Threat actors are actively exploiting [CVE-2026-3300](https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html), a critical remote code execution vulnerability in **Everest Forms Pro**, a premium Wor
Yesterday's security feed delivered a trio of attacks that weaponize trust — in software distribution, in payment processors, and in password managers — while the NSA reportedly put an Anthropic AI model to work in offen
Cisco has issued an urgent advisory for [CVE-2026-20245](https://www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/), a high-severity privilege escalation zero-day in
A threat actor tracked as **PCPJack** has quietly compromised at least 230 cloud servers across Amazon Web Services, Google Cloud Platform, and Microsoft Azure, repurposing them as a covert SMTP email relay network, [acc
Cisco has patched a critical flaw in Unified Communications Manager (Unified CM) — **CVE-2026-20230** — that lets an unauthenticated attacker on the same network write arbitrary files to the device and chain that primiti
Three security disclosures landed in the same day — a password manager breach with minimal explanation, a notification-delivered AI hijack, and wellness data stolen through an internal tool — while bot traffic quietly cr
CISA has added **CVE-2026-45247** to its [Known Exploited Vulnerabilities (KEV) catalog](https://thehackernews.com/2026/06/cisa-adds-exploited-magento-rce-flaw.html), confirming active in-the-wild exploitation of a criti
A Chinese-speaking threat actor has expanded operations into Europe, deploying a previously undocumented remote access trojan called Atlas alongside an additional backdoor component, according to [BleepingComputer](https
A coordinated advisory from CISA, the FBI, the NSA, the Department of Energy, and several other U.S. government agencies is warning that threat actors are actively targeting internet-exposed **automatic tank gauge (ATG)*
Researchers have publicly disclosed a remote denial-of-service vulnerability dubbed **HTTP/2 Bomb** that exploits behavior in the HTTP/2 protocol itself. According to [The Hacker News](https://thehackernews.com/2026/06/n
Microsoft Build 2026 and a Sony PlayStation showcase competed for headlines yesterday, but the sharpest signal came from security researchers watching AI migrate from productivity tool to attack infrastructure.
A working exploit for an unpatched Visual Studio Code vulnerability is now public, and it does something particularly damaging: steal GitHub authentication tokens with a single click from the victim.
A large-scale malware campaign called **WeedHack** has compromised more than 116,000 systems running Minecraft since January 2026, according to [BleepingComputer](https://www.bleepingcomputer.com/news/security/over-116-0
Attackers are actively exploiting a critical privilege escalation vulnerability in the Kirki Customizer Framework plugin for WordPress, using it to silently promote themselves to administrator on any site running a vulne
Russia-linked **Gamaredon** (also tracked as Armageddon, Shuckworm, UAC-0010) is [actively weaponizing CVE-2025-8088](https://thehackernews.com/2026/06/gamaredon-exploits-winrar-to-deliver.html), a path traversal flaw in
The day's sharpest signal: AI being weaponized as an attack surface — Meta's own support chatbot handing hackers control of high-profile Instagram accounts with no credential theft required. In the background, capital is
On May 31, 2026, Dashlane [disclosed](https://thehackernews.com/2026/06/dashlane-discloses-brute-force-attack.html) that an external threat actor conducted a brute-force attack against its systems and successfully downlo
A threat actor tracked as **DriveSurge** is actively compromising thousands of websites and injecting malicious JavaScript that delivers malware to visitors through two well-worn but effective techniques: [ClickFix and F
More than 30 npm packages under Red Hat's `@redhat-cloud-services` namespace were compromised in a confirmed supply-chain attack, [per BleepingComputer](https://www.bleepingcomputer.com/news/security/red-hat-npm-packages
A supply chain attack campaign dubbed **Miasma** has compromised dozens of packages published under Red Hat's official `@redhat-cloud-services` npm organization, injecting a credential-stealing, self-propagating worm int
Belgium's Centre for Cybersecurity (CCB) issued an emergency warning Friday: threat actors are **actively exploiting** a recently patched critical remote code execution vulnerability in Windows Netlogon. This has moved f
Threat actors are actively exploiting a critical vulnerability in **WP Maps Pro**, a commercial WordPress plugin with over 15,000 sales on Envato Market, to register unauthorized administrator accounts on unpatched sites
Computex 2026 kicks off in Taipei with AMD, Dell, Alienware, and Nvidia all jostling for position, but the more telling moves are happening off the show floor: Microsoft is accelerating its decoupling from OpenAI, and th
Researchers at PromptArmor [documented a data exfiltration vulnerability](https://www.promptarmor.com/resources/gpt-for-google-sheets-data-exfiltration) in the popular "GPT for Google Sheets" add-on — a widely installed
Dutch authorities — the National Police (*Politie*) and the National Cyber Security Center (NCSC) — have [announced the takedown of a large-scale botnet](https://thehackernews.com/2026/05/dutch-authorities-dismantle-botn
Threat actors are actively exploiting a critical authentication bypass vulnerability in **WP Maps Pro**, a commercial WordPress plugin used to embed interactive maps. The flaw lets unauthenticated remote attackers regist
The AI capital machine is running at full speed, while cracks in enterprise AI credibility widen in exactly the places that should worry practitioners most.
Microsoft has begun converting perpetually-licensed copies of Office 2019 and Office 2021 for Mac into view-only mode, stripping editing capability from software users paid full price to own indefinitely. According to [d
Palo Alto Networks has confirmed that attackers are actively exploiting [CVE-2026-0257](https://www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/), a critical a
A researcher operating under the handle **Nightmare Eclipse** has published proof-of-concept (PoC) exploit code for one or more unpatched Microsoft zero-day vulnerabilities, touching off a public dispute with the company
A newly disclosed local privilege escalation (LPE) vulnerability, dubbed **CIFSwitch**, has been found in the Linux kernel. [BleepingComputer reports](https://www.bleepingcomputer.com/news/security/new-cifswitch-linux-fl
Two separate research disclosures landed on the same day showing how OpenAI's own platform is being turned against its users — while SpaceX quietly collected over ten billion dollars in government contracts before the we
**A confirmed authentication bypass in Palo Alto Networks PAN-OS and Prisma Access is actively being exploited in the wild.** If GlobalProtect is your VPN gateway, patching is not optional — it is overdue.
Dutch authorities have [taken offline a massive botnet comprising 17 million infected devices](https://www.bleepingcomputer.com/news/security/dutch-govt-disrupts-malware-botnet-with-17-million-infected-devices/) and seiz
Anthropic today sealed a $65 billion round at a valuation approaching a trillion dollars and confirmed its most capable models are coming to the public — while Blue Origin's New Glenn rocket turned a Florida test stand i
**ShinyHunters** — the extortion gang behind the Ticketmaster, Santander, and AT&T breaches — has claimed another major US telecom. The group hacked Charter Communications in early April 2026, exfiltrating personal data
Between March and April 2026, the North Korean state-sponsored group Kimsuky (also tracked as Velvet Chollima) [ran a targeted campaign](https://thehackernews.com/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html) aga
A developer has deliberately embedded a hidden prompt injection into **jqwik**, a widely-used Java property-based testing library, instructing AI coding agents to silently delete application output when they process the
Threat actors are actively exploiting a critical vulnerability in Fortinet's FortiClient Endpoint Management Server (EMS) to deploy credential-stealing malware across managed enterprise environments, [according to The Ha
A zero-day vulnerability in [Gogs](https://gogs.io/), the popular self-hosted Git service, is actively exploitable and currently has **no patch**. According to [BleepingComputer](https://www.bleepingcomputer.com/news/sec
A previously unknown threat actor, tracked as **JINX-0164**, is running an active campaign against cryptocurrency organizations — using fake recruitment outreach to deliver custom macOS malware with the explicit goal of
Carnival Corporation — the world's largest cruise line operator, whose brands include Princess Cruises, Holland America, Cunard, and Costa — has [officially confirmed a data breach affecting nearly 6 million individuals]
The day's clearest story was a Google engineer allegedly playing a prediction market like a personal ATM funded by his employer's nonpublic data — but running through everything else is a more structural shift: AI is res
A third-party UK visa application portal has been leaking the passport scans, selfies, and location data of thousands of applicants — and as of publication, [the leak remains unpatched](https://techcrunch.com/2026/05/27/
Threat actors are running a coordinated cryptojacking campaign that has found a novel distribution channel: poisoning search engine results and manipulating AI chatbot responses to steer victims toward malware-laced down
Security researchers at OX Security have [identified a malicious package on the npm registry](https://thehackernews.com/2026/05/malicious-npm-package-stole-files-from.html) named **`mouse5212-super-formatter`** that sile
A newly disclosed vulnerability in Gitea — the popular self-hosted Git and container registry platform — allows any unauthenticated remote attacker to pull private container images from an exposed Gitea instance. No acco
The U.S. Cybersecurity and Infrastructure Security Agency has added a critical vulnerability in the LiteSpeed cPanel user-end plugin to its [Known Exploited Vulnerabilities catalog](https://www.bleepingcomputer.com/news/
Yesterday's feed crystallized around two questions that matter beyond any individual story: what does it mean when AI makes software vulnerability debt measurable at scale for the first time, and what happens to an infer
A third-party website used in the UK visa application process has been leaking applicants' passport scans and facial selfies to unauthenticated users — and as of this writing, [the leak remains unpatched](https://techcru