Main Menu
Cyber Security
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack
Hola Browser for Windows Bundled Monero Miner in Supply Chain Hit
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
Supreme Court Upholds $200M FCC Fines on AT&T and Verizon
FTC Seeks Public Comment on X Corp Bid to Void Twitter Settlement
CISA Orders Patch for Linux Container Escape CVE-2022-0492
Cybersecurity
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
Andrew Doyle June 2, 2026
Scammers have spoofed the PSNI's official switchboard number to impersonate officers and pressure victims into buying gift cards in a vishing campaign.
Cybersecurity
GTA Cheat Service Atlas Menu Hacked; 64,000 Records Exposed
Mitchell Langley June 2, 2026
Atlas Menu, a paid GTA Online cheat service, was breached and 64,000 user records published on GitHub, with the attacker alleging spyware behavior.
Cybersecurity
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
Andrew Doyle June 2, 2026
Over 5,000 election-themed domains registered between April and May 2026 form phishing infrastructure targeting voters, campaign staff, and election workers.
Cybersecurity
UPDATE: Dashlane Confirms Encrypted Vaults Downloaded in Attack
Andrew Doyle June 2, 2026
Dashlane now confirms attackers downloaded encrypted password vaults from fewer than 20 accounts by brute-forcing 2FA codes to register unauthorized devices.
Cybersecurity
ShadowByt3$ Ransomware Hits Syngenta’s Cropwise Platform
Andrew Doyle June 2, 2026
ShadowByt3$ ransomware claims unauthorized access to Cropwise, Syngenta's precision agriculture platform, stealing GIS data, yield models, and API keys.
Cybersecurity
TheGentlemen Ransomware Lists US Water Utility Suburban Water
Andrew Doyle June 2, 2026
TheGentlemen ransomware posted Suburban Water, a US critical infrastructure water utility, among 14 victims across five sectors in a 46-minute window.
CVE Vulnerability Alerts
NIST Inspector General: NVD Backlog Hits 27,000 CVEs
Mitchell Langley June 2, 2026
A NIST Inspector General report finds the NVD backlog has grown to over 27,000 unprocessed CVEs, degrading enterprise vulnerability management programs.
Application Security
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
Gabby Lee June 2, 2026
CVE-2026-8633 is a CVSS 9.8 unauthenticated RCE in IBM WebSphere's Web Server Plug-ins. Patches are available for WebSphere 8.5 and 9.0 and Liberty builds.
Cybersecurity
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
Mitchell Langley June 2, 2026
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan's Finance Ministry, deploying Xeno RAT for full system access and exfil.
Application Security
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
Mitchell Langley June 2, 2026
A confused deputy flaw in Meta's AI support chatbot let attackers hijack Instagram accounts including @obamawhitehouse, Sephora, and U.S. Space Force.
Application Security
Red Hat npm Packages Backdoored with Miasma Credential Worm
Andrew Doyle June 2, 2026
Attackers backdoored 32 Red Hat npm packages with the Miasma worm, stealing CI/CD secrets, cloud keys, and SSH keys across roughly 80,000 weekly downloads.
CVE Vulnerability Alerts
Google Patches Android Zero-Day CVE-2025-48595 Under Active Exploit
Mitchell Langley June 2, 2026
Google confirmed CVE-2025-48595, a no-interaction privilege escalation flaw in Android 14–16, is under active targeted attack. Patches arrive June 5.
CVE Vulnerability Alerts
CVE-2026-41089 Exploited: Windows Netlogon RCE Under Active Attack
Gabby Lee June 1, 2026
Belgium's CCB confirmed active exploitation of CVE-2026-41089, a CVSS 9.8 unauthenticated Windows Netlogon RCE affecting all supported Windows Server versions.
Application Security
Malicious npm Package codexui-android Steals OpenAI Tokens at Scale
Gabby Lee June 1, 2026
A malicious npm package named codexui-android harvested OpenAI Codex authentication tokens from developers at roughly 29,000 weekly downloads before removal.
Application Security
WP Maps Pro Flaw Exploited to Create Unauthorized Admin Accounts
Mitchell Langley June 1, 2026
An unauthenticated privilege escalation flaw in WP Maps Pro, a WordPress plugin with 15,000 paid sites, is actively exploited to create unauthorized administrator accounts.
CVE Vulnerability Alerts
PAN-OS CVE-2026-0257 Exploited Just 4 Days After Public Disclosure
Andrew Doyle June 1, 2026
CVE-2026-0257, a PAN-OS GlobalProtect authentication bypass, saw active exploitation begin just four days after public disclosure, with attacks ongoing for weeks.
CVE Vulnerability Alerts
CIFSwitch Linux Kernel Flaw Gets Public PoC, Root Access Possible
Mitchell Langley June 1, 2026
CIFSwitch is a 19-year-old Linux kernel privilege escalation flaw with a public PoC that enables root access on Ubuntu, RHEL, Debian, and other distributions.
Application Security
Public Exploit Raises Flowise CVE-2026-40933 RCE to Immediate Risk
Andrew Doyle June 1, 2026
Public exploit code for CVE-2026-40933 now targets Flowise, a self-hosted AI chatflow builder, via a one-click malicious import that executes arbitrary code on the server.
Cybersecurity
Western Officials Warn Russia Steals Tech Via Shell Firms and Hacks
Gabby Lee June 1, 2026
Western intelligence officials issued a coordinated warning that Russian state actors are using shell companies, false recruiters, and cyber operations to steal sanctioned technology.
Cybersecurity
Dashlane Suspends Accounts After Multi-Country Brute-Force Campaign
Gabby Lee June 1, 2026
Dashlane temporarily suspended customer accounts after detecting coordinated brute-force login attempts originating from multiple countries simultaneously targeting its login infrastructure.
Application Security
Microsoft Patches Exploited Exchange XSS as Secure Boot Deadline Looms
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026
CVE Vulnerability Alerts
Check Point VPN CVE-2026-50751 Exploited by Qilin Before Patch Release
Andrew Doyle June 9, 2026
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Mitchell Langley June 9, 2026

TOP CYBERSECURITY HEADLINES

TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Cybersecurity
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Application Security
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Cybersecurity
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
Cybersecurity
TVING Data Breach Triggers South Korean Government Probe

This Week’s Security Spotlight

Application Security
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
Gabby Lee June 8, 2026
CVE Vulnerability Alerts
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
Andrew Doyle June 8, 2026
CVE Vulnerability Alerts
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Gabby Lee June 5, 2026
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
Gabby Lee June 5, 2026
More In News
Trending
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
PSNI Phone Number Spoofed in Gift Card Vishing Campaign
5,000 Election Phishing Domains Pre-Stage US Midterm Attacks

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Featured Videos​

Podcasts

Podcasts
Adobe Confirms Active Exploitation of SessionReaper Vulnerability in Commerce Platforms
October 24, 2025
Podcasts
AI Sidebar Spoofing: How Malicious Extensions Hijack ChatGPT and Perplexity Interfaces
October 24, 2025
Podcasts
Jewett-Cameron Reports Ransomware Breach Involving Encryption and Data Theft
October 23, 2025

Cyber Security News

Cybersecurity
Russia Seeks Extremist Label for Cyber Partisans and Silent Crow
June 5, 2026
Cybersecurity
Play Ransomware Hits Law Firm, Food Tech, Church, and Factory
June 5, 2026
Cybersecurity
Akira Threatens to Publish 53 GB from US Parts Maker and Ohio MLS
June 5, 2026
Cybersecurity
Qilin Ransomware Hits Avcon Jet, Slovenian Food Group, and Trican
June 5, 2026
Cybersecurity
TheGentlemen Hits Saudi Arabia, India, Thailand, and Portugal
June 5, 2026
Cybersecurity
WorldLeaks Targets Thai Infrastructure Giant CH Karnchang
June 5, 2026
  • All
  • Application Security
  • Blog
  • CVE Vulnerability Alerts
  • Cybersecurity
  • Cybersecurity Newsletter
  • Data Security
  • Endpoint Security
  • Identity and Access Management
  • Information Security
  • Network Security
  • News
  • Phishing
  • Podcasts
  • Product Reviews
  • Ransomware
  • Ransomware Victims
  • Resources
  • Security Spotlight
  • Sponsored
  • Threat Actors
  • Threat Actors
  • Threat Detection Tools
UPDATE: Dashlane Confirms Encrypted Vaults Downloaded in Attack
June 2, 2026
Dashlane now confirms attackers downloaded encrypted password vaults from fewer than 20 accounts by brute-forcing 2FA codes to register unauthorized devices.
ShadowByt3$ Ransomware Hits Syngenta’s Cropwise Platform
June 2, 2026
ShadowByt3$ ransomware claims unauthorized access to Cropwise, Syngenta's precision agriculture platform, stealing GIS data, yield models, and API keys.
TheGentlemen Ransomware Lists US Water Utility Suburban Water
June 2, 2026
TheGentlemen ransomware posted Suburban Water, a US critical infrastructure water utility, among 14 victims across five sectors in a 46-minute window.
NIST Inspector General: NVD Backlog Hits 27,000 CVEs
June 2, 2026
A NIST Inspector General report finds the NVD backlog has grown to over 27,000 unprocessed CVEs, degrading enterprise vulnerability management programs.
IBM WebSphere CVE-2026-8633: CVSS 9.8 No-Auth RCE Flaw Patched
June 2, 2026
CVE-2026-8633 is a CVSS 9.8 unauthenticated RCE in IBM WebSphere's Web Server Plug-ins. Patches are available for WebSphere 8.5 and 9.0 and Liberty builds.
SideCopy APT Targets Afghan Finance Ministry with Xeno RAT
June 2, 2026
Pakistan-attributed SideCopy APT used Pashto-language LNK lures against Afghanistan's Finance Ministry, deploying Xeno RAT for full system access and exfil.
Meta AI Chatbot Flaw Lets Attackers Hijack Instagram Accounts
June 2, 2026
A confused deputy flaw in Meta's AI support chatbot let attackers hijack Instagram accounts including @obamawhitehouse, Sephora, and U.S. Space Force.
Red Hat npm Packages Backdoored with Miasma Credential Worm
June 2, 2026
Attackers backdoored 32 Red Hat npm packages with the Miasma worm, stealing CI/CD secrets, cloud keys, and SSH keys across roughly 80,000 weekly downloads.
Google Patches Android Zero-Day CVE-2025-48595 Under Active Exploit
June 2, 2026
Google confirmed CVE-2025-48595, a no-interaction privilege escalation flaw in Android 14–16, is under active targeted attack. Patches arrive June 5.
CVE-2026-41089 Exploited: Windows Netlogon RCE Under Active Attack
June 1, 2026
Belgium's CCB confirmed active exploitation of CVE-2026-41089, a CVSS 9.8 unauthenticated Windows Netlogon RCE affecting all supported Windows Server versions.
Malicious npm Package codexui-android Steals OpenAI Tokens at Scale
June 1, 2026
A malicious npm package named codexui-android harvested OpenAI Codex authentication tokens from developers at roughly 29,000 weekly downloads before removal.
WP Maps Pro Flaw Exploited to Create Unauthorized Admin Accounts
June 1, 2026
An unauthenticated privilege escalation flaw in WP Maps Pro, a WordPress plugin with 15,000 paid sites, is actively exploited to create unauthorized administrator accounts.
PAN-OS CVE-2026-0257 Exploited Just 4 Days After Public Disclosure
June 1, 2026
CVE-2026-0257, a PAN-OS GlobalProtect authentication bypass, saw active exploitation begin just four days after public disclosure, with attacks ongoing for weeks.
CIFSwitch Linux Kernel Flaw Gets Public PoC, Root Access Possible
June 1, 2026
CIFSwitch is a 19-year-old Linux kernel privilege escalation flaw with a public PoC that enables root access on Ubuntu, RHEL, Debian, and other distributions.
Public Exploit Raises Flowise CVE-2026-40933 RCE to Immediate Risk
June 1, 2026
Public exploit code for CVE-2026-40933 now targets Flowise, a self-hosted AI chatflow builder, via a one-click malicious import that executes arbitrary code on the server.
Western Officials Warn Russia Steals Tech Via Shell Firms and Hacks
June 1, 2026
Western intelligence officials issued a coordinated warning that Russian state actors are using shell companies, false recruiters, and cyber operations to steal sanctioned technology.
Dashlane Suspends Accounts After Multi-Country Brute-Force Campaign
June 1, 2026
Dashlane temporarily suspended customer accounts after detecting coordinated brute-force login attempts originating from multiple countries simultaneously targeting its login infrastructure.
Russia Sends Submarines to Survey UK Undersea Internet Cables
June 1, 2026
UK officials confirmed Russian submarines are surveying critical undersea cables, prompting Royal Navy deployment and emergency legislation to protect national communications infrastructure.
Microsoft: 14 npm Packages Linked to Single Actor Stealing AWS Keys
June 1, 2026
Microsoft attributed 14 malicious npm packages impersonating OpenSearch and Elasticsearch to a single threat actor who stole AWS credentials and CI/CD secrets from developer environments.
NC Man Gets 121 Months for Selling Elderly Americans’ Data to Scammers
June 1, 2026
Troy Murray, 57, of North Carolina was sentenced to 121 months in prison and ordered to forfeit $5.2 million for selling elderly Americans' data to ...
TheGentlemen Ransomware Posts 12 Victims in One Day Across 8 Countries
Gogs 0.14.3 Patches Critical RCE Zero-Day After 10 Days Without Fix
Akira, Qilin, and Nightspire Post 4 Victims on Ransomware Leak Sites
What Is Dropper Malware and How Does It Evade Detection
TVING Data Breach Triggers South Korean Government Probe
AI Agent Finds 21 FFmpeg Zero-Days Including Unauthenticated RCE
Anthropic Engineers Deploy Inside NSA to Run Mythos Cyber AI
Claude Opus Finds 4-Year Zcash Flaw Enabling Silent Coin Forgery
C0XMO Botnet Exploits DD-WRT CVE-2021-27137, Evicts Rival Malware
ShinyHunters Publishes 234 GB of DentaQuest Records for 2.6M
Six Ransomware Groups Post Cross-Sector Victims in Single Day
Payload Ransomware Hits Retailer, Textile Firm, and Hotel Group
CISA Orders Serv-U CVE-2026-28318 Patch After Active Exploitation
VerdantBamboo PLENET Backdoor Sustained 18-Month M365 Intrusion
CoinbaseCartel Ransomware Targets Cambridge Mobile Telematics
Anubis Ransomware Wiper Mode Targets US Law Firm and UK Contractor
DNS Tunneling: How Attacks Work, Detection, and Prevention
Cisco SD-WAN Manager Hit by 7th Zero-Day of 2026, No Patch
Five Eyes Warn Chinese Spies Use Fake Jobs to Target Clearances
IronWorm Rust Malware Hits 36 npm Packages in Supply Chain Attack