Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-29 13:00 PDT
- Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input
The Hacker News • 2026-06-29 11:40 • thehackernews.com
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real results.Microsoft says Google removed it from the store after responsible disclosure. The extension was called “
https://thehackernews.com/2026/06/malicious-perplexity-chrome-extension.html - WhatsApp rolls out usernames to help users hide their phone number
BleepingComputer • 2026-06-29 10:48 • www.bleepingcomputer.com
WhatsApp is finally allowing users to reserve usernames, a privacy feature that lets them hide their phone numbers from people not in their contact list. […]
https://www.bleepingcomputer.com/news/security/whatsapp-rolls-out-usernames-to-help-users-hide-their-phone-number/ - Microsoft extends Windows Server 2022 hotpatching until October 2027
BleepingComputer • 2026-06-29 10:11 • www.bleepingcomputer.com
Microsoft has extended Windows Server 2022 hotpatching until October 2027, one year after the mainstream end date of October 2026. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-extends-windows-server-2022-hotpatching-until-october-2027/ - WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private
The Hacker News • 2026-06-29 09:09 • thehackernews.com
WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three billion users on the messaging platform.The optional feature is designed to help users connect with someone on the service through usernames, as opposed to directly sharing their phone numbers. Username reservations will start rolling out starting today,
https://thehackernews.com/2026/06/whatsapp-is-finally-getting-usernames.html - Factoring RSA Keys with Many Zeros
Schneier on Security • 2026-06-29 09:05 • www.schneier.comInteresting research on a new class of weak RSA keys: keys with lots of zeros. It turns out that these keys are out in the wild.
The badkeys project is an open-source service that checks public keys for known vulnerabilities. While developing this tool, Hanno collected a massive number of real-world keys from public sources, including Certificate Transparency logs, internet-wide TLS and SSH scans, PGP keys, and many others. By searching this dataset for unexpectedly …
https://www.schneier.com/blog/archives/2026/06/factoring-rsa-keys-with-many-zeros.html - U.S. offers $10 million for hackers targeting WhatsApp, Signal users
BleepingComputer • 2026-06-29 08:09 • www.bleepingcomputer.com
The U.S. Department of State is offering up to $10 million for information that helps identify or locate members of the UNC5792 and UNC4221 hacker groups, which are linked to Russia’s intelligence and military services. […]
https://www.bleepingcomputer.com/news/security/us-offers-10-million-for-hackers-targeting-whatsapp-signal-users/ - Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks
The Hacker News • 2026-06-29 08:03 • thehackernews.com
The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel.Acronis Threat Research Unit found active compromises inside Indian government networks, including machines used by senior administrative staff, and worked with
https://thehackernews.com/2026/06/mustang-panda-uses-zoho-workdrive-as.html - ⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More
The Hacker News • 2026-06-29 07:41 • thehackernews.com
This week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly the door is open.The noise is not all noise, either. Forums are talking, researchers are finding easy cracks, and defenders have more cleanup waiting.
Here’s the full Monday recap.
⚡ Threat of the Week
New DirtyClone Linux Kernel Flaw Lets Local
https://thehackernews.com/2026/06/weekly-recap-linux-kernel-flaws-ai.html - Agentic AI Has an Identity Problem and Attackers Know It
BleepingComputer • 2026-06-29 07:01 • www.bleepingcomputer.com
AI agents can access data, trigger workflows, and take action across enterprise systems. Token Security explains why governing these privileged identities is becoming essential for enterprise security. […]
https://www.bleepingcomputer.com/news/security/agentic-ai-has-an-identity-problem-and-attackers-know-it/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
