Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-25 13:00 PDT
- Order-tracking app Shop abused to push callback phishing attacks
BleepingComputer • 2026-06-25 12:45 • www.bleepingcomputer.com
Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users’ order histories to trick them into providing sensitive data or installing remote access software. […]
https://www.bleepingcomputer.com/news/security/order-tracking-app-shop-abused-to-push-callback-phishing-attacks/ - Microsoft quietly extends free Windows 10 ESU support to October 2027
BleepingComputer • 2026-06-25 11:29 • www.bleepingcomputer.com
Microsoft has quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to continue receiving security updates until October 12, 2027. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-quietly-extends-free-windows-10-esu-support-to-october-2027/ - AI and Liability
Schneier on Security • 2026-06-25 10:03 • www.schneier.comEarlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like “users can check for themselves,” and that they generally know “that information generated with AI should not be blindly trusted,” the court held that the AI’s summaries are reflections of the company and “above all an expression of Google’s business activities.”
This is…
https://www.schneier.com/blog/archives/2026/06/ai-and-liability.html - New macOS malware embeds fake errors to confuse AI analysis tools
BleepingComputer • 2026-06-25 09:23 • www.bleepingcomputer.com
A newly discovered macOS malware dubbed “Gaslight” is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake debugging data within the executable. […]
https://www.bleepingcomputer.com/news/security/new-macos-malware-embeds-fake-errors-to-confuse-ai-analysis-tools/ - PirloTV sports piracy network disrupted as 44 domains seized
BleepingComputer • 2026-06-25 08:36 • www.bleepingcomputer.com
A major sports piracy ring linked to the illegal PirloTV streaming platform has been disrupted in an action that targeted 44 domains. […]
https://www.bleepingcomputer.com/news/security/pirlotv-sports-piracy-network-disrupted-as-44-domains-seized/ - Bluekit phishing kit adopts browser-in-the-middle for login theft
BleepingComputer • 2026-06-25 08:00 • www.bleepingcomputer.com
The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and by adding browser-in-the-middle capabilities for improved data theft. […]
https://www.bleepingcomputer.com/news/security/bluekit-phishing-kit-adopts-browser-in-the-middle-for-login-theft/ - Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
The Hacker News • 2026-06-25 07:12 • thehackernews.com
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code.According to Island, the extension, named Adblock for YouTube (ID: cmedhionkhpnakcndndgjdbohmhepckk), has more than 10 million installs and carries a Featured badge on the Chrome Web Store.
The extension description states that it allows users to prevent web
https://thehackernews.com/2026/06/chrome-ad-blocker-with-10m-installs.html - The Four Elevations of Effective Fraud Prevention
BleepingComputer • 2026-06-25 07:01 • www.bleepingcomputer.com
Fraudsters don’t attack just one transaction. They target accounts, platforms, and entire ecosystems. IPQS explains the four elevations of fraud prevention and why broader visibility improves fraud detection. […]
https://www.bleepingcomputer.com/news/security/the-four-elevations-of-effective-fraud-prevention/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
