Cyber Security News

Microsoft Ties Mastra AI npm Supply Chain Attack to North Korea Microsoft attributed a supply chain attack on the Mastra AI ecosystem to Sapphire Sleet, a North Korean group also known as BlueNoroff. Attackers compromised more than 140 npm packages to plant malicious dependencies in downstream developer projects. The campaign extends a pattern of DPRK targeting of Web3 and AI developer pipelines. @Cyber_Security_Channel

FBI Dismantles China-Based Cybercrime Network Tied to $1.9B in Losses Federal authorities, working with Google and Lumen, took down a sprawling cybercrime operation based in China. The group is linked to roughly $1.9 billion in documented victim losses worldwide. The takedown disrupted infrastructure used for fraud, account compromise, and money laundering across multiple campaigns. @Cyber_Security_Channel

FBI Dismantles China-Based Cybercrime Network Tied to $1.9B in Losses Federal authorities, working with Google and Lumen, took down a sprawling cybercrime operation based in China. The group is linked to roughly $1.9 billion in documented victim losses worldwide. The takedown disrupted infrastructure used for fraud, account compromise, and money laundering across multiple campaigns. @Cyber_Security_Channel

Tata Electronics Confirms Cybersecurity Incident Exposing Confidential Data As a subsidiary of the Tata Group, Tata Electronics has acknowledged a breach affecting its systems. The group known as World Leaks has claimed responsibility for the incident, alleging it has exfiltrated over 200,000 files, amounting to approximately 630 gigabytes of sensitive information. Cyber_Security_Channel

California Water Utility Investigates Iran-Linked Breach Claim A California water utility is investigating claims that an Iran-linked hacking group breached its systems. The incident renews concerns about state-sponsored intrusions into US critical infrastructure. Authorities are assessing the scope and whether operational technology was affected. @Cyber_Security_Channel

❗Your SOC May See the URL, but Still Miss the Attack Unfolding Inside the Browser Hidden browser activity can slow triage and weaken response decisions. Behavior-based analysis closes the gap by executing the URL in an isolated browser environment and bringing the full attack chain into one view: • Forms • Redirects • DOM changes • Hidden scripts • Browser artifacts • Network requests The result = faster validation, better threat visibility, and more confident phishing response. Give your SOC the browser-level visibility to uncover phishing threats in seconds with ANY.RUN → click here for the power up. ----- #ad #paidpromotion #sponsored @Cyber_Security_Channel

Splunk Enterprise Zero-Day Exploited Days After Disclosure Attackers weaponized CVE-2026-20253, an unauthenticated remote code execution flaw in Splunk Enterprise, within days of public disclosure. CISA ordered federal agencies to patch within three days. The flaw enables full takeover without authentication, putting any internet-exposed Splunk deployment at immediate risk. @Cyber_Security_Channel

Join the Webinar: ImmuniWeb AI Platform, new products and features to discover the latest innovations of the award-winning ImmuniWeb® AI Platform, earn CPE credits, and learn how to strengthen your cybersecurity program while reducing operational costs. ⚡ Key Insights: ✔ Live demo of ImmuniWeb AI Platform ✔ AI governance & compliance ✔ Cybersecurity cost optimization strategies ✔ Application Security in the era of agentic AI ✔ Product roadmap & innovations ✔ Third-Party Risk Management (TPRM) automation ✔ New features & functionalities of ImmuniWeb AI Platform ✔ Takedown of malicious web content & phishing resources ✔ Continuous Threat Exposure Management (CTEM) best practices 📅 Date & Time: June 25, 2026 • Session 1 – Geneva 10am | Dubai 12pm | Singapore 4pm • Session 2 – Geneva 5pm | New York 11am | California 8am` 🎤 Host: Dr. Ilia Kolochenko, Founder, Chief Architect & CEO at ImmuniWeb.` ✅ Register: click here to proceed. ----- #ad #paidpromotion #sponsored @Cyber_Security_Channel

Researcher Earns $500K From Google in 90 Days Using Claude as an Automated Pentester A hunter known as “brutecat” collected half a million dollars in Google bug bounties by wiring Claude into a custom fuzzer that hit roughly 1,500 internal APIs — Google Voice/Fiber, YouTube TV, Widevine, Cloud Console GraphQL, Vertex AI Search, Maps, Nest, and Translation Hub. A month of iterative prompt engineering pushed reporting accuracy past 50%, with IDORs and broken access controls dominating the findings. The top bug — an unauthenticated gfibervoice API that exposed PII and let attackers assign phone numbers to victims — rated P0/S0 and paid $20,000 on its own. @Cyber_Security_Channel

North Korea’s BlueNoroff Uses AI-Generated Zoom Meetings to Rob Web3 Execs Arctic Wolf detailed a Lazarus subgroup campaign that hit 100+ crypto and Web3 leaders across 20 countries via typo-squatted links and ClickFix-style lures. Victims joined deepfaked Zoom calls where AI-generated participants kept them talking while fileless PowerShell stole credentials, webcam footage, and Telegram sessions. The stolen webcam and chat material is then recycled to build even more convincing fake meetings for the next round of targets. @Cyber_Security_Channel

Meta AI Support Bug Let Attackers Hijack 20,225 Instagram Accounts Meta disclosed that its AI-powered High Touch Support tool failed to verify whether the email submitted for a password reset actually matched the target account, letting anyone request a reset link for accounts without 2FA. The abuse started on April 17 and ran undetected until May 31, when Meta yanked the tool and invalidated all generated links. Exposed data may include DMs, posts, contact info, birthdays, and linked services; affected users have been force-reset and pushed through security checkpoints. @Cyber_Security_Channel

Microsoft: Attackers Impersonate ChatGPT, Claude, Copilot, and DeepSeek in New Phishing Wave Microsoft Threat Intelligence documented credential-harvesting emails, AI-themed malvertising, and SEO poisoning that lean on the trust users place in big AI brands. One ChatGPT-themed wave hit 100,000 inboxes a day across Switzerland, Austria, and South Africa, while a Claude lure framed as a policy violation reached 2,000+ orgs in the US, UK, and India. A fake DeepSeek V4 repo on GitHub also dropped Vidar Stealer; defenders should turn on phishing-resistant MFA, Safe Links, and train staff on AI-pretexted lures. @Cyber_Security_Channel

🤝 Cyber Security News is looking for ADVERTISERS Our community is continuously growing and we are searching for exciting companies & products to share with our audience. Requirements to Qualify • Relevant to channels niche / industry • Long-term approach and collaboration mindset • $2,000+ monthly ad spend budget to invest in campaigns What We Offer • Exposure to 60,000+ community members • Personal success manager to scale your campaigns • Brand awareness, leads, sign-ups, customers, followers, etc. 📩 Contact for Partnership If you are serious about promoting your business, send us an introduction Email → cybersecnewsinfo@gmail.com Important Note Spots to become a sponsor are limited. Reach out before they fill up. (we only have 7 left) - - - - - @Cyber_Security_Channel

Residential AI Data Centers: Security, Privacy, and Governance Concerns Another major concern is the blurring of ownership, accountability, and liability. Many of these emerging models fail to clearly define who owns processed data, who controls logs and telemetry, and who assumes responsibility following a breach or criminal misuse. Cyber_Security_Channel

Cisco: Leading AI Models Crack at 88% Under Multi-Turn Prompt Attacks Vendors Don't Test Cisco researchers tested 15 leading models from OpenAI, Anthropic, Google, Amazon and xAI and found multi-turn attack success rates of 8–88% versus 2–65% for single-turn — every model proved vulnerable when an attacker could adapt across turns. Grok 4.1 Fast Non-Reasoning was the worst at 88% multi-turn ASR; Amazon Nova 2 Lite the best at 8%, still flagged as meaningful residual risk. Successful tactics included role-play, misdirection, information decomposition, refusal reframing and incremental escalation. Vendor safety reports lean on single-turn benchmarks, so published claims understate real-world risk for enterprises deploying these models. @Cyber_Security_Channel

VaultJacking Hands Over an Entire Google Password Manager Vault for One Phished 6-Digit PIN Phishu researchers disclosed VaultJacking, which abuses Google Password Manager's cross-device sync so a single phished 6-digit GPM PIN unlocks the Security Level Secret protecting the vault. The attacker registers a fresh device in the victim's security domain and pulls every synced password and passkey — even hardware-backed ones — with no malware or device foothold required. Google is treating this as an accepted design trade-off rather than a bug, so no patch is on the way for Chrome 359 and later. Defenders are urged to split work and personal Chrome profiles, prefer on-prem password managers, train users on auth prompts, and tighten sync-layer security tiering. @Cyber_Security_Channel

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 — No Patch Yet Cisco disclosed CVE-2026-20245, a flaw in Catalyst SD-WAN Manager letting a netadmin-level attacker upload a crafted file and run arbitrary commands as root. Mandiant has observed limited in-the-wild exploitation, in some cases pushing rogue configurations down to edge devices. No patch and no workaround are available; attackers can chain it with earlier SD-WAN bugs (CVE-2026-20182, CVE-2026-20127) to obtain the required privileges. @Cyber_Security_Channel

Join the Webinar: Leveraging CTI and Dark Web Monitoring in Geopolitical Chaos to enhance your ImmuniWeb® AI Platform skills, earn CPE credits, and qualify to become ImmuniWeb® Certified Professional. ✔️ Key Insights: • New risks & cyber threats • AI in cybercrime: myths, reality • Dark Web Monitoring best practices to maximize ROI • Best practices of Cyber Threat Intelligence • Data sovereignty, supply chain and third-party risk management (TRPM) • Legal response to phishing and malware • Dealing with ransomware attacks & cyber insurance • Cybersecurity insurance and its pitfalls • Regulatory landscape in 2026 • Live demo of ImmuniWeb Date & Time: June 11 at 10am and 5pm CEST Host: Dr. Ilia Kolochenko, CEO & Chief Architect at ImmuniWeb, Attorney-at-Law. ✅ Register: Session 1 – June 11 , 2026 – Geneva 10am | Dubai 1pm | Singapore 5pm 👉 Click here. Session 2 – June 11 2026 – Geneva 5pm | New York 11am | California 8am 👉 Click here. ----- #ad #paidpromotion #sponsored @Cyber_Security_Channel

FBI: Silent Ransom Group Now Walking Into Law Firms Posing as IT Staff The FBI warned that Silent Ransom Group (aka Luna Moth, Chatty Spider, UNC3753) is now showing up in person at US law firms — when phishing fails — pretending to be IT support to plug storage devices into machines under the pretext of post-phishing imaging. The crew has targeted US legal, insurance, finance and healthcare firms consistently since spring 2023. After minimal privilege escalation, operators exfiltrate unencrypted data with WinSCP or renamed Rclone, then extort victims by threatening to leak files to employees and clients. Defenders are urged to reinforce physical access controls many organizations deprioritized as workloads moved to the cloud. @Cyber_Security_Channel

🚨 Phishing is Becoming Harder to Catch as Recent Attacks don’t Look like Phishing At All They hide behind Microsoft logins, OAuth flows, fake AI tool guides, banking alerts, and fake event invites. One click leads to stolen credentials, OTP theft, token abuse, or remote access. Bring faster phishing detection into your SOC to cut guesswork, speed up triage, and act before one click turns into business risk. 👉 Try ANY.RUN now: tap here to get started. ----- #ad #paidpromotion #sponsored @Cyber_Security_Channel