Cybersecurity Feed

Unit 42 — 16/06/2026, 15:30:29

Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE High Click here

BleepingComputer — 16/06/2026, 14:49:51

Critical Fortinet FortiSandbox flaws now exploited in attacks Click here

BleepingComputer — 16/06/2026, 14:30:00

Windows version of SprySOCKS Linux malware used to attack govt orgs Click here

Cyber Security News — 16/06/2026, 14:17:46

Infinite Campus Data Breach Exposes 137,000 Users Personal Details Click here

The Hacker News — 16/06/2026, 13:44:55

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware Click here

Cyber Security News — 16/06/2026, 12:43:37

OptinMonster Plugin Hack Exposes 1.2 Million WordPress Sites to Cyberattack High Click here

SANS Internet Storm Center, InfoCON: green — 16/06/2026, 12:39:13

From a VHDX File to a Remcos RAT, (Tue, Jun 16th) Click here

Cyber Security News — 16/06/2026, 12:11:57

Hackers Abuse Legitimate RMM Tools in The Quarry IRS and SSA Phishing Campaigns High Click here

SecurityWeek — 16/06/2026, 11:50:18

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks CVE-2026-20262 Critical Click here

Cyber Security News — 16/06/2026, 11:45:40

LiteSpeed cPanel Plugin 0-Day Vulnerability Actively Exploited in the Wild CVE-2026-54420 Critical Click here

The Hacker News — 16/06/2026, 11:35:58

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw CVE-2026-20262 Critical Click here

The Hacker News — 16/06/2026, 11:11:52

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation CVE-2026-54420 Critical Click here

Cyber Security News — 16/06/2026, 11:08:32

Cisco SD-WAN vManage Vulnerability Exploited in Zero-Day Attacks CVE-2026-20262 Critical Click here

Threat Research & Intelligence Archives - Sekoia.io Blog — 16/06/2026, 10:30:00

Unveiling ErrTraffic: inside a growing ClickFix malware distribution framework Click here

Cyber Security News — 16/06/2026, 06:08:57

Nearly 14,000 SimpleHelp Servers Exposed Amid Critical Authentication Bypass Disclosure CVE-2026-48558 High Click here

Unit 42 — 16/06/2026, 04:30:19

Inside the Modern SOC: The 72-Minute Race Click here

BleepingComputer — 16/06/2026, 01:36:52

SimpleHelp bug lets hackers create rogue remote support accounts High Click here

The Hacker News — 16/06/2026, 01:14:06

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails Click here

The Hacker News — 16/06/2026, 01:02:52

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels Click here

darkreading — 16/06/2026, 00:57:48

Copilot 'SearchLeak' Attack Allows 1-Click Data Theft Click here

BleepingComputer — 15/06/2026, 23:07:07

OptinMonster WordPress plugin hacked in CDN supply-chain attack Click here

BleepingComputer — 15/06/2026, 22:42:42

Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks CVE-2026-20262 Critical Click here

The Hacker News — 15/06/2026, 22:09:01

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers Click here

Cyber Security News — 15/06/2026, 21:56:12

DPAPISnoop Tool Extracts CREDHIST Hashes for Offline Windows Credential Recovery Medium Click here

Cyber Security News — 15/06/2026, 21:34:37

SHADOWBYT3$ Allegedly Claim Breach of Nintendo, Stealing Sensitive Data Click here

SecurityWeek — 15/06/2026, 20:45:55

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer High Click here

The Hacker News — 15/06/2026, 20:39:05

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes Click here

darkreading — 15/06/2026, 20:38:32

The Beginning of the End of Social Engineering Click here

BleepingComputer — 15/06/2026, 19:30:00

Chinese hackers breach REDCap servers, steal medical research Click here

Threat Intelligence — 15/06/2026, 19:30:00

Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research Click here

The Hacker News — 15/06/2026, 19:19:29

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More Critical Click here

Check Point Research — 15/06/2026, 19:10:44

15th June – Threat Intelligence Report CVE-2026-35273 Critical Click here

BleepingComputer — 15/06/2026, 18:30:00

New attack turned Microsoft 365 Copilot into 1-click data theft tool Click here

BleepingComputer — 15/06/2026, 18:08:55

Infinite Campus data breach affects 137,000 school staff accounts Click here

BleepingComputer — 15/06/2026, 17:42:20

Webinar: How behavioral AI stops phishing and account takeovers Click here

All CISA Advisories — 15/06/2026, 17:30:00

CISA Adds Two Known Exploited Vulnerabilities to Catalog CVE-2026-20262 Critical Click here

SecurityWeek — 15/06/2026, 17:03:20

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges High Click here

SecurityWeek — 15/06/2026, 16:47:21

Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems Click here

SecurityWeek — 15/06/2026, 16:14:29

ShinyHunters Claims Council of Europe Hack Click here

The Hacker News — 15/06/2026, 15:29:38

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites Click here

The Hacker News — 15/06/2026, 11:47:32

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw CVE-2026-0257 Click here

Blog — 15/06/2026, 10:30:00

CrowdStrike Announces Continuous Identity for AI Agents Click here

The Hacker News — 13/06/2026, 18:53:03

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication CVE-2026-20253 High Click here

darkreading — 13/06/2026, 01:56:32

ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed Critical Click here

The Hacker News — 13/06/2026, 01:03:25

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit Click here

The Hacker News — 12/06/2026, 23:47:55

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade Click here

The Hacker News — 12/06/2026, 17:34:33

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code Click here

All CISA Advisories — 12/06/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-35273 Critical Click here

The Hacker News — 12/06/2026, 16:30:00

Rethinking MDR as Attackers and Defenders Embrace AI Click here

The Hacker News — 12/06/2026, 15:20:36

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution High Click here

The Hacker News — 12/06/2026, 12:08:41

Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs High Click here

darkreading — 12/06/2026, 06:28:07

Phishing Attack Volume Down 20%, But Risk Still Rising Click here

The Hacker News — 12/06/2026, 01:59:23

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities CVE-2026-35273 Critical Click here

darkreading — 12/06/2026, 00:13:57

Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure Click here

The Hacker News — 11/06/2026, 23:16:32

New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets Click here

The Hacker News — 11/06/2026, 23:13:52

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files Click here

The Hacker News — 11/06/2026, 22:20:47

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm High Click here

Check Point Research — 11/06/2026, 19:07:11

From SQLi to RCE – Exploiting LangGraph’s Checkpointer CVE-2025-67644 High Click here

The Hacker News — 11/06/2026, 18:50:41

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories Click here

SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms. — 11/06/2026, 18:30:59

LABScon25 Replay | Keynote: Steps to an Ecology of Cyber Click here

All CISA Advisories — 11/06/2026, 17:30:00

Yarbo Android/iOS Mobile Application and Cloud Infrastructure CVE-2026-10557 Click here

All CISA Advisories — 11/06/2026, 17:30:00

Naxclow IoT Platform CVE-2026-42947 Click here

All CISA Advisories — 11/06/2026, 17:30:00

Brickcom Cameras CVE-2026-50245 High Click here

All CISA Advisories — 11/06/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-10520 Critical Click here

Unit 42 — 11/06/2026, 15:30:24

Trust No Skill: Integrity Verification for AI Agent Supply Chains Click here

The Hacker News — 11/06/2026, 15:15:58

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack Click here

Threat Research & Intelligence Archives - Sekoia.io Blog — 11/06/2026, 12:00:00

APT28, an evolution of tradecraft Click here

The Hacker News — 11/06/2026, 11:53:03

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks Click here

Business Insights Cybersecurity Blog by Bitdefender — 11/06/2026, 01:02:02

Bitdefender Threat Debrief | June 2026 High Click here

darkreading — 10/06/2026, 22:01:02

Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet Click here

The Hacker News — 10/06/2026, 20:40:59

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities CVE-2026-25089 Click here

The Hacker News — 10/06/2026, 20:30:59

Langflow Vulnerability CVE-2026-5027 Exploited for Unauthenticated RCE CVE-2026-5027 Critical Click here

The Hacker News — 10/06/2026, 20:14:29

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation CVE-2026-20245 Critical Click here

The Hacker News — 10/06/2026, 15:08:13

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs High Click here

The Hacker News — 10/06/2026, 12:32:08

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances High Click here

The Hacker News — 10/06/2026, 10:52:01

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows Critical Click here

The Hacker News — 10/06/2026, 10:38:35

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS High Click here

Krebs on Security — 10/06/2026, 03:37:28

A Record-Breaking Patch Tuesday for June 2026 CVE-2026-49160 Critical Click here

Unit 42 — 10/06/2026, 03:30:21

Blinding the Watchmen: Abusing Cloud Logging Services for Defense Evasion and Visibility Click here

darkreading — 10/06/2026, 03:27:11

The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life Click here

darkreading — 10/06/2026, 01:50:00

Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address Critical Click here

darkreading — 10/06/2026, 01:03:45

Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories Click here

SOC Prime — 10/06/2026, 00:14:17

CVE-2026-11645: Chrome Zero-Day Vulnerability Exploited in the Wild CVE-2026-11645 Critical Click here

SANS Internet Storm Center, InfoCON: green — 09/06/2026, 23:04:29

Microsoft June 2026 Patch Tuesday, (Tue, Jun 9th) CVE-2026-49160 High Click here

The Hacker News — 09/06/2026, 22:09:47

Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code CVE-2026-44963 High Click here

The Hacker News — 09/06/2026, 22:04:52

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues Click here

darkreading — 09/06/2026, 21:07:02

Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs CVE-2025-8088 Click here

Unit 42 — 09/06/2026, 19:35:42

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 CVE-2026-0257 Click here

The Hacker News — 09/06/2026, 17:56:10

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine CVE-2025-8088 Click here

All CISA Advisories — 09/06/2026, 17:30:00

CISA Adds Three Known Exploited Vulnerabilities to Catalog CVE-2026-7473 Critical Click here

All CISA Advisories — 09/06/2026, 17:30:00

Siemens KACO Blueplanet Inverters CVE-2025-40946 Medium Click here

The Hacker News — 09/06/2026, 17:29:03

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models Click here

The Hacker News — 09/06/2026, 17:28:49

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now CVE-2026-11645 Critical Click here

The Hacker News — 09/06/2026, 15:20:41

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing Click here

Blog — 09/06/2026, 10:30:00

CrowdStrike 2026 Technology Threat Landscape Report: China’s Ambitions Fuel Attacks Click here

Blog — 09/06/2026, 10:30:00

June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days Click here

Unit 42 — 09/06/2026, 04:30:45

When “Hi, This Is IT” Comes Through Microsoft Teams Click here

darkreading — 09/06/2026, 02:29:52

Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks Click here

darkreading — 09/06/2026, 01:58:35

Check Point VPN Flaw Exploited Since Early May Critical Click here

darkreading — 08/06/2026, 21:43:41

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud Click here

Check Point Research — 08/06/2026, 20:17:59

8th June – Threat Intelligence Report CVE-2025-48595 Critical Click here

All CISA Advisories — 08/06/2026, 17:30:00

CISA Adds Two Known Exploited Vulnerabilities to Catalog CVE-2026-42271 Critical Click here

Blog — 08/06/2026, 10:30:00

CrowdStrike and Zscaler Bring Continuous Identity to Zero Trust Access Click here

darkreading — 06/06/2026, 00:34:36

Exposed Fuel Tank Gauges Under Attack in the US Click here

SOC Prime — 05/06/2026, 20:52:25

CVE-2026-20245: Cisco SD-WAN Manager Zero-Day Enables Root Command Execution CVE-2026-20245 Critical Click here

SOC Prime — 05/06/2026, 20:41:00

CVE-2026-49975: HTTP/2 Bomb Attack Can Knock Web Servers Offline in Seconds CVE-2026-49975 Click here

darkreading — 05/06/2026, 20:10:11

Adaptive, Agentic AI Worms Loom as Next Enterprise Threat Click here

Threat Intelligence — 05/06/2026, 19:30:00

Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms Click here

All CISA Advisories — 05/06/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-28318 Critical Click here

Seqrite Labs — 05/06/2026, 15:04:54

How Digital Risk Protection Helps Defend Your Brand Reputation Click here

darkreading — 05/06/2026, 02:53:59

China's TA4922 Expands Cybercrime Attacks Globally Click here

darkreading — 05/06/2026, 02:38:16

4 Critical Threats Where Attackers Have the Advantage Click here

All CISA Advisories — 04/06/2026, 17:30:00

NAVTOR NavBox CVE-2026-21404 Click here

All CISA Advisories — 04/06/2026, 17:30:00

B&R PPT30 Operating System CVE-2025-11482 High Click here

All CISA Advisories — 04/06/2026, 17:30:00

Hitachi Energy MACH HiDraw CVE-2026-7310 Click here

All CISA Advisories — 04/06/2026, 17:30:00

Hitachi Energy ITT600 Explorer CVE-2024-8176 Click here

Proofpoint News Feed — 04/06/2026, 15:35:27

China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa Click here

darkreading — 04/06/2026, 03:04:07

Attackers Use AI to Automate EDR Evasion Testing Click here

darkreading — 04/06/2026, 01:22:32

Tropical Blend: Cyber & Politics Ramp Up Across Latin America Click here

darkreading — 04/06/2026, 00:40:58

Cyber Insurance Rates Are Dropping, but Exclusions Widen Click here

darkreading — 04/06/2026, 00:30:41

Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover Click here

Check Point Research — 03/06/2026, 18:51:44

Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem Click here

darkreading — 03/06/2026, 17:31:00

Malicious Notifications Could Trick Google Gemini Users Click here

All CISA Advisories — 03/06/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2026-45247 Critical Click here

darkreading — 03/06/2026, 03:02:24

FBI-Flagged Phishing Kit Kali365 Expands Its Reach Click here

darkreading — 03/06/2026, 01:41:51

DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks Click here

darkreading — 03/06/2026, 01:20:53

China Uses Dual-Method Cyberattack on Czech Orgs Click here

Unit 42 — 02/06/2026, 23:00:33

The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2) Click here

SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms. — 02/06/2026, 18:30:58

LABScon25 Replay | Gamaredon x Turla: Unveiling a 2025 Espionage Alliance Targeting Ukraine Click here

All CISA Advisories — 02/06/2026, 17:30:00

CISA and Partners Urge Hardening Automatic Tank Gauge Systems Medium Click here

All CISA Advisories — 02/06/2026, 17:30:00

CISA Adds Two Known Exploited Vulnerabilities to Catalog CVE-2022-0492 Critical Click here

Unit 42 — 02/06/2026, 15:30:31

Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor Click here

darkreading — 02/06/2026, 00:22:26

Microsoft's Zero-Day Legal Threats Spark Backlash Critical Click here

Krebs on Security — 01/06/2026, 23:02:50

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts Click here

Check Point Research — 01/06/2026, 20:13:11

1st June – Threat Intelligence Report CVE-2026-48131 Critical Click here

darkreading — 01/06/2026, 20:05:51

Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit High Click here

All CISA Advisories — 01/06/2026, 17:30:00

CISA Adds One Known Exploited Vulnerability to Catalog CVE-2024-21182 Critical Click here

Threat Research & Intelligence Archives - Sekoia.io Blog — 01/06/2026, 12:00:00

FSB’s matryoshka #1/3 – Gamaredon’s gifts that keeps unpacking – GammaPhish and GammaWorm Click here

darkreading — 30/05/2026, 01:52:04

Name That Toon: Mark of (Cybersecurity) Progress Click here

Seqrite Labs — 29/05/2026, 17:45:34

Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2 Click here

All CISA Advisories — 29/05/2026, 17:30:00