U.S. offers $10 million for hackers targeting WhatsApp, Signal users
The U.S. Department of State is offering up to $10 million for information that helps identify or locate members of the UNC5792 and UNC4221 hacker groups, which are linked to Russia’s intelligence and military services. The bounty is part of the ‘Rewards for Justice’ (RFJ) program, which targets foreign state actors carrying out cyberattacks against […]
Critical SimpleHelp flaw exploited to deploy new stealer malware
Hackers are exploiting a recently disclosed critical vulnerability (CVE-2026-48558) in SimpleHelp to deploy Djinn Stealer, a previously undocumented cross-platform information stealer targeting Windows, macOS, and Linux. The SimpleHelp platform is primarily used by managed service providers (MSPs), IT departments, helpdesks, and system administrators for remote monitoring and management (RMM). Earlier this month, offensive security company […]
Hackers now exploit critical Oracle E-Business flaw in attacks
Attackers have begun exploiting a critical vulnerability (tracked as CVE-2026-46817) in the Oracle E-Business Suite (EBS) financial application, according to threat intelligence company Defused. This security flaw was found in the File Transmission component of EBS’s Oracle Payments product and enables unauthenticated malicious actors with HTTP network access to take over vulnerable systems through low-complexity attacks. […]
US seizes hundreds of FIFA World Cup illegal streaming domains
The U.S. Justice Department’s Criminal Division has seized nearly 400 web domains used for illegally streaming matches at the FIFA World Cup. These websites provided visitors with unauthorized real-time streams of 2026 World Cup matches, in violation of U.S. copyright law. The action was coordinated with international partners through the International Computer Hacking and Intellectual […]
Data breach exposes up to 14.2 million email logins at six ISPs
Japanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. The company says that it discovered the compromise on June 17 and responded immediately by blocking the attacker and implementing defense measures. The investigation […]
Clean GitHub repo tricks AI coding agents into running malware
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to security scanners, AI agents, and human reviewers. Researchers at Mozilla’s Zero Day Investigative Network (0DIN) AI security platform say that the compromise happens with “no exploit code, no warning, no suspicious […]
FBI: Russian hackers now target Signal backup recovery keys
The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recovery Keys, allowing attackers to access victims’ historical messages. The updated public service announcement is an update to a March 2026 advisory that warned the threat actors were targeting users of commercial messaging […]
CISA sets urgent deadline to fix Cisco flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a vulnerability in Cisco Unified Communications Manager Server that is being actively exploited. Identified as CVE-2026-20230, the security issue is server-side request forgery (SSRF) and has been added to the agency’s catalog of Known Exploited Vulnerabilities (KEV). Per Binding Operational […]
Polymarket customers lose $3 million in supply-chain attack
Polymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform’s frontend following a breach at a third-party vendor. The company states in a brief announcement that the hack was the result of a supply-chain attack that impacted a dependency on its website. Polymarket […]
Cybersecurity firms targeted by fraudulent OpenAI organization invites
Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects. Push Security discovered what they dub as the “Poisoned Tenant” campaign after multiple employees received invitations to join an OpenAI […]