TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше595
Підписники
Немає даних24 години
-17 днів
-1030 день
Архів дописів
595
The Scripts on Your Checkout Page Are Now a PCI DSS Problem
https://thehackernews.com/2026/06/the-scripts-on-your-checkout-page-are.html
An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here →
When a customer types their card number into your checkout, their browser is running far more than your code. Analytics tags, a tag manager, a support widget, a payment iframe: a modern checkout loads dozens of third-party scripts, and any one of them can be turned
595
Protecting legacy OT systems against modern cyberthreats
https://www.welivesecurity.com/en/critical-infrastructure/protecting-legacy-ot-systems-modern-threats/
Many manufacturing plants depend on OT systems that stay in service for many years. That long run can hide significant cybersecurity risks.
595
Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments
https://thehackernews.com/2026/06/crypto-clipper-campaign-abuses-fake.html
An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research.
The threat actor also has at their disposal a dedicated WordPress phishing page that acts as the central hub, alongside GitHub and SourceForge projects promoted by fake accounts, a YouTube channel, and a
595
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
https://thehackernews.com/2026/06/microsoft-confirms-rogueplanet-defender_02022423645.html
Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet.
The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw.
"Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender
595
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
https://thehackernews.com/2026/06/junior-hacker-used-tailscale-and.html
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials.
Ordinary stuff, until one move near the end.
Before his command-and-control server went dark, he installed OpenSSH and Tailscale on a victim's machine, building a way back in that did not run through the C2 at all. When the Havoc server went offline the next
595
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html
Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys.
"Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,"
595
Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization
https://thehackernews.com/2026/06/adversarial-exposure-validation-turns.html
For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain.
The problem is no longer visibility. It's validation. Security teams must decide which findings warrant action while operating under constant pressure and incomplete information. Increasingly, the challenge is not discovering potential risks. It is determining which risks
595
The Top 10 Attack Surface Exposures in 2026
https://thehackernews.com/2026/06/the-top-10-attack-surface-exposures-in.html
Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication — anything internet-facing is immediately at risk.
With time-to-exploit now down to a
595
FishMonger’s arsenal upgraded: SprySOCKS for Windows
https://www.welivesecurity.com/en/eset-research/fishmongers-arsenal-upgraded-sprysocks-windows/
ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced stealthiness
595
144 Mastra npm Packages Compromised via Hijacked Contributor Account
https://thehackernews.com/2026/06/144-mastra-npm-packages-compromised-via.html
As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity.
"A single npm account (ehindero) mass-published more
595
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2026-48907 (CVSS score: 10.0), is a case of improper access control that could facilitate arbitrary
595
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting
https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html
A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving infrastructure.
Palo Alto Networks Unit 42, which found and reported the bug through Google's bug bounty program, calls the technique "Pickle in the Middle" and said it saw no exploitation in the wild.
595
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
https://thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html
Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, BlueVoyant, and Huntress, respectively.
Attacks involving BabaDeda Loader, observed in April 2026, have targeted education and financial organizations.
"Earlier BabaDeda activity was known for
595
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
https://thehackernews.com/2026/06/new-rokarolla-android-malware-steals.html
Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands.
Together, they give an operator near-total control of an infected phone: it lifts lock-screen PINs, reads and sends SMS, rewrites the clipboard to redirect crypto payments, and switches off Google Play
595
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
https://thehackernews.com/2026/06/survey-94-of-incidents-involve.html
Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms.
Yet despite this abundance of information, many organizations continue to face a fundamental challenge: sifting through the noise to understand who is behind an IP and
595
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
https://thehackernews.com/2026/06/attackers-exploit-three-fortinet.html
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber.
In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours.
CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could
595
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
https://thehackernews.com/2026/06/china-linked-sprysocks-backdoor-expands.html
Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS.
"The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS," ESET said in a report shared with The Hacker News. "Both come with a hard-coded C&C [command-and-control] configuration and support communication over TCP, UDP,
595
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware called NarwhalRAT.
"The attack email contained a message impersonating an MS account security alert," the Genians Security Center (GSC) said. "It was designed to create concern over possible
595
EvilTokens: A phishing attack that doesn’t steal your password
https://www.welivesecurity.com/en/cybercrime/eviltokens-phishing-doesnt-steal-password/
A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing passwords or creating fake login pages
595
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.
"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or
Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
