⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More This week was a reminder that attackers do not always need big tricks. One small mistake, one old... 2026-6-29 14:41:7 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com 2026 security microsoft windows malicious

236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam t... 2026-6-29 11:57:40 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com dcloud investment infoblox fingerprint exchanges

Why Post-Quantum Cryptography Starts With Credentials Today’s encrypted data, such as credentials, may no longer remain confidential in the future becaus... 2026-6-29 11:42:16 | 阅读: 5 | 收藏 | The Hacker News - thehackernews.com resistant security migration attackers lived

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware ars... 2026-6-29 11:40:24 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com gamaredon malicious eset drives powershell

Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that... 2026-6-29 08:32:31 | 阅读: 2 | 收藏 | The Hacker News - thehackernews.com microsoft payload stegoad security

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw Vulnerability / Open SourceA public proof-of-concept is now out for CVE-2026-55200, a critical fla... 2026-6-29 07:6:34 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com libssh2 ssh client overflow corruption

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages t... 2026-6-29 05:36:6 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com github python stage developer c2

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials Messaging Security / Cyber EspionageThe Security Service of Ukraine (SSU) said it, together with t... 2026-6-27 17:27:11 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com attributed aimed ukraine phishing military

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited prev... 2026-6-27 12:19:37 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com gpt openai sol mythos

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys Secure Messaging / Social EngineeringThe FBI and CISA have updated their March warning about Russ... 2026-6-26 19:38:29 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com backup unc5792 attacker military psa

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks Malware / Windows SecurityA newly discovered cyber attack campaign has been observed delivering a... 2026-6-26 18:17:46 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com sharkloader cobalt beacon software droppers

Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign Cyber Espionage / MalwareA Chinese-speaking advanced persistent threat (APT) actor has been linke... 2026-6-26 16:21:25 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com tinyrct sta 1062 remote vnt

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root... 2026-6-26 13:57:55 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com pedit memory rhel apparmor

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs AI Security / VulnerabilityA high-severity flaw in Amazon Q Developer let a malicious repository r... 2026-6-26 13:53:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com mcp developer 2026 cloud wiz

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue Vulnerability / Software SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA)... 2026-6-26 12:31:56 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com windchill ptc attacker software kev

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Resea... 2026-6-26 11:51:35 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com memory 2026 dirtyfrag network ipsec

Guardian Agents: The Next Layer of Identity Governance AI agents are moving through enterprise environments, inheriting permissions, traversing systems, a... 2026-6-26 11:30:0 | 阅读: 11 | 收藏 | The Hacker News - thehackernews.com agents guardian security identities governance

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack Supply Chain Attack / Developer SecurityCybersecurity researchers have flagged yet another evoluti... 2026-6-26 11:5:45 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com leo github developer malicious payload

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant An active phishing campaign has been targeting hotel and other hospitality organizations across Eu... 2026-6-26 09:27:12 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com phishing microsoft calendly booking hotel

Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff Mobile Security / Digital ForensicsRussian authorities used Cellebrite's UFED forensic tools to br... 2026-6-26 08:49:35 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com russia cellebrite citizen pivovarov ufed