Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-17 03:00 PDT
- Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
The Hacker News • 2026-06-17 02:38 • thehackernews.com
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys.“Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,”
https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html - Microsoft working on Defender patch for RoguePlanet zero-day
BleepingComputer • 2026-06-17 01:32 • www.bleepingcomputer.com
Microsoft confirmed that it’s working on a security patch for a Defender zero-day vulnerability named “RoguePlanet,” disclosed one week ago. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-working-on-defender-patch-for-rogueplanet-zero-day/ - 144 Mastra npm Packages Compromised via Hijacked Contributor Account
The Hacker News • 2026-06-17 00:38 • thehackernews.com
As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity.“A single npm account (ehindero) mass-published more
https://thehackernews.com/2026/06/144-mastra-npm-packages-compromised-via.html - Kodak confirms data breach claimed by ShinyHunters extortion gang
BleepingComputer • 2026-06-17 00:07 • www.bleepingcomputer.com
Kodak has confirmed that it’s working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company’s data. […]
https://www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/ - CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
The Hacker News • 2026-06-16 22:50 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary
https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
