Latest news

SiderAI and MaxAI Chrome Extensions Expose 10 Million Users to Full Browser Compromise
Vulnerability

SiderAI and MaxAI Chrome Extensions Expose 10 Million Users to Full Browser Compromise

22 June 2026 dark6

Critical vulnerabilities dubbed Spyder and MaXSS have been discovered in the SiderAI and MaxAI Chrome extensions, which together are installed...
Read more 0
HazyBeacon APT Campaign Weaponizes AWS Lambda to Hide Command-and-Control Traffic
Cybercrime

HazyBeacon APT Campaign Weaponizes AWS Lambda to Hide Command-and-Control Traffic

22 June 2026 dark6

Qualys researchers have exposed HazyBeacon, a stealthy APT campaign targeting Southeast Asian governments that uses AWS Lambda Function URLs as...
Read more 0
AutoJack: A Single Malicious Web Page Can Hijack Your AI Agent and Execute Arbitrary Code
AI

AutoJack: A Single Malicious Web Page Can Hijack Your AI Agent and Execute Arbitrary Code

22 June 2026 dark6

A critical three-vulnerability exploit chain called AutoJack allows a single malicious web page to hijack Microsoft AutoGen Studio's browsing agent...
Read more 0
GentleKiller: Inside the Ransomware Framework Disabling 400+ EDR Security Products
Ransomware

GentleKiller: Inside the Ransomware Framework Disabling 400+ EDR Security Products

22 June 2026 dark6

ESET researchers have exposed GentleKiller, the in-house EDR-killing framework of the Gentlemen ransomware gang, capable of disabling over 400 security...
Read more 0
CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft
Vulnerability

CVSS 9.1: Critical Cisco ISE Vulnerabilities Enable Remote Code Execution and Unauthenticated Data Theft

19 June 2026 dark6

Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) — CVE-2026-20181 (RCE, CVSS 9.1) and CVE-2026-20190 (unauthenticated...
Read more 0
CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet
Vulnerability

CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet

19 June 2026 dark6

Microsoft has confirmed CVE-2026-50656, a zero-day TOCTOU race condition in Microsoft Defender dubbed 'RoguePlanet,' that allows low-privilege attackers to escalate...
Read more 0
usbliter8: New iPhone BootROM Vulnerability Exposes A12/A13 Apple SoCs to Full Chain-of-Trust Compromise
Vulnerability

usbliter8: New iPhone BootROM Vulnerability Exposes A12/A13 Apple SoCs to Full Chain-of-Trust Compromise

19 June 2026 dark6

Security researchers have disclosed 'usbliter8,' a critical hardware-level BootROM vulnerability affecting Apple devices with A12, S4/S5, and A13 SoCs. The...
Read more 0
International Authorities Dismantle SocGholish (FakeUpdates) Malware Network — 106 Servers and 101 Domains Seized
Malware

International Authorities Dismantle SocGholish (FakeUpdates) Malware Network — 106 Servers and 101 Domains Seized

19 June 2026 dark6

International law enforcement agencies from the US, Netherlands, Canada, and Germany have dismantled the SocGholish malware network under Operation Endgame,...
Read more 0
Kodak Confirms Data Breach as ShinyHunters Claims 2.2 Million Customer Records Stolen
Databreach

Kodak Confirms Data Breach as ShinyHunters Claims 2.2 Million Customer Records Stolen

18 June 2026 dark6

Iconic imaging company Kodak has confirmed a data breach following claims by the notorious ShinyHunters hacking group that it stole...
Read more 0
CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation
Ransomware

CISA Adds Oracle PeopleSoft Zero-Day CVE-2026-35273 to KEV Catalog After Ransomware Gang Exploitation

18 June 2026 dark6

CISA has added a critical Oracle PeopleSoft vulnerability (CVE-2026-35273) to its Known Exploited Vulnerabilities catalog after confirming active exploitation in...
Read more 0
Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets
Malware

Supply Chain Attack Compromises 140+ Mastra npm Packages, Targeting Developer Credentials and Crypto Wallets

18 June 2026 dark6

A sophisticated supply chain attack has compromised over 141 packages in the Mastra-AI npm ecosystem, including @mastra/core which sees 918,000...
Read more 0
FortiBleed: Over 73,000 Fortinet Firewalls Compromised Across 194 Countries in Massive Credential Attack
Vulnerability

FortiBleed: Over 73,000 Fortinet Firewalls Compromised Across 194 Countries in Massive Credential Attack

18 June 2026 dark6

A devastating cyber espionage campaign dubbed 'FortiBleed' has silently compromised over 73,932 unique Fortinet firewall URLs spanning 194 countries. Discovered...
Read more 0