ARTICLES 2026 JUNE January(387) February(431) March(447) April(451) May(495) June(21) July(0) August(0) September(0) October(0) November(0) December(0)
DATE |
NAME |
Info |
CATEG. |
WEB |
| 3.6.26 | One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens | Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's | Hack | The Hacker News |
| 3.6.26 | Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes | Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker. | Vulnerebility | The Hacker News |
| 3.6.26 | New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare | Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, | Attack | The Hacker News |
| 3.6.26 | Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content | Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems. The Minecraft-focused malware-as-a-service | Virus | The Hacker News |
| 3.6.26 | Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited | Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, | OS | The Hacker News |
| 3.6.26 | Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine | The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple | Exploit | The Hacker News |
| 3.6.26 | Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic | Vulnerebility | The Hacker News |
| 2.6.26 | New Wave Of Phishing Emails with SVG Files | For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. | Phishing | SANS |
| 2.6.26 | Wardriving assessment across Mexico: Preparing for the 2026 World Cup | In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential exposure risks. | CyberCrime | SECURELIST |
| 2.6.26 | Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT | Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote | APT | The Hacker News |
| 2.6.26 | Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded | Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded | Hack | The Hacker News |
| 2.6.26 | Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm | A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma , has compromised @redhat-cloud-services packages to steal | Hack | The Hacker News |
| 1.6.26 | China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan | A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic | APT | The Hacker News |
| 1.6.26 | Containers on fire: from container escapes to supply chain attacks | We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, API compromise, and supply chain attacks. | Hack | SECURELIST |
| 1.6.26 | What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant | Containerization using Docker has become firmly established in modern development standards, significantly increasing the speed and convenience of deploying various services. Developers often use ready-made Docker images, making only minimal changes. The largest repository of container images is the Docker Hub service. | AI | SECURELIST |
| 1.6.26 | Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years | In late April 2026, a client reached out to us for incident response support after discovering a miner running on users’ computers. We later discovered that the malware was being distributed via illegal movie and TV show streaming sites. | CyberCrime | SECURELIST |
| 1.6.26 | OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack | Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui- | AI | The Hacker News |
| 1.6.26 | Unidentified RAT pushes NetSupport RAT | This diary provides indicators from an unidentified RAT infection on Wednesday 2026-05-27 that was followed by a malicious NetSupport Manager RAT package. | Virus | SANS |
| 1.6.26 | YARA-X 1.17.0 Release | YARA-X's 1.17.0 release brings 5 improvements (several performance improvements) and 1 bugfix. | Security | SANS |
| 1.6.26 | Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts | Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro , a WordPress plugin that has had over 15,000 | Exploit | The Hacker News |
| 1.6.26 | Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices | Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The bot network, per the Dutch Politie and the National Cyber Security Center (NCSC), consisted of at least 17 million infected devices. | BotNet | The Hacker News |