Hackers Spied on a Stock Exchange Executive’s Outlook Mailbox for Five Months
Swati KhandelwalJun 04, 2026Cyber Espionage / Malware Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major…
Category: TheHackerNews
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Swati KhandelwalJun 04, 2026Malware / Open Source Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through…
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Ravie LakshmananJun 04, 2026Malvertising / Browser Security Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor…
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google…
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Ravie LakshmananJun 06, 2026Vulnerability / Network Security Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The…
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Ravie LakshmananJun 06, 2026Supply Chain Attack / Malware Microsoft’s GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain…
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
Ravie LakshmananJun 06, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol…
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
Ravie LakshmananJun 06, 2026Cybersecurity / Artificial Intelligence OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the…
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into…
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Swati KhandelwalJun 06, 2026Vulnerability / Endpoint Security Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities…
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where “OP” stands for “opponent”) that…
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to…