- Hackers breached DHS information-sharing network
June 30, 2026
A key Department of Homeland Security information-sharing database was accessed by an unknown threat actor in recent weeks, potentially exposing sensitive data exchanged between federal, state, local and industry partners, according to two people familiar with the matter. DHS investigators are probing the intrusion of the Homeland Security Information Network, said both people, who spoke on ...
- Apple releases security patches for iOS, MacOS Tahoe, Safari
June 30, 2026
Apple has released security updates for more than two dozen security vulnerabilities across iPhone, iPad, and Mac. The updates for iOS/iPadOS, MacOS Tahoe, and Safari were issued after testing on iOS 26.6 and iPadOS 26.6 betas. What stands out in the update is that a lot of the vulnerabilities were found in WebKit, the browser engine that powers Safari ...
- Nearly 400 illegal World Cup 2026 streaming sites taken offline by US DOJ
June 30, 2026
Almost 400 domains have been seized as part of Operation Offsides – a coordinated global effort to take down sites illegally streaming the FIFA World Cup 2026. The sites were seized by the US Justice Department’s Criminal Division for violating copyright and intellectual property law. The takedowns were coordinated by members of the International Computer Hacking and ...
- ToddyCat: your hidden email assistant. Part 2
June 30, 2026
Kaspersky continue to share details on the malicious techniques and toolsets used by the ToddyCat APT group. In the first part of this report, they examined the group’s attacks aimed at stealing data from browsers, as well as from local and cloud email services. The methods used in that campaign indicated that ToddyCat was attempting ...
- Japan: Over 14 million login credentials leaked from six ISPs in major data breach
June 29, 2026
A data breach that has potentially exposed the email and password combinations for over 14 million customers across six internet service providers (ISPs) has been disclosed by Japanese telecoms provider KDDI Corporation. According to the company, hackers exploited a vulnerability in a third-party software to access the database of credentials. KDDI said that it immediately blocked ...
- ONResolver RAT Abuses TON Blockchain to Target Japan’s Hotel Industry
June 29, 2026
In late May 2026, suspicious emails were identified being sent to Japanese partner companies of Booking.com, with the subject line “Important: Guest Stay Review Request” (重要:ゲスト滞在レビュー依頼). In this attack, a zip file was downloaded by accessing a hyperlink to a suspicious web site, and the infection began when the user clicked a shortcut link file ...
- Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs
June 29, 2026
Nissan has joined the growing list of Oracle customers cleaning up after a cyberattack, warning employees that payroll records, bank details, Social Security numbers, and other personal data may have been stolen. In a filing submitted to the California Attorney General on Friday, Nissan Americas said Oracle had informed it of “a cyber event” involving the personnel records ...
- Fake GTA VI beta keys are already draining cryptocurrency wallets worldwide
June 27, 2026
Grand Theft Auto VI is not due on consoles until November 19 2026, but official preorders open soon, and cybersecurity researchers have warned criminals are already exploiting the wait with a coordinated wave of fraudulent websites. Malwarebytes and NordVPN have both flagged sites promising “VIP early access” or exclusive beta keys to one of gaming’s most anticipated ...
- Russian Intelligence Services Continue to Target Commercial Messaging Applications
June 26, 2026
The FBI and CISA are issuing this update to the March 20, 2026, Public Service Announcement I-032026-PSA to provide additional information to the public and encourage device owners to take actions to protect themselves. The FBI has identified multiple clusters of Russian Intelligence Services (RIS) cyber threat actors responsible for an ongoing commercial messaging application (CMA) phishing campaign against individuals of high ...
- Russian hackers were behind $2.5B hack of Jaguar Land Rover
June 26, 2026
Last year, hackers attacked car giant Jaguar Land Rover (JPL), one of the U.K.’s biggest employers. The hack halted production for months and made a dent in the country’s economy. The damage was so severe that the U.K. government decided to bail out the company with a £1.5 billion (around $2 billion) payment, and estimates say the hack cost the British ...
- Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk
June 26, 2026
The CVE-2024-2658 vulnerability was discovered in 2024 within the FlexNet Publisher component of the Schneider Electric Floating License Manager. This software handles license management across various Schneider Electric products used for comprehensive industrial automation ranging from PLC programming to centralized control room implementation. This vulnerability is a CWE-427: Uncontrolled Search Path Element issue. It stems from a system ...
- Polymarket says hackers stole users’ funds
June 25, 2026
Prediction market giant Polymarket confirmed that hackers stole funds from an unspecified number of users after a third-party breach. In an X post on Thursday, Polymarket said that a compromise at a third-party vendor allowed hackers to inject malicious code into its website “for some users.” The company said it has “contained” the incident and is ...
- Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs
June 25, 2026
A new self-destructing backdoor called Mistic used in intrusions since April appears to be linked to a criminal gang that compromises corporate networks and then sells that access to ransomware groups, according to security researchers. This backdoor, also tracked as MLTBackdoor, was first documented by Zscaler earlier this month, with the security shop suggesting the novel malware is ...
- Update Chrome to patch critical browser security flaws
June 25, 2026
Google released a security update for Chrome that fixes 18 vulnerabilities, including four rated Critical. There is no indication that any of these newly patched bugs are being actively exploited in the wild. The stable channel has been updated to 149.0.7827.196/197 for Windows and Mac and 149.0.7827.196 for Linux. The update will roll out over the coming days ...
- Almost half of ransomware victims have data stolen before they can even detect an intrusion
June 25, 2026
Criminals are getting better at hiding within their victims’ infrastructure, lurking and stealing files without triggering any alarms whatsoever. Earlier today, network detection and response experts ExtraHop released the “Global Threat Landscape Report”, based on a survey of more than 1,800 IT and security leaders worldwide. In it, it is said that roughly half (49%) of ...
- Elite network says it was hacked after members’ personal data was left exposed
June 25, 2026
Some organizations exist to be exclusive. They’re invite-only, and discreet, the kind of place where the membership directory is the product. Dialog, the exclusive network founded by billionaire investor and PayPal co-founder Peter Thiel, whose members include a sitting NATO commander, two US senators, and the US Treasury Secretary, is one of those. Last week, information on ...
- Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks
June 24, 2026
Europol together with partners from across the globe today announces a landmark blow to cybercriminal networks as part of Operation Endgame, a sweeping international operation targeting the criminal infrastructure behind ransomware and malware like SocGholish, Amadey, and StealC. In coordinated actions over the past two weeks, key components of these malicious toolkits were dismantled as ...

