Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-10 13:00 PDT
- GitHub announces npm security changes to tackle supply-chain attacks
BleepingComputer • 2026-06-10 12:41 • www.bleepingcomputer.com
GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behaviors triggered by the ‘npm install’ command. […]
https://www.bleepingcomputer.com/news/security/github-announces-npm-security-changes-to-tackle-supply-chain-attacks/ - Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks
BleepingComputer • 2026-06-10 11:31 • www.bleepingcomputer.com
Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations. […]
https://www.bleepingcomputer.com/news/security/oracle-peoplesoft-servers-hacked-in-shinyhunters-data-theft-attacks/ - China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance
The Hacker News • 2026-06-10 09:08 • thehackernews.com
Cybersecurity researchers have warned of a “resurgence and expansion” of JDY, a covert network associated with China-nexus state-sponsored threat actors.“The JDY botnet comprises over 1,500 SOHO [small office and home office] and IoT devices and operates as a centrally controlled, high-performance scanner used to discover, fingerprint, and continuously map exposed services at scale,” Lumen’s
https://thehackernews.com/2026/06/china-linked-jdy-botnet-expands-to-1500.html - Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities
The Hacker News • 2026-06-10 08:10 • thehackernews.com
Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure.The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. It’s tracked as CVE-2026-25089 (CVSS score: 9.1).
“An
https://thehackernews.com/2026/06/ivanti-fortinet-and-sap-release-patches.html - Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE
The Hacker News • 2026-06-10 08:00 • thehackernews.com
A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck.The vulnerability in question is CVE-2026-5027 (CVSS score: 8.8), a case of path traversal that could allow an attacker to write files to arbitrary locations.
“The ‘POST /
https://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html - China-linked JDY botnet expands targeting of U.S. military networks
BleepingComputer • 2026-06-10 08:00 • www.bleepingcomputer.com
The JDY botnet, a malware network previously associated with Chinese threat actors like Volt Typhoon, has significantly expanded its targeting scope and reconnaissance efforts. […]
https://www.bleepingcomputer.com/news/security/china-linked-jdy-botnet-expands-targeting-of-us-military-networks/ - CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
The Hacker News • 2026-06-10 07:44 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation.The list of vulnerabilities is as follows –
CVE-2026-20245 (CVSS score: 7.8) – An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an
https://thehackernews.com/2026/06/cisa-adds-cisco-chrome-and-arista-flaws.html - The 5 Best Practices for Secure Identity Verification
BleepingComputer • 2026-06-10 07:05 • www.bleepingcomputer.com
Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down five best practices for stronger identity verification and access security. […]
https://www.bleepingcomputer.com/news/security/the-5-best-practices-for-secure-identity-verification/ - Who Runs the Ransomware Group ‘The Gentlemen?’
KrebsOnSecurity • 2026-06-10 07:03 • krebsonsecurity.com
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.
https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
