Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-01 13:00 PDT
- Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
The Hacker News • 2026-07-01 12:40 • thehackernews.com
Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component’s internal network port.Synacktiv, which found the bug, says it can lead to a full cluster takeover. There is no fix and no CVE. The firm says it reported the flaw to Argo CD’s maintainers in
https://thehackernews.com/2026/07/unpatched-argo-cd-repo-server-flaw.html - 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
The Hacker News • 2026-07-01 12:28 • thehackernews.com
A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, computer intrusion, and fraud, the U.S. Department of Justice announced on July 1.Peter Stokes, 19, a dual U.S. and Estonian citizen, appeared in a Chicago federal court on June 30, where a judge ordered him held in custody.
Finnish police
https://thehackernews.com/2026/07/19-year-old-scattered-spider-suspect.html - SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
The Hacker News • 2026-07-01 10:53 • thehackernews.com
Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT.Kaspersky said the activity is part of a “massive, multi-domain, multi-language” campaign that distributes malicious installer archives hosted on spoofed websites.
These installers masquerade as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam, among others.
https://thehackernews.com/2026/07/seo-poisoned-software-sites-abuse.html - DHS confirms hackers breached HSIN info-sharing platform
BleepingComputer • 2026-07-01 10:32 • www.bleepingcomputer.com
The Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by federal, state, local, and private-sector partners. […]
https://www.bleepingcomputer.com/news/security/dhs-confirms-hackers-breached-hsin-info-sharing-platform/ - VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
The Hacker News • 2026-07-01 10:18 • thehackernews.com
Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs.The activity has been codenamed VEIL#DROP by Securonix. It’s suspected that the initial payloads are distributed either via spear-phishing or a drive-by compromise, which occurs when an unsuspecting user lands on
https://thehackernews.com/2026/07/veildrop-malware-chain-uses-blogger.html - Webinar: Why traditional email security is no longer enough
BleepingComputer • 2026-07-01 09:54 • www.bleepingcomputer.com
Modern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making them harder for traditional email defenses to detect. This webinar explores how behavioral AI can help organizations automate detection and response. […]
https://www.bleepingcomputer.com/news/security/webinar-why-traditional-email-security-is-no-longer-enough/ - Hackers target Microsoft 365 accounts with 81 million login attempts
BleepingComputer • 2026-07-01 09:38 • www.bleepingcomputer.com
An aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period. […]
https://www.bleepingcomputer.com/news/security/hackers-target-microsoft-365-accounts-with-81-million-login-attempts/ - Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures
The Hacker News • 2026-07-01 08:26 • thehackernews.com
A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet’s FortiGuard Labs identified the campaign in May 2026.It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really in Spain or Portugal, and hides its real payload inside an image.
The goal is the usual one: steal banking logins and take
https://thehackernews.com/2026/07/ousaban-banking-trojan-targets-iberian.html - Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic
The Hacker News • 2026-07-01 08:25 • thehackernews.com
Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic.The ColdFusion updates “resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass,” Adobe said in an alert released Tuesday.
The vulnerabilities are listed
https://thehackernews.com/2026/07/adobe-patches-7-cvss-100-flaws-in.html - Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands
The Hacker News • 2026-07-01 07:42 • thehackernews.com
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor’s safety sandbox and run any command on a developer’s computer. There is no click to fall for and no approval box to ignore.Cato AI Labs found the pair and named them DuneSlide. They are tracked as CVE-2026-50548 and CVE-2026-50549, both rated 9.8 out of 10 (or 9.3
https://thehackernews.com/2026/07/critical-cursor-flaws-could-let-prompt.html - Turning Indicators into Intelligence in OpenCTI with Criminal IP
BleepingComputer • 2026-07-01 07:01 • www.bleepingcomputer.com
Threat intelligence is only as useful as the context behind it. Criminal IP explains how its integration enriches threat indicators in OpenCTI with risk scoring, infrastructure intelligence, and phishing analysis. […]
https://www.bleepingcomputer.com/news/security/turning-indicators-into-intelligence-in-opencti-with-criminal-ip/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
