List cybersec
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
{ "priority": "HIGH", "cve": "N/A", "target": "FIFA World Cup 2026", "threat_actor": "N/A", "patch_ready": false, "insight": "FIFA World Cup 2026 scams are live, with fake sites, banking m..
8:10 am, June 5, 2026 Cybersecurity
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
{"priority":"CRITICAL","cve":"CVE-2026-3300","target":"Everest Forms Pro","threat_actor":"N/A","patch_ready":true,"insight":"CVE-2026-3300 (CVSS 9.8) exploited in Everest Forms Pro WordPress plugin, l..
9:10 am, June 5, 2026 Cybersecurity
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Only 10% of Security Operations Centers (SOCs) report getting excellent value from AI, indicating a ga..
1:10 pm, June 5, 2026 Cybersecurity
What 2026 DBIR Confirms: Attacks Are Living in the Browser
{ "priority": "MEDIUM", "cve": "N/A", "target": "Browser", "threat_actor": "N/A", "patch_ready": false, "insight": "The 2026 Verizon DBIR shows an increase in browser-layer attacks, includ..
2:10 pm, June 5, 2026 Cybersecurity
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft IIS Servers", "threat_actor": "OP-512", "patch_ready": false, "insight": "New threat cluster OP-512 targets Microsoft IIS servers w..
2:10 pm, June 5, 2026 Cybersecurity
Over 900 US gas station tank gauge systems exposed to attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Automatic Tank Gauge (ATG) systems", "threat_actor": "N/A", "patch_ready": false, "insight": "Over 900 US gas station tank gauge systems are ..
3:10 pm, June 5, 2026 Cybersecurity
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
{"priority":"HIGH","cve":"N/A","target":"Android","threat_actor":"Asin","patch_ready":false,"insight":"Arabic-speaking users targeted by new Android spyware Asin via fake news, PDF and war map apps"}
5:10 pm, June 5, 2026 Cybersecurity
Chinese APT deploys new malware to keep access to hacked networks
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "UNC5221", "patch_ready": false, "insight": "Chinese APT group UNC5221 uses new malware (Brickstorm, Plenet, ..
6:10 pm, June 5, 2026 Cybersecurity
Dark web Nemesis Market vendor gets 26 years for selling drugs
{"priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A California man was sentenced to over 26 years in prison for selling drugs on Nemesis Marke..
6:10 pm, June 5, 2026 Cybersecurity
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
{"priority":"HIGH","cve":"N/A","target":"npm","threat_actor":"IronWorm and Miasma Worm","patch_ready":false,"insight":"Multiple software supply chain attacks hit npm ecosystem using over 50 poisoned p..
7:10 pm, June 5, 2026 Cybersecurity
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
{ "priority": "HIGH", "cve": "N/A", "target": "SolarWinds Serv-U", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers are actively exploiting a recently patched high-severity..
8:10 pm, June 5, 2026 Cybersecurity
Suspicious Polyfill login prompts pop up on Toshiba, Muji websites
{ "priority": "MEDIUM", "cve": "N/A", "target": "Toshiba, Muji websites", "threat_actor": "N/A", "patch_ready": false, "insight": "Suspicious Polyfill login prompts appeared on Toshiba and..
10:10 pm, June 5, 2026 Cybersecurity
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
{"priority": "HIGH", "cve": "CVE-2026-20245", "target": "Cisco Catalyst SD-WAN Manager", "threat_actor": "N/A", "patch_ready": false, "insight": "Cisco warns of active exploitation of a high-severity ..
6:10 am, June 6, 2026 Cybersecurity
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
{ "priority": "CRITICAL", "cve": "N/A", "target": "FFmpeg", "threat_actor": "N/A", "patch_ready": true, "insight": "AI agent discovers 21 zero-days in FFmpeg." } { "priority": "CRITICAL..
8:10 am, June 6, 2026 Cybersecurity
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft GitHub Repositories", "threat_actor": "Miasma", "patch_ready": false, "insight": "Miasma self-replicating supply chain attack impac..
8:10 am, June 6, 2026 Cybersecurity
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
{ "priority": "HIGH", "cve": "N/A", "target": "Bright Data", "threat_actor": "N/A", "patch_ready": false, "insight": "Free apps turn smart TVs into web-scraping proxies for AI via Bright D..
9:10 am, June 6, 2026 Cybersecurity
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
{ "priority": "CRITICAL", "cve": "CVE-2026-28318", "target": "SolarWinds Serv-U", "threat_actor": "N/A", "patch_ready": false, "insight": "CISA added a high-severity SolarWinds Serv-U DoS ..
9:10 am, June 6, 2026 Cybersecurity
Critical Everest Forms Pro flaw exploited to take over WordPress sites
{ "priority": "CRITICAL", "cve": "CVE-2026-3300", "target": "Everest Forms Pro", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers exploit critical CVE-2026-3300 in Everest ..
3:10 pm, June 6, 2026 Cybersecurity
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
{"priority":"MEDIUM","cve":"N/A","target":"ChatGPT","threat_actor":"N/A","patch_ready":true,"insight":"OpenAI rolls out Lockdown Mode for ChatGPT to prevent data exfiltration via prompt injection atta..
3:10 pm, June 6, 2026 Cybersecurity
C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. [...]
3:10 pm, June 7, 2026 Cybersecurity
Silent Ransom Group targets law firms with fake IT support calls
{ "priority": "HIGH", "cve": "N/A", "target": "law firms", "threat_actor": "Silent Ransom Group", "patch_ready": false, "insight": "The Silent Ransom Group is targeting U.S. law firms and ..
3:10 pm, June 7, 2026 Cybersecurity
Hands on with Intelligent Terminal, an AI-powered Windows Terminal
Microsoft has created an open-source fork of Windows Terminal called "Intelligent Terminal," and it allows you to use AI directly inside Terminal without interfering with the regular session. [...]
12:12 am, June 8, 2026 Cybersecurity
ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for Monday, June 8th, 2026." }
2:10 am, June 8, 2026 Cybersecurity
Over 20,000 Instagram accounts stolen in Meta AI support hack
{"priority":"HIGH","cve":"N/A","target":"Instagram","threat_actor":"N/A","patch_ready":false,"insight":"Over 20,000 Instagram accounts were hijacked using Meta's AI-powered support system to reset pas..
6:10 am, June 8, 2026 Cybersecurity
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
{ "priority": "MEDIUM", "cve": "N/A", "target": "Visual Studio Code", "threat_actor": "N/A", "patch_ready": true, "insight": "VS Code introduces 2-hour delay for auto-updating extensions t..
7:10 am, June 8, 2026 Cybersecurity
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
{ "priority": "HIGH", "cve": "N/A", "target": "U.S. organizations", "threat_actor": "UNC3753", "patch_ready": false, "insight": "UNC3753 used vishing and physical intrusions in a data thef..
9:10 am, June 8, 2026 Cybersecurity
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
{ "priority": "HIGH", "cve": "N/A", "target": "Linux systems", "threat_actor": "VerdantBamboo", "patch_ready": false, "insight": "VerdantBamboo deploys BSD variant of BRICKSTORM on Linux A..
11:10 am, June 8, 2026 Cybersecurity
Oxford University discloses data breach after careers platform hack
The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised. [...]
12:10 pm, June 8, 2026 Cybersecurity
Check Point links VPN zero-day attacks to Qilin ransomware gang
{ "priority": "CRITICAL", "cve": "N/A", "target": "Check Point Remote Access VPN and Mobile Access", "threat_actor": "Qilin ransomware gang", "patch_ready": true, "insight": "Check Point p..
1:10 pm, June 8, 2026 Cybersecurity
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
{"priority":"HIGH","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"AI-generated phishing attacks are overwhelming SOCs with high volumes of alerts, making it difficult f..
1:10 pm, June 8, 2026 Cybersecurity
The Hardest Fork
Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this line right here is wr..
1:10 pm, June 8, 2026 Cybersecurity
Reducing security operations complexity with Wazuh Cloud
Security teams are increasingly overwhelmed by alert fatigue, infrastructure maintenance, and complex hybrid environments. This article explores how Wazuh Cloud helps simplify SIEM/XDR operations thro..
2:10 pm, June 8, 2026 Cybersecurity
⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The recap highlights various security incidents, including Instagram account h..
3:10 pm, June 8, 2026 Cybersecurity
Critical UniFi OS bug lets hackers gain root without authentication
{ "priority": "CRITICAL", "cve": "N/A", "target": "UniFi OS", "threat_actor": "N/A", "patch_ready": true, "insight": "Attackers can chain three fixed vulnerabilities in Ubiquiti UniFi OS s..
4:10 pm, June 8, 2026 Cybersecurity
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
{ "priority": "CRITICAL", "cve": "CVE-2026-50751", "target": "Check Point VPN", "threat_actor": "N/A", "patch_ready": true, "insight": "Critical Check Point VPN flaw exploited to bypass pa..
4:10 pm, June 8, 2026 Cybersecurity
Gogs patches critical zero-day enabling remote code execution
{ "priority": "CRITICAL", "cve": "N/A", "target": "Gogs", "threat_actor": "N/A", "patch_ready": true, "insight": "Gogs patches critical zero-day enabling remote code execution" }
5:10 pm, June 8, 2026 Cybersecurity
Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order
{ "priority": "HIGH", "cve": "N/A", "target": "WhatsApp", "threat_actor": "NSO Group", "patch_ready": false, "insight": "Meta blocked NSO Group's WhatsApp phishing attack and filed a conte..
6:10 pm, June 8, 2026 Cybersecurity
TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "TeamPCP", "patch_ready": false, "insight": "The Internet Storm Center is tracking the TeamPCP supply chain campaign, w..
6:10 pm, June 8, 2026 Cybersecurity
WhatsApp says it disrupted new NSO spyware phishing attacks
WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. [...]
7:10 pm, June 8, 2026 Cybersecurity
New Apple feature automatically changes your compromised passwords
{ "priority": "INFO", "cve": "N/A", "target": "Apple", "threat_actor": "N/A", "patch_ready": false, "insight": "Apple announced a new feature that automatically changes compromised passwor..
9:10 pm, June 8, 2026 Cybersecurity
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud supply-chain attack that delivered malware designed to steal developer secrets..
9:10 pm, June 8, 2026 Cybersecurity
One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public
{ "priority": "CRITICAL", "cve": "CVE-2026-23111", "target": "Linux Kernel", "threat_actor": "N/A", "patch_ready": true, "insight": "A one-character flaw in the Linux kernel's nf_tables pa..
9:10 pm, June 8, 2026 Cybersecurity
SoFi confirms third-party data breach at Hong Kong subsidiary
{ "priority": "MEDIUM", "cve": "N/A", "target": "SoFi Hong Kong", "threat_actor": "N/A", "patch_ready": false, "insight": "SoFi Hong Kong suffered a data breach due to hackers gaining acce..
10:10 pm, June 8, 2026 Cybersecurity
NFCShare Android malware spreads via fake banking app updates on GitHub
{ "priority": "HIGH", "cve": "N/A", "target": "Android", "threat_actor": "N/A", "patch_ready": false, "insight": "New variants of the NFCShare Android malware are being distributed as fake..
11:10 pm, June 8, 2026 Cybersecurity
ISC Stormcast For Tuesday, June 9th, 2026 https://isc.sans.edu/podcastdetail/9964, (Tue, Jun 9th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "ISC Stormcast podcast for June 9th, 2026, providing cybersecurity news and upd..
2:10 am, June 9, 2026 Cybersecurity
Google patches new Chrome zero-day flaw exploited in the wild
{ "priority": "CRITICAL", "cve": "N/A", "target": "Google Chrome", "threat_actor": "N/A", "patch_ready": true, "insight": "Google patched a Chrome zero-day vulnerability exploited in the w..
7:10 am, June 9, 2026 Cybersecurity
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
{ "priority": "CRITICAL", "cve": "CVE-2026-42271", "target": "BerriAI LiteLLM", "threat_actor": "N/A", "patch_ready": false, "insight": "CVE-2026-42271 command injection vulnerability in B..
7:10 am, June 9, 2026 Cybersecurity
CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
{"priority": "CRITICAL", "cve": "N/A", "target": "Check Point VPN", "threat_actor": "Qilin", "patch_ready": true, "insight": "CISA orders US agencies to patch Check Point VPN bug exploited as zero-day..
9:10 am, June 9, 2026 Cybersecurity
French govt messaging service breached in account hijacking attack
{ "priority": "HIGH", "cve": "N/A", "target": "Tchap (French government's encrypted messaging platform)", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers breached Tchap us..
11:10 am, June 9, 2026 Cybersecurity
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
{"priority":"MEDIUM","cve":"N/A","target":"Websites","threat_actor":"N/A","patch_ready":false,"insight":"A JavaScript-based FROST attack allows malicious websites to track user activity via SSD timing..
11:10 am, June 9, 2026 Cybersecurity
