News – June 2026

June 11, 2026

VRChat, Inc. has filed a data breach notice revealing that the information of more than 2.4 million users was involved in a data breach. According to the notice, VRChat experienced unauthorized access to some account data between May 10 and May 12, 2026. The access happened in VRChat’s cloud environment and involved user profile and login-related data. Read more… Source:  ...

June 10, 2026

Short-form video platforms like TikTok and Instagram Reels have become the latest way cybercriminals spread malware. We’ve already seen attackers move away from traditional phishing emails and toward tactics that trick people into installing malware themselves. Now they’re being lured with slick social media videos that promise free Spotify Premium, free Windows activation, or free Microsoft Office, but ...

June 9, 2026

The patient tally from the Synnovis ransomware attack continues to grow two years later, with Mid and South Essex NHS Foundation Trust confirming it was caught up in the breach. The trust told The Register that the Synnovis breach affected about 2,380 records relating to patients who underwent specialist diagnostic testing. The disclosure follows a similar announcement by Bedfordshire ...

June 9, 2026

French officials are investigating a compromise of the government’s encrypted messaging service Tchap after attackers hijacked an account and gained access to public chat rooms. The incident came to light on June 7 when France’s National Cybersecurity Agency (ANSSI) detected suspicious activity on Tchap, the government’s homegrown messaging service used across ministries and public sector organizations. The French ...

June 9, 2026

A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday. Cybersecurity firm Check Point Software said the bug affects several of its remote access tools, firewalls, and VPNs, which act as ...

June 9, 2026

Google has fixed its fifth actively exploited Chrome zero-day of 2026, and this one earned its finder a $55,000 bounty. The flaw, tracked as CVE-2026-11645, is an out-of-bounds memory access bug in Chrome’s V8 JavaScript engine. Google confirmed that the vulnerability is being exploited in the wild, but has disclosed little beyond the bare technical details. Read ...

June 8, 2026

WhatsApp said that it disrupted a new hacking campaign linked to NSO Group, a spyware maker that has been ensnared in countless cases of abuse all over the world. The messaging app maker accused NSO of violating an earlier court order that bars the company from targeting WhatsApp and its users with its spyware, and is seeking to ...

June 8, 2026

Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code. Many of the affected projects relate to Microsoft’s cloud service Azure and other tools used by developers to code with AI development apps, such as ...

June 8, 2026

While tracking the activities of 4BID Kaspersky researchers uncovered a new string of campaigns that appear to be the work of several interconnected actors. While politically motivated groups generally limit their scope to specific nations – for 4BID and its peers, primarily Russian and occasionally Belarusian organizations – the latest findings reveal a shift. The actual ...

June 5, 2026

From January through May 2026, Mandiant identified a financially motivated data theft extortion campaign executed by the threat cluster UNC3753 (also tracked as “Luna Moth,” “Chatty Spider,” and “Silent Ransom Group”) targeting dozens of organizations across professional, legal, and financial services in the United States. UNC3753 leverages voice phishing (vishing) and social engineering deception techniques to ...

June 4, 2026

Dozens of people have been arrested, and millions of dollars in cryptocurrency seized, in a large-scale, multi-national operation against internet scammers and fraudsters. On May 18, the US Department of Justice, the FBI, Secret Service, law enforcement agencies in the UK, Australia, Canada, New Zealand, and Thailand, as well as multiple commercial businesses such as Meta, ...

June 4, 2026

During review work related to an AppEsteem Windows Certified Application test, Sophos X-Ops recently identified an unexpected executable delivered alongside Hola Browser (version 1.251.91.0). The executable, me.exe, was not listed as a certified component, and appears to be a crypto-miner. After the issue was reported through the certification program, Hola reported that they had fixed their delivery pipeline, removing the condition that ...

June 3, 2026

Chinese spies are targeting UK government and military staff on job websites including LinkedIn to try to get access to classified or sensitive information, MI5 has warned. A bulletin has been released by the Five Eyes powers – the UK, US, Australia, Canada and New Zealand – highlighting an “aggressive” online recruitment strategy where spies for Beijing military ...

June 3, 2026

Over the past two months, the anonymous researcher Nightmare Eclipse (also known as Chaotic Eclipse) has publicly released six Windows vulnerabilities complete with ready-to-use exploits, without prior coordination with Microsoft. The most critical of these is MiniPlasma, a zero-day local privilege escalation exploit that grants attackers SYSTEM-level access. Read more… Source:  Kaspersky Sign up for the Cyber Security ...

June 3, 2026

Group-IB researchers expose a large-scale smishing and phishing operation impersonating 260+ brands across 72 countries, using fake Cloudflare error pages, geofencing, and encrypted WebSocket channels for real-time credit card theft. The operation has a layered anti-analysis evasion architecture, which uses convincing fake Cloudflare error pages, like the “Error 524” timeout screen, as a decoy. The malicious ...

June 2, 2026

In the first quarter of the year, ransomware groups increased their revenue by almost 40%, compared to the same period last year. This is according to a new report from cybersecurity researchers Rapid7, who said the increase is partly due to a maturing cybercriminal industry. Rapid7 based its findings on its research telemetry, which showed that ...

June 2, 2026

Password manager maker Dashlane says hackers have obtained at least a dozen encrypted vaults used for storing customer passwords during a weekend cyberattack. The company said on its website that hackers brute-forced the company’s two-factor authentication system, granting the hackers access to about 20 customer accounts. By defeating its two-factor mechanism, the hackers were able to download a copy of ...