List cybersec
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023
{ "priority": "HIGH", "cve": "N/A", "target": "N/A", "threat_actor": "INC Ransomware", "patch_ready": false, "insight": "INC Ransomware has emerged as a major RaaS threat with over 830 vic..
3:10 pm, June 18, 2026 Cybersecurity
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Market intelligence platform Klue suffered a OAuth breach that enabled the "Icarus" threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign. [...]
3:10 pm, June 18, 2026 Cybersecurity
Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2
{"priority":"HIGH","cve":"N/A","target":"Windows","threat_actor":"Microsoft Defender Security Research Team","patch_ready":false,"insight":"Microsoft disclosed a Windows-based cryptocurrency clipper c..
3:10 pm, June 18, 2026 Cybersecurity
Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp
{ "priority": "HIGH", "cve": "N/A", "target": "WordPress", "threat_actor": "Evil Corp", "patch_ready": false, "insight": "Law enforcement agencies dismantled nearly 15,000 SocGholish-infec..
2:10 pm, June 18, 2026 Cybersecurity
DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "DragonForce", "patch_ready": false, "insight": "DragonForce hackers abuse Microsoft Teams to hide Backdoor..
2:10 pm, June 18, 2026 Cybersecurity
5 reasons Microsoft 365 backup isn’t enough for business data protection
{ "priority": "LOW", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft 365 backup has limitations for business data protection" }
2:10 pm, June 18, 2026 Cybersecurity
Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network
{"priority":"MEDIUM","cve":"N/A","target":"AI Agents","threat_actor":"N/A","patch_ready":false,"insight":"Enterprises struggle to track and manage autonomous AI agents, leading to potential hidden acc..
1:10 pm, June 18, 2026 Cybersecurity
Telegram admits it couldn't police exam-leak channels, India tells court
{ "priority": "INFO", "cve": "N/A", "target": "Telegram", "threat_actor": "N/A", "patch_ready": false, "insight": "Telegram faced criticism from India's government for allegedly failing to..
1:10 pm, June 18, 2026 Cybersecurity
Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
{ "priority": "HIGH", "cve": "N/A", "target": "Beats Studio Buds", "threat_actor": "N/A", "patch_ready": true, "insight": "Apple patched a high-severity flaw in Beats Studio Buds that allo..
1:10 pm, June 18, 2026 Cybersecurity
ShapedPlugin update flow hacked to infect WordPress sites
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor's official update system. [...]
1:10 pm, June 18, 2026 Cybersecurity
The Scripts on Your Checkout Page Are Now a PCI DSS Problem
{ "priority": "MEDIUM", "cve": "N/A", "target": "PCI DSS", "threat_actor": "N/A", "patch_ready": false, "insight": "The Scripts on Your Checkout Page Are Now a PCI DSS Problem" }
12:10 pm, June 18, 2026 Cybersecurity
F5 issues out-of-band patches for critical NGINX vulnerabilities
{ "priority": "CRITICAL", "cve": "N/A", "target": "NGINX", "threat_actor": "N/A", "patch_ready": true, "insight": "F5 releases out-of-band patches for critical NGINX vulnerabilities allowi..
12:10 pm, June 18, 2026 Cybersecurity
Microsoft fixes Windows Server 2016 security update failures
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows Server 2016", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft fixed a known issue causing June 2024 security upda..
11:10 am, June 18, 2026 Cybersecurity
Leak confirms OpenAI is testing a ChatGPT for Science subscription
{ "priority": "INFO", "cve": "N/A", "target": "OpenAI ChatGPT", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI is testing a new ChatGPT subscription for science use cases...
2:10 am, June 18, 2026 Cybersecurity
The Behavior of Coordinated SSH Brute Force Attacks over the last three months [Guest Diary], (Wed, Jun 17th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A guest diary by Adam Nason discusses the behavior of coordinated SSH brute fo..
2:10 am, June 18, 2026 Cybersecurity
ISC Stormcast For Thursday, June 18th, 2026 https://isc.sans.edu/podcastdetail/9978, (Thu, Jun 18th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, June 18, 2026 Cybersecurity
Google to use UK and EU user IP addresses for ad personalization
{"priority":"INFO","cve":"N/A","target":"Google","threat_actor":"N/A","patch_ready":false,"insight":"Google to use UK and EU user IP addresses for ad personalization"}
9:10 pm, June 17, 2026 Cybersecurity
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
{ "priority": "CRITICAL", "cve": "CVE-2026-50656", "target": "Microsoft Defender", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft confirms a zero-day vulnerability in D..
7:10 pm, June 17, 2026 Cybersecurity
Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments
An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research. The threa..
7:10 pm, June 17, 2026 Cybersecurity
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
{ "priority": "HIGH", "cve": "N/A", "target": "Tailscale and OpenSSH", "threat_actor": "Junior Hacker", "patch_ready": false, "insight": "A junior hacker used Tailscale and OpenSSH to main..
5:10 pm, June 17, 2026 Cybersecurity
FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
A newly discovered data leak dubbed "FortiBleed" has exposed what appears to be a collection of Fortinet and FortiGate VPN credentials for 73,932 firewall URLs at organizations worldwide. [...]
4:10 pm, June 17, 2026 Cybersecurity
The browser blind spot: Why your security tool may not be blocking what you think it is [Guest Diary], (Wed, Jun 17th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A guest diary discusses potential blind spots in browser security tools." }
4:10 pm, June 17, 2026 Cybersecurity
India's Telegram ban hit the UAE too. Here's how to get around it
{ "priority": "INFO", "cve": "N/A", "target": "Telegram", "threat_actor": "N/A", "patch_ready": false, "insight": "India banned Telegram due to leaked exam papers, while CEO Pavel Durov ac..
2:10 pm, June 17, 2026 Cybersecurity
Why Account Takeovers Are Rising and How to Stop Them
Account takeovers are rising as attackers bypass traditional defenses through phishing, session hijacking, and MFA fatigue. Specops Software explores how device trust and continuous verification help ..
2:10 pm, June 17, 2026 Cybersecurity
Microsoft confirms Office apps launch issues after June updates
Microsoft is investigating a new issue preventing third-party applications from launching Microsoft Office applications or opening documents on up-to-date Windows systems. [...]
12:10 pm, June 17, 2026 Cybersecurity
Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It's validation. Security teams must deci..
12:10 pm, June 17, 2026 Cybersecurity
The Top 10 Attack Surface Exposures in 2026
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the top 10 attack surface exposures in 2026, highlightin..
11:10 am, June 17, 2026 Cybersecurity
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
{ "priority": "HIGH", "cve": "N/A", "target": "JetBrains Marketplace plugins", "threat_actor": "N/A", "patch_ready": false, "insight": "Malicious JetBrains plugins steal AI API keys, posin..
10:10 am, June 17, 2026 Cybersecurity
CISA orders feds to patch max severity Joomla plugin flaw by Friday
{ "priority": "CRITICAL", "cve": "N/A", "target": "Joomla Content Editor (JCE) plugin", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA orders federal agencies to patch a maxi..
10:10 am, June 17, 2026 Cybersecurity
Microsoft working on Defender patch for RoguePlanet zero-day
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Defender", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is working on a security patch for a Defender zer..
9:10 am, June 17, 2026 Cybersecurity
144 Mastra npm Packages Compromised via Hijacked Contributor Account
{ "priority": "CRITICAL", "cve": "N/A", "target": "Mastra npm Packages", "threat_actor": "easy-day-js", "patch_ready": false, "insight": "Multiple Mastra npm packages compromised in softwa..
8:10 am, June 17, 2026 Cybersecurity
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
{ "priority": "CRITICAL", "cve": "CVE-2026-48907", "target": "Joomla JCE", "threat_actor": "N/A", "patch_ready": false, "insight": "CISA warns of actively exploited Joomla JCE flaw allowin..
7:10 am, June 17, 2026 Cybersecurity
Kodak confirms data breach claimed by ShinyHunters extortion gang
{ "priority": "HIGH", "cve": "N/A", "target": "Kodak", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "Kodak confirms data breach claimed by ShinyHunters extortion gang."..
7:10 am, June 17, 2026 Cybersecurity
ISC Stormcast For Wednesday, June 17th, 2026 https://isc.sans.edu/podcastdetail/9976, (Wed, Jun 17th)
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A summary of an article on how to earn a billion dollars."}
2:10 am, June 17, 2026 Cybersecurity
Malicious JetBrains Marketplace plugins steal AI API keys from developers
{ "priority": "HIGH", "cve": "N/A", "target": "JetBrains Marketplace plugins", "threat_actor": "N/A", "patch_ready": false, "insight": "Malicious plugins on JetBrains Marketplace steal AI ..
10:10 pm, June 16, 2026 Cybersecurity
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
{ "priority": "HIGH", "cve": "N/A", "target": "Google Vertex AI SDK", "threat_actor": "N/A", "patch_ready": true, "insight": "A flaw in the Google Cloud Vertex AI SDK for Python allows an ..
8:10 pm, June 16, 2026 Cybersecurity
New Rokarolla Android malware targets 217 banking, crypto apps
{ "priority": "HIGH", "cve": "N/A", "target": "Android", "threat_actor": "Rokarolla", "patch_ready": false, "insight": "New Rokarolla Android malware targets 217 banking, crypto apps" }
8:10 pm, June 16, 2026 Cybersecurity
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
{ "priority": "HIGH", "cve": "N/A", "target": "N/A", "threat_actor": "ClickFix", "patch_ready": false, "insight": "ClickFix campaigns expand malware delivery with new loaders and fake upda..
7:10 pm, June 16, 2026 Cybersecurity
Steam Workshop abused to spread malware via Wallpaper Engine app
{ "priority": "HIGH", "cve": "N/A", "target": "Steam Workshop", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors are spreading malware through Steam Workshop by hidin..
7:10 pm, June 16, 2026 Cybersecurity
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Windows", "threat_actor": "GhostTree", "patch_ready": false, "insight": "GhostTree attack uses recursive NTFS junctions to evade de..
3:10 pm, June 16, 2026 Cybersecurity
UK to require ID or face scan before you can make social media accounts
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The UK government will require social media users to prove they are over 16 wi..
3:10 pm, June 16, 2026 Cybersecurity
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
{"priority":"HIGH","cve":"N/A","target":"Android","threat_actor":"Rokarolla","patch_ready":false,"insight":"New Rokarolla Android Malware steals PINs, SMS codes, and crypto wallet funds, targeting 217..
2:10 pm, June 16, 2026 Cybersecurity
FTC warns of record $3.5 billion losses to imposter scams in 2025
The U.S. Federal Trade Commission (FTC) warned that Americans lost $3.5 billion to imposter scams in 2025, with reported losses nearly tripling since 2020. [...]
2:10 pm, June 16, 2026 Cybersecurity
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Security teams struggle to effectively utilize IP data and threat intelligence to proactively address ..
12:10 pm, June 16, 2026 Cybersecurity
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
{ "priority": "HIGH", "cve": "N/A", "target": "SprySOCKS", "threat_actor": "China-Linked", "patch_ready": false, "insight": "China-linked SprySOCKS backdoor expands to Windows with driver-..
11:10 am, June 16, 2026 Cybersecurity
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Teams", "threat_actor": "DragonForce", "patch_ready": false, "insight": "Ransomware gang uses custom malware to hide malicious traf..
11:10 am, June 16, 2026 Cybersecurity
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
{ "priority": "HIGH", "cve": "CVE-2026-39813, CVE-2026-39808, CVE-2026-25089", "target": "Fortinet FortiSandbox", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are exp..
11:10 am, June 16, 2026 Cybersecurity
CISA warns of another cPanel plugin flaw exploited in attacks
{ "priority": "HIGH", "cve": "CVE-2026-54420", "target": "LiteSpeed cPanel user-end plugin", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA warns of actively exploited vulner..
11:10 am, June 16, 2026 Cybersecurity
Critical Fortinet FortiSandbox flaws now exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Fortinet FortiSandbox", "threat_actor": "N/A", "patch_ready": false, "insight": "Attackers are exploiting critical vulnerabilities in For..
10:10 am, June 16, 2026 Cybersecurity
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
{"priority":"HIGH","cve":"N/A","target":"Microsoft","threat_actor":"ScarCruft (APT37)","patch_ready":false,"insight":"North Korean group ScarCruft uses spear-phishing with fake Microsoft alerts to dep..
9:10 am, June 16, 2026 Cybersecurity
