The Gentlemen Ransomware Group Uses GentleKiller Tool to Exploit Driver Vulnerabilities and Disable Security Systems

334/69 Monday, June 22, 2026 ESET has published an investigation into the infrastructure of the Ransomware-as-a-Service group known as The Gentlemen, which has been active since late 2025 and has claimed more than 504 victims. Its primary targets are in Southeast Asia, South America, and Western Europe. What makes this group notable is not only […]

chanapon

June 22, 2026

Microsoft 365 Copilot Vulnerability Could Allow Data Theft Through a Link Click

327/69 Wednesday, June 17, 2026 Security researchers have disclosed a vulnerability in Microsoft 365 Copilot Enterprise Search, known as SearchLeak, which could allow attackers to steal data from emails, files in SharePoint and OneDrive, as well as MFA codes or one-time verification codes. The attack could be carried out by tricking a victim into clicking […]

chanapon

June 17, 2026

Mackay Sugar, Major Australian Sugar Producer, Reports Cyberattack Affecting Operations

326/69 Wednesday, June 17, 2026 Mackay Sugar, one of Australia’s major sugar producers, disclosed that the company experienced a cyberattack on June 10, 2026, which affected some of its operations. Mackay Sugar operates three main sugar mills: Farleigh, Marian, and Racecourse, with an annual raw sugar production capacity of approximately 700,000 tonnes for both domestic […]

chanapon

June 17, 2026

U.S. Authorities Shut Down Deepfake Non-Consensual Intimate Image Websites Under the TAKE IT DOWN Act

325/69 Wednesday, June 17, 2026 The U.S. Department of Justice (DOJ) announced the seizure of the domains CFAKE[.]com and SOCFAKE[.]com, which were used to distribute pornographic images and videos created using artificial intelligence or deepfake technology without the consent of the individuals depicted. This marks the first public domain seizure enforcement action under the TAKE […]

chanapon

June 17, 2026

Supply Chain Attack via CDN Affects Popular WordPress Plugins Used by More Than 1.2 Million Websites

324/69 Tuesday, June 16, 2026 Security researchers have disclosed a supply chain attack affecting WordPress websites using Awesome Motive’s OptinMonster, TrustPulse, and PushEngage plugins. The attackers injected malicious code into JavaScript files served through the provider’s CDN. As a result, websites loading the affected scripts may have received modified code from the original source, without […]

chanapon

June 16, 2026

Extradited Ukrainian Man Pleads Guilty to Involvement in Conti Ransomware Attacks

323/69 Tuesday, June 16, 2026 Oleksii Oleksiyovych Lytvynenko, a 44-year-old Ukrainian national who was extradited from Ireland to the United States, has pleaded guilty in a U.S. court to conspiracy to commit wire fraud for his role in the Conti ransomware operation. Conti was one of the cybercrime groups that caused significant damage during the […]

chanapon

June 16, 2026

FBI Partners with Private Sector to Disrupt Large-Scale AI-Powered Phishing Platform

322/69 Tuesday, June 16, 2026 The U.S. Federal Bureau of Investigation (FBI), together with Google and Lumen’s Black Lotus Labs, has taken action to disrupt and dismantle a large-scale cybercrime network operating as a Phishing-as-a-Service platform under the name Outsider Enterprise. The platform reportedly used artificial intelligence (AI) technology to create phishing websites designed to […]

chanapon

June 16, 2026

Gogs Releases Patch for Zero-Day Vulnerability That Could Lead to Remote Code Execution

Gogs has released a patch to address a critical zero-day vulnerability that has not yet been assigned a CVE identifier. The flaw is an Argument Injection vulnerability that could allow attackers to execute code remotely on affected servers. The vulnerability affects all Gogs versions up to 0.14.2, including 0.15.0+dev, and has been fixed in version […]

chanapon

June 10, 2026

CISA Adds BerriAI LiteLLM and Check Point Security Gateway Vulnerabilities to KEV Catalog After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog after confirming that they have been actively exploited in attacks. The vulnerabilities are CVE-2026-42271 in BerriAI LiteLLM, a Command Injection flaw with a CVSS score of 8.7, and CVE-2026-50751 in Check Point Security Gateway, a Critical […]

chanapon

June 10, 2026

WhatsApp Blocks New Pegasus Spyware Campaign and Files Motion in U.S. Court Against Developer

WhatsApp has blocked a new wave of cyberattack activity linked to Pegasus spyware, developed by the Israeli company NSO Group. The company has also filed a motion in a U.S. federal court seeking sanctions against NSO Group for allegedly violating a previous court order that barred it from targeting users of the platform in connection […]

chanapon

June 10, 2026
1 4 5 6