ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack Supply Chain Attack / MalwareMultiple WordPress plugins from ShapedPlugin were compromised in a su... 2026-6-22 18:0:48 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com wordpress wp woocommerce

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants AI Security / VulnerabilityCybersecurity researchers have disclosed details of four vulnerabilitie... 2026-6-22 16:13:28 | 阅读: 10 | 收藏 | The Hacker News - thehackernews.com dify 2026 attacker bypass

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests Vulnerability / Server SecurityA heap over-read in the Squid web proxy can leak another user's cle... 2026-6-22 14:29:46 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com squid proxy attacker calif strchr

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer Malvertising / Endpoint SecurityCybersecurity researchers have disclosed details of a new campaign... 2026-6-22 13:20:12 | 阅读: 10 | 收藏 | The Hacker News - thehackernews.com oxloader evade storj dubbed

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Mobile Security / Open SourceGoogle has set September 30, 2026, as the day it begins enforcing And... 2026-6-22 12:45:8 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com developer developers certified installs droid

Stop Your Legacy Infrastructure from Hijacking Your AI Agents Earlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot mos... 2026-6-22 11:58:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com security cloud agents attacker pilot

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More It’s Monday again.This week’s threat list looks painfully familiar: abused integrations, fake too... 2026-6-22 10:55:10 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com 2026 wordpress security malicious

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT... 2026-6-22 09:11:37 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com canada csis court warrant routers

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network IoT Security / VulnerabilityA new malware family is turning forgotten home routers into a distribu... 2026-6-22 06:57:44 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com xlab routers arystinger percent hardware

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific Cybercrime / Artificial IntelligenceA new report from INTERPOL has revealed a "dramatic increase"... 2026-6-22 06:6:53 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com interpol pacific ransomware organized artificial

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys Vulnerability / Web SecurityThreat actors are exploiting a recently patched security flaw impactin... 2026-6-20 09:56:4 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com 2026 gravitysmtp wordfence wordpress exposure

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that ach... 2026-6-19 18:37:41 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com attacker dma a12 a13 usbliter8

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a sui... 2026-6-19 18:33:7 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com ransomware gentlemen affiliates byovd eset

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing age... 2026-6-19 15:30:47 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com microsoft autogen mcp pypi attacker

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., h... 2026-6-19 15:7:54 | 阅读: 10 | 收藏 | The Hacker News - thehackernews.com socgholish tds malicious wordpress infections

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices Threat Intelligence / Firewall SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (... 2026-6-19 14:0:21 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com security passwords fortibleed appliances socradar

From Assistive to Agentic: The AI Shift That's Redefining Threat Management IntroductionThe average enterprise security team has 40 or more security tools, giving a lot of v... 2026-6-19 11:58:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com security agentic ctem agents

Forget Data Leakage: Shadow AI's Real Threat Is Access Control The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensit... 2026-6-19 10:30:0 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com agents security shadow agentic identities

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform i... 2026-6-19 09:3:57 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com klue salesforce 2026 huntress reliaquest

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone Mobile Security / VulnerabilityApple has updated its Beats Studio Buds wireless earbuds to patch... 2026-6-19 06:36:9 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com usbliter8 a13 a12 hardware