🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
16 Jun KEVCisco Releases Security Updates for Actively Exploited SD-WAN Manager FlawCisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0. "A vulnerability in the web UI of Cisco C…THEHACKERNEWS.COM
16 Jun KEVCISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege EscalationThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026. The …THEHACKERNEWS.COM
16 JunCisco Patches Another SD-WAN Zero-Day Exploited in AttacksCisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunCisco patches SD-WAN flaw amid evidence of active exploitationCisco has released fixes for a vulnerability in its Catalyst SD-WAN Manager software after becoming aware of limited exploitation of the flaw, which could allow an authenticated attacker to create or overwrite files that may later be used to gain root privileges. The vulnerabilit…CSOONLINE.COM
16 JunAttackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last WeekBad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 h…THEHACKERNEWS.COM
16 Jun KEVCISA warns of another cPanel plugin flaw exploited in attacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin. [...]BLEEPINGCOMPUTER.COM
16 JunCisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated security advisory also states that “the vulnerability was found during internal secur…HELPNETSECURITY.COM
16 JunSimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to create a new “Technician” account and use it to remote into managed endpoints, execute scripts, an…HELPNETSECURITY.COM
16 JunAttackers are exploiting FortiSandbox vulnerabilitiesAttackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products depend on for threat verdicts to enforce blocking decisions and trigger automated responses. The warning…HELPNETSECURITY.COM
⚠️ VULNERABILITY DISCLOSURE 25[−]
16 JunCybersecurity jobs available right now: June 16, 2026Android Vulnerability Researcher Byteria | USA | Remote – View job details As an Android Vulnerability Researcher, you will analyze the Android attack surface, including the Linux kernel, system services, drivers, firmware, applications, and Trusted Execution Envi…HELPNETSECURITY.COM
16 JunThe rise of machine identities and agentic AI: Securing trust in the next era of digital autonomyIn the latest episode of Identity Insider, I sat down with Chris Hughes, a cybersecurity expert who’s involved in OWASP’s work on non-human and machine identity security. Unsurprisingly, our discussion centered on the rapidly changing cybersecurity landscape, driven b…HELPNETSECURITY.COM
16 JuniRhythm discloses data breach, says hackers stole patient infoDigital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applications. [...]BLEEPINGCOMPUTER.COM
16 JunReachability makes AI threat modeling worth the trustIn this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks the path to impact on a wo…HELPNETSECURITY.COM
16 JunZero trust isn’t broken. Most companies just do it wrong.Zero trust is 15 years old, and like many teenagers, it can feel misunderstood and underappreciated. The concept of zero trust was first defined by John Kindervag , a Forrester analyst at the time, as a strategy to replace the outmoded perimeter security model with a “never trust…CSOONLINE.COM
16 JunPlanning a trip? Fake travel sites are multiplying this summerCyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point. (Source: Check Point) “The sector has more than doubled its attack volume since…HELPNETSECURITY.COM
16 JunCritical Fortinet FortiSandbox flaws now exploited in attacksAttackers are now exploiting several critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. [...]BLEEPINGCOMPUTER.COM
16 JunSoftware supply chains are heading for a transparency testSoftware supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM Adoption State of Play 2026 shows organizations preparing for CRA obligations through SBOM tooling, automa…HELPNETSECURITY.COM
16 JunChainguard, JPMorgan, BNY Team Up to Secure Open Source from AI ThreatsAthena is a new an industry coalition to fix the vulnerabilities frontier AI models find before attackers can exploit themINFOSECURITY-MAGAZINE.COM
16 JunPickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCEUnit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more. The post Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
16 JunRansomware gang abuses Microsoft Teams relays to hide malicious trafficDragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure. [...]BLEEPINGCOMPUTER.COM
16 JunChina-linked hackers target US, Canada research using legacy REDCap exploitsGoogle is warning of a cyber espionage campaign linked to a China-nexus threat actor, UNC6508, that kept close tabs on valuable US and Canadian research environments for over a year. The campaign abused REDCap, a widely adopted platform for collecting and managing research data. …CSOONLINE.COM
16 JunDragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major CompanyCommand and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defendersINFOSECURITY-MAGAZINE.COM
16 JunWiz Exposure Management Dashboard: Your CTEM Command CenterNew exposure management dashboard helps organizations align with CTEM to stay ahead in an era of AI exploiting vulnerabilities faster than everWIZ.IO
16 JunImproving precision in CTEM: How continuous controls validation in Tenable One transforms exposure managementDiscover how continuous control validation in Tenable One can improve your CTEM program by filtering out alert noise and factoring in your active cyber defenses. Focus your team on accessible and exploitable attack paths. Key takeaways: With vulnerability exploitation ranki…TENABLE.COM
16 JunRadware AI Xploit Shield delivers virtual patching for newly identified application and API flawsRadware has announced AI Xploit Shield, a new service that provides organizations with protection for their applications and APIs from exploitation of newly discovered vulnerabilities. As emerging frontier AI models like Mythos from Anthropic accelerate vulnerability discovery, o…HELPNETSECURITY.COM
16 JunCybercriminals mask malicious communications through Microsoft Teams relaysThe DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec. DragonForce is a ransomware-as-a-service operation th…HELPNETSECURITY.COM
16 JunIndia temporarily blocks Telegram over medical exam cheating fearsAuthorities said scammers previously exploited the feature by posting fake exam questions before the test and later replacing them with the real questions, making it look like they had leaked the exam in advance.THERECORD.MEDIA
16 JunTrump administration keeps Fable 5 restrictions in place.DragonForce ransomware operators abuse Microsoft Teams to hide C2 traffic. Ukrainian national pleads guilty to assisting in Conti ransomware attacks.THECYBERWIRE.COM
16 JunSession avoids shutdown as community donations save the projectSession, the decentralized encrypted messaging platform that warned earlier this year it could shut down due to a funding crisis, will continue operating after receiving financial support from thousands of users. The community-funded effort has provided enough resources to keep d…CYBERINSIDER.COM
16 JunThreat tactic spotlight: Subdomain takeoverIn this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to redirect traffic to attacker-controlled resources. We’ll explain the issue, how the situation arises, and how you can use various AWS feature…AWS.AMAZON.COM
16 JunNo Mythos of escape.Emergency talks fail to free Anthropic’s Fable 5. Trump moves to strengthen national security systems. Microsoft patches a critical Copilot flaw. ShinyHunters weaponize a PeopleSoft zero-day. DragonForce hides in Microsoft Teams for months. Plus, Amos Stealer targets Macs, CISA i…THECYBERWIRE.COM
16 JunWhy AI Is Breaking Network-Based SASEMike Fey, co-founder and CEO of Island, joins Dave Bittner on the CyberWire Daily podcast for a sponsored Industry Voices. Mike explores why AI workflows and emerging quantum computing threats are challenging the assumptions behind traditional network-based SASE architectures. He…THECYBERWIRE.COMHTTPS:
16 JunAttackers Rarely Use Real IPsAccording to an industry study referenced in the discussion, anonymizing infrastructure such as VPNs, proxy networks, and Tor appeared in nearly all analyzed security incidents, with 94% of respondents reporting its use during attacks. Traditional IP-based detection becomes far l…YOUTUBE.COM
16 JunCyberRisk TV Live Coverage from Identiverse 2026CyberRisk TV is broadcasting live from Identiverse 2026 in Las Vegas! Join us for exclusive interviews with identity, security, and technology leaders, actionable insights, and the latest thinking from practitioners shaping the future of digital identity at the industry's premier…YOUTUBE.COM
📢 SECURITY ADVISORIES 5[−]
16 JunEU Cybersecurity Act 2.0: When good regulation goes badOver recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain attacks targeting our critical infrastructure, that seriousness is welcome. But good intentions and good pol…HELPNETSECURITY.COM
16 JunCybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI ModelsA group of cybersecurity executives and experts is asking the Trump administration to lift its directive preventing the use of Anthropic’s latest artificial intelligence models by foreign nationals. The post Cybersecurity Executives Urge the Trump Administration to Ease Restricti…SECURITYWEEK.COM
16 JunTricked and Extradited: Inside the First FBI Operation to Lure a Chinese Spy to the USThe FBI won’t discuss exactly how Chinese spy Xu Yanjun came to the attention of special agents. Xu was handling a GE Aviation engineer in Ohio who specialized in composite fan-blade technology. That engineer, David Zheng, had been approached by an official from Nanjing Universit…THECYBERWIRE.COM
16 JunKeep up with HIPAA Expectations amid Growing Cyber ThreatsHealthcare organizations can satisfy cybersecurity and HIPAA compliance obligations while upholding patient safety. Read on to learn how.CISECURITY.ORG
16 JunLawmakers leary about Trump administration’s Anthropic orderSome panned it, some said they needed more information, but caution figured into all of the responses. The post Lawmakers leary about Trump administration’s Anthropic order appeared first on CyberScoop .CYBERSCOOP.COM
🔥 INCIDENT REPORTING 7[−]
16 JunChinese Hackers Abused Google Workspace Rules to Steal Research and Defense EmailsA China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was a backdoor on their REDCap research servers that stole login credentials. The exf…THEHACKERNEWS.COM
16 JunSurvey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still ReactiveSecurity teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms. Yet despite this abundance of information, many or…THEHACKERNEWS.COM
16 JunImaging giant Kodak confirms hackers breached systems and stole dataKodak says it is investigating a cybersecurity incident after the ShinyHunters extortion group claimed to have stolen more than 2.2 million records containing customer personally identifiable information (PII) and internal corporate data. The company confirmed that an unauthorize…CYBERINSIDER.COM
16 JunUK to require ID or face scan before you can make social media accountsOpening a new social media account in the UK will soon mean proving you're over 16 with an ID upload or a facial age scan, under a government ban on under-16s taking effect in spring 2027. Security experts warn the age checks are easy to circumvent and create new data-breach risk…BLEEPINGCOMPUTER.COM
16 Jun'Lorem Ipsum' Malware Pivots to ClickFix DeliveryNew analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and data extortion group Vice Society.DARKREADING.COM
16 JunAI adoption correlates with incident frequency, underscoring need for governanceEven organizations that haven’t yet been breached expect an AI-related incident in the near future, a new survey found.CYBERSECURITYDIVE.COM
16 JuniRhythm Confirms Data Stolen in HackThe digital health company said it learned of the breach on June 8 and the attackers demanded a ransom. The post iRhythm Confirms Data Stolen in Hack appeared first on SecurityWeek .SECURITYWEEK.COM
🕵️ THREAT INTELLIGENCE 30[−]
16 JunNorth Korean Hackers Are Turning Developer Tools Into Malware Delivery ChannelsCybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi). According to a report published by Proofpoint, the…THEHACKERNEWS.COM
16 JunISC Stormcast For Tuesday, June 16th, 2026 https://isc.sans.edu/podcastdetail/9974, (Tue, Jun 16th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
16 JunA $2 trillion revenue shift hinges on AI data governanceAcross large enterprises, a single question keeps surfacing when teams want to put customer data to work. Can this record be used for a given purpose, and does the consent behind it still hold? The data sits in warehouses and customer databases, and the ability to answer that que…HELPNETSECURITY.COM
16 JunGitHub releases an open dataset for multilingual developer contentDevelopers coordinate code across README files, issue threads, and pull request discussions. Much of that exchange happens in English, and a large share happens in other languages. GitHub has released a dataset built to help researchers and developers locate public repositories t…HELPNETSECURITY.COM
16 JunFrom a VHDX File to a Remcos RAT, (Tue, Jun 16th)Yesterday, a reader reported to us a malicious ZIP archive (SHA256: a0104921a2d37ab87482ac9a9f5c3713479c118846c3e999178e75b81620c094[ 1 ]). Once unzipped, it contains a VHDX file that discloses a malicious JavaScript after being mounted (which is automatic on modern Win…ISC.SANS.EDU
16 JunFake Microsoft Alerts Used to Deploy North Korean NarwhalRAT MalwareThe North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware called NarwhalRAT. "The attack email contained a message impersonating an MS acc…THEHACKERNEWS.COM
16 JunESET discovers Windows SprySOCKS variant with rootkit capabilitiesESET researchers have uncovered two previously undocumented Windows variants of SprySOCKS, a backdoor previously known only as a Linux threat and linked to the China-aligned cyberespionage group FishMonger. The newly discovered malware variants significantly expand the group's ca…CYBERINSIDER.COM
16 JunWhy Does It Matter Who or What Created the Code? - Matias Madou - ASW #387Agents and LLMs are creating and reviewing code. They're a new tool to help developers write software and they're a new abstraction layer for expressing what code should do. But if we're focused on determining whether code is secure, where do we focus our attention on ensuring a …YOUTUBE.COM
16 JunTech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of DisclosureOver two dozen organizations built a shared platform to triage vulnerabilities, fix them, and secure the software before patches arrive. The post Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunAtomic Arch Supply Chain Attack Hits 1,500 AUR PackagesArch Linux suspended account registrations in response to the wave of malicious packages being uploaded to AUR. The post Atomic Arch Supply Chain Attack Hits 1,500 AUR Packages appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunCrypto scammers are sending couriers to victims’ homes to collect cashScammers behind cryptocurrency investment schemes are dispatching couriers to pick up cash from victims in person, the FBI warns. According to the agency, scammers usually approach victims through social media, text messages, or fake investment personas, luring them into cryptocu…HELPNETSECURITY.COM
16 JunFlock Cameras Are Being Used for StalkingThere are over a dozen cases around the country where police officers are using the Flock surveillance camera system to obsessively and illegally stalk people . Alternate link .SCHNEIER.COM
16 JunCal Water Investigating Iranian Hackers’ ClaimsCalifornia Water Service says there is no indication of operational disruptions to its water and wastewater systems. The post Cal Water Investigating Iranian Hackers’ Claims appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunWhite House Issues Memo to Bolster NSS CybersecurityNSPM-12 establishes a clear structure for NSS cybersecurity governance and accountability and reestablishes CNSS. The post White House Issues Memo to Bolster NSS Cybersecurity appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunSteam Workshop hosts wallpapers with account-stealing malwareResearchers at Kaspersky have uncovered dozens of malicious wallpapers distributed through Steam Workshop that were designed to steal Steam accounts and infect systems with malware. The campaign abuses Wallpaper Engine, a popular Steam application for animated desktop backgrounds…CYBERINSIDER.COM
16 JunEndpoint Security Startup Ent Emerges From Stealth With $100 Million Seed RoundEnt has developed an intent-aware platform designed to interpret user and agent behavior before risky actions are carried out. The post Endpoint Security Startup Ent Emerges From Stealth With $100 Million Seed Round appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunCybercrime Group Claims Novo Nordisk HackThe hack-and-leak group FulcrumSec claims to have stolen 1.3TB of data from the pharmaceutical giant. The post Cybercrime Group Claims Novo Nordisk Hack appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunCan CISOs Trust Their Applications? TrustCloud Wants to Replace the QuestionnaireBy continuously analyzing security, infrastructure, and governance data, TrustCloud aims to give CISOs a real-time view of application risk and board-ready assurance. The post Can CISOs Trust Their Applications? TrustCloud Wants to Replace the Questionnaire appeared first on Secu…SECURITYWEEK.COM
16 JunTeleport adds LLM Proxy and Delegated Identity to secure AI agent actions and accessTeleport has announced the debut of two foundational capabilities of its Agentic Identity Framework in the public beta of Beams: LLM Proxy and Delegated Identity. These capabilities address a critical gap in how organizations deploy AI agents: the lack of identity, access control…HELPNETSECURITY.COM
16 JunMagnitude Emerges From Stealth Mode With $10 Million in FundingThe company is enhancing third-party risk management (TPRM) through autonomous AI agents. The post Magnitude Emerges From Stealth Mode With $10 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunAI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to AskFrom defending networks to enabling attacks, artificial intelligence is changing every aspect of cybersecurity. Here's what dozens of experts say security leaders need to understand now. The post AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask appeare…SECURITYWEEK.COM
16 JunTekStream launches Proactive Cyber Defense to counter AI-driven threatsTekStream has announced the launch of TekStream Proactive Cyber Defense, a new expert-operated security service powered by Cosmos, the company’s cyber defense intelligence platform. The launch comes as organizations face a rapidly changing threat landscape shaped by AI-accelerate…HELPNETSECURITY.COM
16 JunAppViewX extends machine identity security to ai agents and post-quantum environmentsAppViewX has announced Agent Identity Security, a new product within the AppViewX platform that discovers, governs, secures, and monitors AI agents across the entire enterprise. Agent Identity Security extends AppViewX’s platform, built on a decade of machine identity and P…HELPNETSECURITY.COM
16 JunGovern AI Code Or ElseMatias Madou argues that software teams need to start governing AI-generated code, not just reviewing it. Traditional development workflows assume a human author creates code and another human reviews it. AI introduces additional contributors, making authorship, accountability, a…YOUTUBE.COM
16 JunHacker Conversations: Isira Adithya, the Evolution of an Ethical HackerFrom building LED bulbs to graduating college and buying a house with money earned from bug bounties. The post Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker appeared first on SecurityWeek .SECURITYWEEK.COM
16 JunA case for how to shape ‘ingredient lists’ for AI modelsAI bills of materials (AIBOMs), modeled on standards that worked for software, could transform how policymakers understand and regulate AI. A new roadmap outlines what they need to include and how to get there. The post A case for how to shape ‘ingredient lists’ for AI models app…CYBERSCOOP.COM
16 JunSteam Workshop abused to spread malware via Wallpaper Engine appThreat actors are abusing Steam Workshop, Valve's community hub for downloading game-related content, to push various malware hidden in wallpaper packages. [...]BLEEPINGCOMPUTER.COM
16 JunThe Security Tool Nobody NoticesAn attacker attempted to submit backdoored code, but a linter repeatedly flagged issues during the development process. The common saying is that attackers only need to be right once. But in practice, many attacks require a sequence of successful actions that avoid detection. Eac…YOUTUBE.COM
16 JunTSME, ARCH, Maine, Fable, PANOS, Doug's Grandma, Vienna Sausages, Aaran Leyland - SWN #590TSME, ARCH, Maine, Fable, PANOS, Doug's Grandma, Vienna Sausages, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-590YOUTUBE.COM
16 JunAI’s constant patching treadmill can be a security problemThe breakneck speed of model releases may be creating short, silent security gaps as developers must choose between performance and security, according to a new report. The post AI’s constant patching treadmill can be a security problem appeared first on CyberScoop .CYBERSCOOP.COM
🌐 CYBER THREAT LANDSCAPE 12[−]
16 JunDozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at riskSince late 2025, malware has been spreading rapidly through the Steam Workshop, the gaming platform's built-in service for players to create and share custom content. The attackers are primarily targeting gamers in China and Russia.SECURELIST.COM
16 JunWindows version of SprySOCKS Linux malware used to attack govt orgsWindows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. [...]BLEEPINGCOMPUTER.COM
16 JunChina-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based StealthCybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS," ESET said in a report shared with The Hacker New…THEHACKERNEWS.COM
16 JunNew Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet FundsSecurity researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they give an operator near-total control of an infected phone: it lifts lock-scre…THEHACKERNEWS.COM
16 JunRokarolla Trojan Combines Banking Fraud With Device SurveillanceRokarolla Android trojan steals banking logins and spies on victims while blocking fraud alertsINFOSECURITY-MAGAZINE.COM
16 JunSprySOCKS Backdoor Expands From Linux to WindowsChina-linked SprySOCKS backdoor gains stealthy Windows variants and 30-plus C2 commandsINFOSECURITY-MAGAZINE.COM
16 JunGhostTree Attack Abused Recursive Windows Junctions to Hide MalwareGhostTree uses recursive NTFS junctions to generate vast numbers of valid Windows file paths. Varonis explains how the technique could cause Microsoft Defender folder scans to never complete, leaving malware undetected. [...]BLEEPINGCOMPUTER.COM
16 JunRokarolla Android Trojan Levels Up to Full Device Control, PersistenceThe emerging malware, spread via fake TikTok and Chrome downloads, demonstrates an evolution by combining banking fraud with extensive device surveillance and remote control.DARKREADING.COM
16 JunClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update LuresCybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks involving BabaDeda Loader, obser…THEHACKERNEWS.COM
16 JunSprySOCKS Windows Variant Abuses Kernel Drivers to Evade DetectionFishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.DARKREADING.COM
16 JunNew Rokarolla Android malware targets 217 banking, crypto appsA new Android banking trojan named Rokarolla is targeting 217 banking and cryptocurrency applications using an extensive set of 137 commands. [...]BLEEPINGCOMPUTER.COM
16 JunFileless Phantom Stealer Targets Browser CredentialsIn addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques designed to frustrate detection.DARKREADING.COM
📡 INFOSEC NEWS 14[−]
16 JunUK to ban social media access for children under 16The ban will apply to all “user-to-user platforms, whose purpose is to enable social interaction and which allow users to post material, alongside algorithms,” according to a press release from the government’s Department for Science, Innovation and Technology.THERECORD.MEDIA
16 JunFBI Warns Courier Cash Pickups Are Driving Crypto ScamsThe FBI claims couriers are being used to circumvent bank transfers in crypto investment schemesINFOSECURITY-MAGAZINE.COM
16 JunDeepfake posting sites depicting famous women taken down by fedsThanks to Uncle Sam, anyone trying to find nonconsensual intimate deepfakes on CFake.com and SOCFake.com will be disappointed.MALWAREBYTES.COM
16 JunIndia orders temporary ban on Telegram over exam fraud concernsThe restrictions include a nationwide ban on Telegram until June 22 and a requirement to disable the app's message editing feature.TECHCRUNCH.COM
16 JunOver Two-Thirds of Security Pros Say Cyber Is Getting HarderISSA study finds most security professionals feel challenged by colleagues’ involvement in cyberINFOSECURITY-MAGAZINE.COM
16 Jun“Free World Cup stream” sites are serving scams, not footballWe found dozens of fake World Cup streaming sites using football as bait to funnel visitors through a malicious advertising network.MALWAREBYTES.COM
16 JunCardiac patients’ medical data stolen and held to ransomCardiac monitoring provider iRhythm has been hit by a data theft followed by an extortion attempt.MALWAREBYTES.COM
16 JunFTC warns of record $3.5 billion losses to imposter scams in 2025The U.S. Federal Trade Commission (FTC) warned that Americans lost $3.5 billion to imposter scams in 2025, with reported losses nearly tripling since 2020. [...]BLEEPINGCOMPUTER.COM
16 Jun‘Dangerous’ AI Models Are Coming No Matter WhatThe US government crackdown on Anthropic’s Claude Fable 5 and Mythos 5 hides a glaring truth: AI models with advanced hacking capabilities will soon be the norm.WIRED.COM
16 JunBug in FIFA World Cup internal system gave anyone ability to modify TV streamA security researcher said a flaw in FIFA’s online platforms allowed her to access several internal systems, including one that could have allowed her to take control of the TV stream of every World Cup match.TECHCRUNCH.COM
16 JunLeak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ SocietyMore than 200 of the world's elites registered for a retreat whose agenda runs from panels on cult-building and sex to prepping for World War III. An associated app offers matchmaking.WIRED.COM
16 JunMalicious JetBrains Marketplace plugins steal AI API keys from developersAt least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. [...]BLEEPINGCOMPUTER.COM
16 JunSecurity Community Slams US Ban on Exporting Mythos, FableAn open letter signed by dozens of security experts asked the government to reverse export restrictions on Anthropic's Claude Fable 5 and Mythos 5 models.DARKREADING.COM
16 JunApple plans to change its Hide My Email privacy feature that could make it less effectiveIn the coming weeks, Apple will move anonymously generated emails addresses to a different domain.TECHCRUNCH.COM