Cyber Security
Application Security
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
Microsoft removed 119 malicious Edge extensions in the StegoAd takedown, exposing a steganography campaign hiding malware in image and font files since 2021.
Application Security
Public PoC Drops for Critical libssh2 Flaw CVE-2026-55200
A public PoC exploit for CVE-2026-55200, a CVSS 9.2 out-of-bounds write in libssh2, is live with no fixed tagged release available for curl, Git, and ...
Application Security
Hijacked npm and Go Packages Exploit VS Code MCP to Deploy Infostealer
Hijacked npm and Go packages exploit VS Code's MCP tasks to bypass npm lifecycle hook protections and deploy a cross-platform Python infostealer.
Cybersecurity
SBU and FBI Expose Russian FSB and GRU Signal Key Theft Campaign
Ukraine's SBU and the FBI jointly exposed campaigns by Russian FSB-linked UNC5792 and GRU-linked UNC4221 stealing Signal and WhatsApp backup recovery keys.
Cybersecurity
US Offers $10M Bounty for Russian Hackers UNC5792 and UNC4221
The US State Department's Rewards for Justice program offers $10 million for intelligence on UNC5792 and UNC4221, Russian groups targeting Signal accounts.
Application Security
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
Mozilla's 0DIN researchers show a clean GitHub repo can trick AI coding tools into running malware via DNS TXT records, bypassing security scanners entirely.
Cybersecurity
White House Cybersecurity Review Restricts GPT-5.6 and Anthropic
The Trump administration's ongoing national security review now restricts OpenAI's GPT-5.6 and Anthropic's full model program to government-vetted customers.
Application Security
Athena Coalition Finds 20,000+ Flaws in 500 Open-Source Projects
The Athena coalition of about 24 companies including Docker, Cisco, and Cloudflare used AI to find 20,000+ vulnerabilities across 500 open-source projects.
Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
Cybersecurity
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
Application Security
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
ShapedPlugin's plugin update system was compromised by attackers who pushed malicious code to paying WordPress customers through the company's verified official update channels.
Cybersecurity
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Application Security
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
CVE Vulnerability Alerts
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
Cybersecurity
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Application Security
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
Cybersecurity
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M in damage and exposing customer ...
Cybersecurity
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
Cybersecurity
Algerian Phishing Marketplace Operator Extradited to US
Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and Spoxy.
Application Security
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Anthropic's Mythos AI found real vulnerabilities in classified US government systems during Project Glasswing testing, prompting federal access restrictions.
Application Security
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
Application Security
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
TOP CYBERSECURITY HEADLINES
Application Security
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
This Week’s Security Spotlight
Application Security
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
SBU and FBI Expose Russian FSB and GRU Signal Key Theft Campaign
Ukraine's SBU and the FBI jointly exposed campaigns by Russian FSB-linked UNC5792 and GRU-linked UNC4221 stealing Signal and WhatsApp backup recovery keys.
US Offers $10M Bounty for Russian Hackers UNC5792 and UNC4221
The US State Department's Rewards for Justice program offers $10 million for intelligence on UNC5792 and UNC4221, Russian groups targeting Signal accounts.
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
Mozilla's 0DIN researchers show a clean GitHub repo can trick AI coding tools into running malware via DNS TXT records, bypassing security scanners entirely.
White House Cybersecurity Review Restricts GPT-5.6 and Anthropic
The Trump administration's ongoing national security review now restricts OpenAI's GPT-5.6 and Anthropic's full model program to government-vetted customers.
Athena Coalition Finds 20,000+ Flaws in 500 Open-Source Projects
The Athena coalition of about 24 companies including Docker, Cisco, and Cloudflare used AI to find 20,000+ vulnerabilities across 500 open-source projects.
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
ShapedPlugin's plugin update system was compromised by attackers who pushed malicious code to paying WordPress customers through the company's verified official update channels.
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M in damage and exposing customer ...
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
Algerian Phishing Marketplace Operator Extradited to US
Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and Spoxy.
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Anthropic's Mythos AI found real vulnerabilities in classified US government systems during Project Glasswing testing, prompting federal access restrictions.
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
CVE-2026-20971 is a CVSS 7.8 use-after-free in Samsung KNOX's PROCA and FIVE subsystems, affecting Galaxy S9 through S25 across Android 13, 14, 15, and 16.
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Unit 42 found a macOS ClickFix variant using hdiutil to silently mount DMG files and deploy AMOS stealer, targeting crypto wallets and iCloud Keychain.
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Four critical Dify vulnerabilities named DifyTap allow cross-tenant access to private AI chats, uploaded files, and internal APIs. Patched in version 1.14.2.