Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices,...
Hacking
Category Added in a WPeMatico Campaign
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
Ravie LakshmananJun 06, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security...
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Swati KhandelwalJun 06, 2026Vulnerability / Endpoint Security Two things landed within days of each other this week. A security startup...
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Ravie LakshmananJun 06, 2026Supply Chain Attack / Malware Microsoft's GitHub repositories have become the latest to fall victim to the...
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Ravie LakshmananJun 06, 2026Vulnerability / Network Security Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has...
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of...
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
Ravie LakshmananJun 05, 2026Spyware / Mobile Security Arabic-speaking users have emerged as the target of a new Android spyware codenamed...
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Ravie LakshmananJun 05, 2026Cyber Espionage / Threat Intelligence Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where...
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over...
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active...
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans,...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with...
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Swati KhandelwalJun 04, 2026Vulnerability / Network Security Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated...
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
Swati KhandelwalJun 04, 2026Vulnerability / AI Security A security researcher found a flaw in Anthropic's Claude Code GitHub Action that...
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
The Hacker NewsJun 04, 2026Artificial Intelligence / Defense Technology Over the past several weeks, the cybersecurity community has been reminded...