{"total":50,"limit":50,"offset":0,"items":[{"id":179,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/hijacked-npm-and-go-packages-use-vs.html","title":"Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer","summary":"Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts.\n\n\"This attack avoids the most common npm execution paths through lifecycle scripts, perhaps in an attempt to remain 'compatible' with npm v12's security hardenings,\" JFrog said in a","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBjmO4haWCgXfALMAtSHKJXRWIlLfYqulkKflfK-3BSYON-8A4MjUNoZRxOyaLGc-4Bsj1eIfGDhdpJuKZrJORz4HZHx5iM7lj0-VlehqqZ6kaq5_ZWP08MviAchtNF1XORD_Fps-IWderGKNM18TT-Jgh_0LRFULqdMeOfv_FKDd8oWmHmv-iR1-_7XZP/s1600/gogo.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-29T05:36:06Z","fetched_at":"2026-06-29T06:12:31.697100Z","trending_score":null,"cve_ids":[]},{"id":128,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/data-breach-exposes-up-to-142-million-email-logins-at-six-isps/","title":"Data breach exposes up to 14.2 million email logins at six ISPs","summary":"Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-28T14:13:46Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":143,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/ukraine-says-russian-intelligence-used.html","title":"Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials","summary":"The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in Ukraine, Europe, and the U.S.\n\nThe systematic cyber attacks aimed at stealing sensitive","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL9wu_kGShq1lDTiDFjL3VdxF51l9aXdtW8vfE6Z0f3nLKXnr3WctY8jw3INV7FcO0FmLzv_EVCkfmsC4AmEaPih-SD_c24f8R_MJjjNT8OBdd6SuwVECGV3VdxnMDBs7ULHaVBFPPGkZZcruUhMcbmYE-RQu-QTZfn7rEWltSSSdFLhJeZKIZy4jZzl7L/s1600/cyberattack.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-27T17:27:11Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":129,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/clean-github-repo-tricks-ai-coding-agents-into-running-malware/","title":"Clean GitHub repo tricks AI coding agents into running malware","summary":"An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-27T14:22:36Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":144,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/openai-limits-gpt-56-rollout-as-sol.html","title":"OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards","summary":"OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government.\n\nWhile Sol is the latest flagship model and the most powerful, Terra strikes a balance between efficiency and power, and Luna is fine-tuned for speed and affordability.\n\n\"GPT‑5.6 Sol launches with our most","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiweorWxmIvPG8uskOe44fLur9F5OJvqVdFLV1ejFqQozXruk70nzMhRaY58n4BuMhW1sbsdSvhTrlSxM8U5SLwPdaeRWNi4eQMUjEsFgmGV-37gTdnqk1NXLT4Ixadu4sq_pm0l_HVzuGHaIgcDnV_y092aZ1gCKkZ6lh2bp24PUBUfgsCSgvjlZiKRLMH/s1600/gpt.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-27T12:19:37Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":163,"source":"Dark Reading","url":"https://www.darkreading.com/cyber-risk/third-party-breaches-teaches-education-lesson-vendor-risk","title":"Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk","summary":"Rising threats from third-party actors are forcing institutions to play defense to protect student data from ransomware and other attacks.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2feed32bad3a1e85/6781341c966e6945d6fe1118/Education_(1800)_Aleksei_Gorodenkov_Alamy.jpg?width=720&quality=80&disable=upscale","author":"Bree Fowler","published_at":"2026-06-27T11:48:05Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":130,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/fbi-russian-hackers-now-target-signal-backup-recovery-keys/","title":"FBI: Russian hackers now target Signal backup recovery keys","summary":"The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recovery Keys, allowing attackers to access victims' historical messages. [...]","thumbnail_url":null,"author":"Lawrence Abrams","published_at":"2026-06-26T22:06:17Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":131,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/cisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks/","title":"CISA sets urgent deadline to fix Cisco flaw exploited in attacks","summary":"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a vulnerability in Cisco Unified Communications Manager Server that is being actively exploited. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-26T19:43:06Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":145,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/fbi-warns-russian-intelligence-hackers.html","title":"FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys","summary":"The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key.\n\nHand it over once, and the attacker can restore the account's backup, read the private and group message history, and take over the account. Worse, the key keeps working.","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjt2-y25_EiB31BmVQQpt9ne8mH9iPOJpYJmItVSIKGexUBmKRwzNSvDYzbVyRm9xxR6H0rE880CTv3QTblUdJgkRh2EoXqYGJ9wwOq-cOktE6iIvI0fZdeuxf8gTmdEpStuzq5CywuWYEjb32JqfwIznRc6YtDK_V5dFH1bcx2EoqvQ1Koieo4g7QDKA/s1600/signal-phishing.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T19:38:29Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":164,"source":"Dark Reading","url":"https://www.darkreading.com/cybersecurity-operations/ai-decline-confidence-autonomous-penetration-testing","title":"AI Decline? Confidence in Autonomous Penetration Testing Falls","summary":"Companies are still experimenting with automated AI systems to find security weaknesses, but fewer are relying on the technology.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9cecfe428e15238b/6a3ea2dc74904e0996378e9c/collection-of-interlocking-gears-Asmaulna-shutterstock.jpg?width=720&quality=80&disable=upscale","author":"Robert Lemos","published_at":"2026-06-26T19:11:02Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":146,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/new-sharkloader-malware-deploys-cobalt.html","title":"New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks","summary":"A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts.\n\nKaspersky, which is tracking the activity under the moniker StrikeShark, said the campaign has targeted a diplomatic organization in Indonesia, government organizations in Taiwan,","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsnAZNjHSEX7UtabbKNVn68uohH8pK5LKuU2CgckZTJowWHxYmEjx9ROquO9tFsThy-3_759_ko2TQEX4Wm3PI1Y-opfzyeAzW8Tni0-gz2YMtPMln9XQRzcKq1mviZSTW7MNShxVRhbuUXBSuNGTNStlwj_NCfFsyrptpXvkLNt5CUfARwENz0IshNDma/s1600/shark.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T18:17:46Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":132,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/polymarket-customers-lose-3-million-in-supply-chain-attack/","title":"Polymarket customers lose $3 million in supply-chain attack","summary":"Polymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform's frontend following a breach at a third-party vendor. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-26T18:04:12Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":133,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/cybersecurity-firms-targeted-by-fraudulent-openai-organization-invites/","title":"Cybersecurity firms targeted by fraudulent OpenAI organization invites","summary":"Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects. [...]","thumbnail_url":null,"author":"Lawrence Abrams","published_at":"2026-06-26T17:49:07Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":165,"source":"Dark Reading","url":"https://www.darkreading.com/identity-access-management-security/cisco-adds-nhi-security-stack-with-astrix-widefield","title":"Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions","summary":"Cisco joins a growing list of security platform providers that are betting that securing the agentic workforce means turning identity into the primary control plane.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltf5ae2981cb5cbc98/67a6074e7dd6537daef9a0fa/robot-army-laurent-davoust-alamy.jpg?width=720&quality=80&disable=upscale","author":"Jeffrey Schwartz","published_at":"2026-06-26T17:31:04Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":166,"source":"Dark Reading","url":"https://www.darkreading.com/application-security/initiative-tackles-security-end-of-life-open-source","title":"New Initiative Tackles Security for End-of-Life Open Source Software","summary":"The Open Source Sustainability Initiative's goal is to help enterprises manage and secure aging open source projects while maintaining regulatory compliance.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltb28e347d4c1f6e89/678529a3a527d254da4ed749/open_source_(1800)_Wavebreakmedia_Ltd_FUS1407_Alamy.jpg?width=720&quality=80&disable=upscale","author":"Arielle Waldman","published_at":"2026-06-26T16:32:30Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":147,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/chinese-speaking-apt-deploys-new.html","title":"Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign","summary":"A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia.\n\nThe activity, particularly aimed at state-owned enterprises in the energy and government sectors, has been attributed to a threat actor called CL-STA-1062, which Palo Alto Networks","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHsYcZgd4WIkN0k-b4_j7JxBgi0R0dzj0jSwSWVgItyIy88VoZK5z8BAiwjmYnou7YLrNuckCgQvnHXV2KYHoNS8WRZbjU1MP5HqvLKkIakvRVuJio7oZeUbi1XsgQVmJ-cDKKWeOzgGouUAzUtJrFRu8CtPQJG-eXCy7aSOx_fyCvGK2tRl12tBbPG7YC/s1600/tinyrct.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T16:21:25Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":167,"source":"Dark Reading","url":"https://www.darkreading.com/cybersecurity-operations/ai-wont-wipe-out-entry-level-cybersecurity-jobs","title":"AI Won't Wipe-Out Entry-Level Cybersecurity Jobs","summary":"Instead of eliminating jobs for early-career cyber pros, AI is creating new opportunities for candidates with strong human decision-making skills.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blta84710e2a296fb51/6a3d8492c8bfcb045af470b0/Graduates_Getty.jpg?width=720&quality=80&disable=upscale","author":"Jon France","published_at":"2026-06-26T16:00:00Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":134,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/your-first-grc-agent-a-red-teamers-walkthrough/","title":"Your First GRC Agent: A Red Teamer's Walkthrough","summary":"AI won't replace GRC analysts, but it can eliminate much of the repetitive work they do. Anecdotes walks through building an agent that continuously monitors controls, identifies evidence gaps, and opens remediation tasks. [...]","thumbnail_url":null,"author":"Sponsored by Anecdotes","published_at":"2026-06-26T14:01:11Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":148,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/new-linux-pedit-cow-exploit-enables.html","title":"New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries","summary":"A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems.\n\nCVE-2026-46331, nicknamed \"pedit COW,\" is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw as","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBWN46D03nuGH8FWFxZD7Ax6T3Wvmf5bt3WrqjghU6ZJU65L6pfoPjt2fVw4-dGXfyEx8fkygfYUftIDlMpPaRcegTEH6eL58nSyiFvbbg5A0GxtFTIhwQUIj16DF-vIqiH2B6jnC7C3DebkJja3v6ayIjOF-eY5DoDL9qef319S3m4ny2lnodtc1WeE59/s1600/linux-cow.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T13:57:55Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":["CVE-2026-46331"]},{"id":149,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/amazon-q-developer-flaw-could-let.html","title":"Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs","summary":"A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it.\n\nTracked as CVE-2026-12957 (CVSS 8.5), the bug sat in how Amazon's AI coding assistant handled Model Context Protocol (MCP) servers.\n\nWiz","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEig3gygt20RdznayWN2yru6wSgNt8CSdr16F8I-naxtPn837cr6v0uV0bXdhz36P1XYrpnjmzDXTAtH0wa43Me8rqD2hvET-xQP0ndoX-ddXsypZCjSSNJUqmfl69g96R6yMiUqgXE_NGAL8bl2z6lYutrgKiY74tNIafz_xRsNsJQSB9s_9lSHiybX2kQ/s1600/aws.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T13:53:00Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":["CVE-2026-12957"]},{"id":168,"source":"Dark Reading","url":"https://www.darkreading.com/cybersecurity-operations/meeting-2030-quantum-deadline-expensive-complex","title":"Meeting Trump's 2030 Quantum Deadline Will be Expensive, Complex","summary":"Getting accurate visibility into IT and OT systems will be compounded by multivendor environments, misaligned update life cycles, and interoperability gaps.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3f96ce16a435deca/6a3d55be62f12d27e415ed3c/quantum_computer-Peter_Hansen-getty-2214879776.jpg?width=720&quality=80&disable=upscale","author":"Alexander Culafi","published_at":"2026-06-26T13:30:00Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":169,"source":"Dark Reading","url":"https://www.darkreading.com/cybersecurity-operations/submissions-guidelines-reminder","title":"Thanks for Crushing the Submissions Inbox. We're Trying to Keep Up","summary":"It might be taking a bit longer than usual to respond to your submissions — here's why.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltb0a7aff0c7827ded/6a3c70cdfc46ad1f4754589e/kitten_hanging_on_rope_oksun70_Getty.jpg?width=720&quality=80&disable=upscale","author":"Becky Bracken","published_at":"2026-06-26T13:00:00Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":150,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/cisa-adds-exploited-ptc-windchill-rce.html","title":"CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue","summary":"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\n\nThe vulnerability in question is","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzGOpsiL9b-uwhocEgzazTFR251KJL6pnZAVCmzty7Nx0uR-vZ9r2-WP95IrRaKJtFoUxmBFbqrkt31Yn2MTmD0bZAaPFTlmDfHxRURuWSsRzeTWHmyZF93QR94AOrSkbLnBYEQtVGJxI5VlRinwq8cLnEVCmGWk6wCnL1zpW_LbbZ-3-yTSdAmZ-0tqO6/s1600/ptc.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T12:31:56Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":151,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/new-dirtyclone-linux-kernel-flaw-lets.html","title":"New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets","summary":"DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant.\n\nTracked as CVE-2026-43503 (CVSS 8.8), it lets a local user corrupt file-backed memory through a cloned network packet and gain root. The patch landed in","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidrcFiZh5KSQ9sYpF7Fafoy8kYny6olyD5WlY_oaAdYt0krMeOL8eNiTItqYmEmJ55wueKdZJlhIKMun7kwQR8AbbFPKTw0Nv-qJbPiaKA1n2J1rUHBV3YuRmdJHQpOTlsKctFMXoO8ogpgHC8rXls3FGamF7p7K1gxc-7dmU2va58Es1c40FV8AZFR-w/s1600/dirtyclone.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T11:51:35Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":["CVE-2026-43503"]},{"id":152,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/guardian-agents-next-layer-of-identity.html","title":"Guardian Agents: The Next Layer of Identity Governance","summary":"AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn't designed for autonomous actors, and the gap between what enterprises are deploying and what their governance programs actually cover is widening fast. This guide breaks","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiySQAlgg9_uk-lgoIhvKGoXnx274-L4HUyTdvRdDTEabD2GvfR6LY81pn8p-Vo1mSdb_ycPyUyilvhlpWRYRlb9nulwVW1MCIkZABPd-KelEYK9NAqh_tefhmTmPeDkU9D7LQqW1Yfk0rAMbK1S9-q2CVCDgDk3uu5AQOT_hcnkYKRsD169PeWiwqTq4g/s1600/guardian-agents.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T11:30:00Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":153,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/miasma-malware-targets-npm-packages-and.html","title":"Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack","summary":"Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem.\n\n\"The latest activity includes malicious npm releases affecting LeoPlatform and RStreams packages, GitHub Actions workflow abuse, and a related Go","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhatZ2Vkvxd086INLXiuhbRJrli5Ao9hoNajbVq-Xr0HVAS70cCzhRBfM78KEusnBPI1sXyAK5tYrKt55U5mTIXCQDAmBzY2e860qtXo4YAlvAnVWHDV3DddKUML1q1g71h97Ke1i-714gv5SaVW9lmaFNtRda5XP1kc20urtc-HzlX5JXwkQv0g_-1VwC3/s1600/Miasma.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T11:05:45Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":154,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/microsoft-warns-of-photo-zip-phishing.html","title":"Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant","summary":"An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP files to drop a Node.js implant and dig into front-desk machines, Microsoft says.\n\nThe company has not attributed the activity to a known threat actor, and the operators' end goal is still unclear.\n\nThe lure plays to how hotels work.","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWYWOSDRBtv65eOzqdHSuOxXN7BWyBo1EAltLLUTTKGt68GYJ67zn9ixdKIQjTPCgE3P1o09UzrwXzvbopRZIhjN0LxYAZR06WaXOd116NQutGo1zLaceeob3nkuIHCeP6ZhlVp1yVOfc7dt-YZKFhEJJiPF8H5P03bc1ny0E3mi7jbIhqh7wqodC_zKE/s1600/hotel-photo-zip.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T09:27:12Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":155,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/russia-used-cellebrite-on-jailed.html","title":"Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff","summary":"Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus.\n\nThe finding, published June 25 by the Citizen Lab, rests on two things that rarely line up: traces on the phone itself and an official Russian","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBSVw_gpnELsdqj1fhZXQ6Jm-ycv8RsT1-Q7vfNeyj0_Sd-keBXqrAA9w7Vz8qt0tKM3yXkVPknx8FtRKBGBShrelNUIlZbkoUDdDz4MEeWbStRxJt5ggHFA2LFTv5Lc2g-1VC9L7-HGtWY_8VZMTInbZrXa0UY_oZsu2GUeFDH8VsHnUekF4m64OET3U/s1600/iphone-hack.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T08:49:35Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":156,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/google-details-turlas-new-stockstay.html","title":"Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks","summary":"The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy.\n\nDescribing the Windows backdoor as continually developed by the hacking group, Google Threat Intelligence Group (","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9SthtlfUvEkaX0iZanYdYTAOV5hgm44yCwHu_3GCaoa11rO-GkO9oc0_qN9JGw2n86dsEsN_sdaYt2ra_4I_dQ57ja0kiUeYtkg1eY8ZJtu45oKtN-TqWLdKudnJPFQQFGPReCfu1xcfHGgfqgtLe8zyFlEoMnO2AwnsEsosf9LCZS9gJHq58Q8OcPlWP/s1600/STOCKSTAY.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-26T07:15:46Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":135,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/artificial-intelligence/anthropic-is-testing-desktop-like-claude-cowork-for-mobile/","title":"Anthropic is testing desktop-like Claude Cowork for mobile","summary":"Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. [...]","thumbnail_url":null,"author":"Mayank Parmar","published_at":"2026-06-25T22:53:32Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":170,"source":"Dark Reading","url":"https://www.darkreading.com/application-security/robinhood-reengineered-access-approvals-for-high-velocity-development","title":"Robinhood Cuts Access Approval Time to Support High-Velocity Development","summary":"The fintech company's engineering-first application security team reengineered the process for granting system access, making it easier and more secure for developers working on their projects. Here are the lessons learned from Robinhood's experience.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt702a5bf42e4e4366/64f171e1523617b5bc948dac/office-workshop-Dzianis_Apolka-Alamy.jpg?width=720&quality=80&disable=upscale","author":"Ericka Chickowski","published_at":"2026-06-25T22:42:36Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":136,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/poland-busts-sim-swapping-gang-tied-to-millions-in-crypto-theft/","title":"Poland busts SIM-swapping gang tied to millions in crypto theft","summary":"Authorities in Poland have arrested four members of an organized cybercrime group accused of breaching telecommunications partners and hijacking email accounts to carry out SIM-swapping attacks. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-25T22:37:42Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":171,"source":"Dark Reading","url":"https://www.darkreading.com/cyberattacks-data-breaches/less-than-24-hours-attackers-weaponize-cisco-cucm-flaw","title":"In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw","summary":"The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified CM SME deployments.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltfdd5607b561f0591/6a3d9511d5c6b885ac175e9e/cisco_Sergiy_Palamarchuk_shutterstock.jpg?width=720&quality=80&disable=upscale","author":"Jai Vijayan","published_at":"2026-06-25T21:54:34Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":172,"source":"Dark Reading","url":"https://www.darkreading.com/threat-intelligence/russia-apt-gamaredon-arsenal-defense","title":"Russian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses","summary":"The FSB state-sponsored operation has gotten a lot better at loading its malware and hiding its servers.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltd750a2c59eb07ea7/6a3d78c6918bcf634cc30013/Russia_Ukraine-Gwengoat-Alamy.jpg?width=720&quality=80&disable=upscale","author":"Nate Nelson","published_at":"2026-06-25T21:12:01Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":173,"source":"Dark Reading","url":"https://www.darkreading.com/cyberattacks-data-breaches/edtech-attackers-shift-schools-software-suppliers","title":"EdTech Attackers Shift From Schools to Their Software Suppliers","summary":"Educational institutions, the edtech companies they rely on, and, more concerningly, the challenges they pose for schools are the focus of the latest Reporters' Notebook video series.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltaf3f5c478af04e8e/64f15f8a4aa0fc4337f57a56/school_data_.jpg?width=720&quality=80&disable=upscale","author":"Arielle Waldman","published_at":"2026-06-25T20:34:14Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":137,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/order-tracking-app-shop-abused-to-push-callback-phishing-attacks/","title":"Order-tracking app Shop abused to push callback phishing attacks","summary":"Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories to trick them into providing sensitive data or installing remote access software. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-25T19:45:48Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":174,"source":"Dark Reading","url":"https://www.darkreading.com/threat-intelligence/police-collusion-crackdown-asian-scam-centers","title":"Local Police Collusion Hampers Crackdown on Asian Scam Centers","summary":"With tens of billions of dollars flowing into regional economies from cybercrime, scam centers continue to flourish, despite international and law-enforcement efforts.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt721fdc64be81c12c/6a3c4c65fdbe062a481b8a46/scam-compound-T01c-SEZ-Amnesty_International.jpg?width=720&quality=80&disable=upscale","author":"Robert Lemos","published_at":"2026-06-25T19:07:41Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":138,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/microsoft/microsoft-quietly-extends-free-windows-10-esu-support-to-october-2027/","title":"Microsoft quietly extends free Windows 10 ESU support to October 2027","summary":"Microsoft has quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to continue receiving security updates until October 12, 2027. [...]","thumbnail_url":null,"author":"Lawrence Abrams","published_at":"2026-06-25T18:29:20Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":139,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/new-macos-malware-embeds-fake-errors-to-confuse-ai-analysis-tools/","title":"New macOS malware embeds fake errors to confuse AI analysis tools","summary":"A newly discovered macOS malware dubbed \"Gaslight\" is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable. [...]","thumbnail_url":null,"author":"Lawrence Abrams","published_at":"2026-06-25T16:23:19Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":140,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/pirlotv-sports-piracy-network-disrupted-as-44-domains-seized/","title":"PirloTV sports piracy network disrupted as 44 domains seized","summary":"A major sports piracy ring linked to the illegal PirloTV streaming platform has been disrupted in an action that targeted 44 domains. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-25T15:36:56Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":141,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/bluekit-phishing-kit-adopts-browser-in-the-middle-for-login-theft/","title":"Bluekit phishing kit adopts browser-in-the-middle for login theft","summary":"The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and by adding browser-in-the-middle capabilities for improved data theft. [...]","thumbnail_url":null,"author":"Bill Toulas","published_at":"2026-06-25T15:00:00Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":157,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/chrome-ad-blocker-with-10m-installs.html","title":"Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability","summary":"An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code.\n\nAccording to Island, the extension, named Adblock for YouTube (ID: cmedhionkhpnakcndndgjdbohmhepckk), has more than 10 million installs and carries a Featured badge on the Chrome Web Store.\n\nThe extension description states that it allows users to prevent web","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqtdBDQ0Y38i0JZmDwU6XKiZ1R6HJ0KHe59012E0krnPubG5pJgiTg6IUg4fHEzoW5jm7QyEk8fXOL9swj7FlpXdMcjyn0ltziMhQJD2pYPtzjXimsntV8DFg-c1erOgWkLl8du8eBvJYlukTCDDycp5jSmWNfwmv5WwGKlJRJvZt1GvUZZl24dP2HVDkn/s1600/adblocker.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-25T14:12:52Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":142,"source":"BleepingComputer","url":"https://www.bleepingcomputer.com/news/security/the-four-elevations-of-effective-fraud-prevention/","title":"The Four Elevations of Effective Fraud Prevention","summary":"Fraudsters don't attack just one transaction. They target accounts, platforms, and entire ecosystems. IPQS explains the four elevations of fraud prevention and why broader visibility improves fraud detection. [...]","thumbnail_url":null,"author":"Sponsored by IPQS","published_at":"2026-06-25T14:01:11Z","fetched_at":"2026-06-29T03:15:31.279125Z","trending_score":null,"cve_ids":[]},{"id":158,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/threatsday-bulletin-smart-tv-proxyware.html","title":"ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories","summary":"It’s dumb out there again.\n\nThis week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old creds still working, trusted apps doing sketchy crap, browser tricks jumping the fence, and “normal” workflows turning into phishing pipes because apparently email was not enough hell already.\n\nThe worst part is how cheap some of it feels. Not elite. Not cinematic.","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO1f6pZmhVaPQd2FjrrAG-IbL0vMk7zHVZ6BqjzkzJS8qd7HlAtIJ-7chRUbqR7tZHPNqdZFbm0QL9O03mkW7YsOh0pVwW1_ogikaoxNX8dFd5-ZB4SwB7-tfpWmp9Hr22DJL6tzZgTdeFnCU4VwaZXSY_htGs2_xlaB8n0EOedrfe7wHuI30GXTF6Pofc/s1600/threatsday-june.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-25T12:24:43Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":159,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/surviving-mythos-era-richard-bejtlich.html","title":"Surviving the Mythos Era: Richard Bejtlich on the Case for NDR","summary":"Despite the abundance of telemetry at analysts’ disposal, many security operations teams struggle to answer a few basic questions during incident investigation: What happened? What evidence do we have? How do we know we’re seeing it all, in context?\n\nAnswering these questions requires teams to go beyond alerts, the most common basis for initial triage. But investigations (and their outcomes)","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGC4Kd3HcSGw5TQ1GQNwgQST4imnVTlHZ4yW1dDr_kwUksDH1MHmlPUMzW8LhePZZTM1HszkIQwL8Ggm-cxlXRRMbUdcXbXfQ57FUfzbN4yj1OimJJxQy0XokmSC-lVr4XyFM5b3LqVQ8hMDIqr34xQXHpD0q8FnuR50Rdg19jXFC9xKKtn3Yap5BQhZg/s1600/corelight.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-25T11:17:31Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":175,"source":"Dark Reading","url":"https://www.darkreading.com/cybersecurity-analytics/europe-evolves-ransomware-favorite-region","title":"Europe Evolves Into Ransomware's Favorite Region","summary":"After a global lull, ransomware gangs are setting sights on a rich new arena: attacking EU organizations and their suppliers.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7ef4b56117367b12/6a39ffe932b8b46be16e5a3d/Europe-imaginima-Getty.jpg?width=720&quality=80&disable=upscale","author":"Nate Nelson","published_at":"2026-06-25T10:00:00Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]},{"id":160,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/new-gaslight-macos-malware-uses-prompt.html","title":"New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis","summary":"A previously undocumented Rust-based macOS implant and information stealer has been found to embed a prompt injection payload designed to trick a malware analyst's artificial intelligence (AI) tools and trick it into aborting or refusing an analysis of the artifact.\n\nThe malware has been codenamed Gaslight owing to this deceptive behavior. It's been assessed with high confidence that the tool is","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbTrOy7FP80AfVcwyuiLtJx1T9YECQ6fxHaelQKUn3MNwSV9P3tiVq4_-pOB-gmU3lF9GpWnc5ebVSAbp0MZMZpHHZkdpTK_HX40hfg3KbusQS5bD0kRYjYVyRzffkUpWBsblvGULiZnnOj6e0NF-dg49It3Wn8p9WqD2TNEz0ruG1XrnqCckAXqsDAOTn/s1600/ai-full-disk.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-25T09:23:03Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":161,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/new-mistic-backdoor-linked-to-kongtuke.html","title":"New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns","summary":"A new, stealthy backdoor named Mistic has been deployed as part of suspected financially motivated attacks aimed at multiple organizations spanning insurance, education, IT, and professional services sectors since April 2026.\n\nAccording to Symantec and Carbon Black's Threat Hunter Team, the backdoor, also tracked as MLTBackdoor, is said to be linked to an initial access broker (IAB) named","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhC1-4l_iOC19z96Q7C7O_dZSKwEvMnMLhHyb7kpt2rpOzQmn3gKpz6_BaZmSpzgvyhTJf8BBQmBTx0Nvymxk1vfO5O5bE0nNGbYPHAcb5F8ZF_WjTyQe4AXSK71q6fESS9i5Rdpcfzt6ULab7eo21OZKRCYlqwU7G97mF4-AeVVANlT4YIbigdYxUJkwfy/s1600/clickattack.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-25T08:54:37Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":[]},{"id":162,"source":"The Hacker News","url":"https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html","title":"Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access","summary":"An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant.\n\nThe vulnerability, tracked as CVE-2026-20245 (CVSS score: 7.8), allows an authenticated, local attacker to execute arbitrary commands with elevated privileges","thumbnail_url":"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3UeGaI_Ej8KFu7-vQHTOuoohYdx04xIdI3W2B6JjCdaTSR6m-y1PAZ-aes-tH9nxtPGO2sFUiu1NwYkwT5s8bDPaHpG8nyN4t_mbZfVjf0nU8L11XujdqERtFUQlMZ85NV_nG6ZhqIQbGdAtyi8p1Oqq7TsBRs1IDn8HvOOnUPFEaL9_2cXrh9eovvaYz/s1600/cisco-20245.jpg","author":"info@thehackernews.com (The Hacker News)","published_at":"2026-06-25T05:46:54Z","fetched_at":"2026-06-29T03:15:31.417532Z","trending_score":null,"cve_ids":["CVE-2026-20245"]},{"id":176,"source":"Dark Reading","url":"https://www.darkreading.com/cyberattacks-data-breaches/attackers-hit-cisco-sd-wan-flaw-2-months-before-disclosure","title":"Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure","summary":"Researchers believe rogue peering was used to connect to the victim's SD-WAN devices to gain admin privileges and root-level access.","thumbnail_url":"https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltcec8a650a8536405/6a3c3e984acf5754b02f6f0c/cisco_Mehaniq_shutterstock.jpg?width=720&quality=80&disable=upscale","author":"Jai Vijayan","published_at":"2026-06-24T21:16:41Z","fetched_at":"2026-06-29T04:00:31.432089Z","trending_score":null,"cve_ids":[]}]}