Today's 5 PM tech recap for June 17, 2026: security teams had a busy day, Microsoft confirmed a practical Office/Windows update problem, Google pushed Gemini deeper into the home, and AI policy moved from abstract debate into real business continuity risk.
For home users and small businesses, the common thread is simple: the tools we rely on are getting more powerful, but the boring controls still matter. Patch quickly, keep a clean password and MFA plan, know where your backups are, and do not assume cloud or AI services will always behave the same way tomorrow as they did yesterday.
1. FortiBleed leak puts VPN credential hygiene back in the spotlight
The most urgent business-security story today is the reported Fortinet/FortiGate credential exposure being called FortiBleed. BleepingComputer reported on June 17 that a dataset appears to include credentials for 73,932 firewall URLs worldwide, including usernames, email addresses, and plaintext passwords. Security researchers cited in the report said portions of the dump appear authentic, and the data may have come from Fortinet configuration exports rather than ordinary weak passwords.
Why it matters: a firewall or VPN is not just another login. It is usually the front door into the business network. If an attacker has working VPN or firewall admin credentials, they can attempt remote access, change settings, disable protections, or use that access to move deeper into servers and workstations.
Small-business takeaway: if your office uses Fortinet, FortiGate, or any business VPN appliance, treat this as a reminder to review exposure and access controls now. Rotate VPN and firewall admin passwords, verify MFA is enforced, remove stale administrator accounts, restrict management interfaces from the public internet wherever possible, and review logs for odd sign-ins. If you do not know whether your firewall management page is internet-accessible, that is worth checking before a bad actor checks for you.
This also connects directly to a local habit we keep pushing: do not let old access linger. If you have not recently reviewed connected apps, shared accounts, and external access, start with our guide on removing old app access before it becomes an account problem.
2. CISA says an actively exploited Joomla editor flaw needs immediate patching
CISA added CVE-2026-48907 to its Known Exploited Vulnerabilities catalog on June 16, and BleepingComputer covered the warning today. The issue affects the Widget Factory Joomla Content Editor, also known as JCE, and CISA says it can allow PHP upload and execution through improper access control. The JCE team has warned that attacks are automated and that a site with no public registration is still not automatically safe.
Bad news: this is the kind of website vulnerability attackers scan for quickly, especially on small-business websites that do not have full-time web admins. If a site was already compromised, simply updating the plugin closes the entry point but does not clean up files, rogue profiles, backdoors, or stolen credentials.
Good news: there is a practical response path. Update to JCE Pro 2.9.99.6 or later, remove suspicious editor profiles, change admin, database, and hosting passwords, and run a server-side malware scan. Federal agencies have a short remediation deadline because CISA considers this actively exploited, but private businesses should not treat that as a government-only issue. If your website runs Joomla, put this on today's checklist.
3. Microsoft is working on a Defender patch for RoguePlanet
Microsoft confirmed it is working on a fix for the Defender issue publicly called RoguePlanet, now tracked as CVE-2026-50656. According to BleepingComputer, the publicly disclosed proof of concept involves a Microsoft Defender race condition that can lead to SYSTEM-level command execution on fully patched Windows 10 and Windows 11 devices.
This is not a reason to turn Defender off. It is a reason to be more disciplined until Microsoft ships the update. Keep Defender and Windows Update enabled, avoid running unknown tools or scripts, limit local administrator rights, and watch for unusual command prompts, PowerShell activity, or endpoint alerts. Businesses using managed security should make sure endpoint detection rules and alert routing are working, because privilege escalation flaws matter most after an attacker has already found a foothold.
If recent Windows updates have been rough for your office, keep separating security urgency from deployment timing. Patch quickly, but test critical machines and line-of-business software when possible. Our recent Windows 11 BitLocker recovery alert is a good example of why small businesses need a patch plan, not blind panic.
4. June Windows updates are causing Office launch trouble in some third-party apps
Microsoft also confirmed a separate known issue where some third-party applications cannot launch Office apps or open Office documents after Windows updates released on or after June 9, 2026. BleepingComputer reports that affected apps use OLE automation to interact with Office, and examples from user reports include accounting, research, workpaper, and dental-office software.
Customer impact: this can look like Word, Excel, PowerPoint, Access, or documents failing to open from inside another business program, sometimes without a helpful error message. That can interrupt bookkeeping, tax work, dental office workflows, document management, or quoting systems even though Office still works when opened directly.
Workaround: Microsoft says affected users can open Office apps or documents directly instead of launching them from the third-party application. Enterprise customers may be able to get a broader workaround through Microsoft Support for Business while Microsoft prepares a future Windows update. If your staff suddenly says, "Excel is broken," check whether it is broken everywhere or only when launched from another program.
5. Kodak confirms a breach investigation after ShinyHunters claim
Kodak confirmed it is working with external cybersecurity experts after an unauthorized third party gained temporary access to a limited amount of company data. BleepingComputer reported today that the ShinyHunters extortion group claims it stole more than 2.2 million records containing customer PII and internal corporate data, though Kodak has not confirmed that claimed number.
Takeaway for regular users: breach headlines are not only about the named company. They are a reminder that your personal information can be copied from vendors, partners, and old accounts you forgot existed. Watch for targeted phishing that references real companies you have used, avoid password reuse, and keep MFA on important accounts.
Takeaway for businesses: incident statements often start with limited details because investigations take time. That is normal, but your own business should already know who you would call, what systems contain customer data, where backups are stored, and how you would notify affected customers if needed. A response plan written after the breach is always late.
6. Google's new Gemini smart speaker shows where home tech is heading
On the consumer side, Google introduced a new $99.99 Google Home Speaker built around Gemini. TechCrunch reports it is Google's first standalone smart speaker since the 2020 Nest Audio and is designed for more natural, multi-step requests, corrections mid-sentence, and richer two-way conversations.
Good news: smart home control may finally become less picky about exact phrasing. That is useful for accessibility, families, and anyone tired of repeating commands until the device understands.
Caution: some of the more advanced AI features are tied to Google Home Premium plans, starting at $10 per month or $100 per year, according to the report. Before buying, think about the total subscription cost and privacy comfort level. If a speaker can summarize camera activity and hold longer conversations, review microphone, camera, household member, and recording settings before putting it in a private room.
7. AI access is becoming a business continuity issue
TechCrunch also reported from the G7 summit that world leaders want access to American AI models but are worried that the United States could restrict that access without warning. The concern follows the Trump administration's recent export block on Anthropic's newest Mythos 5 and Fable 5 models, and it has pushed leaders to discuss trusted-partner access schemes for advanced AI systems.
For a small business, the lesson is not geopolitical drama. It is dependency planning. If your workflow, product, customer support, or reporting process depends on one AI provider, ask what happens if that provider changes pricing, loses a feature, changes safety rules, or becomes unavailable for legal or policy reasons. Keep copies of critical prompts, export important data, and avoid building a process that only one vendor can run.
8. Robotics AI got a useful infrastructure story, not just hype
A more optimistic AI story today: XDOF emerged from stealth with a robotics data business and a reported $70 million raise. TechCrunch says the company is working on data pipelines, teleoperation, annotation, and feedback loops for robot training, and is partnering with UC Berkeley's AI Research lab on a large robot manipulation dataset.
This matters because physical-world AI does not learn the same way a chatbot learns from text. Robots need high-quality demonstrations, sensor data, failure cases, and controlled practice. For local businesses, the near-term impact is probably not a humanoid worker walking in next week. It is more likely better warehouse automation, inspection tools, packaging support, and industry-specific robotics that improve slowly as the data problem gets solved.
What The IT Guys would prioritize tomorrow morning
- For businesses with VPN or firewall appliances: rotate admin credentials, verify MFA, and confirm management pages are not open to the internet unless absolutely necessary.
- For Joomla site owners: update JCE immediately, then inspect for compromise instead of assuming the patch cleaned everything.
- For Windows offices: document which third-party apps launch Office documents and test the direct-open workaround if staff report silent failures.
- For home users: update Windows normally, keep Defender on, and do not run random tools that claim to "fix" Defender or Office issues.
- For smart home buyers: compare the hardware price and the recurring AI subscription before upgrading speakers.
- For anyone using AI in daily work: keep a backup workflow for key tasks so one model or provider change does not stop the business.
Sources
- BleepingComputer: FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices
- BleepingComputer: CISA orders patching for actively exploited Joomla JCE flaw
- CISA Known Exploited Vulnerabilities catalog
- BleepingComputer: Microsoft working on Defender patch for RoguePlanet zero-day
- BleepingComputer: Microsoft confirms Office app launch issues after June updates
- BleepingComputer: Kodak confirms data breach investigation
- TechCrunch: Google bets on Gemini to reinvent the smart home speaker
- TechCrunch: G7 leaders raise concerns about access to American AI
- TechCrunch: XDOF and robot training data infrastructure