Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-20 08:00 PDT
- Microsoft links Mastra AI supply chain attack to North Korean hackers
BleepingComputer • 2026-06-20 07:09 • www.bleepingcomputer.com
Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. […]
https://www.bleepingcomputer.com/news/security/microsoft-links-mastra-ai-supply-chain-attack-to-north-korean-hackers/ - Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
The Hacker News • 2026-06-20 02:56 • thehackernews.com
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about 100,000 sites.The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens
https://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
