2026 January(387) February(431) March(447) April(451) May(495) June(21) July(0) August(0) September(0) October(0) November(0) December(0)
DATE |
NAME |
Info |
CATEG. |
WEB |
| 5.6.26 | Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites | Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to | Exploit | The Hacker News |
| 5.6.26 | FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins | Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 | Spam | The Hacker News |
| 5.6.26 | PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network | The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and | Hack | The Hacker News |
| 5.6.26 | Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public | Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, | Vulnerebility | The Hacker News |
| 5.6.26 | Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories | A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because | AI | The Hacker News |
| 5.6.26 | Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It | Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It | AI | The Hacker News |
| 4.6.26 | Gemini’s Secret Affair: Exploiting Gemini Voice Assistant Through Instant Messaging Apps | SafeBreach Labs researchers discovered a new security vulnerability that allows attackers to exploit Google Gemini through notification-based indirect prompt injections from messaging apps like WhatsApp, Slack, and SMS. | Hack | SAFEBREACH |
| 4.6.26 | Espionage Campaign Targeted Stock Exchange Executive for Five Months | Unknown attackers stole a senior executive's Outlook mailbox in incremental batches, exfiltrating through Dropbox and OneDrive Personal to keep the traffic indistinguishable from legitimate activity. | APT | SECURITY.COM |
| 4.6.26 | Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem | Check Point Research investigated a large-scale operation that impersonates open-source and freeware projects to capture search traffic, including lookalikes for researcher and security tooling such as Ghidra, dnSpy, and SpiderFoot. | Hack | CHECKPOINT |
| 4.6.26 | China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa | A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. | APT | The Hacker News |
| 4.6.26 | FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads | Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new | Virus | The Hacker News |
| 4.6.26 | Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS | Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting | Virus | The Hacker News |
| 4.6.26 | Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months | Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox | Hack | The Hacker News |
| 4.6.26 | DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets | The U.S. Department of Justice (DoJ) on Wednesday announced the results of a sweeping action undertaken by government authorities and | CyberCrime | The Hacker News |
| 4.6.26 | WhatsApp, Slack Notifications Could Hijack Google Gemini on Android | A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini's voice | Social | The Hacker News |
| 4.6.26 | One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens | Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's | Hack | The Hacker News |
| 4.6.26 | Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) | Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting | AI | The Hacker News |
| 4.6.26 | CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a | Exploit | The Hacker News |
| 4.6.26 | Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT | Cybersecurity researchers have flagged a new malspam campaign that makes use of Google's DoubleClick domain as a way to evade detection | Virus | The Hacker News |
| 3.6.26 | Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag | A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token | OS | The Hacker News |
| 3.6.26 | Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) | Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting | Vulnerebility | The Hacker News |
| 3.6.26 | Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes | Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords. | Vulnerebility | VARONIS |
| 3.6.26 | FSB’s matryoshka #1/3 – Gamaredon’s gifts that keeps unpacking – GammaPhish and GammaWorm | Gamaredon is a cyberespionage group specialized in long-term and persistent intrusion operations targeting Ukraine. Officially operated by Russia’s FSB, the group is focusing government, military, and critical infrastructure networks, and is still actively operating at the time of this publication. | Virus | SEKOIA BLOG |
| 3.6.26 | FSB’s matryoshka #2/3 – Gamaredon’s gifts that keeps unpacking – GammaLoad | Gamaredon is a cyberespionage group specialized in long-term and persistent intrusion operations targeting Ukraine. Officially operated by Russia’s FSB, the group is focusing government, military, and critical infrastructure networks, and is still actively operating at the time of this publication. | Virus | SEKOIA BLOG |
| 3.6.26 | One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens | Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user's | Hack | The Hacker News |
| 3.6.26 | Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes | Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user's NTLMv2 hash to the attacker. | Vulnerebility | The Hacker News |
| 3.6.26 | New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare | Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, | Attack | The Hacker News |
| 3.6.26 | Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content | Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems. The Minecraft-focused malware-as-a-service | Virus | The Hacker News |
| 3.6.26 | Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited | Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, | OS | The Hacker News |
| 3.6.26 | Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine | The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple | Exploit | The Hacker News |
| 3.6.26 | Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic | Vulnerebility | The Hacker News |
| 2.6.26 | New Wave Of Phishing Emails with SVG Files | For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. | Phishing | SANS |
| 2.6.26 | Wardriving assessment across Mexico: Preparing for the 2026 World Cup | In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential exposure risks. | CyberCrime | SECURELIST |
| 2.6.26 | Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT | Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote | APT | The Hacker News |
| 2.6.26 | Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded | Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded | Hack | The Hacker News |
| 2.6.26 | Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm | A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma , has compromised @redhat-cloud-services packages to steal | Hack | The Hacker News |
| 1.6.26 | China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan | A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic | APT | The Hacker News |
| 1.6.26 | Containers on fire: from container escapes to supply chain attacks | We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, API compromise, and supply chain attacks. | Hack | SECURELIST |
| 1.6.26 | What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant | Containerization using Docker has become firmly established in modern development standards, significantly increasing the speed and convenience of deploying various services. Developers often use ready-made Docker images, making only minimal changes. The largest repository of container images is the Docker Hub service. | AI | SECURELIST |
| 1.6.26 | Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years | In late April 2026, a client reached out to us for incident response support after discovering a miner running on users’ computers. We later discovered that the malware was being distributed via illegal movie and TV show streaming sites. | CyberCrime | SECURELIST |
| 1.6.26 | OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack | Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui- | AI | The Hacker News |
| 1.6.26 | Unidentified RAT pushes NetSupport RAT | This diary provides indicators from an unidentified RAT infection on Wednesday 2026-05-27 that was followed by a malicious NetSupport Manager RAT package. | Virus | SANS |
| 1.6.26 | YARA-X 1.17.0 Release | YARA-X's 1.17.0 release brings 5 improvements (several performance improvements) and 1 bugfix. | Security | SANS |
| 1.6.26 | Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts | Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro , a WordPress plugin that has had over 15,000 | Exploit | The Hacker News |
| 1.6.26 | Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices | Dutch authorities have announced the takedown of a botnet that enslaved millions of infected devices, including computers, tablets, smartphones, and IoT devices, to carry out malicious attacks. The bot network, per the Dutch Politie and the National Cyber Security Center (NCSC), consisted of at least 17 million infected devices. | BotNet | The Hacker News |