Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-10 08:00 PDT
- The 5 Best Practices for Secure Identity Verification
BleepingComputer • 2026-06-10 07:05 • www.bleepingcomputer.com
Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down five best practices for stronger identity verification and access security. […]
https://www.bleepingcomputer.com/news/security/the-5-best-practices-for-secure-identity-verification/ - Who Runs the Ransomware Group ‘The Gentlemen?’
KrebsOnSecurity • 2026-06-10 07:03 • krebsonsecurity.com
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.
https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/ - Microsoft patches Exchange Server zero-day exploited in attacks
BleepingComputer • 2026-06-10 06:44 • www.bleepingcomputer.com
Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web Access users. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-exchange-server-zero-day-exploited-in-attacks/ - Why schools remain one of cybercriminals’ favourite targets
Graham Cluley • 2026-06-10 06:18 • www.bitdefender.com
Schools on both sides of the Atlantic have been revealed in recent days to have been hit by hackers, reminding all of us that ransomware gangs see educational instituions as targets all year round.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/why-schools-remain-one-of-cybercriminals-favourite-targets - Microsoft: Some Windows PCs fail to install latest monthly updates
BleepingComputer • 2026-06-10 04:33 • www.bleepingcomputer.com
Microsoft warned customers on Tuesday that they may have issues installing the latest monthly updates on some Windows devices that were upgraded to Windows 11 24H2 or 25H2. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-some-upgraded-windows-pcs-fail-to-install-monthly-updates/ - NSO Group Hacking WhatsApp Despite Court Order
Schneier on Security • 2026-06-10 04:08 • www.schneier.comWhatsApp has caught the NSO Group phishing its users, in violation of a court order.
https://www.schneier.com/blog/archives/2026/06/nso-group-hacking-whatsapp-despite-court-order.html
- Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar
The Hacker News • 2026-06-10 03:27 • thehackernews.com
Your pentest report looks clean. That might be the problem.Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads “stable” as “secure.” It usually isn’t. The work slows down. The risk does not.
That gap is what a The Hacker News webinar with Picus Security sets out to close.
Autumn
https://thehackernews.com/2026/06/your-automated-pentest-looks-clean-see.html - Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
BleepingComputer • 2026-06-10 02:57 • www.bleepingcomputer.com
On Tuesday, Microsoft patched two zero-day vulnerabilities that let attackers gain SYSTEM privileges on fully patched Windows systems, and a third one that grants access to BitLocker-protected drives. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-yellowkey-greenplasma-miniplasma-zero-days/ - Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
The Hacker News • 2026-06-10 02:38 • thehackernews.com
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release.Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63 privilege escalation, 56 remote code execution, 30 information disclosure, 27 spoofing, 20 security
https://thehackernews.com/2026/06/microsoft-patches-record-206-flaws.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
