Main Menu
Cyber Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Law Enforcement Clears 15,000 SocGholish WordPress Sites
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Algerian Phishing Marketplace Operator Extradited to US
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
Elastic Exposes OXLOADER and CastleStealer in Russian Malvertising
Understanding Cloud Detection and Response (CDR) and Its Security Role
FFmpeg PixelSmash Heap Overflow Enables RCE in Media Apps
Microsoft AutoGen AI Framework Vulnerable to Localhost RCE
WhatsApp Phishing Deploys ManageEngine RMM Malware Across Continents
TeamPCP Open-Source Supply Chain Investigation Reveals Years of Access
Multiple Groups Exploit Critical FortiSandbox Flaws Across 200 Countries
Kodak Confirms Data Breach After ShinyHunters Sets Leak Deadline
F5 Emergency Patch: Critical NGINX Unauthenticated RCE Hits 40 Percent of Web Servers
Atlassian and Splunk Patch Critical Flaws: Splunk AI Toolkit RCE, Atlassian Dependencies
Critical Command Execution Vulnerability Patched in Cisco ISE
Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps
Phantom Stealer Fileless Malware Targets Browser Credentials in Memory
Application Security
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
Mitchell Langley June 29, 2026
Mozilla's 0DIN researchers show a clean GitHub repo can trick AI coding tools into running malware via DNS TXT records, bypassing security scanners entirely.
Cybersecurity
White House Cybersecurity Review Restricts GPT-5.6 and Anthropic
Mitchell Langley June 29, 2026
The Trump administration's ongoing national security review now restricts OpenAI's GPT-5.6 and Anthropic's full model program to government-vetted customers.
Application Security
Athena Coalition Finds 20,000+ Flaws in 500 Open-Source Projects
Gabby Lee June 29, 2026
The Athena coalition of about 24 companies including Docker, Cisco, and Cloudflare used AI to find 20,000+ vulnerabilities across 500 open-source projects.
Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Mitchell Langley June 24, 2026
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
Cybersecurity
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Andrew Doyle June 24, 2026
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
Application Security
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
Gabby Lee June 24, 2026
ShapedPlugin's plugin update system was compromised by attackers who pushed malicious code to paying WordPress customers through the company's verified official update channels.
Cybersecurity
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Mitchell Langley June 24, 2026
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Application Security
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Mitchell Langley June 24, 2026
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
CVE Vulnerability Alerts
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Gabby Lee June 24, 2026
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
Cybersecurity
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
Andrew Doyle June 24, 2026
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Application Security
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
Gabby Lee June 24, 2026
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
Cybersecurity
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gabby Lee June 24, 2026
Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M in damage and exposing customer ...
Cybersecurity
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Mitchell Langley June 24, 2026
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
Cybersecurity
Algerian Phishing Marketplace Operator Extradited to US
Andrew Doyle June 24, 2026
Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and Spoxy.
Application Security
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Gabby Lee June 24, 2026
Anthropic's Mythos AI found real vulnerabilities in classified US government systems during Project Glasswing testing, prompting federal access restrictions.
CVE Vulnerability Alerts
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
Andrew Doyle June 24, 2026
CVE-2026-20971 is a CVSS 7.8 use-after-free in Samsung KNOX's PROCA and FIVE subsystems, affecting Galaxy S9 through S25 across Android 13, 14, 15, and 16.
Cybersecurity
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Mitchell Langley June 24, 2026
Unit 42 found a macOS ClickFix variant using hdiutil to silently mount DMG files and deploy AMOS stealer, targeting crypto wallets and iCloud Keychain.
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Application Security
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Gabby Lee June 24, 2026
Four critical Dify vulnerabilities named DifyTap allow cross-tenant access to private AI chats, uploaded files, and internal APIs. Patched in version 1.14.2.
Application Security
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
Andrew Doyle June 24, 2026
Security firm AIR planted a fake AI agent skill that bypassed all scanners and reached 26,000 agents, exposing a supply chain flaw in AI skill ...
Cybersecurity
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
Mitchell Langley June 24, 2026
CSIS used a court-authorized warrant to remove foreign botnet malware from Canadian servers and IoT devices in a first use of its threat reduction powers.
Application Security
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
Mitchell Langley June 29, 2026
Cybersecurity
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gabby Lee June 24, 2026
Cybersecurity
Rokarolla Android Banking Trojan Targets 217 Banking and Crypto Apps
Gabby Lee June 23, 2026
Cybersecurity
Phantom Stealer Fileless Malware Targets Browser Credentials in Memory
Gabby Lee June 23, 2026

TOP CYBERSECURITY HEADLINES

Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Cybersecurity
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Application Security
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
Cybersecurity
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2

This Week’s Security Spotlight

Cybersecurity
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Mitchell Langley June 24, 2026
Application Security
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Gabby Lee June 24, 2026
Cybersecurity
Multiple Groups Exploit Critical FortiSandbox Flaws Across 200 Countries
Gabby Lee June 23, 2026
Atlassian and Splunk Patch Critical Flaws Splunk AI Toolkit RCE, Atlassian Dependencies
Cybersecurity
Atlassian and Splunk Patch Critical Flaws: Splunk AI Toolkit RCE, Atlassian Dependencies
Gabby Lee June 23, 2026
More In News
Trending
WhatsApp Phishing Deploys ManageEngine RMM Malware Across Continents
iRhythm Confirms PHI Exfiltration via Social Engineering
APT37 Deploys NarwhalRAT via Fake Microsoft Security Alerts
The Quarry PhaaS: IRS Lures, ConnectWise RAT, 500+ Victims

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Palo Alto Networks Uncovers 194,000-Domain Smishing Campaign Linked to “Smishing Triad”
October 28, 2025
Podcasts
Coveware Reports Historic Drop in Ransomware Payments: Only 23% of Victims Paid in Q3 2025
October 28, 2025
Podcasts
Firefox Add-Ons Must Declare Data Collection—or Be Rejected
October 28, 2025

Cyber Security News

Application Security
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
June 29, 2026
Cybersecurity
White House Cybersecurity Review Restricts GPT-5.6 and Anthropic
June 29, 2026
Application Security
Athena Coalition Finds 20,000+ Flaws in 500 Open-Source Projects
June 29, 2026
Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
June 24, 2026
Cybersecurity
Law Enforcement Clears 15,000 SocGholish WordPress Sites
June 24, 2026
Application Security
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
June 24, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
June 24, 2026
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
Law Enforcement Clears 15,000 SocGholish WordPress Sites
June 24, 2026
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
June 24, 2026
ShapedPlugin's plugin update system was compromised by attackers who pushed malicious code to paying WordPress customers through the company's verified official update channels.
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
June 24, 2026
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
June 24, 2026
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
June 24, 2026
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
June 24, 2026
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
June 24, 2026
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
Two Scattered Spider Members Plead Guilty in TfL Hack Case
June 24, 2026
Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M in damage and exposing customer ...
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
June 24, 2026
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
Algerian Phishing Marketplace Operator Extradited to US
June 24, 2026
Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and Spoxy.
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
June 24, 2026
Anthropic's Mythos AI found real vulnerabilities in classified US government systems during Project Glasswing testing, prompting federal access restrictions.
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
June 24, 2026
CVE-2026-20971 is a CVSS 7.8 use-after-free in Samsung KNOX's PROCA and FIVE subsystems, affecting Galaxy S9 through S25 across Android 13, 14, 15, and 16.
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
June 24, 2026
Unit 42 found a macOS ClickFix variant using hdiutil to silently mount DMG files and deploy AMOS stealer, targeting crypto wallets and iCloud Keychain.
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
June 24, 2026
Four critical Dify vulnerabilities named DifyTap allow cross-tenant access to private AI chats, uploaded files, and internal APIs. Patched in version 1.14.2.
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
June 24, 2026
Security firm AIR planted a fake AI agent skill that bypassed all scanners and reached 26,000 agents, exposing a supply chain flaw in AI skill ...
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
June 24, 2026
CSIS used a court-authorized warrant to remove foreign botnet malware from Canadian servers and IoT devices in a first use of its threat reduction powers.
Elastic Exposes OXLOADER and CastleStealer in Russian Malvertising
June 24, 2026
Elastic Security Labs exposed OXLOADER and CastleStealer — two new Russian-linked malware families spread via fake Google Ads targeting software downloaders.
Understanding Cloud Detection and Response (CDR) and Its Security Role
June 24, 2026
Learn what cloud detection and response (CDR) is, how it works, and practical steps to secure cloud workloads with real‑time threat visibility.
FFmpeg PixelSmash Heap Overflow Enables RCE in Media Apps
June 23, 2026
JFrog disclosed CVE-2026-8461, a critical heap overflow in FFmpeg's video decoder enabling remote code execution when processing malicious video files.
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Law Enforcement Clears 15,000 SocGholish WordPress Sites
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
Two Scattered Spider Members Plead Guilty in TfL Hack Case
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
Algerian Phishing Marketplace Operator Extradited to US
Anthropic’s Mythos AI Found Flaws in Classified US Government Systems
Samsung KNOX Kernel Flaw CVE-2026-20971 Affects Galaxy S9 to S25
macOS ClickFix Variant Silently Mounts DMG to Deploy AMOS Stealer
Dify DifyTap Flaws Expose Cross-Tenant AI App Data
Fake AI Agent Skill Reaches 26,000 Agents in Supply Chain Test
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
Elastic Exposes OXLOADER and CastleStealer in Russian Malvertising
Understanding Cloud Detection and Response (CDR) and Its Security Role
FFmpeg PixelSmash Heap Overflow Enables RCE in Media Apps