Cybersecurity News from Across the Internet
Mythos is real. I know a big chunk of the industry thinks it’s a marketing stunt, and I get why. I get it. But I’ve seen the findings, and they’re bad. These aren’t “whoops, this line right here is wrong, and that’s RCE.” They’re novel combinations of a few dozen issues out of thousands of … Read More “The Hardest Fork – The Hacker News” »
Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 (CVSS score: 9.3), is a case of a logic flow weakness in certificate validation that allows an unauthenticated remote attacker … Read More “Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups – The Hacker News” »
North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto – Read More –
Monday again. The weekend was meant to be quiet. It wasn’t. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A chatbot got fooled. A bot token got leaked inside the malware. The same old mistakes showed up again. And while everyone … Read More “⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More – The Hacker News” »
Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft – Read More –
Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be dismissed at a glance. As … Read More “AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload – The Hacker News” »
Meta says an Instagram recovery tool bug allowed attackers to abuse password resets, affecting 20,225 accounts and exposing users without 2FA to account takeover risk. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Instagram glitch exposed Mark Zuckerberg’s email addresses and phone number, plus contact details of other top users, through a password reset flaw. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with … Read More “VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances – The Hacker News” »
At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture – Read More –
AI models such as Anthropic’s Claude Mythos and OpenAI’s Daybreak represent a fundamental inflection point in security. These advances are not only reshaping technology but also redefining trust, risk, and the relationship between humans and intelligent systems. As innovation accelerates, AI governance and responsible deployment are becoming strategic priorities for every organization. Historically, governments have … Read More “The AI security race needs accountability, not overregulation – CyberScoop” »
Post Content – Read More –
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is … Read More “UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign – The Hacker News” »
Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset – Read More –
The Department of Science, Innovation and Technology details how a combination of hands-on human advice and technology systems keeps government agencies safe – Read More –
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats. “When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an … Read More “VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks – The Hacker News” »
Cybersecurity researchers are warning businesses about Pink Extortion Group, a threat actor that uses voice phishing to bypass multi-factor authentication and steal files from cloud environments. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees. Lockdown Mode is available to logged-in users across Free, Go, … Read More “New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration – The Hacker News” »
Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories. “Access to this – Read More … Read More “Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack – The Hacker News” »
Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost everything that touches video, all of them found by an autonomous AI agent. The same week, Google shipped Chrome 149 with patches for 429 security bugs, the most ever in … Read More “AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs – The Hacker News” »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-28318 (CVSS score: 7.5), is a denial-of-service (DoS) bug that causes the service to crash – Read More … Read More “CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog – The Hacker News” »
A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic for a data business Bright Data markets heavily to the AI industry. The company, the successor to Luminati, operates what it calls the largest … Read More “Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI – The Hacker News” »
Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types – On-Prem Deployment Cisco SD-WAN Cloud-Pro Cisco SD-WAN Cloud (Cisco Managed) Cisco SD-WAN for Government … Read More “Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available – The Hacker News” »
32 Red Hat npm packages compromised by Miasma malware expose cloud tokens, CI/CD secrets and developer credentials in supply chain attack. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer “scrapes every secret it can find on a developer’s machine, hides behind an eBPF … Read More “IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks – The Hacker News” »
If you’ve ever received an out-of-the-blue message via LinkedIn from a recruiter offering some well-paid consultancy work, intelligence agencies have a message for you: be very careful. Read more in my article on the Hot for Security blog. – Read More – GRAHAM CLULEY
Atlas Menu Data Breach exposes 64,000 GTA V and CS2 cheat service users, leaking emails, IPs, support tickets and hashed passwords. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites mimicking utilities, war-related updates, and a government news source: govlens[.]net, … Read More “Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps – The Hacker News” »
Threat actors are deploying an updated SHub Stealer variant named Reaper that exploits the native macOS Script Editor to bypass OS-level protections and compromise cryptocurrency assets. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Microsoft reopened some wounds and has reignited debate over the past couple weeks about vulnerability disclosure and the sometimes adversarial dynamic it creates between security researchers and vendors. The latest controversy ensued when Microsoft threatened criminal legal action against a security researcher who publicly disclosed a series of zero-day vulnerabilities with proof-of-concept exploits. Microsoft insisted … Read More “Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away – CyberScoop” »
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco’s PSIRT says it has not seen the flaw used in attacks yet. The PoC … Read More “Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public – The Hacker News” »
A vulnerability has been discovered in Cisco products that could allow for Server-Side Request Forgery. Cisco Unified Communications Manager (Unified CM) / Cisco Unified Communications Manager Session Management Edition (Unified CM SME) is Cisco’s central, software-based call control and session management platform for enterprise communication. Successful exploitation of this vulnerability could allow for Server-Side Request … Read More “A Vulnerability in Cisco Products Could Allow for Server-Side Request Forgery – Cyber Security Advisories – MS-ISAC” »
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to high confidence that the espionage-focused activity is linked to China. “OP-512 was highly likely conducting espionage through a – Read … Read More “New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework – The Hacker News” »
Eighteen months ago, the AI SOC was a marketing line. Today it’s a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the security stack. The data shows SOCs are buying, … Read More “Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver – The Hacker News” »
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed – Read More –
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance – Read More –
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including, … Read More “Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites – The Hacker News” »
Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks – Read More –
A perfect storm of legacy devices, hyper connectivity and human fatigue is bad news for the healthcare sector, warns Cyber Salus – Read More –
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that copies FIFA’s login page well enough to take … Read More “FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins – The Hacker News” »
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. “Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer … Read More “PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network – The Hacker News” »
Posted by Matteo Beccati on Jun 04 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2026-002 ———————————————————————— https://www.revive-adserver.com/security/revive-sa-2026-002 ———————————————————————— Date: 2026-06-03 Risk Level: Medium to High Applications affected: Revive Adserver Versions… – Read More – Full Disclosure
House Democrats criticized a draft Republican Department of Homeland Security spending bill Thursday that they said would cut funding for the Cybersecurity and Infrastructure Security Agency by $250 million. Republicans said the bill provides $2.4 billion for CISA, and that among its focuses are “improving cybersecurity resilience,” in the words of House Appropriations Chairman Tom … Read More “Hill Dems hammer GOP for $250M CISA budget cut – CyberScoop” »
Hackers have been hijacking Instagram accounts at scale by exploiting Meta’s AI support chatbot. And, as if that weren’t bad enough, the technique required no technical skill whatsoever. Read more in my article on the Fortra blog. – Read More – GRAHAM CLULEY
Government agencies, cybersecurity companies and threat researchers are pouring resources into studying how fast-developing AI tools can be wielded by malicious actors to hack into victim organizations. But as agentic AI becomes more embedded in business infrastructure, there’s also a high possibility that a breach could be caused by an insider guiding the tool, whether … Read More “Your AI agent could become your biggest insider threat – CyberScoop” »
Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic’s Claude Mythos model was made available to a limited set of organizations as a technical preview, it was reported that an unauthorized group claimed that it had gained access … Read More “Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It – The Hacker News” »
Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic’s Claude Mythos model was made available to a limited set of organizations as a technical preview, it was reported that an unauthorized group claimed that it had gained access … Read More “Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It – The Hacker News” »
iFood confirms a data breach affecting 1.2 million customers in Brazil, while hackers on BreachForums claim the actual theft is much larger. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts – Read More –
![[REVIVE-SA-2026-002] Revive Adserver Vulnerabilities – Full Disclosure](https://attackfeed.com/wp-content/uploads/2026/06/fulldisclosure-img-tPlr7M.png "[REVIVE-SA-2026-002] Revive Adserver Vulnerabilities")
