Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-30 13:00 PDT
- Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data
The Hacker News • 2026-06-30 10:46 • thehackernews.com
New Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider.The trick is that the agent never breaks a rule. Every step looks routine, so in a default setup no alarm may fire.
The work comes from Microsoft Incident Response and its
https://thehackernews.com/2026/06/microsoft-warns-poisoned-mcp-tool.html - RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
The Hacker News • 2026-06-30 10:45 • thehackernews.com
A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online services offline.Researchers at QiAnXin’s XLab have tracked it since February 2026, and say the real story is not how big it is today, but how fast it is changing.
The end goal is a
https://thehackernews.com/2026/06/rustduck-botnet-rebuilds-in-rust-to.html - Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
The Hacker News • 2026-06-30 08:47 • thehackernews.com
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner.The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed artificial intelligence (AI)
https://thehackernews.com/2026/06/langflow-rce-exploited-to-deploy-monero.html - Fake Perplexity extension on Chrome Web Store tracked searches
BleepingComputer • 2026-06-30 08:46 • www.bleepingcomputer.com
A malicious extension in the Chrome Web Store is masquerading as the Perplexity AI answer engine, intercepting search traffic and collecting browsing information. […]
https://www.bleepingcomputer.com/news/security/fake-perplexity-extension-on-chrome-web-store-tracked-searches/ - Weekly Update 510: Live From Mallorca with Scott Helme
Troy Hunt • 2026-06-30 08:42 • www.troyhunt.comHow's the view?! Back to business, it's now 8 years ago that Scott and I thought it would be a cool idea to build Why no HTTPS? We used the site to shame companies for not implementing their transport later security property, and to make it
- Silent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet Addresses
The Hacker News • 2026-06-30 08:40 • thehackernews.com
Cybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction.The cryptocurrency clipper activity has been codenamed Silent Swap by McAfee Labs.
“The campaign is delivered through unsigned installers – observed in both .NET and Golang variants – that
https://thehackernews.com/2026/06/silent-swap-crypto-clipper-uses-fake.html - GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks
The Hacker News • 2026-06-30 07:26 • thehackernews.com
The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades.New research from Adversa AI, which is named the bypass GuardFall, found it works against ten of the eleven popular open-source coding and computer-use agents the firm tested. Only one, “Continue,” was built to
https://thehackernews.com/2026/06/guardfall-exposes-open-source-ai-coding.html - Lessons from the Underground: How to Combat Business Email Compromise
BleepingComputer • 2026-06-30 07:00 • www.bleepingcomputer.com
Business Email Compromise is more than an email scam. It’s a coordinated operation involving compromised accounts, financial research, and cash-out networks. Flare explores how underground forums reveal how BEC attacks are planned and executed. […]
https://www.bleepingcomputer.com/news/security/lessons-from-the-underground-how-to-combat-business-email-compromise/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
