🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
23 JunCVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)The vulnerability
ISC.SANS.EDU
23 JunCVE-2026-42915 Microsoft Windows VMSwitch Denial of Service VulnerabilityUpdated an acknowledgement. This is an informational change only.MSRC.MICROSOFT.COM
23 JunCisco Unified CM flaw CVE-2026-20230 now exploited in attacksA high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
23 JunChange your cyber risk strategy to meet AI threats, Five Eyes countries warn CSOsCSOs must re-write their cyber risk strategies because threat actors are increasing using AI to evade defenses, says a group of national cybersecurity agencies – a call that one expert immediately complained is too vague to be of use. In its call to action on Monday , the group w…CSOONLINE.COM
23 JunFree, no-signup World Cup streams serve scams instead of footballResearchers at Malwarebytes identified dozens of websites claiming to offer free access to FIFA World Cup matches. Instead of streaming games, the sites directed visitors through a chain of advertising pages designed to generate revenue for their operators. Fake World Cup streami…HELPNETSECURITY.COM
23 JunA $1,400 experiment in AI security auditing outperformed OpenAI’s Codex SecurityA research team has built a system that teaches AI agents to hunt for software bugs by writing the audit method down as plain text. The system, called EVOHUNT, keeps the underlying AI model fixed and improves only an external “playbook” that tells the agent how to wor…HELPNETSECURITY.COM
23 JunResidential proxy SDKs are hiding in LG and Samsung smart TV appsSmart TVs in living rooms run small apps that show fish tanks, clocks, solitaire games, and slideshows of puppies. A share of those apps can also send other people’s internet traffic out through the home connection. Spur Intelligence scanned 6,038 apps across LG webOS and S…HELPNETSECURITY.COM
23 JunCybersecurity is no longer about protection. It’s about survival.For years, cybersecurity professionals have been repeating the same warning: Every company will eventually be breached. Fine. Let’s accept that. Then why do so many organizations still behave as if the near sole purpose of cybersecurity is to prevent the breach from ever happenin…CSOONLINE.COM
23 JunOpenAI wants AI to fix vulnerabilities, not just find themOpenAI expanded Daybreak, its cybersecurity initiative that combines AI models, Codex Security, security researchers, maintainers, industry partners, and access controls to support vulnerability discovery and remediation. Organizations can use the initiative to identify, validate…HELPNETSECURITY.COM
23 JunPhishing hides in routine Microsoft 365 workflowsAttackers are abusing Outlook Groups and Microsoft 365 collaboration features to make phishing campaigns appear routine, according to Fortra. “The technique shifts malicious intent away from a single phishing email into a trusted productivity workflow. A user may see what l…HELPNETSECURITY.COM
23 JunHow AI Is Reshaping Identity Security at the Infrastructure Layer - Ev Kontsevoy, Neha... - ASW #388Appsec has seen machine identities from daemons and processes to services, microservices, and cloud accounts. And now we have agents. Ev Kontsevoy talks about what it means to have engineers and agents interacting in an environment, and why a focus on actions can be more effectiv…YOUTUBE.COM
23 JunHack The Box adds crisis simulations and SOC training to strengthen cyber readinessHack The Box (HTB) has announced new capabilities to help security leaders gain greater visibility into skills, performance and operational readiness. As AI transforms cyberattacks and cybersecurity operations, HTB is expanding its cyber readiness platform to help organizations i…HELPNETSECURITY.COM
23 JunOpenAI rolls out AI-led push to fix open-source software flawsOpenAI has launched a program with cybersecurity firm Trail of Bits to use AI to find and fix vulnerabilities in widely used open-source software, as enterprises face growing risks from flaws buried deep in their software supply chains. The initiative, called Patch the Planet , u…CSOONLINE.COM
23 JunPutin’s Paramilitary 2.0Since its emergence in 2014, the Wagner Group operated as the Kremlin's shadow army, deploying mercenaries across Africa and the Middle East. It gave Vladimir Putin plausible deniability, expanding Moscow's geopolitical influence by propping up leaders through military assistance…THECYBERWIRE.COM
23 JunLastPass says customer data exposed in Klue supply chain breachLastPass has disclosed that customer contact and CRM data were exposed after attackers compromised Klue, a third-party market intelligence platform used by its go-to-market teams. According to a security advisory published by LastPass, the company was notified on June 12 about a …CYBERINSIDER.COM
23 JunFFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS AppliancesAttackers can send crafted media files to execute code in any application that uses FFmpeg’s libavcodec library. The post FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunUnpatched SharePoint servers opened the door to multiple attackers, Microsoft findsWhat began as a routine ransomware investigation uncovered two unrelated attackers operating inside the same victim network at the same time, each obscuring the other’s activity and complicating the response. The discovery emerged during a Microsoft Detection and Response Team (D…CSOONLINE.COM
23 JunWhat the Miasma campaign reveals about the new supply chain threat model and the underground market for developer credentialsA stolen session cookie sat in underground markets for seven weeks before attackers used it to poison 32 Red Hat packages in the npm software registry, an example of the industrial approach behind modern supply chain attacks. Key takeaways Miasma is a self-propagating npm worm de…TENABLE.COM
23 JunEight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel AttacksThe high-severity use-after-free vulnerability in Samsung's KNOX security framework affected Android-powered Galaxy devices from the S9 through S25. The post Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunAlgerian Man Extradited to US for Running Cybercrime Marketplaces26-year-old Abdellah Belmili faces up to 30 years in prison for allegedly operating the marketplaces Market0Day and Spoxy. The post Algerian Man Extradited to US for Running Cybercrime Marketplaces appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunLastPass confirms data breach in Klue supply chain attackLastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month. [...]BLEEPINGCOMPUTER.COM
23 JunUsing Reddit to manipulate AI search results is surprisingly easyA Reddit comment that takes only a few seconds to write can end up influencing the answers generated by AI research tools. A Cornell Tech study found that a short snippet of user-generated text, sometimes as little as 13 words, was enough to affect the output of deep-research age…HELPNETSECURITY.COM
23 JunGitHub Updates actions/checkout to Block Common Pwn Request Attack PatternsGitHub is moving to strengthen software supply chain security by updating "actions/checkout" to block pwn request attacks that exploit the risky use of the "pull_request_target workflow" trigger to run malicious code with the workflow's full privileges. Effective June 18, 2026, t…THEHACKERNEWS.COM
23 JunThe Exploit Doesn't Exist. You Can Still Prove It Works Against YouAttackers can now weaponize newly disclosed vulnerabilities far faster than most organizations can patch them. Picus Security explains how security teams can validate exploitability before a public exploit even exists. [...]BLEEPINGCOMPUTER.COM
23 JunFive Eyes allies warn of dangers posed by frontier AI models.Researchers publish a new analysis of FortiBleed. BootROM exploit can bypass Apple's SecureROM. Scattered Spider members plead guilty in the UK.THECYBERWIRE.COM
23 JunKlue investigating supply chain attack that targeted Salesforce integrationsCustomer data from several prominent cybersecurity firms was among that of hundreds of potential enterprise victims.CYBERSECURITYDIVE.COM
23 JunWhy SIEM is Moving Toward Unified Security Operations: Rapid7 Named a Major Player in IDC MarketScapeRapid7 has been named a Major Player in the IDC MarketScape: Worldwide SIEM 2026 Vendor Assessment (#US54126826, June 2026). This is the first IDC SIEM MarketScape to bring the enterprise and SMB markets into a single evaluation, and we believe it arrives at a time when the way t…RAPID7.COM
23 JunTrump sets post-quantum crypto deadlines, launches broader federal quantum initiativeUS President Donald Trump on Monday signed a pair of executive orders aimed at accelerating the federal government’s transition to post-quantum cryptography while expanding US investment in quantum technologies, establishing what the administration describes as a coordinated stra…CSOONLINE.COM
23 JunAll eyes on AI.Five Eyes warns AI could supercharge cyberattacks within months. Tata Electronics confirms breach as stolen data allegedly includes Apple and Tesla documents. Researchers publish new analysis of FortiBleed. Gizmodo breach exposes readers to ClickFix malware campaign. BootROM expl…THECYBERWIRE.COM
23 JunTuring, BODS, Struwwelpeter, EO-14409, VBScript, Pixemsmash, Cloudflare, Aaran Leylan - SWN #592Turing's Entscheidungsproblem, BODS, Struwwelpeter, EO-14409, VBScript, Pixemsmash, Cloudflare, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-592YOUTUBE.COM
23 JunScope of Salesforce Attacks Expands as Icarus Leaks DataMore victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.DARKREADING.COM
📢 SECURITY ADVISORIES 7[−]
23 JunTrump Signs Executive Order Accelerating Post-Quantum Cryptography MigrationFederal agencies are required to transition high-value assets and high-impact systems to use PQC by the end of 2030 and 2031. The post Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunOmada Identity Sovereign targets Europe’s growing digital sovereignty demandsOmada has introduced Omada Identity Sovereign, a new solution that enables organizations to take direct control over where and how their identity governance is deployed. The solution addresses the digital sovereignty requirements, including data, operational, and jurisdictional c…HELPNETSECURITY.COM
23 JunGIGABYTE confirms UEFI password bypass possible, calls it a design issueA security issue in the Microsoft Windows Recovery Environment (WinRE) could allow attackers to bypass administrator-configured UEFI or BIOS passwords on GIGABYTE motherboards, potentially undermining firmware security controls and enabling unauthorized access to data. The issue …CYBERINSIDER.COM
23 JunTrump Issues Executive Order to Fast-Track Post-Quantum MigrationAll US federal agencies will have to complete their post-quantum cryptography transition by 2031, according to a new Trump Executive OrderINFOSECURITY-MAGAZINE.COM
23 JunTrump Order Sets 2030 Deadline for Federal Post-Quantum Crypto MigrationPresident Trump signed an executive order on June 22 setting hard deadlines for federal agencies to move high-value assets and high-impact systems to post-quantum cryptography. Key establishment must move by December 31, 2030; digital signatures by December 31, 2031. EO…THEHACKERNEWS.COM
23 JunTrump directs federal agencies to protect US data from quantum threatsAn executive order signed Monday aims to accelerate the government's transition to post-quantum cryptography (PQC), a new generation of encryption designed to protect data from the powerful quantum computers expected in the future.THERECORD.MEDIA
23 JunThe post-quantum EO is an important milestone. Now it’s time to get to workThe new post-quantum executive order sets a 2030 migration deadline and establishes a powerful foundation for post-quantum resilience. We look at what it gets right, where it can go further, and our migration playbook for government and industry.CLOUDFLARE.COM
🔥 INCIDENT REPORTING 14[−]
23 JunXsolis Data Breach Affects 1.4 Million IndividualsThreat actors gained access to personal and protected health information that Xsolis received from its clients. The post Xsolis Data Breach Affects 1.4 Million Individuals appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunCanadian Electricity Provider London Hydro Discloses Data BreachHackers stole customers’ names, addresses, email addresses, phone numbers, and account information. The post Canadian Electricity Provider London Hydro Discloses Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunHackers steal passport and driver’s license data of 3 million TexansA breach at a Texas Parks and Wildlife Department vendor exposed personal information belonging to more than three million Texans.MALWAREBYTES.COM
23 JunTwo Scattered Spider hackers plead guilty over Transport for London cyberattackTwo members of the notorious hacker group Scattered Spider have pleaded guilty to charges related to a 2024 cyberattack on Transport for London (TfL) that resulted in £29 million in loss and recovery costs. Thalha Jubair, 20, from London, and Owen Flowers, 18, from Walsall, plead…HELPNETSECURITY.COM
23 JunAnthropic’s Fable 5 Model Jailbroken Within DaysFable 5 is the supposed safe version of Anthropic’s Mythos Preview, with guardrails to ensure that it can’t be used to create cyberattacks. Well, that restriction was bypassed within days.SCHNEIER.COM
23 JunTwo Scattered Spider members plead guilty over cyberattack that crippled London transitA 20-year-old and an 18-year-old admitted to infiltrating the network of Transport for London in 2024, disrupting public transportation services for months.THERECORD.MEDIA
23 JunPassword manager maker LastPass says hackers stole customer support case data during Klue breachThis is the second data breach to affect LastPass customers in recent years, after one of the password manager's tech partners was recently breached.TECHCRUNCH.COM
23 JunScattered Spider Hackers Plead Guilty on Day 1 of TrialTwo men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo were key members of a prolific cyber…KREBSONSECURITY.COM
23 JunTata Electronics confirms cybersecurity incident after World Leaks dumps Apple dataTata Electronics has confirmed that it recently experienced a cybersecurity incident after the World Leaks extortion group listed the company on its leak portal and published what it claims is stolen corporate data. The company says it detected the incident weeks ago and that its…CYBERINSIDER.COM
23 JunKlue says hackers stole credential from 2022 that led to customer data breachesIt's unclear why Klue had not revoked the credential after the limited pilot, which hackers then used to breach a system holding keys for accessing customers' data.TECHCRUNCH.COM
23 JunDialog Claims It Was Hacked. A Misconfigured Website Left Its Members ExposedThe private events group, cofounded by Peter Thiel, says a “criminal” hacker is behind a breach that exposed members’ personal details. WIRED found no evidence a break-in was needed to access the files.WIRED.COM
23 JunHealthtech firm Xolis suffers data breach impacting 1.4 million peopleHealthcare technology company Xsolis says that sensitive data belonging to nearly 1.4 million individuals was compromised in a phishing attack that gave attackers access to its network. [...]BLEEPINGCOMPUTER.COM
23 JunYour Breach Plan Is DelusionalCybersecurity teams often repeat the phrase: “It’s not if, it’s when.” But according to this conversation, many organizations still behave as if breaches are completely preventable. Budgets continue flowing into detection tools, dashboards, and perimeter defenses while resilience…YOUTUBE.COM
23 JunTata Electronics confirms cyberattack as hackers leak dataTata Electronics has confirmed in a statement to BleepingComputer that it was the target of a cyberattack that impacted parts of its IT infrastructure. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 22[−]
23 JunISC Stormcast For Tuesday, June 23rd, 2026 https://isc.sans.edu/podcastdetail/9982, (Tue, Jun 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 JunOnly 7% of companies are ready for the AI agents they deployedMost organizations now run or pilot AI agents that operate on company data with limited human direction at each step, a share that reaches 88% in Veeam Software’s Data and AI Trust Gap report. The systems that are supposed to keep an eye on them have not caught up. That gap…HELPNETSECURITY.COM
23 JunF5 launches AI Security Platform to uncover and secure shadow AIF5 has introduced the F5 AI Security Platform to give CISOs continuous visibility, governance, and protection across enterprise AI applications, models, agents, and the APIs connecting them. F5 also announced the acquisition of SurePath AI, as a key component in the launch of the…HELPNETSECURITY.COM
23 JunMavenir turns NOC knowledge into automation for autonomous networksMavenir has announced its Agentic Service Assurance Framework, a TM Forum IG1251/IG1453-aligned, multi-agent system that automates complex network operations across multiple domains without replacing existing systems. The framework pairs an Intent Orchestrator with a multi-layer …HELPNETSECURITY.COM
23 Jun50% of LG and Samsung smart TV apps embed residential proxiesThousands of smart TV applications available on LG and Samsung platforms contain software that turns devices into residential proxy nodes. Researchers at Spur Intelligence identified proxy SDKs in 2,058 of the 6,038 webOS and Tizen apps they analyzed. Spur's Trevor Sutter downloa…CYBERINSIDER.COM
23 JunRussian Initial Access Broker Behind FortiBleed CampaignUsing a custom sniffer, the threat actor has captured over 110 million credentials since at least February 2026. The post Russian Initial Access Broker Behind FortiBleed Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunGTA 6 early access offers are taking gamers’ cryptoScam websites are circulating across the internet with a pitch aimed at millions of gamers: a way to play Grand Theft Auto VI before its release. The pages promise early access for a few hundred dollars in cryptocurrency, ask buyers to enter a payment code, and claim the game wil…HELPNETSECURITY.COM
23 JunOpenAI Refocuses Cybersecurity Efforts on Patching Over DiscoveryOpenAI has expanded its Daybreak cybersecurity initiative with a new suite of tools and partnerships. The post OpenAI Refocuses Cybersecurity Efforts on Patching Over Discovery appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunCISO Conversations: Carl Froggett – Combining CISO and CIO at Deep InstinctCarl Froggett combines CISO and CIO. He currently occupies both positions at Deep Instinct. Before then, he was CISO at Citi for almost 17 years. The post CISO Conversations: Carl Froggett – Combining CISO and CIO at Deep Instinct appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunFortiBleed Attackers Turn Firewalls Into Credentials Stealers as Heist PersistsThe threat actors engineered a Golang-based sniffer to target 430,000 FortiGate firewalls and identify 110 million credentials in the ongoing global campaign.DARKREADING.COM
23 JunNew N-able feature gives IT teams visibility into AI usage across endpoints and networksN-able has announced the availability of Shadow AI Visibility across its Unified Endpoint Management (UEM) solutions, N‑central and N‑sight, and its Security Operations platform, Adlumin. The new capability helps organizations identify, classify, and monitor AI tool usage across …HELPNETSECURITY.COM
23 JunDragos unveils OT-native AI to help critical infrastructure teams prioritize threats fasterDragos has announced the release of EmberAI, an OT-native AI built on the Dragos Intelligence Fabric. EmberAI gives every analyst immediate access to Dragos’s OT-specific intelligence, gained from more than a decade of OT operations, activity, and expertise. Putting histori…HELPNETSECURITY.COM
23 JunSecurity Teams Must Become EngineersSecurity teams are becoming deeply technical because modern infrastructure complexity keeps increasing. In this clip, Ev explains why many organizations are restructuring cybersecurity around engineering instead of traditional IT operations. This changes more than job titles. Som…YOUTUBE.COM
23 JunAlgerian man charged with running two cybercrime marketplacesAbdellah Belmili allegedly ran two black-market websites selling stolen financial credentials and custom-built phishing kits targeting major American banks, federal prosecutors say. The post Algerian man charged with running two cybercrime marketplaces appeared first on CyberScoo…CYBERSCOOP.COM
23 JunWhat the Fortibleed campaign means for organizations running FortiGate firewallsA massive credential-harvesting campaign targeting FortiGate firewalls has exposed thousands of organizations to potential network compromise, and a trove of attacker tools, scripts, and credentials left inadvertently exposed on a server has given researchers an unusually detaile…HELPNETSECURITY.COM
23 JunTrump sets new deadlines for agencies and contractors to adopt post-quantum cryptographyThe president also launched new efforts to research the scientific benefits of quantum computers — and protect that research from adversaries.CYBERSECURITYDIVE.COM
23 JunLooming AI-fueled threats require urgent cybersecurity improvements, Five Eyes members sayThe intelligence-sharing alliance said advanced AI models will surpass expectations in a matter of months.CYBERSECURITYDIVE.COM
23 JunData Exposure Flaws Threaten Dify AI Platform Used by 1 Million AppsAttackers could abuse Dify's multi-tenant cloud service to read private chats, preview other tenants' documents, and reach internal APIs. The post Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunDragos Unveils AI for OT SecurityNamed EmberAI, the new capability is built on Dragos’ massive operational technology cybersecurity dataset. The post Dragos Unveils AI for OT Security appeared first on SecurityWeek .SECURITYWEEK.COM
23 JunJustice Department seizes infrastructure used by cyber scam and criminal marketplacelso Tuesday, the Treasury Department took action against the same Cambodian company, Huione Group, and affiliates. The post Justice Department seizes infrastructure used by cyber scam and criminal marketplace appeared first on CyberScoop .CYBERSCOOP.COM
23 JunAI Killed the 5-Year RoadmapTraditional identity and security programs were built around long planning cycles. In this clip, the speaker argues that agentic AI has broken that model because organizations can no longer reliably predict how systems and AI-driven workflows will evolve. Instead of static roadma…YOUTUBE.COM
23 JunOpenClaw’s Skill Marketplace and the Emerging AI Supply Chain ThreatUnit 42's analysis of ClawHub revealed evasive malicious skills bypassing automated scanners to deploy infostealers and execute agentic financial fraud. The post OpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
23 JunBeyond the Doomsday: Operational Resilience, Identity Sprawl, and Back-to-Basics Cyber DefenseThis special episode brings together top industry experts to dissect the rapidly shifting landscape of modern cyber threats, cloud technologies, and artificial intelligence. The conversation moves past standard industry hype to deliver practical frameworks for building true opera…THECYBERWIRE.COM
23 JunMalicious npm Packages Pose as PostCSS Tools to Deliver Windows RATCybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT). The list of identified packages, is below - aes-decode-runner-pro (145 downloads) postcss-minify-selector (256 downloads) postcss-min…THEHACKERNEWS.COM
23 JunInside the dark web: Stolen identities for 95¢, malware, and scams-for-hireWe spent 48 hours exploring the dark web and found stolen identities, malware, scams, and a thriving cybercrime economy.MALWAREBYTES.COM
23 JunNew macOS ClickFix attack silently mounts DMGs to push infostealerA new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from malicious disk image (DMG) files. [...]BLEEPINGCOMPUTER.COM
23 Jun'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer WorkflowsThe CI/CD workflow weakness affects Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache's Doris analytics database, Cloudflare's Workers SDK, and Python Software Foundation's Black.DARKREADING.COM
23 JunmacOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the SandboxDPRK-linked implant embeds 38 fabricated system messages that spoof an LLM triage harness, hiding a credential stealer and Telegram C2 underneath.SENTINELONE.COM
📡 INFOSEC NEWS 21[−]
23 JunOpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security FlawsOpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative, the artificial intelligence (AI) company announced last month. Calling GPT‑5.5‑Cyber its "strongest model yet for finding and helping patch…THEHACKERNEWS.COM
23 JunWhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM ToolDirect messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate Remote Monitoring and Management (RMM) software. Per findings from Kaspersky, the active campaign is targeting users of WhatsA…THEHACKERNEWS.COM
23 JunFive Eyes Group Issues Urgent Call to Tackle Frontier AI ThreatsThe Five Eyes Alliance has published a rare call to action for organizations facing AI threatsINFOSECURITY-MAGAZINE.COM
23 JunGTA 6 early access is nothing but a scamNo matter what a website claims, nobody is selling legitimate GTA 6 early access. And scammers are counting on fans believing otherwise.MALWAREBYTES.COM
23 JunScattered Spider Teens Convicted of TfL Cyber-AttackTwo young British men have pleaded guilty to hacking Transport for London as part of a Scattered Spider plotINFOSECURITY-MAGAZINE.COM
23 JunAgentic AI: The Weapon That No Longer Needs a WarriorEvery weapon begins as an extension of the hand that holds it. The spear lengthened the reach of the arm. The bow sent the point flying without the throw. The rifle placed a man's death a quarter mile beyond his sight, and the aircraft carried that death across oceans. At each tu…THEHACKERNEWS.COM
23 JunHacker hijacks Brazil’s national alert system, sending “misanthropy” to millions of phonesEmergency alert systems work because people believe them. Every time one of these systems issues a false alert - whether through negligence or a deliberate attack - trust erodes. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
23 JunGTA 6 Scams Emerge as Pre-Orders OpenCybercriminals launch fake GTA 6 pre-order sites offering early access for crypto paymentsINFOSECURITY-MAGAZINE.COM
23 JunWebinar: Why email security teams are drowning in alertsPhishing, BEC, and account takeover attacks continue to overwhelm security teams with alerts and investigations. This webinar explores how behavioral AI can help automate detection and response workflows, reducing alert fatigue and improving operational efficiency. [...]BLEEPINGCOMPUTER.COM
23 JunMeta pauses controversial employee-tracking program after security reviewMeta has paused its controversial employee-tracking program. Unfortunately, employee privacy wasn't what stopped it.MALWAREBYTES.COM
23 JunSocGholish Takedown Highlights Malicious TDS ThreatsSocGholish uses traffic distribution systems (TDSs) to provide initial access into victims' networks for cybercrime groups such as the notorious Evil Corp.DARKREADING.COM
23 JunAI Threat Readiness Pillar 4: Detect and contain threats in real-timeYour guide to operationalizing AI-powered threat detection and response with Wiz to stay ahead of AI-driven attackers.WIZ.IO
23 JunLookalike npm Package Hides a Multi-Stage Windows RATJFrog found an npm package impersonating postcss-selector-parser to drop a multi-stage Windows RATINFOSECURITY-MAGAZINE.COM
23 JunOpenAI Expands Daybreak to Help Defenders Patch FlawsOpenAI expanded Daybreak with a full GPT-5.5-Cyber release to help defenders patch software flawsINFOSECURITY-MAGAZINE.COM
23 JunCompromise kids online safety bill unveiled by House leaders, with key omissionThe so-called duty of care provision that was excluded would have mandated that online platforms take reasonable measures to prevent specific harms such as suicidal ideation, eating disorders and cyberbullying by changing algorithm and design features.THERECORD.MEDIA
23 JunScattered Spider members plead guilty to hacking Transport for LondonTwo members of the 'Scattered Spider' cybercrime group pleaded guilty to hacking the Transport for London (TfL) systems in 2024. [...]BLEEPINGCOMPUTER.COM
23 JunFake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 AgentsSecurity firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, including some on corporate accounts. Every skill security scanner the firm tested it against marked it safe. The…THEHACKERNEWS.COM
23 JunFive Eyes agencies sound alarm about AI’s threat to cybersecurity"The timeline is not years, it is months,” the nations of the Five Eyes intelligence alliance said in a joint alert about the cybersecurity concerns of artificial intelligence.THERECORD.MEDIA
23 JunFeds seize alleged cyber-scam infrastructure connected to Southeast Asian companyThe Department of Justice announced the “seizure of a cloud computing account” used by subsidiaries of the Huione Group, a conglomerate severed from the U.S. financial system last year.THERECORD.MEDIA
23 JunFortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting OperationA Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting operation known as FortiBleed that has targeted over 430,000 FortiGate firewalls globally. The campaign, active since February 2026, involves colle…THEHACKERNEWS.COM
23 JunWindows 11 KB5095093 update rolls out new Point-in-Time restore featureMicrosoft has released the KB5095093 preview cumulative update for Windows 11 24H2 and 25H2, which fixes numerous bugs and begins rolling out new features, including the new Point-in-Time restore feature. [...]BLEEPINGCOMPUTER.COM