Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-04 13:00 PDT
- Meta’s own AI chatbot to blame for Instagram accounts being stolen in seconds
Graham Cluley • 2026-06-04 12:53 • www.fortra.com
Hackers have been hijacking Instagram accounts at scale by exploiting Meta’s AI support chatbot. And, as if that weren’t bad enough, the technique required no technical skill whatsoever.Read more in my article on the Fortra blog.
https://www.fortra.com/blog/metas-own-ai-chatbot-blame-instagram-accounts-being-stolen-seconds - DentaQuest data breach exposed info of 2.6 million accounts
BleepingComputer • 2026-06-04 11:36 • www.bleepingcomputer.com
A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts. […]
https://www.bleepingcomputer.com/news/security/dentaquest-data-breach-exposed-info-of-26-million-accounts/ - Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
The Hacker News • 2026-06-04 09:55 • thehackernews.com
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco’s PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens that runway.
The flaw is a server-side request forgery.
https://thehackernews.com/2026/06/cisco-patches-cve-2026-20230-in-unified.html - UN food agency discloses breach affecting 600,000 Gaza households
BleepingComputer • 2026-06-04 09:38 • www.bleepingcomputer.com
The United Nations’ World Food Programme (WFP), the world’s largest humanitarian organization, revealed over the weekend that its self-registration application (SRA) for Palestine was breached. […]
https://www.bleepingcomputer.com/news/security/un-world-food-programme-breach-affects-600-000-gaza-households/ - New IronWorm malware hits 36 packages in npm supply-chain attack
BleepingComputer • 2026-06-04 08:25 • www.bleepingcomputer.com
A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. […]
https://www.bleepingcomputer.com/news/security/new-ironworm-malware-hits-36-packages-in-npm-supply-chain-attack/ - Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
The Hacker News • 2026-06-04 08:15 • thehackernews.com
A security researcher found a flaw in Anthropic’s Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic’s own action repo used the same workflow, a working attack could have pushed malicious code into the action itself and onto the projects downstream that pull it.RyotaK of GMO
https://thehackernews.com/2026/06/claude-code-github-action-flaw-let-one.html - Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
The Hacker News • 2026-06-04 08:10 • thehackernews.com
Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic’s Claude Mythos model was made available to a limited set of organizations as a technical preview, it was reported that an unauthorized group claimed that it had gained access within hours. The incident, if true, was
https://thehackernews.com/2026/06/agentic-ai-is-transforming-defense-but.html - Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
BleepingComputer • 2026-06-04 07:01 • www.bleepingcomputer.com
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tutorial reveals about modern attacker workflows. […]
https://www.bleepingcomputer.com/news/security/hackers-are-after-the-gaps-in-your-vulnerability-program-heres-their-playbook/ - ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
The Hacker News • 2026-06-04 07:00 • thehackernews.com
It got stupid again.The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums go down and come back worse. Cheap hackers get better toys. AI starts breaking real systems. Great.
Read the whole thing before it ruins your week anyway.
Unauthenticated
https://thehackernews.com/2026/06/threatsday-bulletin-ai-agents-gone.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
