phpBB forum fixes auth bypass bug lurking for a decade
A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. The flaw does…
Month: June 2026
Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection
A newly documented phishing campaign is using a legitimate remote management tool to silently take over victims’ computers, without deploying a single line of traditional…
Attackers Can Exploit Microsoft Outlook and Word Flaws to Run Malicious Code
Microsoft has disclosed a set of critical remote code execution (RCE) vulnerabilities affecting Outlook and Word that could allow attackers to execute arbitrary code on…
The SpaceX Pre-IPO Market: How Crypto Rails Are Opening Synthetic Access
SpaceX is preparing for an IPO that, if priced as reported, would be the largest public debut in history. The company is targeting a valuation…
Authorities dismantle crypto laundering service that moved €336 million for cybercriminals
An international law enforcement operation has dismantled a cryptocurrency laundering service linked to ransomware groups and other cybercriminals that processed more than €336 million in…
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Ravie LakshmananJun 12, 2026Cybercrime / Artificial Intelligence Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its…
Oracle fixes PeopleSoft flaw exploited by ShinyHunters
Oracle has issued an out-of-band patch for a remote code execution (RCE) zero-day vulnerability affecting its PeopleSoft Enterprise PeopleTools product that is being exploited in…
Iranian Cyber Group Handala Claims Cal Water Hack
The Iran-linked threat actor Handala this week boasted to have hacked California Water Service (Cal Water), and published 5 gigabytes of data allegedly stolen from…
Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.
Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That. Pierluigi Paganini June 12, 2026 Pro-Iran group Handala breached…
ShinyHunters linked to exploitation of critical flaw in Oracle PeopleSoft
More than 100 organizations, about two-thirds in higher education, have been notified of potential impact. Source link
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
The FBI, along with Google and Lumen Technologies, took down a major cybercrime network based in China that was responsible for an estimated $1.9 billion…
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
“If Defender offline scan was initiated in the victim machine at any point then there is no need to login, the machine is automatically vulnerable,”…