Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-24 08:00 PDT
- CISA warns of max severity Ubiquiti flaws exploited in attacks
BleepingComputer • 2026-06-24 07:35 • www.bleepingcomputer.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity UniFi OS and Lantronix serial-to-ethernet servers. […]
https://www.bleepingcomputer.com/news/security/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks/ - Amadey, StealC malware operations disrupted in Operation Endgame action
BleepingComputer • 2026-06-24 07:35 • www.bleepingcomputer.com
Microsoft, Europol, and international partners have disrupted infrastructure used by the Amadey and StealC malware operations as part of Operation Endgame, which targets cybercriminal services and ransomware gangs. […]
https://www.bleepingcomputer.com/news/security/amadey-stealc-malware-operations-disrupted-in-operation-endgame-action/ - Securing the service desk: Why social engineering attacks keep succeeding
BleepingComputer • 2026-06-24 07:02 • www.bleepingcomputer.com
Service desks have become a favored target for attackers seeking password resets, MFA changes, and access to corporate accounts. Specops Software breaks down how service desk social engineering attacks work and how organizations can defend against them. […]
https://www.bleepingcomputer.com/news/security/securing-the-service-desk-why-social-engineering-attacks-keep-succeeding/ - Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
The Hacker News • 2026-06-24 05:48 • thehackernews.com
Cybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains.The “critical exploitable pattern” has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of repositories at dozens of the largest organizations worldwide, including Microsoft, Google, Apache, and
https://thehackernews.com/2026/06/cordyceps-cicd-flaws-expose-300-github.html - Dawn of the Apex Agentic Adversary
The Hacker News • 2026-06-24 04:30 • thehackernews.com
We are standing at the end of an era we never thought to mourn: the era of human-speed threats.For years, cybersecurity moved to a rhythm organizations could follow. A researcher found a bug, a CVE was cataloged, a vendor navigated a patch cycle, and weeks or even months later, a fix was deployed. In this era, dwell time was measured in days, sometimes weeks. We are now approaching an
https://thehackernews.com/2026/06/dawn-of-apex-agentic-adversary.html - Embedding Forbidden Text in Spyware to Discourage AI Analysis
Schneier on Security • 2026-06-24 04:03 • www.schneier.comAt least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis.
The _index.js payload begins with a large JavaScript block comment containing fake system instructions and policy-triggering content. Because it is inside a comment, it does not affect JavaScript execution. The runtim…
https://www.schneier.com/blog/archives/2026/06/embedding-forbidden-text-in-spyware-to-discourage-ai-analysis-2.html - Stealthy Mistic backdoor linked to ransomware access broker KongTuke
BleepingComputer • 2026-06-24 03:41 • www.bleepingcomputer.com
A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional services sectors. […]
https://www.bleepingcomputer.com/news/security/stealthy-mistic-backdoor-linked-to-ransomware-access-broker-kongtuke/ - StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader
Securelist • 2026-06-24 03:00 • securelist.com
Kaspersky researchers analyze a new global campaign dubbed StrikeShark that delivers Cobalt Strike Beacon via custom SharkLoader malware.
https://securelist.com/strikeshark-campaign/120326/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
