North America
Google Chrome
On June 8, Google released emergency security updates to patch another Chrome zero-day vulnerability that is being actively exploited in the wild. The flaw is the fifth Chrome zero-day vulnerability patched by Google since the start of 2026.
The high-severity vulnerability, tracked as CVE-2026-11645, stems from an out-of-bounds read and write weakness in Chrome’s V8 JavaScript engine. Attackers can exploit the flaw through specially crafted HTML pages to execute arbitrary code within the browser’s sandbox. Successful exploitation can lead to heap corruption, allowing attackers to access data outside the memory buffer, expose sensitive information or trigger browser crashes. The vulnerability could also be used to bypass security protections such as Address Space Layout Randomization (ASLR), making it easier to achieve code execution through additional flaws.
While Google has warned that it may take days or even weeks for the security update to reach all Chrome users automatically, the patch is now available for installation.
SourceHow it could affect your business
Running an unpatched version of Google Chrome can expose users and organizations to significant security risks, particularly when vulnerabilities are already being actively exploited in the wild. Organizations should ensure browsers are updated as quickly as possible to reduce the risk of compromise. Users who prefer not to manually update Chrome can rely on the browser’s built-in update mechanism, which automatically checks for and installs available security updates the next time the browser is launched.
United States
Evanston Township High School
The FBI is investigating a ransomware incident at Evanston Township High School that forced the school’s closure on June 8.
The attack, which occurred on June 7, disrupted the school district’s phone lines, internet services and computer systems, affecting critical functions such as emergency notifications and public address systems. Staff and students also experienced limited access to email and student accounts. As a result, the district canceled summer school programs, sports camps and other on-campus activities.
School officials said they have not received a ransom demand related to the incident and that both the investigation and recovery efforts remain ongoing.
SourceHow it could affect your business
Ransomware attacks targeting educational institutions have been increasing in recent months, with threat actors seeking to disrupt operations and gain access to sensitive data. Schools should strengthen their cyber resilience through proactive threat monitoring, regular security assessments and user awareness training. Maintaining ransomware-resilient backups and a well-tested business continuity and disaster recovery (BCDR) strategy can also help minimize downtime and accelerate recovery following an attack.
Australia
Mackay Sugar
Mackay Sugar, Australia’s second-largest sugar producer, was forced to shut down some of its mills after a ransomware attack.
Mackay Sugar operates three cane-processing mills in Queensland and plays a significant role in the country’s sugar industry. The incident was disclosed on June 10, when the company announced it was responding to a cybersecurity event affecting parts of its operations. Reports indicate that the attack impacted operations at two of its mills.
In its latest update issued on June 15, Mackay Sugar said it continues to respond to the incident and that significant progress has been made in its recovery efforts. Meanwhile, a ransomware group called “The Gentlemen” named Mackay Sugar on its Tor-based website on June 15, but it has yet to leak any data.
SourceHow it could affect your business
Ransomware attacks can have a significant impact on manufacturing organizations, disrupting production lines, halting operations and causing costly downtime. Beyond operational disruption, these incidents can affect supply chains, delay deliveries and impact customer commitments. To reduce risk, manufacturers should implement proactive monitoring, strengthen endpoint and network security and maintain ransomware-protected, immutable backups supported by a well-tested BCDR strategy to ensure rapid recovery when incidents occur.
United States
Fintech Holdco
Fintech Holdco, a Florida-based financial technology company that provides B2B invoicing, payment automation and AI-driven sales platforms, is notifying customers about a data security incident that may have exposed personal information belonging to certain individuals.
In a public notice, Fintech Holdco confirmed that it experienced a data security incident that may have affected personal information. However, the company did not disclose when the breach occurred or when it was discovered. According to reports, Social Security numbers are among the types of information exposed in the incident.
Fintech said it has no indication that the affected information has been or will be misused. Nevertheless, the company is urging impacted individuals to remain vigilant, monitor their accounts closely and report any suspicious activity or potential misuse of their personal information.
SourceHow it could affect your business
When sensitive personal information such as Social Security numbers is exposed, affected individuals face an increased risk of identity theft, financial fraud and other forms of misuse. Users should closely monitor their financial accounts and credit reports for suspicious or unusual activity. If you notice unauthorized transactions, unfamiliar accounts or signs of identity theft, report them immediately to your financial institution and the appropriate law enforcement authorities.
