Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-22 13:00 PDT
- ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
The Hacker News • 2026-06-22 11:00 • thehackernews.com
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official release channels and push backdoor code.“Attackers compromised the vendor’s build and distribution pipeline, injecting backdoor code into Pro plugin releases distributed through official licensed update channels,” Wordfence said in an analysis
https://thehackernews.com/2026/06/shapedplugin-wordpress-pro-plugins.html - Microsoft says Windows 11 26H2 is coming soon, details upgrade process
BleepingComputer • 2026-06-22 10:41 • www.bleepingcomputer.com
Microsoft has confirmed that Windows 11 version 26H2 will be the next feature update and that devices running Windows 11 24H2 and 25H2 will be able to upgrade using a small enablement package. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-says-windows-11-26h2-is-coming-soon-details-upgrade-process/ - Microsoft fixes AutoGen Studio flaw that enabled code execution
BleepingComputer • 2026-06-22 10:28 • www.bleepingcomputer.com
A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system simply by visiting a malicious webpage. […]
https://www.bleepingcomputer.com/news/security/microsoft-fixes-autogen-studio-flaw-that-enabled-code-execution/ - Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
The Hacker News • 2026-06-22 09:13 • thehackernews.com
Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily read artificial intelligence (AI) conversions from other customers’ applications without requiring authentication.The vulnerabilities have been collectively codenamed DifyTap by Zafran Security.
https://thehackernews.com/2026/06/researchers-detail-difytap-flaws-in.html - 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests
The Hacker News • 2026-06-22 07:29 • thehackernews.com
A heap over-read in the Squid web proxy can leak another user’s cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy.The bug traces to a 1997 FTP-parsing change and is still live in Squid’s default configuration. Researchers at Calif.io disclosed it in June and named it Squidbleed (
https://thehackernews.com/2026/06/29-year-old-squid-proxy-bug-squidbleed.html - Webshells Remain Popular, (Mon, Jun 22nd)
SANS ISC Diary (full) • 2026-06-22 07:10 • isc.sans.eduWebshells have been popular for a long time. We already covered this topic across multiple diaries[1][2]. I spent some time to track them[3] and slighly paid less attention to them but today I found another one. It seems to be a new playe…
https://isc.sans.edu/diary/rss/33096 - A Glimpse into the “Search Your Target” Market for Stolen Credentials
BleepingComputer • 2026-06-22 07:05 • www.bleepingcomputer.com
Attackers no longer need to sift through massive credential dumps. They can pay others to do it for them. Flare explores how an emerging underground market searches stolen credential databases for specific companies, domains, and accounts. […]
https://www.bleepingcomputer.com/news/security/a-glimpse-into-the-search-your-target-market-for-stolen-credentials/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
