Latest news

UNC3753 (Luna Moth) Escalates Campaign Against US Law Firms: Vishing, RMM Tools, and Now Physical Intrusion
Cybercrime

UNC3753 (Luna Moth) Escalates Campaign Against US Law Firms: Vishing, RMM Tools, and Now Physical Intrusion

10 June 2026 dark6

Google Cloud Mandiant has documented a sustained UNC3753 (Luna Moth) campaign targeting US law firms from January–May 2026. The group...
Read more 0
SAP June 2026 Patch Day: Four Critical Flaws Including CVSS 9.9 SAML Bypass in NetWeaver ABAP
Vulnerability

SAP June 2026 Patch Day: Four Critical Flaws Including CVSS 9.9 SAML Bypass in NetWeaver ABAP

10 June 2026 dark6

SAP's June 2026 Security Patch Day addressed 15 security notes including four critical vulnerabilities. The most severe — CVE-2026-44748 (CVSS...
Read more 0
Meet Pink: The New Extortion Group Using Vishing and Microsoft 365 Tools to Drain Enterprise Cloud Storage
Cybercrime

Meet Pink: The New Extortion Group Using Vishing and Microsoft 365 Tools to Drain Enterprise Cloud Storage

10 June 2026 dark6

A new extortion group called Pink (CL-CRI-1147) has emerged, targeting enterprise organizations through voice phishing to steal Microsoft 365 credentials...
Read more 0
Google Chrome 149 Patches 429 Vulnerabilities Including 22 Critical — Update Immediately
Vulnerability

Google Chrome 149 Patches 429 Vulnerabilities Including 22 Critical — Update Immediately

10 June 2026 dark6

Google has released Chrome 149.0.7827.53 with 429 security fixes, including 22 rated critical. The patch covers use-after-free and memory corruption...
Read more 0
CVE-2026-50751: Check Point VPN 0-Day Actively Exploited to Deploy Qilin Ransomware
Ransomware

CVE-2026-50751: Check Point VPN 0-Day Actively Exploited to Deploy Qilin Ransomware

9 June 2026 dark6

A critical CVSS 9.3 authentication bypass in Check Point Remote Access VPN (CVE-2026-50751) is being actively exploited in the wild,...
Read more 0
CVE-2026-23111: Linux Kernel nftables Use-After-Free Enables Root Privilege Escalation — Public Exploit Available
Vulnerability

CVE-2026-23111: Linux Kernel nftables Use-After-Free Enables Root Privilege Escalation — Public Exploit Available

9 June 2026 dark6

A use-after-free vulnerability in the Linux kernel nftables subsystem (CVE-2026-23111) allows unprivileged local attackers to escalate privileges to root on...
Read more 0
WhatsApp Disrupts Fresh NSO Group Pegasus Campaign, Seeks Court Contempt Order
Spyware

WhatsApp Disrupts Fresh NSO Group Pegasus Campaign, Seeks Court Contempt Order

9 June 2026 dark6

Meta's WhatsApp has disrupted a new NSO Group-linked Pegasus spyware campaign targeting users in Jordan and Lebanon, and is now...
Read more 0
China-Linked OP-512 Uses Cryptographically Unique Web Shells in Patient IIS Server Espionage Campaign
Cybercrime

China-Linked OP-512 Uses Cryptographically Unique Web Shells in Patient IIS Server Espionage Campaign

9 June 2026 dark6

ReliaQuest has uncovered OP-512, a new China-linked threat cluster targeting IIS servers with a custom web shell framework that generates...
Read more 0
Instagram Logic Bug Exposed Unredacted Emails and Phone Numbers for Any Account — Including Mark Zuckerberg’s
Databreach

Instagram Logic Bug Exposed Unredacted Emails and Phone Numbers for Any Account — Including Mark Zuckerberg’s

8 June 2026 dark6

A critical logic flaw in Instagram's web-based password reset flow exposed fully unredacted email addresses and phone numbers for any...
Read more 0
EDRChoker: New Red Team Tool Silences Cloud-Connected EDR Agents by Choking Network With Windows QoS
Malware

EDRChoker: New Red Team Tool Silences Cloud-Connected EDR Agents by Choking Network With Windows QoS

8 June 2026 dark6

A new open-source tool called EDRChoker throttles EDR agent network connections to 8 bps using Windows native Policy-Based QoS, effectively...
Read more 0
Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming
Cybercrime

Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens — No Patch Coming

8 June 2026 dark6

Researchers at Mitiga Labs demonstrated a five-step npm supply chain attack that rewrites ~/.claude.json to redirect Claude Code MCP traffic...
Read more 0
Microsoft Warns: Claude Code GitHub Action Exploitable via Prompt Injection to Leak CI/CD Secrets
Vulnerability

Microsoft Warns: Claude Code GitHub Action Exploitable via Prompt Injection to Leak CI/CD Secrets

8 June 2026 dark6

Microsoft Threat Intelligence disclosed a prompt injection flaw in the Claude Code GitHub Action that allowed attackers to access /proc/self/environ...
Read more 0