Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-22 17:00 PDT
- WhatsApp phishing attack uses fake business docs to hack PCs
BleepingComputer • 2026-06-22 15:42 • www.bleepingcomputer.com
An ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system access. […]
https://www.bleepingcomputer.com/news/security/whatsapp-phishing-attack-uses-fake-business-docs-to-hack-pcs/ - JaredFromSubway MEV bot hacked in $15 million crypto theft
BleepingComputer • 2026-06-22 14:52 • www.bleepingcomputer.com
The JaredFromSubway Ethereum MEV (Maximal Extractable Value) bot suffered a $15 million loss after an attacker manipulated the opportunity-detection logic by creating fake cryptocurrency trading opportunities. […]
https://www.bleepingcomputer.com/news/security/jaredfromsubway-mev-bot-hacked-in-15-million-crypto-theft/ - FFmpeg fixes PixelSmash flaw in widely used video decoder
BleepingComputer • 2026-06-22 14:05 • www.bleepingcomputer.com
A newly disclosed FFmpeg flaw dubbed ‘PixelSmash’ could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. […]
https://www.bleepingcomputer.com/news/security/ffmpeg-fixes-pixelsmash-flaw-in-widely-used-video-decoder/ - FortiBleed campaign used custom FortiGate sniffer to steal credentials
BleepingComputer • 2026-06-22 13:01 • www.bleepingcomputer.com
Security firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to harvest authentication secrets from compromised firewalls and steal credentials. […]
https://www.bleepingcomputer.com/news/security/fortibleed-campaign-used-custom-fortigate-sniffer-to-steal-credentials/ - ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
The Hacker News • 2026-06-22 11:00 • thehackernews.com
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official release channels and push backdoor code.“Attackers compromised the vendor’s build and distribution pipeline, injecting backdoor code into Pro plugin releases distributed through official licensed update channels,” Wordfence said in an analysis
https://thehackernews.com/2026/06/shapedplugin-wordpress-pro-plugins.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
