Cybersecurity News from Across the Internet
Tech company says it ‘caught and disrupted’ NSO Group’s attempts to access accounts in Jordan and Lebanon A spyware firm has been targeting WhatsApp users with malicious links in contravention of a US court order forbidding it from doing so, Meta has said. In a post, Meta said WhatsApp had “caught and disrupted spear phishing … Read More “Spyware firm targeted WhatsApp users in defiance of US court order, Meta says – Data and computer security | The Guardian” »
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip – Read More –
Most dev teams use AI coding assistants but only 30% have full governance in place – Read More –
Cisco customers are confronting yet another actively exploited zero-day vulnerability affecting the vendor’s SD-WAN management software, reinforcing pressure on organizations that have experienced rare breaks from active threats this year. The vulnerability — CVE-2026-20245 — marks the seventh actively exploited zero-day in Cisco SD-WANs this year. Cisco said it first became aware of active exploitation … Read More “Cisco customers encounter another SD-WAN zero-day under attack – CyberScoop” »
Critical phpBB authentication bypass lets attackers hijack any account with one request – Read More –
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome’s JavaScript and WebAssembly engine. “Out-of-bounds read and write in V8 in Google Chrome prior to … Read More “Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now – The Hacker News” »
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service. The preprint, posted … Read More “Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models – The Hacker News” »
Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw … Read More “WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine – The Hacker News” »
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome’s JavaScript and WebAssembly engine. “Out-of-bounds read and write in V8 in Google Chrome prior to … Read More “Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now – The Hacker News” »
Maine Attorney General portal lists a Discord breach notice claiming 10 million affected, but odd filing details leave it unverified and questionable. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to … Read More “The Hidden Security Risk in Modern Networks: The Work Between Tools – The Hacker News” »
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems. “The compromised releases shipped a *-setup.pth file that attempts to … Read More “Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer – The Hacker News” »
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the drive for contention … Read More “New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing – The Hacker News” »
An Iranian-linked hacker group called Handala claimed to have hit Israeli military targets with massive cyberattacks on Sunday,… – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
The flaw, CVE-2026-11645, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page – Read More –
Speaking at Infosecurity Europe, Ashish Shrestha, former CISO at Jaguar Land Rover revealed why he wanted over 30,000 employees to change their passwords in the immediate aftermath of the incident – Read More –
Check Point says a critical vulnerability in its Remote Access VPN and Mobile Access solutions has been exploited by Qilin – Read More –
Meta’s WhatsApp demands contempt ruling after users report NSO Group-linked phishing – Read More –
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-42271 (CVSS score: 8.7), is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the – … Read More “LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE – The Hacker News” »
Posted by Moritz Bechler via Fulldisclosure on Jun 08 Advisory ID: SYSS-2026-004 Product: SAP NetWeaver ABAP / SAP_BASIS Manufacturer: SAP SE Affected Version(s): SAP_BASIS 700 – 918 Tested Version(s): 7.93 Patch 300 Vulnerability Type: CWE-347: Improper Verification of Cryptographic Signature Risk Level: High Solution Status: Fixed Manufacturer Notification: 2025-11-06 Solution Date: 2026-02-10… – Read More … Read More “[SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping – Full Disclosure” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 08 SEC Consult Vulnerability Lab Security Advisory < 20260608-0 > ======================================================================= title: Privilege Escalation via Binary Planting product: Genetec-provided RabbitMQ in multiple Genetec products vulnerable version: Multiple products, see below. fixed version: Multiple products, see … Read More “SEC Consult SA-20260608-0 :: Privilege Escalation via Binary Planting in Genetec-provided RabbitMQ in multiple Genetec products – Full Disclosure” »
Artificial Intelligence is no longer limited to analytics dashboards or chatbot interfaces. Today’s businesses are rapidly scaling and implementing… The post Securing AI Agents: Why Identity and Privilege Management Must Extend Beyond Humans appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
AI is quickly becoming the foundation for the digital transformation of today. Enterprises are turning more and more to… The post Preparing AI Infrastructure for Post-Quantum Threats appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
WhatsApp says it blocked Israeli firm NSO’s Pegasus spyware activity and is asking a US court to treat the targeting as an injunction breach. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Mythos is real. I know a big chunk of the industry thinks it’s a marketing stunt, and I get why. I get it. But I’ve seen the findings, and they’re bad. These aren’t “whoops, this line right here is wrong, and that’s RCE.” They’re novel combinations of a few dozen issues out of thousands of … Read More “The Hardest Fork – The Hacker News” »
Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw, CVE-2026-23111, sits in the kernel’s nf_tables packet-filtering code and was patched upstream on February 5, 2026. Exodus Intelligence released its full technical walkthrough on June … Read More “One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public – The Hacker News” »
Operation FlutterBridge uses fake Google ads and shell companies to deploy FlutterShell, a new macOS backdoor targeting unsuspecting users. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Hackers are cloning Ghidra, dnSpy, ILSpy and other free tool sites to spread Malware like RemusStealer, crypto clippers and loaders through fake downloads. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it’s filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users. “They tried to trick people into clicking on … Read More “Meta Blocks NSO Group’s New WhatsApp Phishing Attack, Files Contempt Order – The Hacker News” »
Meta said Monday that it caught a spearphishing campaign linked to spyware maker NSO Group despite a court injunction, prompting the tech giant to file a contempt-of-court complaint. The company won a civil case last year against NSO Group barring it from targeting WhatsApp users and securing $168 million in damages, although NSO Group has … Read More “Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint – CyberScoop” »
Hackers are cloning Ghidra, dnSpy, ILSpy and other free tool sites to spread Malware like RemusStealer, crypto clippers and loaders through fake downloads. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 (CVSS score: 9.3), is a case of a logic flow weakness in certificate validation that allows an unauthenticated remote attacker … Read More “Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups – The Hacker News” »
North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto – Read More –
Monday again. The weekend was meant to be quiet. It wasn’t. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A chatbot got fooled. A bot token got leaked inside the malware. The same old mistakes showed up again. And while everyone … Read More “⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More – The Hacker News” »
Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft – Read More –
Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be dismissed at a glance. As … Read More “AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload – The Hacker News” »
Meta says an Instagram recovery tool bug allowed attackers to abuse password resets, affecting 20,225 accounts and exposing users without 2FA to account takeover risk. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
Instagram glitch exposed Mark Zuckerberg’s email addresses and phone number, plus contact details of other top users, through a password reset flaw. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with … Read More “VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances – The Hacker News” »
At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture – Read More –
AI models such as Anthropic’s Claude Mythos and OpenAI’s Daybreak represent a fundamental inflection point in security. These advances are not only reshaping technology but also redefining trust, risk, and the relationship between humans and intelligent systems. As innovation accelerates, AI governance and responsible deployment are becoming strategic priorities for every organization. Historically, governments have … Read More “The AI security race needs accountability, not overregulation – CyberScoop” »
Post Content – Read More –
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is … Read More “UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign – The Hacker News” »
Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset – Read More –
The Department of Science, Innovation and Technology details how a combination of hands-on human advice and technology systems keeps government agencies safe – Read More –
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats. “When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an … Read More “VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks – The Hacker News” »
Cybersecurity researchers are warning businesses about Pink Extortion Group, a threat actor that uses voice phishing to bypass multi-factor authentication and steal files from cloud environments. – Read More – Hackread – Cybersecurity News, Data Breaches, AI and More
OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees. Lockdown Mode is available to logged-in users across Free, Go, … Read More “New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration – The Hacker News” »
Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organizations, including Azure, Azure-Samples, Microsoft, and MicrosoftDocs, per OpenSourceMalware. The development has GitHub to disable access to those repositories. “Access to this – Read More … Read More “Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack – The Hacker News” »
![[SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping – Full Disclosure](https://attackfeed.com/wp-content/uploads/2026/06/fulldisclosure-img-78NBiE.png "[SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping")
