun 30, 05:03 PDT Investigating - Twilio customers may be experiencing SMS delivery delays and failures from Twilio Phone Numbers to Yettel network subscribers in B...
Twilio - SMS Delivery Delays from Twilio to Etisalat United Arab Emirates
Jun 30, 05:07 PDT Resolved - The incident has been resolved and SMS delivery from Twilio to Etisalat network subscribers in the United Arab Emirates is operating normally. Jun 30, 05:06 PDT Monitoring - We have observed a recovery in SMS delivery from Twilio to Etisalat network subscribers in the United Arab Emirates and are monitoring service stability. We will provide another update in 2 hours or as soon as more information becomes available. Jun 29, 23:47 PDT Update - Twilio customers ma...
DocuSign - Customers may experience latency (Incident 5259)
Jun 30, 11:18 UTC Investigating - We are actively investigating this issue.
Datadog - Delayed Monitors Notifications
Jun 30, 06:53 EDT Identified - We have identified the underlying issue and are working on a fix.It is important to note that no data has been lost, and notifications will be caught up once the service is operational again. Jun 30, 06:35 EDT Investigating - We are investigating delays in Monitors Notifications, which began at 09:52 UTC.
Xero - UK : UK Tax - Issues when loading filings
Jun 30, 10:28 UTC Investigating - We are aware some UK customers are experiencing slowness or errors when loading filings in UK Tax. Our team is investigating this with urgency.
New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials
Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security firm LayerX that tricked six AI browsers and assistants into copying a user's credentials and sending them to an attacker. The targets included OpenAI's ChatGPT Atlas, Perplexity's Comet, and Anthropic's Claude browser extension. An
Cloudflare - YUL (Montréal) on 2026-06-30
Jun 30, 08:30 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 29, 22:04 UTC Scheduled - We will be performing scheduled maintenance in YUL (Montréal) datacenter on 2026-06-30 between 08:30 and 13:30 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this locati...
Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs
Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools like Anthropic Claude and OpenAI Codex Security. The WebKit vulnerabilities are listed below - CVE-2026-43707 - A memory corruption issue that could result in an
Cloudflare - DFW (Dallas) on 2026-06-30
THIS IS A SCHEDULED EVENT Jun 30, 07:00 - 12:00 UTC Jun 29, 14:30 UTC Scheduled - We will be performing scheduled maintenance in DFW (Dallas) datacenter on 2026-06-30 between 07:00 and 12:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location, please make sure you are expecting this traffic to fail over elsew...
Cloudflare - ATL (Atlanta) on 2026-06-30
THIS IS A SCHEDULED EVENT Jun 30, 06:00 - 10:00 UTC Jun 29, 14:30 UTC Scheduled - We will be performing scheduled maintenance in ATL (Atlanta) datacenter on 2026-06-30 between 06:00 and 10:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location, please make sure you are expecting this traffic to fail over else...
Twilio - SMS Delivery Delays from Twilio to MTS Russia
Jun 29, 22:00 PDT Investigating - Twilio customers may be experiencing SMS delivery delays from Twilio to MTS network subscribers in Russia. Our team is actively investigating this issue. We will provide another update in 1 hour or as soon as more information becomes available.
Cloudflare - GRU (São Paulo) on 2026-06-30
THIS IS A SCHEDULED EVENT Jun 30, 05:00 - 07:00 UTC Jun 29, 14:30 UTC Scheduled - We will be performing scheduled maintenance in GRU (São Paulo) datacenter on 2026-06-30 between 05:00 and 07:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location, please make sure you are expecting this traffic to fail over el...
Twilio - SMS Delivery Delays and Failures Between a Subset of Twilio Short Codes and Multiple Networks in Peru
Jun 29, 21:32 PDT Resolved - The incident has been resolved and SMS delivery between a subset of Twilio Short Codes and affected networks in Peru is operating normally.
Twilio - United Kingdom Account Security Carrier Partner Maintenance - Three
Jun 29, 21:30 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 23, 06:25 PDT Scheduled - Our carrier partner Three United Kingdom is conducting a planned maintenance from 29 June 2026 at 21:30 PDT until 29 June 2026 at 23:00 PDT. During the maintenance window, there could be intermittent API request failures for Three United Kingdom customers.Impacted Products: Verify Silent Network Auth, Lookup SIM Swap, Lookup Identity Match, Legacy...
Twilio - United States SMS and MMS Carrier Maintenance - T-Mobile
THIS IS A SCHEDULED EVENT Jun 29, 20:00 PDT - Jun 30, 04:00 PDT Jun 25, 15:43 PDT Scheduled - The T-Mobile network in the United States is conducting a planned maintenance from 29 June 2026 at 20:00 PDT until 30 June 2026 at 04:00 PDT. During the maintenance window, there could be intermittent delays delivering SMS and MMS to and from T-Mobile United States handsets when sending via long codes and short codes.
Supabase - Project creation failures in multiple regions
Jun 30, 02:43 UTC Update - Project creation is impacted across multiple regions, we are investigating the root cause. Jun 30, 02:38 UTC Investigating - We are currently investigating an issue affecting project creation in multiple regions.
Cloudflare - EWR (Newark) on 2026-06-30
THIS IS A SCHEDULED EVENT Jun 30, 01:00 UTC - Jul 1, 09:00 UTC Jun 29, 14:30 UTC Scheduled - We will be performing scheduled maintenance in EWR (Newark) datacenter between 2026-06-30 01:00 and 2026-07-01 09:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location, please make sure you are expecting this traff...
DocuSign - Some customers may experience errors with Sending and Signing (Incident 5252)
Jun 30, 00:37 UTC Resolved - The incident has been resolved. Incident duration and timelines are subject to revision pending the results of any related investigation. Jun 30, 00:26 UTC Identified - We have identified the issue and a fix is being implemented. Jun 30, 00:25 UTC Investigating - We are actively investigating this issue.
Twilio - SMS Delivery Delays from Twilio Phone Numbers to Lycamobile United Kingdom
Jun 29, 17:27 PDT Resolved - The incident has been resolved and SMS delivery from Twilio Phone Numbers to Lycamobile network subscribers in the United Kingdom is operating normally. Jun 29, 15:26 PDT Monitoring - We have observed a recovery in SMS delivery from Twilio Phone Numbers to Lycamobile network subscribers in the United Kingdom and are monitoring service stability. We will provide another update in 2 hours or as soon as more information becomes available. Jun 29, 10:49 PDT Update -...
Zoom - Decommissioning Costa Rica Audio conferencing number
Jun 29, 17:00 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 2, 18:04 PDT Scheduled - Due to a change with our phone carrier, the following Costa Rica Toll number is being decommissioned:Costa Rica: +506 xxxx 0180Accounts will still have other Toll and Toll-Free numbers available for use.Please make sure to make any necessary updates in your Admin Portal (https://zoom.us/account/setting?tab=telephony) to ensure availability for use...
Cloudflare - OTP (Bucharest) on 2026-06-30
Jun 30, 00:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 29, 14:30 UTC Scheduled - We will be performing scheduled maintenance in OTP (Bucharest) datacenter on 2026-06-30 between 00:00 and 10:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this locat...
Twilio - Russia SMS Carrier Maintenance - Beeline
Jun 29, 17:00 PDT Completed - The scheduled maintenance has been completed. Jun 29, 01:01 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 25, 21:34 PDT Scheduled - The Beeline network in Russia is conducting a planned maintenance from 29 June 2026 at 01:00 PDT until 29 June 2026 at 17:00 PDT. During the maintenance window, there could be intermittent delays delivering SMS to Beeline Russia handsets.
GCP - RESOLVED: Network traffic to Google Cloud originating from Delhi, Chennai, Mumbai and surrounding areas is experiencing intermittent periods of elevated latency and possible packet loss.
Incident began at 2026-06-05 00:00 and ended at 2026-06-26 12:00 (all times are US/Pacific).Summary Network traffic to Google Cloud originating from Delhi, Chennai, Mumbai and surrounding areas experienced intermittent periods of elevated latency and possible packet loss. Description Traffic rerouting from the impacted Delhi facility caused a subset of Hybrid Connectivity, Virtual Private Cloud (VPC) and Media CDN customers to experience intermittent latency spikes as demand exceeded regional c...
Twilio - SMS Delivery Delays from Twilio Phone Numbers to Tigo Paraguay
Jun 29, 15:57 PDT Resolved - The incident has been resolved and SMS delivery from Twilio Phone Numbers to Tigo network subscribers in Paraguay is operating normally. Jun 29, 14:02 PDT Monitoring - We have observed a recovery in SMS delivery from Twilio Phone Numbers to Tigo network subscribers in Paraguay and are monitoring service stability. We will provide another update in 2 hours or as soon as more information becomes available. Jun 29, 13:23 PDT Update - Twilio customers may be experie...
1Password - Provisioned users with SSO enforcement encounter a 403 error when accepting their invitation
Jun 29, 18:55 EDT Identified - The issue has been identified and our engineering team is working towards deploying a fix. Jun 29, 18:08 EDT Investigating - Users who are attempting to accept their invite with SSO enforcement are unable to accept the invite and receive a 403 error. Our engineering team is actively investigating the issue.
Zoom - intermittent Service Degradation Affecting ZoomMate in the US Region.
Jun 29, 14:55 PDT Monitoring - The service degradation affecting ZoomMate in the US Region has been successfully resolved. Our team will continue to monitor the situation closely and keep you informed of any further developments. Jun 29, 14:50 PDT Identified - We have successfully identified the root cause affecting ZoomMate in the US Region.Our team is actively working on a resolution, and we will keep you informed with timely updates as progress is made. Thank you for your patience. Jun 2...
DocuSign - Customers may experience errors with Sending and Signing in NA3 (Incident 5247)
Jun 29, 21:34 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jun 29, 21:34 UTC Update - We are continuing to investigate this issue. Jun 29, 21:32 UTC Investigating - We are actively investigating this issue.
Expensify - Degraded Performance
Jun 29, 21:08 UTC Resolved - This incident has been resolved. Jun 29, 19:43 UTC Update - The site is stable and we are monitoring performance for card imports. Jun 29, 17:00 UTC Monitoring - The site is stable and we are monitoring performance. Jun 29, 16:18 UTC Update - We are continuing to work on a fix for this issue. Jun 29, 16:02 UTC Identified - The issue has been identified and a fix is being implemented.
Twilio - USD charges are failing for customers in Twilio Mexico CISA subsidiary
Jun 29, 13:45 PDT Investigating - Some Twilio customers in Mexico may be experiencing issues when attempting to make credit card payments. We have identified the root cause as related to a recent migration of certain existing customers to our Mexico entity, while their account currency remains in USD. This is causing payment processing failures for the impacted accounts. This issue only affects customers whose accounts were migrated to CISA Mexico. Invoiced customers can continue making payment...
Cloudflare - Cloudflare for SaaS API
Jun 29, 20:20 UTC Investigating - Cloudflare for SaaS API experiencing some errors
Twilio - United Kingdom Account Security Carrier Partner Maintenance - Vodafone
Jun 29, 13:15 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 29, 01:02 PDT Scheduled - Our carrier partner Vodafone United Kingdom is conducting a planned maintenance from 29 June 2026 at 13:15 PDT until 29 June 2026 at 20:20 PDT. During the maintenance window, there could be intermittent API request failures for Vodafone United Kingdom customers.Impacted Products: Lookup Identity Match, Lookup SIM Swap, Legacy Identity MatchAndAttr...
Twilio - Russia SMS Carrier Maintenance - Tele2
THIS IS A SCHEDULED EVENT Jun 29, 13:00 - 17:00 PDT May 29, 16:05 PDT Scheduled - The Tele2 network in Russia is conducting a planned maintenance from 29 June 2026 at 13:00 PDT until 29 June 2026 at 17:00 PDT. During the maintenance window, there could be intermittent delays delivering SMS to Tele2 Russia handsets.
Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs
  submitted by   /u/dx7r__ [link]   [comments]
Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs
  submitted by   /u/dx7r__ [link]   [comments]
Zoom - Announcement to Introduce hCaptcha to Zoom Service
Jun 29, 11:15 PDT Completed - The scheduled maintenance has been completed. Apr 9, 11:15 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Apr 9, 11:11 PDT Scheduled - Zoom is protected by reCAPTCHA and the Google Privacy Policy – Privacy & Terms – Google and Google Terms of Service – Privacy & Terms – Google apply.Starting from May 16, 2026, we will implement both hCaptcha and reCAPTCHA simultaneously.To ensure uninterrupted service...
Elastic Cloud - Issues delivering static assets to products
Jun 29, 16:58 UTC Resolved - This issue has been resolved. Jun 29, 16:33 UTC Update - We are continuing to work on a fix for this issue. Jun 29, 16:32 UTC Identified - We have identified an issue with our ability to deliver certain static assets to our products. We have identified and are working to implement a fix.
Our sales force data was accessed through a compromised OAUTH integration and we only found out by accident.
We recently had a scare where an attacker used a stolen OAuth token from a third party integration to pull customer data from Salesforce. We did not even know that integration existed until we began investigation. I am now realising we have no visibility into which apps are connected to our SaaS environment or what data they can access. How do you track and manage OAuth integrations across your or...
SendGrid - Microsoft Feedback Loop (Spam Reports) Processing Delays
Jun 29, 09:20 PDT Investigating - Starting earlier today on June 29, 2026, our engineers began investigating an issue with the Microsoft Feedback Loop (Spam Reports). Users may experience Microsoft spam reports failing to populate within the SendGrid UI and API. This does not impact mail send. We will provide another update in 1 hour or as soon as more information becomes available.
Wix - Issues Loading The Wix Editor
Jun 29, 15:55 UTC Resolved - This incident has been resolved. Jun 29, 15:50 UTC Monitoring - The issue has been resolved and we are continuing to monitor. Jun 29, 15:38 UTC Update - We are continuing to investigate this issue. Jun 29, 15:37 UTC Update - We are continuing to investigate this issue. Jun 29, 15:36 UTC Investigating - We are currently investigating this issue.
DocuSign - Intermittent issues with Reports and Search on S1 Prod (Incident 5233)
Jun 29, 15:39 UTC Investigating - We are currently investigating issues with both report and search on S1 prod. Engineering teams have been engaged and are actively triaging.
DocuSign - Intermittent issues with Reports and Search on S1 Prod (Incident 5233)
Jun 29, 15:39 UTC Investigating - We are currently investigating issues with both report and search on S1 prod. Engineering teams have been engaged and are actively triaging.
DocuSign - Customers may see increased latency when sending and signing and intermittent errors (Incident 5232)
Jun 29, 15:30 UTC Investigating - We are actively investigating this issue.
Need to find a fork of exploitarium github
If you have it please share or dm me it, thanks the original repo is no longer online or it has been deleted edit found a fork allen-110/exploitarium   submitted by   /u/Nefariousness_Future [link]   [comments]
Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks
The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel. Acronis Threat Research Unit found active compromises inside Indian government networks, including machines used by senior administrative staff, and worked with
Free M365 SoC Tool just shipped for you
Hey r/cybersecurity Over the past few weeks I’ve built a tool I wanted to share with you. It’s a SOC solution for Microsoft 365. It currently runs on a local PowerShell web server, but the plan is to make it fully self-hosted or deployable in Azure in the future. What it does: You enter a compromised user and the approximate compromise date, and the tool gives you: All devices the user was logged...
Zoom - Service Degradation Affecting Zoom Voice Agent Service.
Jun 28, 23:38 PDT Identified - We have successfully identified the root cause affecting Zoom Voice Agent Service.Our team is actively working on a resolution, and we will keep you informed with timely updates as progress is made. Thank you for your patience. Jun 28, 23:17 PDT Investigating - We are currently investigating a service degradation affecting Zoom Voice Agent Service.Our team is actively working to identify the impact and root cause. We will provide an update as soon as more inform...
GitHub - Disruption with some GitHub services
Jun 28, 17:59 UTC Update - Copilot cloud agent is experiencing intermittent problems with opening pull requests, pushing changes and replying to comments. We have identified the issue and are validating a fix. Jun 28, 17:50 UTC Investigating - We are investigating reports of impacted performance for some GitHub services.
Akamai - Cloudlets issues while activating Application Load Balancing configurations
Jun 28, 17:22 UTC Monitoring - We have implemented a fix for this issue as of 16:50 UTC on June 28, 2026; based on current observations, the service is resuming normal operations. Customers and partners can find more details on the Akamai Community: https://community.akamai.com/customers/s/feed/0D5a700001GB7HRCA1. We will continue to monitor to ensure that the impact has been fully mitigated Jun 28, 15:57 UTC Update - We are continuing to investigate this issue. Customers and partners can fin...
DocuSign - Intermittent Errors and Delays (Incident 5219)
Jun 28, 06:58 UTC Identified - We have identified the issue and a fix is being implemented. Jun 28, 06:49 UTC Investigating - We are actively investigating this issue.
0DIN: Clean GitHub Repos Can Trick AI Agents Into Reverse Shells
The attack that Mozilla's 0DIN researchers detailed this week is not a vulnerability in any conventional sense. There is no zero-day, no memory corruption, no authentication bypass. It is an exploitation of exactly the behavior that makes AI coding agents useful: when a setup step fails, the agent reads the error and tries to fix it. As [BleepingComputer reports](https://www.bleepingcomputer.com/n...
DigitalOcean - Droplet Backup Service
Jun 27, 18:24 UTC Resolved - Between 00:00 UTC & 16:00 UTC today, our Engineering team identified an issue affecting backup operations on Droplets. During this period, backups scheduled within this window may not have been created and may appear as missing.Our team has taken necessary measures to resolve the issue, and we can confirm that the backup service has been restored and is now functioning normally. Upcoming scheduled backups should be performed as expected.We sincerely apologize for a...
Clean GitHub repo tricks AI coding agents into running malware
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers. [...]
GitHub - Disruption with some GitHub services
Jun 27, 14:04 UTC Monitoring - The degradation has been mitigated. We are monitoring to ensure stability. Jun 27, 14:02 UTC Update - We are conducting routine maintenance on our network infrastructure in the EU. This will not impact production traffic, but may result in slightly increased latency for the remainder of our work. We expect this to last until 19:00 UTC. Jun 27, 14:02 UTC Investigating - We are investigating reports of impacted performance for some GitHub services.
Zoom - Service Degradation Affecting Zoom Phone Inbound calls in US Region
Jun 27, 06:41 PDT Resolved - This incident has been resolved and the affected services have been restored. Jun 27, 06:30 PDT Monitoring - The service degradation affecting Zoom Phone Inbound calls in US Region has been successfully resolved. Our team will continue to monitor the situation closely and keep you informed of any further developments. Jun 27, 06:11 PDT Identified - We have successfully identified the root cause affecting Zoom Phone Inbound calls in US Region. Our team is activel...
OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful, Terra strikes a balance between efficiency and power, and Luna is fine-tuned for speed and affordability. "GPT‑5.6 Sol launches with our most
DigitalOcean - Anthropic Inference Model Availability
Jun 27, 05:15 UTC Resolved - Our Engineering team has resolved the issue that was causing HTTP 400 errors for requests to Anthropic models. Users should now be able to access Anthropic models without any issues.If you continue to experience problems, please open a ticket with our Support team so we can investigate further.We apologize for any inconvenience this may have caused. Jun 27, 04:43 UTC Monitoring - Our Engineering team has mitigated an issue with Anthropic models. Previously, users ...
Plaid - Maintenance: Scheduled maintenance : 07-01 : MongoDB Upgrade
Status: ScheduledPlaid is planning maintenance on Wednesday, July 1st, 2026 from 04:00 UTC - 06:00 UTC. During this window, we expect Affected components API - Sandbox (Under maintenance) API - Production (Under maintenance)
GHSA-44cp-c3ww-9rv5: Heap Vulnerability
ImageMagick has a Heap Buffer Over-Write in SF3 encoder when writing multi-frame image
ActiveCampaign - Issue with Campaign Editor
Jun 26, 17:38 CDT Update - We are continuing to investigate this issue. Jun 26, 17:38 CDT Investigating - Engineers are currently investigating an issue affecting some customers in the campaign editor. For impacted accounts, clicking the Save and Exit or Next buttons may not respond as expected, which can prevent users from moving forward in the editor.Engineers are engaged and are actively working on the issue.
GHSA-hg3w-7f8c-63hp: GitHub Vulnerability
pnpm: Tarball hash of GitHub git dependencies is not stored in lockfile
DocuSign - Some customers may experience latency for any sending actions that involve conversions, generating documents and accessing tasks (Incident 5190) (Incident 5209)
Jun 26, 18:06 UTC Identified - We have identified the issue and a fix is being implemented.
Cybersecurity firms targeted by fraudulent OpenAI organization invites
Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects. [...]
Plaid - Maintenance: Chase Scheduled Maintenance
Status: ScheduledChase is planning maintenance from 28 June 12:00 AM UTC to 28 June 11:00 AM UTC. During this window, we expect up to 660 minutes of downtime for Item adds and/or API calls and/or scheduled updates.Affected components API - Production (Under maintenance)
Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. The activity, particularly aimed at state-owned enterprises in the energy and government sectors, has been attributed to a threat actor called CL-STA-1062, which Palo Alto Networks
Cloudflare - Errors when uploading Custom Certificates
Jun 26, 15:00 UTC Resolved - This incident has been resolved. Jun 26, 12:33 UTC Investigating - Cloudflare is investigating 500/2000 errors when customers attempt to upload a new custom certificate. Custom certificates already in production remain unaffected and are operating normally.
CircleCI - Xcode 26.6 Demand + Queueing
Jun 26, 15:00 UTC Resolved - We observed a surge in demand for Xcode 26.6 and have since mitigated the incident by increasing the available capacity for that Xcode version. Customers may have seen jobs queueing for ~10-15 mins.
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it. Tracked as CVE-2026-12957 (CVSS 8.5), the bug sat in how Amazon's AI coding assistant handled Model Context Protocol (MCP) servers. Wiz
Cloudflare - Increased 499 errors in Ashburn, US between 13:48 - 14:06 UTC
Jun 26, 13:48 UTC Resolved - Visitors, specifically in the Ashburn, US region between 13:48 - 14:06 UTC today, may have encountered 499 errors. This issue did not affect any other Cloudflare services. The issue has since been rectified.
Datadog - Delayed APM Trace Metrics
Jun 26, 09:41 EDT Monitoring - A fix has been implemented and we are monitoring the results. Jun 26, 09:38 EDT Identified - We have identified increased latency processing APM Trace Metrics and are working on a fix.As a result of this issue, some users may see delayed APM Trace Metrics since 13:07 UTC.To prevent false monitor alerts due to delayed data, monitors affected by the delay will not notify and will automatically resume once current data is available. All other monitors will operate ...
Vercel - Elevated Errors on Vercel Dashboard
Jun 26, 13:23 UTC Update - We are continuing to investigate this issue. Jun 26, 13:08 UTC Investigating - We are currently investigating the issue. Some users are experiencing errors authenticating.
Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials
https://www.helpnetsecurity.com/2026/06/26/mirage2fa-phishing-kit-microsoft-365-html-smuggling/   submitted by   /u/sunychoudhary [link]   [comments]
Cloudflare - 404 error when accessing Support cases
Jun 26, 11:29 UTC Resolved - This incident has been resolved. Jun 26, 09:50 UTC Identified - The issue has been identified and a fix is being implemented. Jun 26, 09:41 UTC Investigating - Cloudflare is investigating issues with accessing support tickets via the Cloudflare dashboard. Customers attempting to access their support tickets may observe 404 errors during this time. This issue does not affect any other Cloudflare services. We are working to mitigate this problem. More updates to f...
Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. "The latest activity includes malicious npm releases affecting LeoPlatform and RStreams packages, GitHub Actions workflow abuse, and a related Go
Slack - Incident: Chat functionality unavailable on Slack Help page
We've resolved the issue and users can now use the Chat feature on the Slack Help Center. We performed a configuration change, which brought the feature back online and have validated that it's functioning as expected. We apologize for how this incident may have affected you and your business.
Zoom - Scheduled Update to Prompt versions for Clients (June 25, 2026)
Jun 25, 21:01 PDT Completed - The scheduled maintenance has been completed. Jun 25, 18:01 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 16, 18:26 PDT Scheduled - Zoom will be updating the Prompt version for Zoom clients on June 25, 2026, to the following versions: Windows: 7.0.5macOS: 7.0.5Linux: 7.0.5Android: 7.0.5iOS: 7.0.5VDI : 6.6.15For more information, such as specific versions, please refer to the Zoom Minimum, Prompted, ...
Zoom - Scheduled Update to Slow versions for Clients (June 25, 2026)
Jun 25, 21:00 PDT Completed - The scheduled maintenance has been completed. Jun 25, 18:00 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 16, 18:20 PDT Scheduled - Zoom will be updating the Slow track versions for Zoom clients on June 25, 2026, to the following versions:Windows: 7.0.5macOS: 7.0.5Linux: 7.0.5Android: 7.0.5iOS: 7.0.5VDI : 6.6.15 For more information, such as specific versions, please refer to the Zoom Minimum, Prompt...
Supabase - Scheduled Platform Maintenance 06/26
Jun 26, 04:00 UTC Completed - The scheduled maintenance has been completed. Jun 26, 03:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jun 22, 14:12 UTC Scheduled - We will be carrying out a scheduled maintenance window to perform internal platform improvements and upgrades. Maintenance Window: - Start time: 03:00 UTC on June 26, 2026 - End time: 04:00 UTC on June 26, 2026Impact: - Various platform operations will be delayed during ...
DirtyClone (CVE-2026-43503): JFrog's catch on the DirtyFrag fix regression, with a detectable PoC
JFrog published a finding today on a regression in the DirtyFrag kernel fix. They named it DirtyClone (CVE-2026-43503). It is the same corruption primitive as the DirtyFrag family (CVE-2026-43284 / CVE-2026-43500), reached through a different path. The original patch closed the known trigger but left the primitive reachable. DirtyClone routes the payload through the netfilter TEE clone target, whi...
Cloudflare - Cloudflare Workers AI Issues
Jun 26, 02:15 UTC Resolved - This incident has been resolved. Jun 26, 00:32 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jun 25, 23:59 UTC Investigating - Cloudflare has identified an issue whereby customers might experience errors from inference requests to @cf/google/gemma-4-26b-a4b-it model using Workers AI.We are working to mitigate this problem. More updates to follow shortly.
Akamai - DataStream Configuration Issues
Jun 26, 00:45 UTC Update - We are actively monitoring the fix for this issue and will share updates on mitigation status as progress continues. Thank you for your patience. Jun 25, 21:59 UTC Monitoring - We have rolled back a release which we believe may have caused this issue as of 20:55 UTC on 25 June 2026; based on current observations, the service is resuming normal operations. Customers and partners can find more details on the Akamai Community: https://community.akamai.com/customers/s/f...
Cloudflare - Increased 5xx errors in the India Region
Jun 26, 00:06 UTC Resolved - This incident has been resolved. Jun 25, 17:26 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jun 25, 15:14 UTC Identified - The issue has been identified and a fix is being implemented. Jun 25, 14:12 UTC Update - We are continuing to investigate this issue. Jun 25, 14:10 UTC Investigating - Cloudflare is aware of and investigating an increase of 5xx errors on requests in the India region
Xero - AU: Auto Super - Some customers are not receiving auto super approval codes via SMS
Jun 25, 23:33 UTC Resolved - Sinch has resolved the issue impacting Australian customers not receiving auto super approval codes via SMS. We apologise for any inconvenience this has caused. Jun 25, 20:24 UTC Monitoring - Sinch has implemented a fix and are seeing recovery of their systems. Our team is continuing to monitor. Jun 25, 15:41 UTC Identified - We are currently aware of an issue where customers are not receiving auto super approval codes via SMS. This is due to an issue that Sinch...
Datadog - Delayed CI Visibility data
Jun 25, 19:32 EDT Resolved - This incident has been resolved. Jun 25, 19:24 EDT Identified - We have identified the underlying issue and are working on a fix.It is important to note that no data has been lost, and it will be backfilled and available once the service is operational again. Jun 25, 19:23 EDT Investigating - We are investigating increased latency processing CI Visibility data.As a result of this issue, some users may see delays with pipeline executions.
CircleCI - Investigating — Usage API Not Available
Jun 25, 23:03 UTC Resolved - This incident has been resolved. Jun 25, 22:44 UTC Investigating - Customers using the Usage API may not be able to access the API. Our team is investigating.
Anthropic is testing desktop-like Claude Cowork for mobile
Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. [...]
Wix - RESOLVED: Containers Missing Content on Harmony Sites
Jun 25, 22:36 UTC Resolved - The issue has been resolved. If you are still having issues with Harmony container content not loading, please contact Customer Care. Jun 25, 22:26 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jun 25, 22:12 UTC Identified - The issue has been identified and a fix is being implemented. Jun 25, 20:17 UTC Investigating - We are currently investigating this issue.
DocuSign - Some customers may experience latency for any sending actions that involve conversions, generating documents and accessing tasks (Incident 5190)
Jun 25, 22:29 UTC Resolved - The incident has been resolved. Incident duration and timelines are subject to revision pending the results of any related investigation. Jun 25, 20:57 UTC Identified - We have identified the issue and a fix is being implemented. Jun 25, 20:36 UTC Update - We are continuing to investigate this issue. Jun 25, 20:12 UTC Investigating - We are actively investigating this issue.
Box - [Medium] Issues with Zip Downloads
Jun 25, 14:47 PDT Resolved - After further monitoring, this incident is now considered resolved. The Zip Downloads service has been restored to full functionality. If you continue to experience any issues, please contact Box Support at https://support.box.com. Jun 25, 13:29 PDT Monitoring - Our team has taken steps to remediate this issue and is seeing improvement for the Zip Downloads service. We are continuing to monitor for any additional impact. Jun 25, 12:59 PDT Update - We are continu...
Order-tracking app Shop abused to push callback phishing attacks
Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them into providing sensitive data or installing remote access software. [...]
DocuSign - Users downloading archived document ZIP files may see missing official Docusign platform seals (Incident 5139)
Jun 25, 19:07 UTC Resolved - The incident has been resolved. Incident duration and timelines are subject to revision pending the results of any related investigation. Jun 24, 13:15 UTC Update - The fix is still in progress and being deployed. We will provide an update upon resolution. Jun 18, 22:43 UTC Identified - An issue has been identified where documents downloaded via archived ZIP files with "masked fields" enabled are missing their Docusign platform seals. A fix is underway. We will ...
Supabase - Upgrade Failures
Jun 25, 18:51 UTC Resolved - Through our monitoring, we have determined that project upgrade behavior has returned to normal across the fleet. This incident is resolved. Jun 25, 18:08 UTC Monitoring - We have implemented all necessary mitigations and the project upgrade rates have returned to normal across the fleet. We will continue to monitor these flows for any irregularities or recurring degradation. If you are still experiencing delayed or blocked upgrades on your Project, please contact...
GitHub - Degradation with Webhooks, Pull Requests and Actions
Jun 25, 18:27 UTC Resolved - This incident has been resolved. Thank you for your patience and understanding as we addressed this issue. A detailed root cause analysis will be shared as soon as it is available. Jun 25, 18:27 UTC Update - We identified an issue that caused degradation across multiple services including Webhooks, Pull Requests, Actions, and Issues. Customers may have experienced delays or failures with these services. We have applied mitigations and affected services have recove...
MongoDB Atlas - Courtesy Notice - Intermediate Certificate Authority (CA) change notification from Let’s Encrypt (LE) and Google Trust Services (GTS)
Jun 25, 16:24 UTC Completed - The scheduled maintenance has been completed. Jan 28, 19:41 UTC Scheduled - Please note that this is courtesy notice and no action is required from you if you do not pin intermediate certificates from Let's Encrypt (LE) and/or Google Trust Services (GTS) in your environment when connecting to Atlas dedicated clusters. Let's Encrypt (LE) and Google Trust Services (GTS) have issued additional intermediate certificates to their services. Intermediate certificates ac...
Optimizely - Data Processing Delays in NA
Jun 25, 14:53 UTC Resolved - This incident has been resolved. Jun 24, 10:25 UTC Update - The data processing delay has been resolved, and processing has returned to normal. Recurring campaigns have been resumed, and continuous campaigns are now running as usual.Our team is actively monitoring the system to ensure continued stable performance. We will provide a final update once we have confirmed full recovery.We apologize for any inconvenience this may have caused. Jun 24, 09:20 UTC Update ...
Cloudflare - Workers KV errors via REST API
Jun 25, 14:31 UTC Resolved - This incident has been resolved. Jun 25, 14:21 UTC Update - We are continuing to monitor for any further issues. Jun 25, 14:04 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jun 25, 13:13 UTC Investigating - Cloudflare is investigating errors accessing Workers KV via the REST API and Hyperdrive connections using Cloudflare Tunnel or Access. Workers KV operations via Workers bindings are not affected.