uk
Feedback
TECHZONE™

TECHZONE™

Відкрити в Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

Показати більше
595
Підписники
Немає даних24 години
-17 днів
-1030 день
Архів дописів
The Scripts on Your Checkout Page Are Now a PCI DSS Problem https://thehackernews.com/2026/06/the-scripts-on-your-checkout-page-are.html An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout, their browser is running far more than your code. Analytics tags, a tag manager, a support widget, a payment iframe: a modern checkout loads dozens of third-party scripts, and any one of them can be turned

Protecting legacy OT systems against modern cyberthreats https://www.welivesecurity.com/en/critical-infrastructure/protecting-legacy-ot-systems-modern-threats/ Many manufacturing plants depend on OT systems that stay in service for many years. That long run can hide significant cybersecurity risks.

Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments https://thehackernews.com/2026/06/crypto-clipper-campaign-abuses-fake.html An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research. The threat actor also has at their disposal a dedicated WordPress phishing page that acts as the central hub, alongside GitHub and SourceForge projects promoted by fake accounts, a YouTube channel, and a

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw. "Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end. Before his command-and-control server went dark, he installed OpenSSH and Tailscale on a victim's machine, building a way back in that did not run through the C2 at all. When the Havoc server went offline the next

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. "Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,"

Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization https://thehackernews.com/2026/06/adversarial-exposure-validation-turns.html For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It's validation. Security teams must decide which findings warrant action while operating under constant pressure and incomplete information. Increasingly, the challenge is not discovering potential risks. It is determining which risks

The Top 10 Attack Surface Exposures in 2026 https://thehackernews.com/2026/06/the-top-10-attack-surface-exposures-in.html Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication — anything internet-facing is immediately at risk. With time-to-exploit now down to a

FishMonger’s arsenal upgraded: SprySOCKS for Windows https://www.welivesecurity.com/en/eset-research/fishmongers-arsenal-upgraded-sprysocks-windows/ ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced stealthiness

144 Mastra npm Packages Compromised via Hijacked Contributor Account https://thehackernews.com/2026/06/144-mastra-npm-packages-compromised-via.html As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity. "A single npm account (ehindero) mass-published more

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving infrastructure. Palo Alto Networks Unit 42, which found and reported the bug through Google's bug bounty program, calls the technique "Pickle in the Middle" and said it saw no exploitation in the wild.

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures https://thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively. Attacks involving BabaDeda Loader, observed in April 2026, have targeted education and financial organizations. "Earlier BabaDeda activity was known for

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they give an operator near-total control of an infected phone: it lifts lock-screen PINs, reads and sends SMS, rewrites the clipboard to redirect crypto payments, and switches off Google Play

Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive https://thehackernews.com/2026/06/survey-94-of-incidents-involve.html Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms. Yet despite this abundance of information, many organizations continue to face a fundamental challenge: sifting through the noise to understand who is behind an IP and

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week https://thehackernews.com/2026/06/attackers-exploit-three-fortinet.html Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours. CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth https://thehackernews.com/2026/06/china-linked-sprysocks-backdoor-expands.html Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS," ESET said in a report shared with The Hacker News. "Both come with a hard-coded C&C [command-and-control] configuration and support communication over TCP, UDP,

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware called NarwhalRAT. "The attack email contained a message impersonating an MS account security alert," the Genians Security Center (GSC) said. "It was designed to create concern over possible

EvilTokens: A phishing attack that doesn’t steal your password https://www.welivesecurity.com/en/cybercrime/eviltokens-phishing-doesnt-steal-password/ A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing passwords or creating fake login pages

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0. "A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or