Cyber Security
CVE Vulnerability Alerts
CISA Confirms BlueHammer CVE-2026-33825 Used in Ransomware
Andrew Doyle
June 30, 2026
CISA updated its KEV entry for CVE-2026-33825 to flag ransomware group exploitation of the Windows Defender privilege escalation flaw, first patched in April.
Application Security
Three Daktronics Controller Flaws Allow Remote Highway Sign Hijack
Gabby Lee
June 30, 2026
CISA disclosed three Daktronics LED controller vulnerabilities that give remote attackers root access to highway signs, billboards, and roadside message boards.
Application Security
Gitea CVE-2026-58053 Container Escape Vulnerability Published Following Exploitarium Leak
Gabby Lee
June 30, 2026
An anonymous researcher's 130-plus zero-day dump included Gitea CVE-2026-20896, a Docker default misconfiguration that grants admin access with one HTTP header.
Application Security
India IDRBT .bank.in Registry Leaked 5,576 Employee Records
Gabby Lee
June 30, 2026
India's IDRBT domain registry for the RBI-mandated .bank.in namespace exposed 5,576 bank employees' credentials through 33-plus unauthenticated API endpoints.
Application Security
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
Gabby Lee
June 29, 2026
Microsoft removed 119 malicious Edge extensions in the StegoAd takedown, exposing a steganography campaign hiding malware in image and font files since 2021.
Application Security
Public PoC Drops for Critical libssh2 Flaw CVE-2026-55200
Andrew Doyle
June 29, 2026
A public PoC exploit for CVE-2026-55200, a CVSS 9.2 out-of-bounds write in libssh2, is live with no fixed tagged release available for curl, Git, and ...
Application Security
Hijacked npm and Go Packages Exploit VS Code MCP to Deploy Infostealer
Andrew Doyle
June 29, 2026
Hijacked npm and Go packages exploit VS Code's MCP tasks to bypass npm lifecycle hook protections and deploy a cross-platform Python infostealer.
Cybersecurity
SBU and FBI Expose Russian FSB and GRU Signal Key Theft Campaign
Mitchell Langley
June 29, 2026
Ukraine's SBU and the FBI jointly exposed campaigns by Russian FSB-linked UNC5792 and GRU-linked UNC4221 stealing Signal and WhatsApp backup recovery keys.
Cybersecurity
US Offers $10M Bounty for Russian Hackers UNC5792 and UNC4221
Andrew Doyle
June 29, 2026
The US State Department's Rewards for Justice program offers $10 million for intelligence on UNC5792 and UNC4221, Russian groups targeting Signal accounts.
Application Security
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
Mitchell Langley
June 29, 2026
Mozilla's 0DIN researchers show a clean GitHub repo can trick AI coding tools into running malware via DNS TXT records, bypassing security scanners entirely.
Cybersecurity
White House Cybersecurity Review Restricts GPT-5.6 and Anthropic
Mitchell Langley
June 29, 2026
The Trump administration's ongoing national security review now restricts OpenAI's GPT-5.6 and Anthropic's full model program to government-vetted customers.
Application Security
Athena Coalition Finds 20,000+ Flaws in 500 Open-Source Projects
Gabby Lee
June 29, 2026
The Athena coalition of about 24 companies including Docker, Cisco, and Cloudflare used AI to find 20,000+ vulnerabilities across 500 open-source projects.
Application Security
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
Mitchell Langley
June 24, 2026
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
Cybersecurity
Law Enforcement Clears 15,000 SocGholish WordPress Sites
Andrew Doyle
June 24, 2026
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
Application Security
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
Gabby Lee
June 24, 2026
ShapedPlugin's plugin update system was compromised by attackers who pushed malicious code to paying WordPress customers through the company's verified official update channels.
Cybersecurity
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
Mitchell Langley
June 24, 2026
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Application Security
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
Mitchell Langley
June 24, 2026
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
CVE Vulnerability Alerts
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
Gabby Lee
June 24, 2026
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
Cybersecurity
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
Andrew Doyle
June 24, 2026
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Application Security
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
Gabby Lee
June 24, 2026
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
CVE Vulnerability Alerts
Microsoft Patches RoguePlanet Defender Zero-Day CVE-2026-50656
Andrew Doyle
July 10, 2026
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Mitchell Langley
July 10, 2026
Cybersecurity
DigitalMint Employee Sentenced for BlackCat Ransomware Conspiracy
Mitchell Langley
July 10, 2026
Cybersecurity
GodDamn Ransomware Uses PoisonX Driver to Kill EDR Before Encrypting
Mitchell Langley
July 10, 2026
TOP CYBERSECURITY HEADLINES
Cybersecurity
China Bans Claude Code After CNVDB Backdoor Advisory
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Application Security
HalluSquatting Turns AI Package Hallucinations Into Botnet Traps
Application Security
Chrome 150 Patches Two Critical Use-After-Free Flaws in Ozone, Views
This Week’s Security Spotlight
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Mitchell Langley
July 10, 2026
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
Mitchell Langley
July 10, 2026
Cybersecurity
200 GitHub Repos Used as Dead Drop C2 Network for Windows Malware
Gabby Lee
July 10, 2026
Cybersecurity
Cisco Talos Exposes UAT-7810 LONGLEASH Backdoor on Ruckus Routers
Mitchell Langley
July 8, 2026
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
India IDRBT .bank.in Registry Leaked 5,576 Employee Records
June 30, 2026
India's IDRBT domain registry for the RBI-mandated .bank.in namespace exposed 5,576 bank employees' credentials through 33-plus unauthenticated API endpoints.
Microsoft Removes 119 StegoAd Extensions from Edge Add-ons Store
June 29, 2026
Microsoft removed 119 malicious Edge extensions in the StegoAd takedown, exposing a steganography campaign hiding malware in image and font files since 2021.
Public PoC Drops for Critical libssh2 Flaw CVE-2026-55200
June 29, 2026
A public PoC exploit for CVE-2026-55200, a CVSS 9.2 out-of-bounds write in libssh2, is live with no fixed tagged release available for curl, Git, and ...
Hijacked npm and Go Packages Exploit VS Code MCP to Deploy Infostealer
June 29, 2026
Hijacked npm and Go packages exploit VS Code's MCP tasks to bypass npm lifecycle hook protections and deploy a cross-platform Python infostealer.
SBU and FBI Expose Russian FSB and GRU Signal Key Theft Campaign
June 29, 2026
Ukraine's SBU and the FBI jointly exposed campaigns by Russian FSB-linked UNC5792 and GRU-linked UNC4221 stealing Signal and WhatsApp backup recovery keys.
US Offers $10M Bounty for Russian Hackers UNC5792 and UNC4221
June 29, 2026
The US State Department's Rewards for Justice program offers $10 million for intelligence on UNC5792 and UNC4221, Russian groups targeting Signal accounts.
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
June 29, 2026
Mozilla's 0DIN researchers show a clean GitHub repo can trick AI coding tools into running malware via DNS TXT records, bypassing security scanners entirely.
White House Cybersecurity Review Restricts GPT-5.6 and Anthropic
June 29, 2026
The Trump administration's ongoing national security review now restricts OpenAI's GPT-5.6 and Anthropic's full model program to government-vetted customers.
Athena Coalition Finds 20,000+ Flaws in 500 Open-Source Projects
June 29, 2026
The Athena coalition of about 24 companies including Docker, Cisco, and Cloudflare used AI to find 20,000+ vulnerabilities across 500 open-source projects.
Klue OAuth Breach Hits Huntress, Recorded Future via Salesforce
June 24, 2026
Threat actor Icarus exploited Klue's Salesforce OAuth integration to breach CRM data at cybersecurity firms including Huntress and Recorded Future in a June 2026 supply ...
Law Enforcement Clears 15,000 SocGholish WordPress Sites
June 24, 2026
Operation Endgame dismantled nearly 15,000 SocGholish-infected WordPress sites and 106 C2 servers linked to Russian cybercrime group Evil Corp in a June 2026 international enforcement ...
ShapedPlugin Update System Hacked, Malicious Code Pushed to Customers
June 24, 2026
ShapedPlugin's plugin update system was compromised by attackers who pushed malicious code to paying WordPress customers through the company's verified official update channels.
Microsoft Exposes Windows Crypto Clipper Using USB Worm and Tor C2
June 24, 2026
Microsoft disclosed a Windows crypto clipper campaign active since February 2026, using USB LNK worm spreading and Tor-based C2 to intercept and redirect cryptocurrency transactions.
Crypto Clipper Abuses AI Reviews and VirusTotal to Fake Legitimacy
June 24, 2026
Check Point Research exposed a crypto clipper campaign using AI-generated fake reviews on GitHub, YouTube, and VirusTotal comment sections to manufacture trust before delivering malware.
Defender Zero-Day CVE-2026-50656 Under Active Exploit, No Patch
June 24, 2026
Microsoft confirmed CVE-2026-50656, a zero-day in the Defender Malware Protection Engine allowing SYSTEM-level privilege escalation, is under active exploitation with no patch currently available.
DOJ Seizes Huione Group Cloud Accounts in $4B Fraud Crackdown
June 24, 2026
The DOJ seized cloud accounts tied to Huione Group, a Cambodia-based conglomerate FinCEN says processed $4B in fraud proceeds from pig butchering scam networks.
Cisco Unified CM SSRF Flaw CVE-2026-20230 Under Active Exploit
June 24, 2026
CVE-2026-20230, a CVSS 8.6 SSRF flaw in Cisco Unified CM's WebDialer, is under active exploitation after a PoC dropped June 23 — patch released June ...
Two Scattered Spider Members Plead Guilty in TfL Hack Case
June 24, 2026
Thalha Jubair and Owen Flowers pled guilty to the 2024 Scattered Spider hack of Transport for London, causing GBP 29M in damage and exposing customer ...
Gizmodo Account Hijacked to Push ClickFix Malware at Readers
June 24, 2026
A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based attacks at scale.
Algerian Phishing Marketplace Operator Extradited to US
June 24, 2026
Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and Spoxy.



































