List cybersec
Malicious Edge extension abuses Native Messaging as bridge to malware
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Edge", "threat_actor": "N/A", "patch_ready": false, "insight": "A malicious Microsoft Edge extension named 'Edgecution' was used in..
9:10 pm, June 24, 2026 Cybersecurity
DraftKings hacker 'Snoopy' sentenced to 18 months in prison
{"priority":"LOW","cve":"N/A","target":"DraftKings","threat_actor":"Snoopy","patch_ready":false,"insight":"A 21-year-old hacker using the alias 'Snoopy' was sentenced to 18 months in prison for his ro..
10:10 pm, June 24, 2026 Cybersecurity
Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access
{ "priority": "CRITICAL", "cve": "CVE-2026-20245", "target": "Cisco Catalyst SD-WAN", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers exploited a Cisco Catalyst SD-WAN zer..
10:10 pm, June 24, 2026 Cybersecurity
Google releases new privacy controls for activity history, personalization
{ "priority": "INFO", "cve": "N/A", "target": "Google Search, Google Play", "threat_actor": "N/A", "patch_ready": false, "insight": "Google introduces new privacy controls for managing act..
12:10 am, June 25, 2026 Cybersecurity
What do Ports Hear When Nobody's Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
[This is a Guest Diary by Nicole Phillips, an ISC intern as part of the SANS.edu BACS program]
1:10 am, June 25, 2026 Cybersecurity
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
{ "priority": "CRITICAL", "cve": "CVE-2026-20245", "target": "Cisco Catalyst SD-WAN", "threat_actor": "N/A", "patch_ready": false, "insight": "CVE-2026-20245 exploited as zero-day for root..
6:10 am, June 25, 2026 Cybersecurity
New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns
{ "priority": "HIGH", "cve": "N/A", "target": "Multiple organizations", "threat_actor": "KongTuke", "patch_ready": false, "insight": "A new stealthy backdoor named Mistic linked to KongTuk..
10:10 am, June 25, 2026 Cybersecurity
New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis
{ "priority": "HIGH", "cve": "N/A", "target": "macOS", "threat_actor": "N/A", "patch_ready": false, "insight": "New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Anal..
11:10 am, June 25, 2026 Cybersecurity
Surviving the Mythos Era: Richard Bejtlich on the Case for NDR
Despite the abundance of telemetry at analysts’ disposal, many security operations teams struggle to answer a few basic questions during incident investigation: What happened? What evidence do we ha..
12:10 pm, June 25, 2026 Cybersecurity
ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The ThreatsDay Bulletin discusses various cybersecurity threats, including sma..
1:10 pm, June 25, 2026 Cybersecurity
Webinar: Why account takeovers remain one of the hardest threats to stop
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The webinar discusses how behavioral AI can help organizations identify and re..
1:10 pm, June 25, 2026 Cybersecurity
The Four Elevations of Effective Fraud Prevention
Fraudsters don't attack just one transaction. They target accounts, platforms, and entire ecosystems. IPQS explains the four elevations of fraud prevention and why broader visibility improves fraud de..
2:10 pm, June 25, 2026 Cybersecurity
Bluekit phishing kit adopts browser-in-the-middle for login theft
{ "priority": "HIGH", "cve": "N/A", "target": "Bluekit phishing-as-a-service platform", "threat_actor": "N/A", "patch_ready": false, "insight": "Bluekit phishing kit evolves with browser-i..
3:10 pm, June 25, 2026 Cybersecurity
Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code. According to Island, the extension, named Adblock for YouTube (ID..
3:10 pm, June 25, 2026 Cybersecurity
PirloTV sports piracy network disrupted as 44 domains seized
{ "priority": "LOW", "cve": "N/A", "target": "PirloTV", "threat_actor": "N/A", "patch_ready": false, "insight": "A sports piracy network linked to PirloTV has been disrupted with 44 domain..
4:10 pm, June 25, 2026 Cybersecurity
New macOS malware embeds fake errors to confuse AI analysis tools
{"priority": "HIGH", "cve": "N/A", "target": "macOS", "threat_actor": "N/A", "patch_ready": false, "insight": "New macOS malware Gaslight embeds fake errors to evade AI analysis."}
5:10 pm, June 25, 2026 Cybersecurity
Microsoft quietly extends free Windows 10 ESU support to October 2027
{ "priority": "INFO", "cve": "N/A", "target": "Windows 10", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft extended free Windows 10 ESU support to October 2027." }
7:10 pm, June 25, 2026 Cybersecurity
Order-tracking app Shop abused to push callback phishing attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Shop", "threat_actor": "N/A", "patch_ready": false, "insight": "Threat actors abuse Shop, a Shopify order-tracking app, to push callback phis..
8:10 pm, June 25, 2026 Cybersecurity
Anthropic is testing desktop-like Claude Cowork for mobile
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Anthropic is testing mobile support for Claude Cowork, enabling users to manag..
11:10 pm, June 25, 2026 Cybersecurity
Poland busts SIM-swapping gang tied to millions in crypto theft
{ "priority": "HIGH", "cve": "N/A", "target": "Telecommunications partners", "threat_actor": "SIM-swapping gang", "patch_ready": false, "insight": "Poland arrests four members of a cybercr..
11:10 pm, June 25, 2026 Cybersecurity
Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
``` { "priority": "HIGH", "cve": "N/A", "target": "Ukraine government and military organizations, entities with interest in Italian foreign policy", "threat_actor": "Turla", "patch_ready": f..
8:10 am, June 26, 2026 Cybersecurity
Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff
{"priority":"INFO","cve":"N/A","target":"iPhone","threat_actor":"Russian authorities","patch_ready":false,"insight":"Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone ..
9:10 am, June 26, 2026 Cybersecurity
Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
{ "priority": "HIGH", "cve": "N/A", "target": "npm Packages and GitHub Actions", "threat_actor": "Mini Shai-Hulud, Miasma, and Hades", "patch_ready": false, "insight": "Miasma Malware Targ..
11:10 am, June 26, 2026 Cybersecurity
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
``` { "priority": "HIGH", "cve": "N/A", "target": "Hotel and hospitality organizations", "threat_actor": "N/A", "patch_ready": false, "insight": "Active phishing campaign targets hotels wi..
11:10 am, June 26, 2026 Cybersecurity
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
{ "priority": "CRITICAL", "cve": "CVE-2026-46331", "target": "Linux kernel", "threat_actor": "N/A", "patch_ready": false, "insight": "A local unprivileged user can gain root access on affe..
1:10 pm, June 26, 2026 Cybersecurity
CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Dat..
1:10 pm, June 26, 2026 Cybersecurity
New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets
{ "priority": "CRITICAL", "cve": "CVE-2026-43503", "target": "Linux Kernel", "threat_actor": "N/A", "patch_ready": true, "insight": "New DirtyClone Linux Kernel Flaw Lets Local Users Gain ..
1:10 pm, June 26, 2026 Cybersecurity
Guardian Agents: The Next Layer of Identity Governance
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the challenges of governing AI agents in enterprise envi..
1:10 pm, June 26, 2026 Cybersecurity
Your First GRC Agent: A Red Teamer's Walkthrough
AI won't replace GRC analysts, but it can eliminate much of the repetitive work they do. Anecdotes walks through building an agent that continuously monitors controls, identifies evidence gaps, and op..
2:10 pm, June 26, 2026 Cybersecurity
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
{ "priority": "HIGH", "cve": "CVE-2026-12957", "target": "Amazon Q Developer", "threat_actor": "N/A", "patch_ready": true, "insight": "A high-severity flaw in Amazon Q Developer allowed a ..
3:10 pm, June 26, 2026 Cybersecurity
Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
{"priority": "HIGH", "cve": "N/A", "target": "Government entities and critical infrastructure in Southeast Asia", "threat_actor": "CL-STA-1062", "patch_ready": false, "insight": "Chinese-speaking APT ..
5:10 pm, June 26, 2026 Cybersecurity
Polymarket customers lose $3 million in supply-chain attack
{ "priority": "HIGH", "cve": "N/A", "target": "Polymarket", "threat_actor": "N/A", "patch_ready": false, "insight": "Hackers injected malicious script into Polymarket's frontend via third-..
6:10 pm, June 26, 2026 Cybersecurity
Cybersecurity firms targeted by fraudulent OpenAI organization invites
Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company inf..
6:10 pm, June 26, 2026 Cybersecurity
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
{"priority":"HIGH","cve":"N/A","target":"N/A","threat_actor":"StrikeShark","patch_ready":false,"insight":"New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks"}
7:10 pm, June 26, 2026 Cybersecurity
CISA sets urgent deadline to fix Cisco flaw exploited in attacks
{ "priority": "CRITICAL", "cve": "N/A", "target": "Cisco Unified Communications Manager Server", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA mandates immediate patching of..
8:10 pm, June 26, 2026 Cybersecurity
FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
{ "priority": "HIGH", "cve": "N/A", "target": "Signal", "threat_actor": "Russian Intelligence", "patch_ready": false, "insight": "Russian intelligence hackers are targeting Signal backup r..
8:10 pm, June 26, 2026 Cybersecurity
FBI: Russian hackers now target Signal backup recovery keys
{ "priority": "HIGH", "cve": "N/A", "target": "Signal", "threat_actor": "Russian intelligence services", "patch_ready": false, "insight": "Russian hackers are targeting Signal backup recov..
10:10 pm, June 26, 2026 Cybersecurity
OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
{ "priority": "INFO", "cve": "N/A", "target": "GPT-5.6 Sol", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI releases GPT-5.6 Sol, Terra, and Luna with enhanced cyber safeg..
1:10 pm, June 27, 2026 Cybersecurity
Clean GitHub repo tricks AI coding agents into running malware
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "A GitHub repository can be tricked into executing a malicious payload invis..
3:10 pm, June 27, 2026 Cybersecurity
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Messaging accounts of government officials, military personnel, politicians, and activists", "threat_actor": "Russian intelligence services", "..
6:10 pm, June 27, 2026 Cybersecurity
YARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)
{ "priority": "INFO", "cve": "N/A", "target": "YARA-X", "threat_actor": "N/A", "patch_ready": false, "insight": "YARA-X releases versions 1.18.0 and 1.19.0 with improvements and bugfixes."..
8:10 am, June 28, 2026 Cybersecurity
Data breach exposes up to 14.2 million email logins at six ISPs
Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the ..
3:10 pm, June 28, 2026 Cybersecurity
ISC Stormcast For Monday, June 29th, 2026 https://isc.sans.edu/podcastdetail/9986, (Mon, Jun 29th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, June 29, 2026 Cybersecurity
Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
{ "priority": "HIGH", "cve": "N/A", "target": "npm, Go Packages, VS Code", "threat_actor": "N/A", "patch_ready": false, "insight": "Hijacked npm and Go packages deploy Python infostealer v..
7:10 am, June 29, 2026 Cybersecurity
Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw
A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code..
8:10 am, June 29, 2026 Cybersecurity
Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Edge", "threat_actor": "StegoAd", "patch_ready": true, "insight": "Microsoft removed 119 Edge extensions that hid malware in images..
10:10 am, June 29, 2026 Cybersecurity
Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The author is sharing automation techniques for host recon in pentesting, spec..
12:10 pm, June 29, 2026 Cybersecurity
Why Post-Quantum Cryptography Starts With Credentials
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Post-quantum cryptography is crucial for protecting credentials as quantum com..
12:10 pm, June 29, 2026 Cybersecurity
Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
{ "priority": "HIGH", "cve": "N/A", "target": "Ukraine", "threat_actor": "Gamaredon", "patch_ready": false, "insight": "Gamaredon APT group expands malware arsenal in ongoing Ukraine cyber..
12:10 pm, June 29, 2026 Cybersecurity
US seizes hundreds of FIFA World Cup illegal streaming domains
{ "priority": "LOW", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The U.S. Justice Department seized nearly 400 web domains used for illegal stre..
12:10 pm, June 29, 2026 Cybersecurity
