Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-06 03:00 PDT
- When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website
Securelist • 2026-07-06 02:00 • securelist.com
The OAuth 2.0 Device Authorization Grant specification was designed to streamline authentication for Smart TVs, IoT devices, and printers. Today, threat actors are weaponizing it.
https://securelist.com/microsoft-device-code-phishing-attack/120350/ - New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions
The Hacker News • 2026-07-06 01:50 • thehackernews.com
Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode.But TrojPix works only once malware is already on the target machine, so it
https://thehackernews.com/2026/07/new-trojpix-attack-leaks-data-from-air.html - New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS
The Hacker News • 2026-07-06 01:13 • thehackernews.com
Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments.According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 for
https://thehackernews.com/2026/07/new-java-based-quimarat-maas-built-to.html - Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages
The Hacker News • 2026-07-06 00:27 • thehackernews.com
Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits.In a proof of concept, they reconstructed a signed-in user’s full Gmail address from a single visit, with no click. Opera has patched the flaw and says it found no evidence that
https://thehackernews.com/2026/07/opera-gx-flaw-let-malicious-sites-auto.html - SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
The Hacker News • 2026-07-05 23:33 • thehackernews.com
Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology.Their strongest trick slipped past every scanner tested more than 90% of the time, and the same team built a runtime checker that catches most of the
https://thehackernews.com/2026/07/new-skillcloak-technique-lets-malicious.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
