New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root... 2026-6-26 13:57:55 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com pedit memory rhel apparmor

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs AI Security / VulnerabilityA high-severity flaw in Amazon Q Developer let a malicious repository r... 2026-6-26 13:53:0 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com mcp developer 2026 cloud wiz

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue Vulnerability / Software SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA)... 2026-6-26 12:31:56 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com windchill ptc attacker software kev

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Resea... 2026-6-26 11:51:35 | 阅读: 7 | 收藏 | The Hacker News - thehackernews.com memory 2026 dirtyfrag network ipsec

Guardian Agents: The Next Layer of Identity Governance AI agents are moving through enterprise environments, inheriting permissions, traversing systems, a... 2026-6-26 11:30:0 | 阅读: 2 | 收藏 | The Hacker News - thehackernews.com agents guardian security identities governance

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack Supply Chain Attack / Developer SecurityCybersecurity researchers have flagged yet another evoluti... 2026-6-26 11:5:45 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com leo github developer malicious payload

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant An active phishing campaign has been targeting hotel and other hospitality organizations across Eu... 2026-6-26 09:27:12 | 阅读: 3 | 收藏 | The Hacker News - thehackernews.com phishing microsoft calendly booking hotel

Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff Mobile Security / Digital ForensicsRussian authorities used Cellebrite's UFED forensic tools to br... 2026-6-26 08:49:35 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com russia cellebrite citizen pivovarov ufed

Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks Cyber Espionage / MalwareThe Russian state-sponsored threat actor known as Turla has been attrib... 2026-6-26 07:15:46 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com stockstay kazuar windows turla gtig

Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to... 2026-6-25 14:12:52 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com youtube chrome adblock injection island

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories It’s dumb out there again.This week has the usual smell of prod on fire and nobody wanting to admit... 2026-6-25 12:24:43 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com microsoft malicious phishing marketplace 2026

Surviving the Mythos Era: Richard Bejtlich on the Case for NDR Despite the abundance of telemetry at analysts’ disposal, many security operations teams struggle t... 2026-6-25 11:17:31 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com network ndr security corelight

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis A previously undocumented Rust-based macOS implant and information stealer has been found to embed... 2026-6-25 09:23:3 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com llm python analysis gaslight injection

New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns Initial Access Broker / RansomwareA new, stealthy backdoor named Mistic has been deployed as par... 2026-6-25 08:54:37 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com ransomware modelorat microsoft kongtuke mistic

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access Vulnerability / Threat IntelligenceAn unknown threat actor exploited a recently disclosed high-sev... 2026-6-25 05:46:54 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com 2026 mandiant attacker peering privileges

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited Vulnerability / Network SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA)... 2026-6-24 17:19:18 | 阅读: 23 | 收藏 | The Hacker News - thehackernews.com 2026 network security privileges malicious

Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered A coordinated law enforcement operation, in partnership with private sector companies, including Bi... 2026-6-24 15:59:50 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com amadey stealc stealer 2026 c2

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks Open Source / Supply Chain SecurityCybersecurity researchers have flagged a new class of CI/CD wo... 2026-6-24 12:48:11 | 阅读: 30 | 收藏 | The Hacker News - thehackernews.com attacker novee security microsoft workflows

Dawn of the Apex Agentic Adversary Network Security / Vulnerability ManagementWe are standing at the end of an era we never thought t... 2026-6-24 11:30:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com runzero predator agentic network asset

DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering Money Laundering / CybercrimeThe U.S. Department of Justice (DoJ) on Tuesday announced the seizure... 2026-6-24 08:55:12 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com huione laundering criminal guarantee prince