Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks Open Source / Supply Chain SecurityCybersecurity researchers have flagged a new class of CI/CD wo... 2026-6-24 12:48:11 | 阅读: 2 | 收藏 | The Hacker News - thehackernews.com attacker novee security microsoft workflows

Dawn of the Apex Agentic Adversary Network Security / Vulnerability ManagementWe are standing at the end of an era we never thought t... 2026-6-24 11:30:0 | 阅读: 3 | 收藏 | The Hacker News - thehackernews.com runzero predator agentic network asset

DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering Money Laundering / CybercrimeThe U.S. Department of Justice (DoJ) on Tuesday announced the seizure... 2026-6-24 08:55:12 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com huione laundering criminal guarantee prince

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root Vulnerability / Network SecurityThreat actors have begun to exploit a recently disclosed critical... 2026-6-24 06:50:38 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com unified webdialer security 2026 attacker

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation Initial Access Broker / Firewall SecurityA Russian-speaking initial access broker (IAB) driven by... 2026-6-23 18:20:49 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com fortigate fortibleed 2026 firewalls

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and a... 2026-6-23 15:16:43 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com skill scanners stars stitch firm

Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration Cryptography / Quantum ComputingPresident Trump signed an executive order on June 22 setting hard... 2026-6-23 15:16:40 | 阅读: 5 | 收藏 | The Hacker News - thehackernews.com migration 2030 deadlines fips pqc

GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns Workflow Security / Software Supply ChainGitHub is moving to strengthen software supply chain sec... 2026-6-23 14:22:3 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com github repository workflows security privileges

Agentic AI: The Weapon That No Longer Needs a Warrior Every weapon begins as an extension of the hand that holds it. The spear lengthened the reach of th... 2026-6-23 11:30:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com weapon phishing agents utilize warrior

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT Supply Chain Attack / Developer SecurityCybersecurity researchers have discovered a set of malicio... 2026-6-23 08:54:32 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com postcss selector pyd payload minify

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool Malware / Social EngineeringDirect messages sent via WhatsApp are being used to distribute malicio... 2026-6-23 05:38:40 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com vbscript remote rmm windows download

OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defe... 2026-6-23 03:56:58 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com security openai 2026 planet

ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack Supply Chain Attack / MalwareMultiple WordPress plugins from ShapedPlugin were compromised in a su... 2026-6-22 18:0:48 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com wordpress wp woocommerce

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants AI Security / VulnerabilityCybersecurity researchers have disclosed details of four vulnerabilitie... 2026-6-22 16:13:28 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com dify 2026 attacker bypass

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests Vulnerability / Server SecurityA heap over-read in the Squid web proxy can leak another user's cle... 2026-6-22 14:29:46 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com squid proxy attacker calif strchr

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer Malvertising / Endpoint SecurityCybersecurity researchers have disclosed details of a new campaign... 2026-6-22 13:20:12 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com oxloader evade storj dubbed

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries Mobile Security / Open SourceGoogle has set September 30, 2026, as the day it begins enforcing And... 2026-6-22 12:45:8 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com developer developers certified installs droid

Stop Your Legacy Infrastructure from Hijacking Your AI Agents Earlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot mos... 2026-6-22 11:58:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com security cloud agents attacker pilot

⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More It’s Monday again.This week’s threat list looks painfully familiar: abused integrations, fake too... 2026-6-22 10:55:10 | 阅读: 24 | 收藏 | The Hacker News - thehackernews.com 2026 wordpress security malicious

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT... 2026-6-22 09:11:37 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com canada csis court warrant routers