| critical |
AzeoTech DAQFactory |
advisory |
cisa-advisories, vendor-blogs |
|
zeroday, phishing, ics |
2026-06-18 |
| critical |
CVE-2026-45469 Microsoft Excel Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-45471 Microsoft Word Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
Healthcare sector faces escalating ransomware, supply chain and APT risks as cyber threats intensify, CYFIRMA warns |
advisory |
vendor-blogs |
|
ransomware, apt, supply-chain |
2026-06-18 |
| critical |
Malicious IP: 218.149.228.175 |
ip-reputation |
abuse-ipdb |
218.149.228.175 |
|
2026-06-22 |
| critical |
Malicious IP: 173.255.223.62 |
ip-reputation |
abuse-ipdb |
173.255.223.62 |
|
2026-06-22 |
| critical |
Malicious IP: 20.118.217.162 |
ip-reputation |
abuse-ipdb |
20.118.217.162 |
|
2026-06-22 |
| critical |
Malicious IP: 89.37.172.146 |
ip-reputation |
abuse-ipdb |
89.37.172.146 |
|
2026-06-22 |
| critical |
Malicious IP: 5.61.209.92 |
ip-reputation |
abuse-ipdb |
5.61.209.92 |
|
2026-06-22 |
| critical |
Malicious IP: 66.132.172.102 |
ip-reputation |
abuse-ipdb |
66.132.172.102 |
|
2026-06-22 |
| critical |
Malicious IP: 185.180.141.47 |
ip-reputation |
abuse-ipdb |
185.180.141.47 |
|
2026-06-22 |
| critical |
Malicious IP: 64.89.161.160 |
ip-reputation |
abuse-ipdb |
64.89.161.160 |
|
2026-06-22 |
| critical |
Malicious IP: 115.231.78.11 |
ip-reputation |
abuse-ipdb |
115.231.78.11 |
|
2026-06-22 |
| critical |
Malicious IP: 182.93.50.90 |
ip-reputation |
abuse-ipdb |
182.93.50.90 |
|
2026-06-22 |
| critical |
Malicious IP: 47.251.105.241 |
ip-reputation |
abuse-ipdb |
47.251.105.241 |
|
2026-06-22 |
| critical |
Malicious IP: 82.152.132.24 |
ip-reputation |
abuse-ipdb |
82.152.132.24 |
|
2026-06-22 |
| critical |
Malicious IP: 120.52.12.202 |
ip-reputation |
abuse-ipdb |
120.52.12.202 |
|
2026-06-22 |
| critical |
Malicious IP: 45.148.10.240 |
ip-reputation |
abuse-ipdb |
45.148.10.240 |
|
2026-06-22 |
| critical |
Malicious IP: 91.92.40.4 |
ip-reputation |
abuse-ipdb |
91.92.40.4 |
|
2026-06-22 |
| critical |
Malicious IP: 2.26.231.147 |
ip-reputation |
abuse-ipdb |
2.26.231.147 |
|
2026-06-22 |
| critical |
Malicious IP: 100.29.192.86 |
ip-reputation |
abuse-ipdb |
100.29.192.86 |
|
2026-06-22 |
| critical |
Malicious IP: 185.223.235.10 |
ip-reputation |
abuse-ipdb |
185.223.235.10 |
|
2026-06-22 |
| critical |
Malicious IP: 94.247.172.129 |
ip-reputation |
abuse-ipdb |
94.247.172.129 |
|
2026-06-22 |
| critical |
Malicious IP: 202.165.29.123 |
ip-reputation |
abuse-ipdb |
202.165.29.123 |
|
2026-06-22 |
| critical |
payload_delivery: undefined |
threat-intel |
threatfox |
|
22June2026, ClearFake, Commandline, macOS, gaea-operations, malware, phishing, scams, stefan-himmelskamp, 21June2026, ClickFix, etherhiding, Polygon, Remus, c2, Stealc, DomainShadowing, Windows, Vidar, central-hub, clickfix-hub, evalusion, merry-florist, NetSupport, unc2190, wordpress-compromise, Fake-Captcha, wordpress-injection, c2-rotation, single-gateway, SilentStealer, XWorm, Amos, AtomicStealer, Cthulhu, stealer, SocGholish, remcos, Mirai, asyncrat, elf, IoT, Mozi, SmartApeSG, xmrig, RAT, hta-polyglot, Loader, msix, TDS, crypter, rundll32, WebDav, CobaltStrike, drb-ra, RemusStealer, FakeCaptcha, powershell, clipboard-hijack, NetSupportRAT, i7sb1k, lockbit, Ransomware, honeylabs, honeypot, Ngioweb, Kongtuke, OffLoader, PureLogsStealer, CloudflareHardwareFingerprinting, amatera, ArcStealer, python-backdoor, winpython, Cloudflare, cracked-games, HijackLoader, Prospero, renengine, telemetry, valleyrat_s2, compromised, WordPress, rmm, quasar, dentons-impersonation, google-drive-abuse, homoglyph, msiexec, NeptuneRAT, ErrTraffic, iran, MuddyWater, stagecomp, StrelaStealer, deerstealer, fingerfix, ironpython, tcp79, FRP, liberium, LiberiumRAT, port, ports, ransomware, botnet, infostealer |
2026-06-22 |
| critical |
botnet_cc: undefined |
threat-intel |
threatfox |
|
remcos, CobaltStrike, redirector, Vo1d, c2, erebus-v14, nation-state-hunter, t1055, t1059_003, drb-ra, Vshell, RAT, RemcosRAT, asyncrat, dcrat, Covenant, RapidStealer, ClickFix, evalusion, jarm:1276612955, merry-florist, NetSupport, port:1337, single-gateway, unc2190, QuasarRAT, Havoc, Amos, AtomicStealer, Cthulhu, macOS, xxxblyat, OverlordRAT, AdaptixC2, valleyrat_s2, cs-watermark-391144938, cs-watermark-987654321, Meterpreter, docker-api, Redtail, selfrep, webpot, diicot, miner, junko, DDoS, ssh, xorddos, boyzee, phoenix-c2, postgres, takeover, phoenix, elf, IoT, Mozi, Mirai, Kongtuke, Adaptix, Stealc, Mythic, EyePyramid, Remus, t1071_001, cs-watermark-1873433027, cs-watermark-1580103824, eval, lua, redis, config, rce, SmartApeSG, xmrig, hta-polyglot, Loader, msix, ValleyRAT, RatonRAT, Vidar, Dropper, fileless, NetSupportRAT, BianLian, cs-watermark-1234567890, Viper, DarkVNC, kimsuky, erebus-v15, t1573_002, Ngioweb, AddType, Digitalocean, FakeCaptcha, mtls, nginx, one-check.lol, powershell, TLS1.3, mesh, meshagent, China, Telecom, TernDoor, UAT-9244, cve-2024-4577, rotator, monero, payload-host, pool, module-load, Muhstik, cron, nc, XWorm, DanBot, poshc2, i7sb1k, payload, Sh, sliver, honeypot, python-backdoor, winpython, cs-watermark-666666666, EvilGinx, EvilGoPhish, kimwolf, Sheet Rat, SheetRAT, Deimos, ConnectWise, rmm, ScreenConnect, powershell-loader, RC4, ContagiousInterview, DPRK, FakeInterview, NanoCore, msiexec, PureLogStealer, PureLogsStealer, BruteRatel, Amadey, ViriBack, 23b404, CHAOS, NFS, etherhiding, iran, mois, MuddyWater, tsundere, FRP, relay, blockchain-C2, EtherRat, FakeGit, LuaJIT, Polygon, SmartLoader, manual-override, t1573_001, t1059_001, t1105, fingerfix, ironpython, tcp79, smokeloader, COLDRIVER, SPICA, apt, phishing, botnet, infostealer |
2026-06-22 |
| critical |
ClickFix Campaign Generated Via AI Delivers SmartRAT |
threat-intel |
otx |
162.141.111.227, 64.95.13.238 | b17ccdb5531555e4… |
banana rat, fake captcha, smartrat, powershell, typosquatting, ghostloader, brazil, clickfix, qr code interception, banking trojan, credential theft, remcos rat, ai-generated, botnet, supply-chain, infostealer |
2026-06-17 |
| critical |
New Prinz Eugen ransomware prioritizes recent files for encryption |
news |
general-news |
|
ransomware |
2026-06-20 |
| critical |
Gentlemen ransomware uses multiple EDR killers to disable defenses |
news |
general-news |
|
ransomware |
2026-06-18 |
| critical |
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes |
news |
general-news |
|
ransomware |
2026-06-19 |
| critical |
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution |
news |
general-news |
|
rce |
2026-06-19 |
| critical |
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution |
news |
general-news |
|
rce |
2026-06-18 |
| critical |
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023 |
news |
general-news |
|
ransomware |
2026-06-18 |
| critical |
DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic |
news |
general-news |
|
ransomware, botnet |
2026-06-18 |
| critical |
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development |
news |
general-news |
|
zeroday |
2026-06-17 |
| critical |
The Top 10 Attack Surface Exposures in 2026 |
news |
general-news |
|
zeroday |
2026-06-17 |
| critical |
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds |
news |
general-news |
|
ransomware |
2026-06-16 |
| critical |
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More |
news |
general-news |
|
zeroday, phishing |
2026-06-15 |
| critical |
INC Ransomware Thrives by Mastering the Basics |
news |
general-news |
|
ransomware |
2026-06-17 |
| critical |
'Lorem Ipsum' Malware Pivots to ClickFix Delivery |
news |
general-news |
|
ransomware |
2026-06-16 |
| critical |
CryptoBandits Malware Doubles as a Backdoor, Abuses Tor |
news |
general-news |
|
rce |
2026-06-19 |
| critical |
Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure |
news |
general-news |
|
rce |
2026-06-19 |
| critical |
Operation Endgame Disrupts Malware Network Linked to Major Ransomware Gang |
news |
general-news |
|
ransomware |
2026-06-19 |
| critical |
ICO Cautions Healthcare Worker After Princess of Wales Incident |
news |
general-news |
|
ransomware |
2026-06-18 |
| critical |
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company |
news |
general-news |
|
ransomware, botnet |
2026-06-16 |
| critical |
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks |
news |
general-news |
|
ransomware, transport |
2026-06-15 |
| critical |
Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack |
news |
general-news |
|
rce, supply-chain |
2026-06-21 |
| critical |
Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253) |
news |
general-news |
|
rce |
2026-06-19 |
| critical |
Australian sugar producer works to restore operations as ransomware group claims attack |
news |
general-news |
|
ransomware |
2026-06-18 |
| high |
CVE-2026-20253 — Splunk Enterprise Missing Authentication for Critical Function Vulnerability |
vulnerability |
cisa-kev |
CVE-2026-20253 |
|
2026-06-18 |
| high |
CVE-2026-48907 — Widget Factory Joomla Content Editor Improper Access Control Vulnerability |
vulnerability |
cisa-kev |
CVE-2026-48907 |
|
2026-06-16 |
| high |
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-18 |
| high |
Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-18 |
| high |
Mitsubishi Electric MELSEC iQ-F Series |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-18 |
| high |
Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products |
advisory |
cisa-advisories, vendor-blogs |
|
botnet, ics |
2026-06-18 |
| high |
Rockwell Automation FactoryTalk Historian Site Edition |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-18 |
| high |
AVer PTC cameras |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-18 |
| high |
Schneider Electric EasyLogic T150 and Saitel DP |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-18 |
| high |
Rockwell Automation FLEX I/O EtherNet/IP Adapters |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
Rockwell Automation RSLinx |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
Rockwell Automation FactoryTalk Analytics PavilionX |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-16 |
| high |
Rockwell Automation CompactLogix |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
FCC to review telecom supply chain security reporting requirements amid rising cybersecurity, espionage threats |
advisory |
vendor-blogs |
|
supply-chain |
2026-06-19 |
| high |
NIST SP-1339 releases OT Backup Quick Start Guide to boost industrial cyber resilience, accelerate incident recovery |
advisory |
vendor-blogs |
|
ics |
2026-06-19 |
| high |
CISC unveils Enhanced CIRMP Rules to address AI, legacy systems, supply chain, and insider risks across critical infrastructure |
advisory |
vendor-blogs |
|
supply-chain |
2026-06-18 |
| high |
data_x86_64 |
malware |
malware-bazaar |
a558714eb3c35a8f…, d825cbe08ea10150… |
elf, Mirai, botnet |
2026-06-22 |
| high |
sora.arm7 |
malware |
malware-bazaar |
4121a0bfb7059830…, 807c73039d6f413d… |
elf, Mirai, upx-dec, botnet |
2026-06-22 |
| high |
sora.arm5 |
malware |
malware-bazaar |
b92abe3dde271635…, 4108ab76360876c3… |
elf, Mirai, upx-dec, botnet |
2026-06-22 |
| high |
sora.arm7 |
malware |
malware-bazaar |
d0345ab1663c0153…, 992a89dd9d5edcca… |
elf, Mirai, upx, botnet |
2026-06-22 |
| high |
sora.arm5 |
malware |
malware-bazaar |
ce0b3137383e4112…, 356a1243d88a22d8… |
elf, upx |
2026-06-22 |
| high |
data_x86 |
malware |
malware-bazaar |
0238e06a1ac58756…, 0bcc0ba9cec4a658… |
elf, Mirai, botnet |
2026-06-22 |
| high |
data_mipsel |
malware |
malware-bazaar |
3b11d33e8f3ca263…, e887f45934e73f72… |
elf, Mirai, botnet |
2026-06-22 |
| high |
sora.sh4 |
malware |
malware-bazaar |
3585bbb1adae6cca…, caee427aa16d2ec1… |
elf, Mirai, botnet |
2026-06-22 |
| high |
data_mips |
malware |
malware-bazaar |
9a73e54c5aaf4ae3…, 340c04ab6937d66e… |
elf, Gafgyt, Mirai, botnet |
2026-06-22 |
| high |
k.php |
malware |
malware-bazaar |
f197de37ab531b3d…, e66f444d93ca51f3… |
sh |
2026-06-22 |
| high |
sora.m68k |
malware |
malware-bazaar |
639015f49fe00afa…, cf1d682e438d6a4a… |
elf, Mirai, botnet |
2026-06-22 |
| high |
data_arm7 |
malware |
malware-bazaar |
c03210e941c3de90…, 44e38bcd5b2a92cb… |
elf, Mirai, botnet |
2026-06-22 |
| high |
data_mips-uclibc |
malware |
malware-bazaar |
a3cb43a29e0f181f…, a4f2c59ced19e9a2… |
elf, Mirai, botnet |
2026-06-22 |
| high |
data_powerpc |
malware |
malware-bazaar |
9bbed06deb57b262…, a8aaa95c71829fa1… |
elf, Mirai, botnet |
2026-06-22 |
| high |
sora.mips |
malware |
malware-bazaar |
84bf32c6c5852dcf…, 74e71ccc947d8971… |
elf, Mirai, upx-dec, botnet |
2026-06-22 |
| high |
sora.mips |
malware |
malware-bazaar |
84a09f4fdf90abd5…, 6c54dc573e8fdb22… |
elf, Mirai, upx, botnet |
2026-06-22 |
| high |
sora.x86 |
malware |
malware-bazaar |
fcc9249b4f188e5a…, 6b406c155f39aaaa… |
elf, Mirai, botnet |
2026-06-22 |
| high |
ok |
malware |
malware-bazaar |
2ec11059183fff0a…, 873970375886a32a… |
Mirai, sh, botnet |
2026-06-22 |
| high |
file |
malware |
malware-bazaar |
c6473b0fc4ebd18a…, 41dced704c3d94e4… |
54e64e, dropped-by-Amadey, exe |
2026-06-22 |
| high |
sora.arm6 |
malware |
malware-bazaar |
5ea5fd6006918909…, c3c863ec3c05591b… |
elf, Mirai, upx-dec, botnet |
2026-06-22 |
| high |
sora.arm6 |
malware |
malware-bazaar |
0d4ecc9f1c7e94da…, c49410048280d504… |
elf, Mirai, upx, botnet |
2026-06-22 |
| high |
loader.zip |
malware |
malware-bazaar |
2c5260360de10f21…, 818f02e595eb7faa… |
bun, exe, NWHStealer, stealer, zip |
2026-06-22 |
| high |
YimMenuV2.dll |
malware |
malware-bazaar |
967e1665f6935556…, 51a41100fbe14088… |
dll, exe, GameHack, Riskware |
2026-06-22 |
| high |
Requirement.vbs |
malware |
malware-bazaar |
3898a662f25925b6…, 862ce69fbc11bac8… |
vbs |
2026-06-22 |
| high |
SynInstallerV2.exe |
malware |
malware-bazaar |
0b8cae277bf0e3f0…, 72cc8e3d5bb03a4e… |
downloader, exe, loader, SalatStealer |
2026-06-22 |
| high |
rDirectricesdepol__ticasparaempleados_2026_pdf.exe |
malware |
malware-bazaar |
e9b9e9b3ba47548c…, b0e14b749d6ea74e… |
exe, GuLoader, signed |
2026-06-22 |
| high |
Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload |
threat-intel |
otx |
CVE-2018-0802, CVE-2025-55182, CVE-2025-68670 | 88dc7beba703964c…, fb0f8027acf1b1e4… |
vbcloud, netsupport rat, powershower, reversesocks, phantomheart, valleyrat, powercloud, cloud atlas, apt, phishing |
2026-05-22 |
| high |
Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers |
threat-intel |
otx |
CVE-2025-11953 |
netsupport rat, termite, telecommunications, asyncrat, soullessrat, bulletproof hosting, middle east, offensive frameworks, phexia, phorpiex, xmrig, twizt, dynowiper, echogather, maas platforms, c2 infrastructure, tactical rmm, lockbit black, gophish, hajime, espionage campaigns, sliver, prism x, iot botnets, hellsuchecker, aquilarat, cobalt strike, cve-2025-11953, acunetix, mirai, keitaro, mozi, rondodox, ransomware, apt, phishing, botnet |
2026-05-21 |
| high |
Operation Poisson – Analyzing a Cybercriminal’s Entire Operation |
threat-intel |
otx |
217.154.162.45, 217.154.217.139 | f06e7e1a4363a01b… |
tailscale, rustdesk, poisson, credential-theft, france, keylogger, fileless-attack, openssh, havoc, havoc-c2, vpn-mesh-persistence, botnet, infostealer |
2026-06-19 |
| high |
Analysis of Gamaredon campaign targeting Ukraine weaponizing CVE-2025-8088 |
threat-intel |
otx |
CVE-2025-8088 | 1ebbdf3671cd5ca2…, ea610ea6a8d69cb1… |
path-traversal, cve-2025-8088, military-lures, conscription-themed, powershell, gamaredon, ukraine, winrar, persistence, phishing |
2026-06-19 |
| high |
Okendo Reviews Supply Chain Attack |
threat-intel |
otx |
|
sectop rat, netsupport, netsupport rat, supply chain attack, smartrat, clickfix, okendo reviews, javascript injection, remcos, stealc, smartapesg, phishing, supply-chain |
2026-06-18 |
| high |
Operation Endgame vs. SocGholish Fake Updates |
threat-intel |
otx |
|
venomrat, smokeloader, pikabot, evilcorp, wordpress compromise, operation endgame, bumblebee, traffic distribution system, rhadamanthys, danabot, icedid, qakbot, initial access broker, fake updates, domain shadowing, doppelpaymer, hades, ransomhub, socgholish, trickbot, wastedlocker, lockbit, gholoader, frigidstealer, fakeupdates, web inject, ransomware distribution, ransomware, botnet |
2026-06-18 |
| high |
Twitter Feed - nextronresearch - 17-06-2026 |
threat-intel |
otx |
e9f8a7e6275c263d… |
rat, indian defense targeting, double extension, decoy document, pdfdocs rat, persistence hkcu, powershell stager, apt36, transparent tribe, ransomware |
2026-06-18 |
| high |
From emerging threat to top-tier ransomware-as-a-service: The evolution of INC ransomware |
threat-intel |
otx |
CVE-2023-3519, CVE-2023-48788, CVE-2024-57727, CVE-2025-5777 | ff5da8f0330a4c58…, eb37c4fcfc00d381… |
cve-2025-5777, encryption, double-extortion, lynx, cobalt strike, raas, sinobi, cve-2024-57727, ransomware-as-a-service, rust-based, inc, cve-2023-3519, veeam-credential-dumping, cve-2023-48788, data-leak-site, vmware-esxi, ransomware |
2026-06-17 |
| high |
New APT-Q-27 sample spotted |
threat-intel |
otx |
130fbe74fea31b30… |
dropper, dll side-loading, chinese threat actor, apt-q-27, tencent, digital signature abuse, apt, botnet |
2026-06-17 |
| high |
Attackers Weaponize Microsoft Teams Relays to Stay Hidden |
threat-intel |
otx |
CVE-2025-61155, CVE-2023-52271, CVE-2025-1055 | 62.164.177.25 | f174c19902523dcf…, ecb1d69999a73076… |
dragonforce, dll side-loading, ransomware, byovd, cve-2023-52271, cve-2025-61155, cve-2025-1055, turn relay, credential theft, vulnerable drivers, backdoor.turn, microsoft teams abuse, botnet |
2026-06-16 |
| high |
Public and Private Medical Community Targeted by Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research |
threat-intel |
otx |
23.169.65.49 | db65c1b9f9e4cb4d… |
medical research targeting, unc6508, infinitered, credential harvesting, redcap exploitation, china-nexus, email exfiltration, content compliance abuse, phishing |
2026-06-15 |
| high |
WebAssembly Malware Found in Trojanized Open VSX Extensions |
threat-intel |
otx |
45.150.34.158 | 558b4f1d9a263c13…, f595fb7867beb76b… |
glasswasm, cryptocurrency targeting, dead-drop c2, webassembly, chacha20 encryption, supply chain, tinygo, vs code extensions, open vsx, solana blockchain, botnet, supply-chain |
2026-06-16 |
| high |
AryStinger botnet infected thousands of D-Link routers worldwide |
news |
general-news |
|
botnet |
2026-06-21 |
| high |
Microsoft links Mastra AI supply chain attack to North Korean hackers |
news |
general-news |
|
supply-chain |
2026-06-20 |
| high |
ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories |
news |
general-news |
|
phishing, botnet |
2026-06-18 |
| high |
Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 |
news |
general-news |
|
botnet |
2026-06-18 |
| high |
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline |
news |
general-news |
|
botnet, infostealer |
2026-06-17 |
| high |
145 Mastra npm Packages Compromised via Hijacked Contributor Account |
news |
general-news |
|
supply-chain |
2026-06-17 |
| high |
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth |
news |
general-news |
|
botnet |
2026-06-16 |
| high |
In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum |
news |
general-news |
|
botnet |
2026-06-19 |
| high |
Cybersecurity Firms Impacted by Klue Supply Chain Attack |
news |
general-news |
|
supply-chain |
2026-06-19 |
| high |
15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown |
news |
general-news |
|
botnet |
2026-06-19 |
| high |
SprySOCKS Backdoor Expands From Linux to Windows |
news |
general-news |
|
botnet |
2026-06-16 |
| high |
Accenture to buy Dragos, runZero, and NetRise in $4.2 billion cybersecurity deal |
news |
general-news |
|
ics |
2026-06-19 |
| high |
Police raid malware network tied to Russia's Evil Corp hacker group |
news |
general-news |
|
botnet |
2026-06-19 |
| high |
Authorities disrupt Evil Corp’s SocGholish botnet |
news |
general-news |
|
botnet |
2026-06-18 |
| high |
Accenture shells out $4.18B on three companies in big industrial cybersecurity push |
news |
general-news |
|
ics |
2026-06-18 |
| medium |
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure |
advisory |
cisa-advisories |
|
phishing |
2026-06-18 |
| medium |
payload: undefined |
threat-intel |
threatfox |
|
ContagiousInterview, akira, elf, Ransomware, note, ransomnote, ClickFix, crypter, rundll32, WebDav, hta-polyglot, Loader, msix, IoT, Mozi, China, CrowDoor, FamousSparrow, Telecom, TernDoor, TropicTrooper, UAT-9244, malicious, Kongtuke, python-backdoor, winpython, Sheet Rat, SheetRAT, powershell-loader, RC4, Dropper, fake-document, logmein-resolve, rmm, vbs, discord-c2, golang, infostealer, vileransomware, Downloader, iran, mois, MuddyWater, stagecomp, fingerfix, ironpython, tcp79, ransomware, botnet |
2026-06-21 |
| medium |
Popa: From Sourcing to Distribution |
threat-intel |
otx |
172.105.19.27, 51.161.86.9, 141.95.98.71, 134.195.196.245, 134.195.196.85, 139.162.174.86, 148.113.190.175, 38.89.70.214, 38.99.82.188, 216.106.189.146, 67.220.70.69, 38.99.82.9, 134.195.196.184, 134.195.198.2, 134.195.198.52, 135.125.160.44, 135.181.116.42, 135.181.18.95, 135.181.57.111, 135.181.61.18, 135.181.61.24, 135.181.75.30, 141.94.199.151, 141.94.199.152, 141.94.29.105, 141.94.73.20, 141.95.126.97, 141.95.33.100, 141.95.33.108, 141.95.33.112, 141.95.33.117, 141.95.33.143, 141.95.35.96, 141.95.35.97, 141.95.98.156, 141.95.98.158, 141.95.98.159, 141.95.98.164, 141.95.98.173, 141.95.98.174, 141.95.98.175, 141.95.98.176, 141.95.98.177, 146.59.47.171, 146.59.54.55, 146.59.54.8, 146.59.81.145, 146.59.81.179, 146.59.81.182, 146.59.84.15, 146.59.85.8, 148.113.162.52, 148.113.220.152, 148.113.222.71, 149.56.29.107, 15.235.12.25, 15.235.222.55, 15.235.224.157, 15.235.224.224, 15.235.228.121, 15.235.233.16, 15.235.233.20, 15.235.53.67, 15.235.65.66, 15.235.65.97, 15.235.82.174, 15.235.85.237, 15.235.85.238, 15.235.85.93, 15.235.86.140, 15.235.9.81, 157.90.4.34, 157.90.4.97, 158.51.120.61, 158.51.121.121, 158.51.121.126, 158.51.121.30, 158.51.121.39, 158.51.121.83, 162.19.139.106, 162.19.72.85, 162.19.88.205, 162.19.88.213, 167.17.64.20, 167.88.61.114, 172.99.188.236, 172.99.189.20, 172.99.189.67, 172.99.189.88, 186.190.215.121, 194.195.125.168, 198.244.165.186, 198.244.212.119, 198.57.27.30, 216.106.189.33, 37.27.55.79, 38.110.1.157, 38.111.114.193, 38.114.120.146, 38.114.120.238, 38.114.120.39, 38.114.120.72, 38.22.17.181, 38.22.17.205, 38.22.17.218, 38.86.135.91, 51.195.24.11, 51.195.24.3, 51.195.24.58, 51.195.24.59, 51.195.24.6, 51.195.24.60, 51.222.248.165, 51.77.190.206, 51.89.11.179, 51.89.11.192, 51.89.11.246, 54.38.13.215, 57.128.125.81, 57.128.192.112, 57.128.231.167, 57.128.231.196, 57.128.97.134, 57.129.39.245, 57.129.39.247, 57.129.49.77, 57.129.52.203, 57.129.54.85, 57.129.64.89, 57.129.96.136, 65.108.9.68, 65.109.27.93, 65.109.28.33, 65.21.226.195, 66.163.117.114, 66.163.117.132, 66.228.34.25, 67.220.66.55, 67.220.70.142, 67.220.70.43, 67.220.70.91, 67.220.74.119, 67.220.94.39, 67.220.94.47, 85.90.247.42, 91.134.20.114 | d06b86da3777be0e…, 3a69aedb78677993… |
residential proxy, netnut, neupop, sdk, moneytiser, hopanet, popa, loopop, proxyware, android, consent bypass, ransomware |
2026-06-18 |
| medium |
Operation FlutterBridge: The FlutterShell macOS Backdoor |
threat-intel |
otx |
fc091ddb4d845280…, ffd773f157df7029… |
browser hijacking, operation flutterbridge, certificate rotation, dart obfuscation, macos backdoor, flutter framework abuse, fluttershell, c2-conditional payload, botnet |
2026-06-19 |
| medium |
OXLOADER: new loader evading detection to drop infostealer |
threat-intel |
otx |
fdfc7831e5c24cfa…, 956c6128e9362e07… |
oxloader, donutloader, reloc section abuse, malvertising, obfuscation, anti-vm, google ads, castlestealer, russian-speaking actor, infostealer |
2026-06-19 |
| medium |
May 2026 Infostealer Trend Report |
threat-intel |
otx |
74877ea7d1112b1f…, 0b8a891324d65f3d… |
credential theft, agenttesla, infostealer, vidar, darkcloud, lummac2, clickfix, remus, dll side-loading, acrstealer, botnet |
2026-06-18 |
| medium |
Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign |
threat-intel |
otx |
|
gitlab pages abuse, macsync, ai impersonation, macsync infostealer, social engineering, apac targeting, google ads abuse, clickfix, malvertising, phishing, infostealer |
2026-06-18 |
| medium |
GitBait: Phishing targeting the Mexican financial sector |
threat-intel |
otx |
|
credential harvesting, sheetbest api, financial fraud, phishing kit, github pages abuse, serverless infrastructure, mexican banking, gitbait, phishing |
2026-06-18 |
| medium |
Klue Integration Abused in Salesforce Data Theft | Threat Spotlight |
threat-intel |
otx |
212.86.125.24, 94.154.32.160 |
salesforce, unc6395, oauth abuse, api exfiltration, third-party integration, klue integration, shinyhunters, crm data theft |
2026-06-18 |
| medium |
Invisible Sting: Over 4000 Outdated Routers Compromised by AryStinger, Becoming Global Attack Springboards for Hackers |
threat-intel |
otx |
CVE-2016-5681, CVE-2013-3307, CVE-2025-11837 | fffcbd0ac2cb5454… |
cve-2013-3307, legacy routers, arystinger, distributed scanning, rtl819x, traffic tunneling, cve-2025-11837, subdomain enumeration, reconnaissance infrastructure, botnet, cve-2016-5681, dropbear backdoor, d-link |
2026-06-17 |
| medium |
Crypto Clipper uses Tor and worm-like propagation for persistence and control |
threat-intel |
otx |
f3b54984caca95fd…, 03b51af0a04467ce… |
screenshot exfiltration, seed phrase stealing, cryptocurrency clipper, cryptobandits, clipboard hijacking, remote code execution, tor proxy, contebrew, wallet theft, usb worm, botnet, rce |
2026-06-18 |
| medium |
From package to postinstall payload: Inside the Mastra npm supply chain compromise |
threat-intel |
otx |
b73de25c053c3225… |
supply-chain-attack, typosquatting, credential-theft, npm, account-takeover, easy-day-js, cryptocurrency-clipper, postinstall-hook, botnet, supply-chain |
2026-06-18 |
| medium |
140+ npm Packages Compromised in Coordinated Supply Chain Attack |
threat-intel |
otx |
cdec8b20338beb70… |
infostealer, persistence mechanism, easy-day-js, supply chain attack, cryptocurrency theft, postinstall hook, typosquatting, cross-platform stealer, npm packages, botnet, supply-chain |
2026-06-17 |
| medium |
Bluekit Phishing as a Service (PhaaS) |
threat-intel |
otx |
2f08ce5a60ec42ff… |
peer-to-peer-infrastructure, anti-detection, session-hijacking, automated-workflows, phishing-as-a-service, cryptocurrency-theft, account-takeover, credential-harvesting, phishing |
2026-06-16 |
| medium |
Potemkin Loader & RMMProject The Anatomy of a ClickFix Attack |
threat-intel |
otx |
77.110.122.58, 213.165.41.26 | cd4e5e2c65b16604…, d37cc44db90a6534… |
rmmproject, blockchain c2, chisel, etherrat, credential theft, clickfix, dga, lateral movement, hidden desktop, potemkin, phishing, botnet |
2026-06-16 |
| medium |
Android Banker with Complete Device Takeover Capabilities |
threat-intel |
otx |
fe41e6c1725f6358…, fefec424a52e88ef… |
rokarolla, cryptocurrency theft, overlay attacks, banking credentials, accessibility abuse, sms hijacking, android trojan, keylogger, ransomware, botnet, infostealer |
2026-06-16 |
| medium |
Investigation of email-based attack delivering MediaFire ZIP file with execution chain analysis |
threat-intel |
otx |
138.124.186.2, 185.76.243.85 |
mediafire, netsupport rmm, dll hijacking, scheduled task persistence, remote access, email delivery, python side-loading, process injection, botnet |
2026-06-16 |
| medium |
How attackers are jailbreaking LLMs with CTF framing and how to catch them |
threat-intel |
otx |
CVE-2026-0770, CVE-2026-33017, CVE-2026-39987, CVE-2026-42208, CVE-2026-40281, CVE-2026-42271, CVE-2026-44336, CVE-2026-44694, CVE-2026-42589, CVE-2026-45331, CVE-2026-45672, CVE-2026-45301, CVE-2026-47391 | 103.142.140.238, 212.107.30.69, 115.171.80.253, 103.142.140.246, 38.181.81.164, 68.77.201.89 |
cve-2026-39987, cve-2026-45397, cve-2026-42271, cve-2026-42302, cve exploitation, cve-2026-42266, cve-2026-45301, cve-2026-42208, llm jailbreaking, ai platform targeting, cve-2026-42589, cve-2026-44694, cve-2026-33017, cve-2026-45672, cve-2026-45331, cve-2026-44336, prompt injection, cve-2026-40281, cve-2026-47391, credential harvesting, rce campaigns, ai agent exploitation, ctf framing, phishing, rce |
2026-06-15 |
| medium |
Gamers beware: malicious wallpapers on Steam found stealing accounts |
threat-intel |
otx |
120.48.156.17, 202.144.192.29 | fc586cad94e5a10d…, ded08ae5df7f1b12… |
account hijacking, vidar, wallpaper engine, infostealer, steam workshop, lumma, gaming platform, renengine, credential theft, darkkomet, crypto miner, ransomware |
2026-06-16 |
| medium |
Webinar: How attackers bypass MFA and how defenders can respond |
news |
general-news |
|
phishing |
2026-06-19 |
| medium |
Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments |
news |
general-news |
|
phishing |
2026-06-17 |
| medium |
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware |
news |
general-news |
|
phishing |
2026-06-16 |
| medium |
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels |
news |
general-news |
|
phishing |
2026-06-15 |
| medium |
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes |
news |
general-news |
|
phishing |
2026-06-15 |
| medium |
Sweeping Credential-Harvesting Heist Compromises 30K+ Fortinet Devices |
news |
general-news |
|
phishing |
2026-06-17 |
| medium |
The Beginning of the End of Social Engineering |
news |
general-news |
|
phishing |
2026-06-15 |
| medium |
Serverless Phishing Kit on GitHub Targets Mexican Banks |
news |
general-news |
|
phishing |
2026-06-17 |
| unknown |
CISA Adds One Known Exploited Vulnerability to Catalog |
advisory |
cisa-advisories |
|
|
2026-06-18 |
| unknown |
CISA Adds Two Known Exploited Vulnerabilities to Catalog |
advisory |
cisa-advisories |
|
|
2026-06-15 |
| unknown |
CVE-2025-5791 Users: `root` appended to group listings |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2025-4574 Crossbeam-channel: crossbeam-channel vulnerable to double free on drop |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-45445 AES-OCB IV Ignored on EVP_Cipher() Path |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-42768 Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-9076 Out-of-Bounds Read in CMS Password-Based Decryption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-42766 Possible NULL Dereference in Password-Based CMS Decryption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-34180 Heap Buffer Over-read in ASN.1 Content Parsing |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-44967 opentelemetry-cpp: OTLP HTTP exporters read unbounded HTTP response |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-45485 Microsoft Office Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-45466 Microsoft Word Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-45649 Office for Android Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-44822 Microsoft Excel Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-45459 Microsoft Excel Security Feature Bypass Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12439 Use after free in Digital Credentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12440 Use after free in DigitalCredentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12445 Use after free in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12446 Insufficient data validation in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12441 Use after free in File Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12443 Use after free in Web Authentication |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12452 Use after free in Downloads |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12455 Use after free in Tab Strip |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12458 Incorrect security UI in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12457 Insufficient data validation in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12459 Inappropriate implementation in Serial |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12460 Insufficient policy enforcement in File System Access |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12462 Use after free in Media |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12464 Use after free in Browser |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12463 Inappropriate implementation in Views |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12454 Race in Safe Browsing |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12468 Inappropriate implementation in Updater |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12449 Use after free in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12444 Out of bounds read in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12437 Use after free in WebShare |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12461 Out of bounds read in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-42903 Windows Kerberos Denial of Service Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12439 Use after free in Digital Credentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12440 Use after free in DigitalCredentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12445 Use after free in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12446 Insufficient data validation in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12441 Use after free in File Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12447 Heap buffer overflow in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12443 Use after free in Web Authentication |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12452 Use after free in Downloads |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12453 Insufficient validation of untrusted input in Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12455 Use after free in Tab Strip |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12456 Insufficient validation of untrusted input in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12458 Incorrect security UI in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12457 Insufficient data validation in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12459 Inappropriate implementation in Serial |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12460 Insufficient policy enforcement in File System Access |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12462 Use after free in Media |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12464 Use after free in Browser |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12463 Inappropriate implementation in Views |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12465 Insufficient validation of untrusted input in Metrics |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12454 Race in Safe Browsing |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12468 Inappropriate implementation in Updater |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12449 Use after free in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12444 Out of bounds read in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12437 Use after free in WebShare |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12461 Out of bounds read in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-24289 Windows Kernel Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-32177 .NET Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2025-6965 Integer Truncation on SQLite |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-8376 Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-42014 Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-53689 |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12087 Socket versions before 2.041 for Perl have an out-of-bounds heap read |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2 |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-32208 Microsoft Edge (Chromium-based) Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-32174 Azure Bot Service Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-42895 Microsoft Copilot Tampering Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-54130 M365 Copilot Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47646 Dynamics 365 Customer Voice Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2025-71073 Input: lkkbd - disable pending work before freeing device |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2025-71072 shmem: fix recovery on rename failures |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-28387 Potential Use-after-free in DANE Client Code |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-48854 Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46292 pmdomain: core: Fix detach procedure for virtual devices in genpd |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46274 io-wq: check that the predecessor is hashed in io_wq_remove_pending() |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46293 clk: microchip: mpfs-ccc: fix out of bounds access during output registration |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47636 Microsoft SharePoint Server Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-17 |
| unknown |
CVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-17 |
| unknown |
CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-54411 Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate's length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext. |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-12012 Use after free Network |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12008 Use after free DigitalCredentials |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12019 Out of bounds write Codecs |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12016 Insufficient validation of untrusted input DevTools |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12015 Use after free Autofill |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-11628 Use after free in Ozone |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11631 Use after free in Aura |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11632 Use after free in TabStrip |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11633 Use after free in Bluetooth |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11634 Use after free in Gamepad |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11639 Use after free in Compositing |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11637 Use after free in Views |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11636 Use after free in Autofill |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11638 Use after free in Printing |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11640 Integer overflow in libyuv |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11642 Use after free in Web Apps |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11645 Out of bounds memory access in V8 |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11643 Use after free in Proxy |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11646 Use after free in ViewTransitions |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11657 Use after free in Payments |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11659 Insufficient validation of untrusted input in UI |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11663 Use after free in Skia |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11662 Type Confusion in Bindings |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11665 Out of bounds read in Dawn |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11668 Uninitialized Use in Codecs |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11669 Integer overflow in Media |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11670 Use after free in PDF |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11671 Use after free in Navigation |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11672 Out of bounds write in GPU |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11673 Use after free in InterestGroups |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11675 Insufficient validation of untrusted input in Skia |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11674 Use after free in Guest View |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11676 Insufficient validation of untrusted input in Dawn |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11677 Race in Network |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11679 Use after free in Codecs |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11682 Insufficient validation of untrusted input in Views |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11683 Use after free in WebCodecs |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11684 Insufficient policy enforcement in Network |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11687 Use after free in Dawn |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11688 Object lifecycle issue in SVG |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11689 Insufficient validation of untrusted input in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11690 Out of bounds read and write in Media |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11692 Use after free in Read Anything |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11693 Inappropriate implementation in Plugins |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11694 Use after free in ServiceWorker |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11695 Inappropriate implementation in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11696 Uninitialized Use in Video |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11700 Use after free in Tracing |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-12018 Inappropriate implementation Mojo |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12007 Use after free Core |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12017 Insufficient validation of untrusted input Extensions |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12014 Use after free Cast |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12013 Use after free Media |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12010 Heap buffer overflow GPU |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-12009 Insufficient validation of untrusted input Accessibility |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Chromium: CVE-2026-11648 Use after free in FullScreen |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11651 Use after free in Network |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11649 Use after free in V8 |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11654 Use after free in CameraCapture |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-12011 Use after free WebMIDI |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
CVE-2026-6429 netrc credential leak with reused proxy connection |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
CVE-2026-5545 wrong reuse of HTTP Negotiate connection |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
CVE-2026-6253 proxy credentials leak over redirect-to proxy |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
CVE-2026-7774 tarfile.data_filter path traversal bypass allows writing outside the extraction directory |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
CVE-2026-46433 lldpd: Heap OOB Read in VLAN Decapsulation memmove |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle |
advisory |
vendor-blogs |
|
|
2026-06-15 |
| unknown |
Close Encounters of the Human Kind |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
SD1775 | FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1777 | FactoryTalk® Analytics™ PavilionX™ - Improper API Authorization |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1773 | FactoryTalk Historian Site Edition - Multiple Vulnerabilities |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1776 | CompactLogix 5370 Controllers – Multiple Vulnerabilities |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1772 | Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
NCSC’s Horne warns UK infrastructure under sustained cyber pressure from Russia, China and Iran; urges resilience |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Manufacturing cyber threats shift toward identity-driven attacks as credential leaks and vishing surge, Doppel warns |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Accenture’s Dragos investment marks new phase for OT cybersecurity in critical infrastructure |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Accenture expands OT cybersecurity capabilities with Dragos stake, acquires runZero and NetRise |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
Dispel debuts Site Console to deliver on-prem zero trust remote access for NERC CIP-regulated OT environments |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
Klue OAuth breach victim list grows as Icarus hackers claim attack |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Texas govt data breach exposes over 3 million driver’s licenses |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Microsoft: June 2026 Windows updates break Recycle Bin prompts |
news |
general-news |
|
|
2026-06-19 |
| unknown |
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday |
news |
general-news |
|
|
2026-06-19 |
| unknown |
CISA warns Fortinet users to secure devices after FortiBleed leak |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Nintendo confirms data stolen in WebMD subsidiary cyberattack |
news |
general-news |
|
|
2026-06-18 |
| unknown |
USB worm spreads crypto-stealing malware via Windows shortcut files |
news |
general-news |
|
|
2026-06-18 |
| unknown |
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys |
news |
general-news |
|
|
2026-06-20 |
| unknown |
Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain |
news |
general-news |
|
|
2026-06-19 |
| unknown |
From Assistive to Agentic: The AI Shift That's Redefining Threat Management |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats |
news |
general-news |
|
|
2026-06-17 |
| unknown |
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution |
news |
general-news |
|
|
2026-06-17 |
| unknown |
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting |
news |
general-news |
|
|
2026-06-16 |
| unknown |
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw |
news |
general-news |
|
|
2026-06-16 |
| unknown |
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails |
news |
general-news |
|
|
2026-06-15 |
| unknown |
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Novo Nordisk Breach Exposes Software Development Pipeline Risk |
news |
general-news |
|
|
2026-06-18 |
| unknown |
Fileless Phantom Stealer Targets Browser Credentials |
news |
general-news |
|
|
2026-06-16 |
| unknown |
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence |
news |
general-news |
|
|
2026-06-16 |
| unknown |
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft |
news |
general-news |
|
|
2026-06-15 |
| unknown |
China-Nexus Actor Spies on US Researchers Undetected for a Year |
news |
general-news |
|
|
2026-06-15 |
| unknown |
FortiBleed: 86,000 Fortinet Device Credentials Compromised |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Majority of Internet-Accessible REDCap Servers Outdated |
news |
general-news |
|
|
2026-06-18 |
| unknown |
AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Confidence Lacks in Threat Detection Across Non-Email Channels like Slack and Teams |
news |
general-news |
|
|
2026-06-19 |
| unknown |
LATAM Infrastructure Hit by Fortinet and Ivanti Exploits |
news |
general-news |
|
|
2026-06-18 |
| unknown |
Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns |
news |
general-news |
|
|
2026-06-18 |
| unknown |
AI Threats and Alert Fatigue Challenge Cybersecurity Teams |
news |
general-news |
|
|
2026-06-17 |
| unknown |
EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks |
news |
general-news |
|
|
2026-06-17 |
| unknown |
Rokarolla Trojan Combines Banking Fraud With Device Surveillance |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Maine Takes Breach Reporting Portal Offline After Fake Entries |
news |
general-news |
|
|
2026-06-15 |
| unknown |
The systemd 261 release brings a software TPM, new OS installer |
news |
general-news |
|
|
2026-06-21 |
| unknown |
Klue breach lead to Salesforce data theft, Huntress affected |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Hostile states behind three-quarters of attacks on Britain's critical infrastructure, cyber chief warns |
news |
general-news |
|
|
2026-06-17 |
| unknown |
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April |
news |
general-news |
|
|
2026-06-17 |
| unknown |
AI’s constant patching treadmill can be a security problem |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Google exposes China espionage group that’s been lurking in networks undetected since 2023 |
news |
general-news |
|
|
2026-06-15 |