Monthly Archives: June 2026

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts
June 15, 2026

Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and...

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
June 15, 2026

Palo Alto Networks has revealed that it has observed “active exploitation” of a recently disclosed...

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
June 13, 2026

Splunk has released security updates to address a critical security flaw in Splunk Enterprise that...

U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
June 13, 2026

Anthropic said on Friday it will “abruptly disable” its most advanced artificial intelligence (AI) models,...

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
June 12, 2026

Attackers took over more than 400 packages in the Arch User Repository (AUR) this week...

400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
June 12, 2026

Attackers took over more than 400 packages in the Arch User Repository (AUR) this week...

Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
June 12, 2026

Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it...

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
June 12, 2026

Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group...

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
June 12, 2026

Cybersecurity researchers have described what they say is a new class of attack that can...

Rethinking MDR as Attackers and Defenders Embrace AI
June 12, 2026

For most of the past decade, managed detection and response was the answer to a...

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
June 12, 2026

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical...

INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
June 12, 2026

An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service...

Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
June 12, 2026

Authorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and...

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
June 11, 2026

The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise...

New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
June 11, 2026

Two security teams have shown, in separate research published this week, that OpenClaw, the popular...

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
June 11, 2026

Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass...

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
June 11, 2026

A new analysis of The Gentlemen operation has revealed that the financially motivated threat group...

Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories
June 11, 2026

Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity...

ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
June 11, 2026

It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks,...

AI Broke Vulnerability Management. That’s Why CISOs Are Moving Budget to BAS.
June 11, 2026

For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability...

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
June 11, 2026

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that...

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
June 11, 2026

GitHub has announced what it said are “breaking changes” coming to npm version 12, one...

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
June 10, 2026

Cybersecurity researchers have warned of a “resurgence and expansion” of JDY, a covert network associated...

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
June 10, 2026

Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that...

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE
June 10, 2026

A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence...

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
June 10, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to...

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar
June 10, 2026

Your pentest report looks clean. That might be the problem. Run automated pentesting long enough,...

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
June 10, 2026

Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio,...

Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards
June 10, 2026

On June 9, Anthropic released Claude Fable 5, the most capable model it has ever...

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances
June 10, 2026

ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw...