Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-17 08:00 PDT
- Why Account Takeovers Are Rising and How to Stop Them
BleepingComputer • 2026-06-17 07:00 • www.bleepingcomputer.com
Account takeovers are rising as attackers bypass traditional defenses through phishing, session hijacking, and MFA fatigue. Specops Software explores how device trust and continuous verification help reduce account takeover risk. […]
https://www.bleepingcomputer.com/news/security/why-account-takeovers-are-rising-and-how-to-stop-them/ - Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
The Hacker News • 2026-06-17 06:51 • thehackernews.com
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys.“Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,”
https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html - India's Telegram ban hit the UAE too. Here's how to get around it
BleepingComputer • 2026-06-17 06:12 • www.bleepingcomputer.com
India has banned Telegram until June 22 after the app was used to circulate leaked exam papers. CEO Pavel Durov accuses telecom Reliance of BGP hijacking that disrupted the app as far away as the UAE. Here’s what happened, and how to get around the block with an MTProto proxy. […]
https://www.bleepingcomputer.com/news/security/indias-telegram-ban-hit-the-uae-too-heres-how-to-get-around-it/ - Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
The Hacker News • 2026-06-17 04:58 • thehackernews.com
For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain.The problem is no longer visibility. It’s validation. Security teams must decide which findings warrant action while operating under constant pressure and incomplete information. Increasingly, the challenge is not discovering potential risks. It is determining which risks
https://thehackernews.com/2026/06/adversarial-exposure-validation-turns.html - Microsoft confirms Office apps launch issues after June updates
BleepingComputer • 2026-06-17 04:54 • www.bleepingcomputer.com
Microsoft is investigating a new issue preventing third-party applications from launching Microsoft Office applications or opening documents on up-to-date Windows systems. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-office-apps-launch-issues-after-june-updates/ - AI Use by the US Government
Schneier on Security • 2026-06-17 04:04 • www.schneier.comOn 14 April, the Trump administration quietly acknowledged the widespread use of AI to automate government processes. The office of management and budget (OMB) disclosed a staggering 3,611 active or planned use cases for AI across the federal government. The list has ballooned by 70% from the one published in the final year of the Biden administration, and includes many dist…
https://www.schneier.com/blog/archives/2026/06/ai-use-by-the-us-government.html - The Top 10 Attack Surface Exposures in 2026
The Hacker News • 2026-06-17 03:30 • thehackernews.com
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication — anything internet-facing is immediately at risk.With time-to-exploit now down to a
https://thehackernews.com/2026/06/the-top-10-attack-surface-exposures-in.html - CISA orders feds to patch max severity Joomla plugin flaw by Friday
BleepingComputer • 2026-06-17 03:09 • www.bleepingcomputer.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity flaw in the Widget Factory Joomla Content Editor (JCE) plugin that is being actively exploited in the wild. […]
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-max-severity-joomla-plugin-flaw-by-friday/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
