Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-15 13:00 PDT
- North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
The Hacker News • 2026-06-15 12:32 • thehackernews.com
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi).According to a report published by Proofpoint, the threat actor has been found orchestrating phishing campaigns using developer role recruitment or code review themes
https://thehackernews.com/2026/06/north-korean-hackers-are-turning.html - OptinMonster WordPress plugin hacked in CDN supply-chain attack
BleepingComputer • 2026-06-15 10:37 • www.bleepingcomputer.com
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). […]
https://www.bleepingcomputer.com/news/security/optinmonster-wordpress-plugin-hacked-in-cdn-supply-chain-attack/ - Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
BleepingComputer • 2026-06-15 10:12 • www.bleepingcomputer.com
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. […]
https://www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/ - LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
The Hacker News • 2026-06-15 09:39 • thehackernews.com
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosedLiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface.
A server takeover exposes every provider key it holds, the secrets that
https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html - Council of Europe investigates ShinyHunters data breach claims
BleepingComputer • 2026-06-15 09:37 • www.bleepingcomputer.com
The Council of Europe, the continent’s oldest intergovernmental body, is probing claims of a data breach made by the ShinyHunters extortion group over the weekend. […]
https://www.bleepingcomputer.com/news/security/council-of-europe-investigates-shinyhunters-data-breach-claims/ - FBI: Fraudsters use couriers to steal money in crypto scams
BleepingComputer • 2026-06-15 08:30 • www.bleepingcomputer.com
The U.S. Federal Bureau of Investigation (FBI) warned that criminals are using couriers to collect money from victims of cryptocurrency investment scams, also known as pig butchering or romance baiting. […]
https://www.bleepingcomputer.com/news/security/fbi-fraudsters-use-couriers-to-steal-money-in-crypto-scams/ - One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes
The Hacker News • 2026-06-15 08:09 • thehackernews.com
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise Search.Researchers at Varonis Threat Labs chained three bugs into a one-click exfiltration path they call SearchLeak. Because the link pointed to a real microsoft.com domain, traditional anti-phishing and URL filtering tools were
https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html - Vibe coders are gonna vibe code: How CISOs are tackling code sprawl
BleepingComputer • 2026-06-15 07:01 • www.bleepingcomputer.com
Employees are increasingly building automations, agents, and apps with AI tools outside traditional security oversight. Tines explores how CISOs are handling AI-driven code sprawl, shadow tooling, and governance challenges. […]
https://www.bleepingcomputer.com/news/security/vibe-coders-are-gonna-vibe-code-how-cisos-are-tackling-code-sprawl/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
