Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-29 08:00 PDT
- ⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More
The Hacker News • 2026-06-29 07:41 • thehackernews.com
This week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly the door is open.The noise is not all noise, either. Forums are talking, researchers are finding easy cracks, and defenders have more cleanup waiting.
Here’s the full Monday recap.
⚡ Threat of the Week
New DirtyClone Linux Kernel Flaw Lets Local
https://thehackernews.com/2026/06/weekly-recap-linux-kernel-flaws-ai.html - Agentic AI Has an Identity Problem and Attackers Know It
BleepingComputer • 2026-06-29 07:01 • www.bleepingcomputer.com
AI agents can access data, trigger workflows, and take action across enterprise systems. Token Security explains why governing these privileged identities is becoming essential for enterprise security. […]
https://www.bleepingcomputer.com/news/security/agentic-ai-has-an-identity-problem-and-attackers-know-it/ - Critical SimpleHelp flaw exploited to deploy new stealer malware
BleepingComputer • 2026-06-29 07:00 • www.bleepingcomputer.com
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. […]
https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-simplehelp-flaw-deploy-new-djinn-infostealer-taskweaver-malware/ - Hackers now exploit critical Oracle E-Business flaw in attacks
BleepingComputer • 2026-06-29 06:46 • www.bleepingcomputer.com
Attackers have begun exploiting a critical vulnerability (CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial application, according to threat intelligence company Defused. […]
https://www.bleepingcomputer.com/news/security/new-oracle-e-business-suite-flaw-now-exploited-in-attacks/ - Webinar: Why business email compromise attacks keep succeeding
BleepingComputer • 2026-06-29 05:14 • www.bleepingcomputer.com
Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email defenses to detect. This webinar explores how behavioral AI can help identify sophisticated email threats and automate response workflows. […]
https://www.bleepingcomputer.com/news/security/webinar-why-business-email-compromise-attacks-keep-succeeding/ - Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th)
SANS ISC Diary (full) • 2026-06-29 05:00 • isc.sans.eduI'm in the throes of target host recon for another pentest, and thought I'd share some workflow / automation stuff.
In the past, I've discussed using historic DNS “mining” to collect target hosts in the domain. - 236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers
The Hacker News • 2026-06-29 04:57 • thehackernews.com
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App.The templates power bogus cryptocurrency exchanges, multi-language pig-butchering operations, WhatsApp phishing networks, fake gambling platforms, brand-impersonation
https://thehackernews.com/2026/06/236000-dcloud-uni-app-sites-used-in.html - Why Post-Quantum Cryptography Starts With Credentials
The Hacker News • 2026-06-29 04:42 • thehackernews.com
Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon be broken by quantum computers. Although no machine today can break elliptic curve cryptography or RSA, quantum hardware is advancing rapidly and will inevitably change how organizations protect their data. Ciphertext and credentials captured by
https://thehackernews.com/2026/06/why-post-quantum-cryptography-starts.html - Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
The Hacker News • 2026-06-29 04:40 • thehackernews.com
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025.Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new targets, with most of them taking place in the second half of the year. Primary targets of these
https://thehackernews.com/2026/06/gamaredon-expands-ukraine-attacks-with.html - US seizes hundreds of FIFA World Cup illegal streaming domains
BleepingComputer • 2026-06-29 04:21 • www.bleepingcomputer.com
The U.S. Justice Department’s Criminal Division has seized nearly 400 web domains used for illegally streaming matches at the FIFA World Cup. […]
https://www.bleepingcomputer.com/news/security/us-seizes-hundreds-of-fifa-world-cup-illegal-streaming-domains/ - Robot Police Officers
Schneier on Security • 2026-06-29 03:55 • www.schneier.comWe’ve taken one small step towards robot police officers: a drone capable of disarming a suspect:
In a June 22 video posted on the Sacramento County Sheriff’s Office’s Instagram page, an officer wearing goggles can be seen operating a drone to retrieve a knife from an armed suspect hiding inside a cluttered house. “After not responding to negotiators, a drone was deployed inside the residence,” the post says. “Drone pilots located the suspect hiding in a corner of a garage” and then…
https://www.schneier.com/blog/archives/2026/06/robot-police-officers.html - The Gentlemen are knocking: сustom backdoors and evolving tactics
Securelist • 2026-06-29 03:00 • securelist.com
Kaspersky researchers analyze incidents related to The Gentlemen RaaS group, disclose their tools and TTPs, and find a new ransomware variant.
https://securelist.com/the-gentlemen-raas/120447/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
