Six AirDrop and Quick Share Flaws Put 5B Devices at Risk
June 30, 2026
CISPA researchers disclosed six vulnerabilities in Apple AirDrop and Android Quick Share exposing more than five billion active devices to
Endpoint Security
Six AirDrop and Quick Share Flaws Put 5B Devices at Risk
CISPA researchers disclosed six vulnerabilities in Apple AirDrop and Android Quick Share exposing more than five billion active devices to proximity attacks.
SimpleHelp CVE-2026-48558 Exploited to Deploy Djinn Stealer
Attackers exploited SimpleHelp's OIDC authentication bypass CVE-2026-48558 to deploy Djinn Stealer and TaskWeaver within 13 days of initial disclosure.
CISA Confirms BlueHammer CVE-2026-33825 Used in Ransomware
CISA updated its KEV entry for CVE-2026-33825 to flag ransomware group exploitation of the Windows Defender privilege escalation flaw, first patched in April.
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
Microsoft removed 119 malicious Edge extensions in the StegoAd takedown, exposing a steganography campaign hiding malware in image and font files since 2021.
Hijacked npm and Go Packages Exploit VS Code MCP to Deploy Infostealer
Hijacked npm and Go packages exploit VS Code's MCP tasks to bypass npm lifecycle hook protections and deploy a cross-platform Python infostealer.
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
SimpleHelp CVE-2026-48558 Exploited to Deploy Djinn Stealer
June 30, 2026
Attackers exploited SimpleHelp’s OIDC authentication bypass CVE-2026-48558 to deploy Djinn Stealer and TaskWeaver within 13 days of initial disclosure.
CISA Confirms BlueHammer CVE-2026-33825 Used in Ransomware
June 30, 2026
CISA updated its KEV entry for CVE-2026-33825 to flag ransomware group exploitation of the Windows Defender privilege escalation flaw, first
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
June 29, 2026
Microsoft removed 119 malicious Edge extensions in the StegoAd takedown, exposing a steganography campaign hiding malware in image and font
Hijacked npm and Go Packages Exploit VS Code MCP to Deploy Infostealer
June 29, 2026
Hijacked npm and Go packages exploit VS Code’s MCP tasks to bypass npm lifecycle hook protections and deploy a cross-platform
Law Enforcement Clears 15,000 SocGholish WordPress Sites
June 24, 2026
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
June 24, 2026
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
June 24, 2026
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
June 24, 2026
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
June 24, 2026
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.