TECHZONE™
الذهاب إلى القناة على Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
إظهار المزيد595
المشتركون
لا توجد بيانات24 ساعات
-37 أيام
-1230 أيام
أرشيف المشاركات
595
Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html
Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME).
The vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a case of improper input validation for specific HTTP requests that could allow an unauthenticated, remote
595
FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
https://thehackernews.com/2026/06/fortibleed-targeted-fortigate-firewalls.html
A Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting operation known as FortiBleed that has targeted over 430,000 FortiGate firewalls globally.
The campaign, active since February 2026, involves collecting credential lists, searching for exposed services, brute-forcing accessible systems, and deploying bespoke
595
Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents
https://thehackernews.com/2026/06/fake-ai-agent-skill-passed-security.html
Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, including some on corporate accounts.
Every skill security scanner the firm tested it against marked it safe. The payload was harmless by design: it collected the user's email address and did nothing else.
The point was to show
595
Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration
https://thehackernews.com/2026/06/trump-order-sets-2030-deadline-for.html
President Trump signed an executive order on June 22 setting hard deadlines for federal agencies to move high-value assets and high-impact systems to post-quantum cryptography.
Key establishment must move by December 31, 2030; digital signatures by December 31, 2031. EO 14409 leaves national security systems on a separate track.
The deadlines matter because of a threat that does not
595
GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns
https://thehackernews.com/2026/06/github-updates-actionscheckout-to-block.html
GitHub is moving to strengthen software supply chain security by updating "actions/checkout" to block pwn request attacks that exploit the risky use of the "pull_request_target workflow" trigger to run malicious code with the workflow's full privileges.
Effective June 18, 2026, the latest version of "actions/checkout," the official GitHub action for checking out a repository into the
595
Agentic AI: The Weapon That No Longer Needs a Warrior
https://thehackernews.com/2026/06/agentic-ai-weapon-that-no-longer-needs.html
Every weapon begins as an extension of the hand that holds it. The spear lengthened the reach of the arm. The bow sent the point flying without the throw. The rifle placed a man's death a quarter mile beyond his sight, and the aircraft carried that death across oceans. At each turn, the distance between the warrior and the wound grew wider, and yet one thing never moved: a human chose the target
595
Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
https://thehackernews.com/2026/06/malicious-npm-packages-pose-as-postcss.html
Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT).
The list of identified packages, is below -
aes-decode-runner-pro (145 downloads)
postcss-minify-selector (256 downloads)
postcss-minify-selector-parser (615 downloads)
All the packages were published over the past month by an npm user named
595
WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
https://thehackernews.com/2026/06/whatsapp-vbscript-campaign-uses-fake.html
Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate Remote Monitoring and Management (RMM) software.
Per findings from Kaspersky, the active campaign is targeting users of WhatsApp Desktop and WhatsApp Web across Malaysia, Brazil, India, Mexico, Singapore, the U.K., Spain, Taiwan, Australia,
595
OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
https://thehackernews.com/2026/06/openai-expands-daybreak-with-gpt-55.html
OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative the artificial intelligence (AI) company announced last month.
Calling GPT‑5.5‑Cyber its "strongest model yet for finding and helping patch software vulnerabilities," OpenAI said the model can "sustain deeper analysis across large codebases" to
595
Stop Your Legacy Infrastructure from Hijacking Your AI Agents
https://thehackernews.com/2026/06/stop-your-legacy-infrastructure-from.html
Earlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot most security programs are still not accounting for - how attackers are circumventing AI security programs by using legacy infrastructure to hijack AI agents.
AI adoption is moving faster than security programs can account for. Roughly 71% of organizations are piloting AI agents across their
595
⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More
https://thehackernews.com/2026/06/weekly-recap-browser-bugs-edr-killers.html
It’s Monday again.
This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much control.
The annoying part is how little of this feels new. Weak credentials, sketchy downloads, browser extensions with too much access, and WordPress sites are used to push more
595
Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices
https://thehackernews.com/2026/06/canadas-spy-agency-used-first-of-its.html
Canada's spy service got a judge's permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets.
The Federal Court released a public version of the ruling on June 15. It is the first time the Canadian Security Intelligence Service has used its threat reduction warrant powers this way.
The warrant let CSIS alter,
595
AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network
https://thehackernews.com/2026/06/arystinger-malware-infects-4300-legacy.html
A new malware family is turning forgotten home routers into a distributed reconnaissance and proxy network, not the DDoS botnet these devices usually end up in. QiAnXin's XLab calls it AryStinger and counts at least 4,300 infected routers, a total it says is still rising.
The distinction matters. AryStinger exists for the stage of an attack that comes before the break-in. Infected
595
INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific
https://thehackernews.com/2026/06/interpol-warns-phishing-ransomware-and.html
A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity.
According to INTERPOL's 2025/2026 Asia and South Pacific Cyberthreat Assessment Report, phishing has emerged as the most widespread and
595
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
https://thehackernews.com/2026/06/hackers-exploit-gravity-smtp-wordpress.html
Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites.
The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers to extract sensitive data, such as configuration data, API keys, secrets, and OAuth tokens
595
Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips.
That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this flaw for as long as they stay in use.
This is not a remote attack. It requires
595
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes
https://thehackernews.com/2026/06/the-gentlemen-raas-uses-gentlekiller.html
The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor.
This mature portfolio of EDR-terminating tools is centered around a framework that's known as GentleKiller.
"They also incorporate third-party or
595
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution
https://thehackernews.com/2026/06/autojack-attack-lets-one-web-page.html
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution.
Steer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local service on the same machine and spawn a process on the host.
No credentials, no sign-in screen, and no further user interaction once
595
Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites
https://thehackernews.com/2026/06/operation-endgame-disrupts-socgholish.html
Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites.
"With these actions we deprive cybercriminals of access to infected computer systems," Maikel Rollman of the Netherlands National High Tech Crime Unit said.
"This prevents
595
CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices
https://thehackernews.com/2026/06/cisa-warns-fortinet-customers-as.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices.
The sweeping campaign, believed to be the work of Russian-speaking threat actors, has been codenamed FortiBleed. The number of compromised devices stands at
متاح الآن! بحث تيليغرام 2025 — أهم رؤى العام 
