Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
June 24, 2026
Threat actor Icarus exploited Klue’s Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future
Identity and Access Management
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
CVE-2026-48558, a critical OIDC authentication bypass in SimpleHelp RMM, lets unauthenticated attackers gain full admin access on 14,000 exposed servers.
France’s Tchap Messaging App Breached, 643K Messages Exposed
ANSSI detected attackers who used a hijacked account and hardcoded LDAP credentials to breach Tchap, exposing 643,000 messages across 73,000 accounts.
Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
Microsoft identified Storm-3075 using ChatGPT, Claude, and DeepSeek brands in AiTM phishing that targeted over 2,000 organizations across the US, UK, and India.
Fake Claude Code Installers on Google Sites Steal AI API Keys
An active campaign uses 32 Google Sites pages to distribute credential malware targeting AI API keys, browser logins, and password managers from developers.
Fake Chrome Web Store DMCA Notices Target Extension Developers
Attackers send fake Chrome Web Store DMCA notices using real extension data to steal developer accounts and push malicious updates to millions of users.
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
Huntress disclosed a Windows Search URI handler flaw that silently sends NTLMv2 hashes to attacker servers with one click. Microsoft declined to patch.
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
A confused deputy flaw in Meta's AI support chatbot let attackers hijack Instagram accounts including @obamawhitehouse, Sephora, and U.S. Space Force.
UPDATE: Dashlane Confirms Encrypted Vaults Downloaded in Attack
Dashlane now confirms attackers downloaded encrypted password vaults from fewer than 20 accounts by brute-forcing 2FA codes to register unauthorized devices.
UPDATE: Dashlane Confirms Encrypted Vaults Downloaded in Attack
Dashlane now confirms attackers downloaded encrypted password vaults from fewer than 20 accounts by brute-forcing 2FA codes to register unauthorized devices.
CVE-2026-48558 Exposes 14,000 SimpleHelp RMM Servers to Auth Bypass
June 16, 2026
CVE-2026-48558, a critical OIDC authentication bypass in SimpleHelp RMM, lets unauthenticated attackers gain full admin access on 14,000 exposed servers.
France’s Tchap Messaging App Breached, 643K Messages Exposed
June 10, 2026
ANSSI detected attackers who used a hijacked account and hardcoded LDAP credentials to breach Tchap, exposing 643,000 messages across 73,000
Storm-3075 Uses ChatGPT and Claude Brands to Harvest Credentials
June 10, 2026
Microsoft identified Storm-3075 using ChatGPT, Claude, and DeepSeek brands in AiTM phishing that targeted over 2,000 organizations across the US,
Fake Claude Code Installers on Google Sites Steal AI API Keys
June 4, 2026
An active campaign uses 32 Google Sites pages to distribute credential malware targeting AI API keys, browser logins, and password
Fake Chrome Web Store DMCA Notices Target Extension Developers
June 4, 2026
Attackers send fake Chrome Web Store DMCA notices using real extension data to steal developer accounts and push malicious updates
Huntress Discloses Windows Search URI Flaw That Leaks NTLMv2 Hashes
June 3, 2026
Huntress disclosed a Windows Search URI handler flaw that silently sends NTLMv2 hashes to attacker servers with one click. Microsoft
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
June 2, 2026
A confused deputy flaw in Meta’s AI support chatbot let attackers hijack Instagram accounts including @obamawhitehouse, Sephora, and U.S. Space
UPDATE: Dashlane Confirms Encrypted Vaults Downloaded in Attack
June 2, 2026
Dashlane now confirms attackers downloaded encrypted password vaults from fewer than 20 accounts by brute-forcing 2FA codes to register unauthorized
UPDATE: Dashlane Confirms Encrypted Vaults Downloaded in Attack
June 2, 2026
Dashlane now confirms attackers downloaded encrypted password vaults from fewer than 20 accounts by brute-forcing 2FA codes to register unauthorized
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.