Top Security Breaches 2026-06-23

Auto-generated 2026-06-23T09:00:29.110146+00:00 (UTC)

1. Texas govt data breach exposes over 3 million driver’s licenses

   Source: BleepingComputer | Published: 2026-06-19T16:12:41+00:00 | Score: 16.613
   

   The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. […]

   Original: https://www.bleepingcomputer.com/news/security/texas-govt-data-breach-exposes-over-3-million-drivers-licenses/

2. The Top 10 Attack Surface Exposures in 2026

   Source: The Hacker News | Published: 2026-06-17T10:30:00+00:00 | Score: 16.519
   

   Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication — anything internet-facing is immediately at risk.

   With time-to-exploit now down to a

   Original: https://thehackernews.com/2026/06/the-top-10-attack-surface-exposures-in.html

3. From Assistive to Agentic: The AI Shift That’s Redefining Threat Management

   Source: The Hacker News | Published: 2026-06-19T11:58:00+00:00 | Score: 15.337
   

   Introduction

   The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping) alerts and data. And yet, breach dwell times remain stubbornly long (~43 days), response windows keep closing before teams can act, and analysts burn out triaging noise instead

   Original: https://thehackernews.com/2026/06/from-assistive-to-agentic-ai-shift.html

4. ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

   Source: The Hacker News | Published: 2026-06-22T10:55:10+00:00 | Score: 13.524
   

   It’s Monday again.

   This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much control.

   The annoying part is how little of this feels new. Weak credentials, sketchy downloads, browser extensions with too much access, and WordPress sites are used to push more

   Original: https://thehackernews.com/2026/06/weekly-recap-browser-bugs-edr-killers.html

5. Forget Data Leakage: Shadow AI’s Real Threat Is Access Control

   Source: The Hacker News | Published: 2026-06-19T10:30:00+00:00 | Score: 13.519
   

   The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, domain blocks, and data loss prevention rules. That response made sense at the time.

   It doesn’t fit the problem anymore.

   Shadow AI has shifted from a data leakage concern to an access control problem. The threat isn’t

   Original: https://thehackernews.com/2026/06/forget-data-leakage-shadow-ais-real.html

6. INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

   Source: The Hacker News | Published: 2026-06-22T06:06:53+00:00 | Score: 13.464
   

   A new report from INTERPOL has revealed a “dramatic increase” in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity.

   According to INTERPOL’s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report, phishing has emerged as the most widespread and

   Original: https://thehackernews.com/2026/06/interpol-warns-phishing-ransomware-and.html

7. The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

   Source: The Hacker News | Published: 2026-06-19T18:33:07+00:00 | Score: 12.719
   

   The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor.

   This mature portfolio of EDR-terminating tools is centered around a framework that’s known as GentleKiller.

   “They also incorporate third-party or

   Original: https://thehackernews.com/2026/06/the-gentlemen-raas-uses-gentlekiller.html

8. 29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests

   Source: The Hacker News | Published: 2026-06-22T14:29:46+00:00 | Score: 12.669
   

   A heap over-read in the Squid web proxy can leak another user’s cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy.

   The bug traces to a 1997 FTP-parsing change and is still live in Squid’s default configuration. Researchers at Calif.io disclosed it in June and named it Squidbleed (

   Original: https://thehackernews.com/2026/06/29-year-old-squid-proxy-bug-squidbleed.html

End of report.