Latest news

Palo Alto GlobalProtect VPN Authentication Bypass CVE-2026-0257 Under Active Exploitation — Patch Now
Vulnerability

Palo Alto GlobalProtect VPN Authentication Bypass CVE-2026-0257 Under Active Exploitation — Patch Now

29 June 2026 dark6

Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a critical authentication bypass in GlobalProtect portal and gateway components that...
macOS.Gaslight: North Korea-Linked Rust Backdoor Exfiltrates Data via Telegram and Poisons AI Analysis Tools
Spyware

macOS.Gaslight: North Korea-Linked Rust Backdoor Exfiltrates Data via Telegram and Poisons AI Analysis Tools

29 June 2026 dark6

A Rust-written macOS backdoor attributed to North Korean threat actors steals browser credentials, keychain files, and terminal history, exfiltrating everything...
LokiBot Returns: Multi-Stage JScript Campaign Uses Process Injection to Steal Credentials
Malware

LokiBot Returns: Multi-Stage JScript Campaign Uses Process Injection to Steal Credentials

29 June 2026 dark6

LokiBot, the decade-old credential stealer, has resurfaced with a sophisticated multi-stage attack chain: a JScript email dropper, in-memory .NET injection,...
AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time
Phishing

AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time

29 June 2026 dark6

A real-time adversary-in-the-middle phishing kit has been targeting AWS engineers, stealing credentials and MFA codes simultaneously to hijack cloud sessions...
Shai-Hulud Malware Expands to npm Ecosystem, Stealing Cloud and CI/CD Credentials From Developers
Malware

Shai-Hulud Malware Expands to npm Ecosystem, Stealing Cloud and CI/CD Credentials From Developers

26 June 2026 dark6

A credential-stealing malware campaign known as Shai-Hulud has expanded to target developers using the Leo/RStreams npm package ecosystem, harvesting GitHub...
FortiBleed: Over 73,000 Fortinet Firewalls Compromised in Industrial-Scale Cyber Espionage Campaign
Cybercrime

FortiBleed: Over 73,000 Fortinet Firewalls Compromised in Industrial-Scale Cyber Espionage Campaign

26 June 2026 dark6

An industrial-scale cyber espionage campaign dubbed "FortiBleed" has silently compromised over 73,932 unique Fortinet firewall URLs across 194 countries, targeting...
25-Year-Old cURL Vulnerability Patched in Record-Breaking Security Release Fixing 18 CVEs
Vulnerability

25-Year-Old cURL Vulnerability Patched in Record-Breaking Security Release Fixing 18 CVEs

26 June 2026 dark6

A critical authentication bypass flaw in cURL that had existed undetected for over 25 years has been patched in curl...
Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk
Vulnerability

Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk

26 June 2026 dark6

Microsoft's original Secure Boot certificates have begun expiring as of June 24, 2026, affecting over a billion UEFI-capable PCs worldwide....
Operation Endgame Strikes Again: Europol Seizes StealC, Amadey and SocGholish Infrastructure — 326 Servers Down, $47M Frozen
Malware

Operation Endgame Strikes Again: Europol Seizes StealC, Amadey and SocGholish Infrastructure — 326 Servers Down, $47M Frozen

25 June 2026 dark6

Europol's Operation Endgame has dismantled the infrastructure behind StealC, Amadey, and SocGholish malware, seizing 326 servers, freezing USD 47 million...
World Leaks Ransomware Dumps 630 GB of Tata Electronics Data — Confidential Apple and Tesla Files Exposed
Databreach

World Leaks Ransomware Dumps 630 GB of Tata Electronics Data — Confidential Apple and Tesla Files Exposed

25 June 2026 dark6

Ransomware group World Leaks has published 630+ GB of stolen Tata Electronics data including confidential Apple iPhone manufacturing specs and...
State-Sponsored Hackers Exploit Cisco Catalyst SD-WAN Manager Zero-Day to Gain Root Access
Vulnerability

State-Sponsored Hackers Exploit Cisco Catalyst SD-WAN Manager Zero-Day to Gain Root Access

25 June 2026 dark6

A state-sponsored threat actor exploited zero-day CVE-2026-20245 in Cisco Catalyst SD-WAN Manager to gain root access via a malicious CSV...
CISA Flags Actively Exploited Ubiquiti UniFi OS Vulnerabilities — Patch Deadline June 26
Vulnerability

CISA Flags Actively Exploited Ubiquiti UniFi OS Vulnerabilities — Patch Deadline June 26

25 June 2026 dark6

CISA has added three Ubiquiti UniFi OS vulnerabilities to its KEV catalog following confirmed active exploitation. Federal agencies must patch...