Instagram Users Urged to Enable 2FA After Vulnerability Found in Account Recovery System

309/69 Tuesday, June 9, 2026 Meta disclosed that 20,225 Instagram accounts were taken over after attackers exploited a vulnerability in its AI-assisted account recovery system, known as High Touch Support (HTS), to request password reset links. The system was designed to help users recover access to their Instagram accounts when they are unable to log […]

chanapon

June 9, 2026

New C0XMO Botnet Malware Targets DD-WRT Router Vulnerability

307/69 Tuesday, June 9, 2026 Cybersecurity researchers from Fortinet have discovered a new botnet malware named C0XMO, which is derived from the Gafgyt botnet. The malware targets router devices running DD-WRT firmware, as well as video recording devices, video management platforms, and devices running the Android operating system. It can operate across various processor architectures, […]

chanapon

June 9, 2026

ShinyHunters Publishes Data Allegedly Stolen from DentaQuest, Potentially Affecting 2.6 Million People

308/69 Tuesday, June 9, 2026 Reports indicate that the ShinyHunters cybercrime group has published 234 GB of data it claims to have stolen from DentaQuest, one of the largest dental benefits administrators in the United States, after ransom negotiations failed. The group had listed DentaQuest on its Tor-based data leak site in May before later […]

chanapon

June 9, 2026

CISA Adds Actively Exploited SolarWinds Serv-U Vulnerability to KEV Catalog

306/69 Monday, June 8, 2026 CISA has added a high-severity vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabilities (KEV) catalog after finding evidence that it has been actively exploited in attacks. The vulnerability, tracked as CVE-2026-28318, has a CVSS score of 7.5 and is a Denial-of-Service (DoS) flaw that could cause service disruption under […]

chanapon

June 8, 2026

Claude Opus 4.8 Finds Vulnerability in Zcash Privacy System That Could Be Used to Create Hard-to-Detect Counterfeit Coins

305/69 Monday, June 8, 2026 Reports indicate that security researcher Taylor Hornby used Claude Opus 4.8 to help discover a critical vulnerability in Zcash’s Orchard Privacy Pool, the newer shielded transaction system of Zcash that has been in use since May 2022. The system uses Zero-Knowledge Proof technology to verify the validity of transactions without […]

chanapon

June 8, 2026

Critical Everest Forms Pro Vulnerability Exploited to Take Over WordPress Websites

304/69 Monday, June 8, 2026 Reports indicate that threat actors are actively exploiting a critical vulnerability (CVE-2026-3300) affecting the Everest Forms Pro plugin for the WordPress content management system, versions 1.9.12 and earlier. The vulnerability allows attackers to execute malicious code on the server without authentication, enabling threat actors to fully take control of affected […]

chanapon

June 8, 2026

Claw Chain Vulnerabilities in OpenClaw Could Lead to Data Theft and Privilege Escalation.

267/69 Monday, May 18, 2026 Researchers from Cyera disclosed four vulnerabilities in OpenClaw, collectively referred to as “Claw Chain.” These vulnerabilities affect all OpenClaw versions prior to the patch released on April 23, 2026. They could be chained together to steal data, plant backdoors, and gain high-level control over affected systems. The report stated that […]

chanapon

May 18, 2026

OpenAI Affected by Supply Chain Attack Involving Malicious TanStack Packages.

266/69 Monday, May 18, 2026 OpenAI disclosed that a supply chain attack involving malicious packages in the TanStack ecosystem resulted in the compromise of two employee devices. The incident also led to the exposure of some credentials from internal source code repositories. The attack has been linked to the threat group TeamPCP, which abused the […]

chanapon

May 18, 2026

Critical Vulnerability in WordPress Funnel Builder Plugin Exploited to Inject Credit Card Skimming Code into Online Stores.

265/69 Monday, May 18, 2026 E-commerce security company Sansec has detected a cyberattack targeting online stores running WooCommerce. Threat actors exploited a high-severity vulnerability in the WordPress Funnel Builder plugin to inject malicious JavaScript code into checkout pages. The vulnerability affects all plugin versions earlier than 3.15.0.3. At present, the plugin is actively used by […]

chanapon

May 18, 2026
1 5 6