🔴 CISA confirms hackers are actively exploiting a SolarWinds Serv-U flaw to crash servers

CISA added CVE-2026-28318 to its Known Exploited Vulnerabilities catalog this week, confirming that attackers are actively exploiting a denial-of-service flaw in SolarWinds Serv-U file transfer software.

An unauthenticated attacker can crash the Serv-U service with a single crafted HTTP request, taking file transfer operations offline and potentially opening the door to further exploitation during the recovery window. Federal agencies have until June 19 to patch. BleepingComputer

This is the fifth SolarWinds Serv-U vulnerability to be confirmed as actively exploited since 2021. If you manage Serv-U deployments for any clients, patch today.

🟡 ShinyHunters breached the UK’s University of Nottingham. 455,000 students' data is now public

ShinyHunters has added another UK institution to its list.

The University of Nottingham confirmed that a hacking group gained access to its student records system in a breach affecting both current students and alumni. The university said the incident exposed a “significant amount of data” and that the breach has been reported to the UK’s Information Commissioner’s Office. BleepingComputer

Have I Been Pwned confirmed the breach affects 455,000 unique email addresses along with extensive personal information including names, addresses, phone numbers, ethnicities, disabilities, passport numbers, and information relating to academic enrolments and fee payments.

This attack is part of a wider campaign in which ShinyHunters has stolen data from over 100 organisations worldwide.

🟢 The money-laundering service that kept ransomware gangs paid just got shut down

Finally, a satisfying one to end the week on.

Law enforcement has dismantled AudiA6, a cryptocurrency laundering service used by ransomware actors and other cybercriminals to launder more than $380 million. The coordinated takedown was executed on Wednesday, resulting in 2 arrests, 25 domains seized, more than 30 servers taken offline, and over 80 vehicles and multiple properties confiscated. BleepingComputer

The service was linked to more than 15 international ransomware investigations. It accepted cybercrime proceeds, obscured their origins through complex transactions, and returned them cleaned within approximately one hour, charging a 3-10% commission.

Well, will you look at that? We made it to Friday 😃 Hope you have a great weekend. We’ll be back in your inbox on Monday morning.