Cyber Security News

The Office of the Maine Attorney General has temporarily taken its public-facing data breach reporting database offline after discovering that an unknown entity submitted fabricated breach notifications targeting two major online platforms, VRChat and Discord, in what officials are calling a deliberate abuse of the state’s breach disclosure system. On June 12, 2026, the Maine […]

The post Maine AG’s Office Takes Data Breach Reporting Portal Offline After Fake VRChat and Discord Filings appeared first on Cyber Security News.

152 Chrome “live wallpaper” extensions on the Chrome Web Store have been caught secretly logging user data and faking Google “organic search” traffic to inflate ad revenue, despite promising they do not collect any data. This adware‑adjacent campaign abuses new‑tab extensions to launder extension‑generated visits into what appears to be legitimate search traffic, polluting analytics […]

The post 152 Chrome Extensions Hide Ad Tracking and Fake Google Search Traffic appeared first on Cyber Security News.

New “Agentjacking” attack that hijacks AI coding agents and silently executes attacker-controlled code on developer machines using nothing more than a single injected Sentry error. The technique turns trusted AI assistants like Claude Code and Cursor into an execution layer for malicious commands, without phishing, malware delivery, or any breach of the victim’s infrastructure. In […]

The post New Agentjacking Attack Hijacks Your AI Coding Agent to Run Code From a Hacker’s Server appeared first on Cyber Security News.

A new open-source bug bounty hunting toolkit called BugHunter, built on top of Anthropic’s Claude Code and now extended to support free AI providers like Ollama and Groq, is gaining traction in the security research community for automating the full vulnerability discovery and reporting pipeline. Developed by security researcher Shuvon Md Shariar Shanaz and hosted […]

The post BugHunter – Bug Bounty Toolkit Powered by Claude and Free AI Providers appeared first on Cyber Security News.

A critical vulnerability chain in Splunk Enterprise has been disclosed, enabling unauthenticated attackers to achieve remote code execution (RCE) through a misconfigured PostgreSQL sidecar service. Tracked as CVE-2026-20253, the flaw has a CVSS score of 9.8 and affects Splunk Enterprise 10 and later. The issue originates from the PostgreSQL Sidecar Service, an internal component introduced […]

The post Splunk Enterprise Pre-Auth RCE Chain Exposes Database With Zero Authentication appeared first on Cyber Security News.

Anthropic has disabled its two most capable AI models, Fable 5 and Mythos 5, after the U.S. government issued an export control directive late on June 12 ordering the company to block access for any foreign national, whether inside or outside the United States, including Anthropic’s own foreign-national employees. Because the company says it cannot […]

The post Anthropic Fable 5 and Mythos 5 Access Blocked to All Users Following Government Directive appeared first on Cyber Security News.

One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as Fancy Bear, formally tracked as APT28 and attributed to Russia’s military intelligence unit GRU Unit 26165, has been quietly shifting how it runs cyberattack operations. Instead of relying on traditional infrastructure, the […]

The post Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks appeared first on Cyber Security News.

A newly documented phishing campaign is using a legitimate remote management tool to silently take over victims’ computers, without deploying a single line of traditional malware. Researchers have uncovered an active operation targeting Brazilian organizations, where attackers trick employees into installing a real enterprise software agent that then hands full remote control to the threat […]

The post Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection appeared first on Cyber Security News.

A fresh wave of supply chain attacks is putting blockchain developers, Web3 teams, and cloud engineers at serious risk. Researchers have uncovered a coordinated campaign involving multiple malicious packages on the npm registry, each designed to quietly steal sensitive secrets the moment a developer installs them. From SSH private keys to cloud credentials, wallet phrases […]

The post Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets appeared first on Cyber Security News.

A new and dangerous credential-stealing tool called OnyxC2 has emerged in the cybercrime underground, showing just how easy it has become for even low-skilled attackers to run a professional hacking operation. Sold as a complete package for $250 a month, the malware gives buyers everything they need to quietly drain login data from victims worldwide. […]

The post Hackers Use OnyxC2 Malware-as-a-Service to Steal Credentials From 210 Applications appeared first on Cyber Security News.

Several Facebook and Instagram users reported issues accessing the social media platforms amid a global outage of Meta on Friday. Meta’s social media ecosystem experienced a significant global disruption on Friday, leaving millions of users unable to access Facebook and Instagram. The outage, which began affecting users across multiple time zones, triggered a surge of […]

The post Facebook and Instagram Down Globally, Users Reporting Multiple Issues appeared first on Cyber Security News.

Google has filed a landmark lawsuit against a China-based cybercrime network called the “Outsider Enterprise,” marking the first time the tech giant has legally pursued threat actors for weaponizing its own Gemini AI platform to conduct large-scale phishing campaigns against U.S. consumers. The Outsider Enterprise operates as a sophisticated phishing-as-a-service (PhaaS) platform, coordinating operations through […]

The post Google Sues Chinese Cybercrime Network for Using Gemini AI to Launch Cyberattacks appeared first on Cyber Security News.

A massive supply chain attack targeting the Arch User Repository (AUR) has compromised more than 400 community-maintained packages, with attackers injecting malicious build scripts designed to deploy credential-stealing malware and rootkit-style payloads on affected Linux systems. The campaign, dubbed “Atomic Arch” by researchers, was identified around June 11, 2026, and represents one of the most […]

The post 400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealers appeared first on Cyber Security News.

A critical vulnerability chain discovered in LangGraph, a popular open-source AI agent framework developed by the creators of LangChain, could allow attackers to gain full server control through remote code execution (RCE). The issue, identified by Check Point Research, highlights how traditional vulnerabilities can become significantly more dangerous when embedded in AI-driven systems that manage […]

The post Critical Vulnerability Chain in LangGraph Allows Attackers to Gain Full Server Control appeared first on Cyber Security News.

A newly identified remote access trojan named SHEETCREEP is making headlines for its clever use of Google Sheets as a hidden communication channel between attackers and infected machines. This C# malware targets diplomatic organizations, using a carefully crafted lure to trick victims into executing it on their systems. The campaign represents a calculated move by […]

The post SHEETCREEP C# RAT Abuses Google Sheets API as C2 to Target Diplomatic Organizations appeared first on Cyber Security News.

Authorities have dismantled a major cryptocurrency laundering service known as “AudiA6,” widely used by ransomware groups and cybercriminal networks to obscure illicit financial flows and cash out stolen digital assets. The international operation targeted what investigators described as an industrial-scale laundering platform that processed more than EUR 336 million between 2022 and 2025. The service […]

The post Authorities Dismantle Cryptocurrency Laundering Services ‘AudiA6’ Used by Ransomware Gangs appeared first on Cyber Security News.

Microsoft has disclosed a significant security vulnerability in Microsoft Teams for Android that could allow an authenticated attacker to expose sensitive information over a network. The flaw, tracked as CVE-2026-42835, was officially released on June 9, 2026, and has been rated Important in severity. The vulnerability stems from improper neutralization of special elements in output […]

The post Microsoft Teams for Android Vulnerability Allows Attackers to Disclose Sensitive Data appeared first on Cyber Security News.

Mandiant and Google Threat Intelligence Group (GTIG) have issued a critical warning after identifying an active compromise-and-extortion campaign targeting Oracle PeopleSoft infrastructure, attributed to the notorious threat actor UNC6240, also known as ShinyHunters. The campaign exploited CVE-2026-35273, a critical unauthenticated remote code execution (RCE) vulnerability with a CVSS score of 9.8, as a zero-day before […]

The post Oracle PeopleSoft 0-Day RCE Vulnerability Exploited in Attacks by ShinyHunters appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 26-04, titled “Prioritizing Security Updates Based on Risk,” compelling all Federal Civilian Executive Branch (FCEB) agencies to remediate the most dangerous known exploited vulnerabilities within just three calendar days. The directive, released on June 10, 2026, represents the most aggressive federal […]

The post CISA Requires Federal Agencies to Patch Critical Vulnerabilities Within 3 Days appeared first on Cyber Security News.

A notorious hacking group has been caught targeting stock investors in Vietnam through a supply chain attack, hijacking a popular investment software platform to deliver a powerful backdoor. The operation, carried out by OceanLotus (also known as APT32), marks a notable shift in the group’s tactics as it turns focus increasingly toward domestic targets inside […]

The post OceanLotus APT Compromises FireAnt MetaKit in Supply-Chain Attack on Stock Investors appeared first on Cyber Security News.