Cybersecurity Hacking News

ShinyHunters Cascades: One Breach, Widespread Fallout

ShinyHunters turns single intrusions into domino effects through vishing, stolen SSO tokens, and supply-chain OAuth abuse.

Ecosystem hits multiply...

The ShinyHunters Domino Effect: One Breach, Hundreds of ...

picussecurity.com

The ShinyHunters Domino Effect: One Breach, Hundreds of ...

Why Traditional IoT Patching Can't Keep Up

Attackers now weaponize decades-old flaws faster than scanners detect them, making vulnerability management answer the wrong questions.

Legacy...

The Patch Will Not Save You: Why IoT Defense Is Becoming an Intelligence Problem

zerofox.com

The Patch Will Not Save You: Why IoT Defense Is Becoming an Intelligence Problem

Stolen AI Models Heighten Pharma IP Theft Risks

FulcrumSec's leak of Novo Nordisk's proprietary AI models alongside 1.3TB of data reveals how hackers now target trained models as high-value IP in drug development. This escalates risks beyond traditional clinical data theft.

Hackers Begin to Leak Novo Nordisk's Stolen Data

aitoday.io

Hackers Begin to Leak Novo Nordisk's Stolen Data

Why Traditional MFA Fails Against AI Impersonation

AI impersonation attacks target credentials and actions, not just perception. Detection-based training can't keep pace as AI improves faster than...

AI Impersonation: Why detection fails, what actually works

yubico.com

AI Impersonation: Why detection fails, what actually works

6h ago

24-Hour Patch Window Becomes Breaking Point

A Cloud Security Alliance report shows 80% of organizations missing the 24-hour patch window experience security incidents tied to known...

The 24-Hour Patch Window Is Becoming A Breaking Point ...

mescomputing.com

The 24-Hour Patch Window Is Becoming A Breaking Point ...

Zero-Days Exploited Before Patches Hit Cisco, Oracle, Ubiquiti

Cisco SD-WAN zero-day gave root access to a service provider network from late 2025 into March 2026, patched only on June 4
Oracle PeopleSoft flaw...

Malicious hackers exploit Cisco zero-day for highest access level at communications service provider

cyberscoop.com

Malicious hackers exploit Cisco zero-day for highest access level at communications service provider

AI + RICO: Joint Takedown of StealC and Amadey

Microsoft paired AI analysis with RICO to treat StealC and Amadey as one conspiracy, linking their shared infrastructure and suing five defendants.
-...

Microsoft uses AI to link two malware operations in racketeering suit

theregister.com

Microsoft uses AI to link two malware operations in racketeering suit

Third-Party Ransomware Hits Manufacturing and Government

Bajaj Auto suffered a ransomware attack on June 23, 2026, days after Tata Electronics faced a breach exposing over 630 GB of data linked to Apple...

Bajaj Auto hit by ransomware attack after Tata Electronics ...

crnasia.com

Bajaj Auto hit by ransomware attack after Tata Electronics ...

Palo Alto, IBM, Red Hat Join Forces on AI Vulnerability Shield

Palo Alto Networks, IBM, and Red Hat are integrating virtual patching with Project Lightwell to deliver same-day network protections before official...

Palo Alto, IBM & Red Hat Collaborate to Expand Vulnerability Protection with AI Security

thefastmode.com

Palo Alto, IBM & Red Hat Collaborate to Expand Vulnerability Protection with AI Security

11h ago

Endgame Hits Malware Supply Chain Hard

International authorities seized €41 million in crypto and disrupted 326 servers plus 142 domains tied to Amadey, StealC, and SocGholish.

Microsoft...

Amadey, StealC, and SocGholist malware disrupted by ‘Operation Endgame’

cyberinsider.com

Amadey, StealC, and SocGholist malware disrupted by ‘Operation Endgame’

Supply Chain Risks: Vendor Breaches Fuel Impersonation

LastPass breach via Klue vendor exposed customer contact and support data through compromised OAuth tokens, without touching password vaults.
-...

LastPass Confirms Vendor Breach Exposed Customer Contact, Support Data

techrepublic.com

LastPass Confirms Vendor Breach Exposed Customer Contact, Support Data

Common Patterns in Recent Phishing and Scam Campaigns

Scammers are impersonating trusted entities like tax authorities, software vendors, and email providers to exploit urgency and trust.

Fake tax...

Fake Income Tax Assessment Notice Delivers RAT-Like Malware to Windows Users

cybersecuritynews.com

Fake Income Tax Assessment Notice Delivers RAT-Like Malware to Windows Users

AI Compresses Cyber Attacks to 72 Minutes

AI-powered attacks now reach data exfiltration in under 72 minutes, down from nearly five hours the prior year.

Kill chain compression: AI agents...

How AI-Powered Attacks Outpace Traditional Security Defenses in 2026

novee.security

How AI-Powered Attacks Outpace Traditional Security Defenses in 2026

2026 Malware Trends: Infostealers, Loaders, RATs and Backdoors Compared

Modern malware shows striking diversity in families and tactics, all leveraging MaaS models and evasion techniques.

StealC infostealer and Amadey...

StealC and Amadey: Breaking down infostealers and the ...

microsoft.com

StealC and Amadey: Breaking down infostealers and the ...

FortiBleed Campaign: 110M Credentials Stolen from FortiGate Devices

The FortiBleed operation has harvested more than 110 million credentials since February 2026 by targeting exposed FortiGate appliances through...

FortiBleed campaign steals 110M credentials from ...

scworld.com

FortiBleed campaign steals 110M credentials from ...

Germany Tops Europe in Ransomware Hits Tied to Russia

Germany leads Europe as the top ransomware target, with attacks often tracing back to Russia and growing nearly twice as fast as in France. This...

Germany is Europe's top ransomware target, expert says

dpa-international.com

Germany is Europe's top ransomware target, expert says