Latest news

Malicious ClawHub Skills Compromise AI Agents With Hidden Backdoors — 247,000 Installs, $2.3M Stolen
Malware

Malicious ClawHub Skills Compromise AI Agents With Hidden Backdoors — 247,000 Installs, $2.3M Stolen

30 June 2026 dark6

Researchers scanning 50,000 ClawHub skills — the official marketplace for the OpenClaw AI agent platform — found working remote control...
Read more 0
Russia’s Turla APT Deploys STOCKSTAY Backdoor Against Ukrainian Government and Military Targets
Cybercrime

Russia’s Turla APT Deploys STOCKSTAY Backdoor Against Ukrainian Government and Military Targets

30 June 2026 dark6

Russia-linked Turla (FSB Center 16) has been running a long-running espionage campaign deploying a new .NET backdoor called STOCKSTAY against...
Read more 0
Critical Microsoft 365 RCE Flaw CVE-2025-60727 Exploitable via Malicious Excel Files — Patch Now
Vulnerability

Critical Microsoft 365 RCE Flaw CVE-2025-60727 Exploitable via Malicious Excel Files — Patch Now

30 June 2026 dark6

Microsoft has disclosed CVE-2025-60727, a critical out-of-bounds read remote code execution vulnerability in Microsoft 365 Apps, Excel 2016, and multiple...
Read more 0
Hackers Actively Exploit CVE-2026-46817 in Oracle E-Business Suite — 456 Attacks Recorded in 24 Hours
Vulnerability

Hackers Actively Exploit CVE-2026-46817 in Oracle E-Business Suite — 456 Attacks Recorded in 24 Hours

30 June 2026 dark6

Threat actors are actively exploiting CVE-2026-46817, a critical CVSS 9.8 unauthenticated remote takeover flaw in Oracle E-Business Suite, with 456...
Read more 0
Palo Alto GlobalProtect VPN Authentication Bypass CVE-2026-0257 Under Active Exploitation — Patch Now
Vulnerability

Palo Alto GlobalProtect VPN Authentication Bypass CVE-2026-0257 Under Active Exploitation — Patch Now

29 June 2026 dark6

Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a critical authentication bypass in GlobalProtect portal and gateway components that...
Read more 0
macOS.Gaslight: North Korea-Linked Rust Backdoor Exfiltrates Data via Telegram and Poisons AI Analysis Tools
Spyware

macOS.Gaslight: North Korea-Linked Rust Backdoor Exfiltrates Data via Telegram and Poisons AI Analysis Tools

29 June 2026 dark6

A Rust-written macOS backdoor attributed to North Korean threat actors steals browser credentials, keychain files, and terminal history, exfiltrating everything...
Read more 0
LokiBot Returns: Multi-Stage JScript Campaign Uses Process Injection to Steal Credentials
Malware

LokiBot Returns: Multi-Stage JScript Campaign Uses Process Injection to Steal Credentials

29 June 2026 dark6

LokiBot, the decade-old credential stealer, has resurfaced with a sophisticated multi-stage attack chain: a JScript email dropper, in-memory .NET injection,...
Read more 0
AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time
Phishing

AWS AiTM Phishing Kit Bypasses MFA to Hijack Cloud Console Sessions in Real Time

29 June 2026 dark6

A real-time adversary-in-the-middle phishing kit has been targeting AWS engineers, stealing credentials and MFA codes simultaneously to hijack cloud sessions...
Read more 0
Shai-Hulud Malware Expands to npm Ecosystem, Stealing Cloud and CI/CD Credentials From Developers
Malware

Shai-Hulud Malware Expands to npm Ecosystem, Stealing Cloud and CI/CD Credentials From Developers

26 June 2026 dark6

A credential-stealing malware campaign known as Shai-Hulud has expanded to target developers using the Leo/RStreams npm package ecosystem, harvesting GitHub...
Read more 0
FortiBleed: Over 73,000 Fortinet Firewalls Compromised in Industrial-Scale Cyber Espionage Campaign
Cybercrime

FortiBleed: Over 73,000 Fortinet Firewalls Compromised in Industrial-Scale Cyber Espionage Campaign

26 June 2026 dark6

An industrial-scale cyber espionage campaign dubbed "FortiBleed" has silently compromised over 73,932 unique Fortinet firewall URLs across 194 countries, targeting...
Read more 0
25-Year-Old cURL Vulnerability Patched in Record-Breaking Security Release Fixing 18 CVEs
Vulnerability

25-Year-Old cURL Vulnerability Patched in Record-Breaking Security Release Fixing 18 CVEs

26 June 2026 dark6

A critical authentication bypass flaw in cURL that had existed undetected for over 25 years has been patched in curl...
Read more 0
Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk
Vulnerability

Microsoft Secure Boot Certificates Expire — Over a Billion PCs and Linux Systems at Risk

26 June 2026 dark6

Microsoft's original Secure Boot certificates have begun expiring as of June 24, 2026, affecting over a billion UEFI-capable PCs worldwide....
Read more 0