Cybersecurity Articles
338/69 Tuesday, June 23, 2026 A supply chain attack has been reported targeting organizations using Salesforce, in which attackers compromised the integration of a third-party application called Klue Battlecards to access and steal customer data. Salesforce disabled the application’s integration infrastructure on June 17, 2026, to stop unauthorized access. The company clarified that the incident […]
337/69 Tuesday, June 23, 2026 Cyber threat researchers from XLab have detected a new botnet named AryStinger, which has taken control of more than 4,000 outdated routers worldwide. The malware turns compromised devices into remotely controlled operational nodes for attackers. This incident represents a significant threat because attackers can use these devices to carry out […]
336/69 Monday, June 22, 2026 Security researchers have disclosed that attackers are actively exploiting CVE-2026-4020 in the Gravity SMTP plugin for WordPress, which is installed on more than 100,000 websites. The vulnerability is an Information Disclosure issue that allows unauthenticated attackers to access system configuration data, including API keys, secrets, and OAuth tokens configured for […]
335/69 Monday, June 22, 2026 Reports indicate that FortiBleed has exposed a large-scale attack campaign that attempted to log in to Fortinet VPNs through billions of Credential Spraying attempts, resulting in compromises of multiple organizations worldwide. The incident was discovered by Volodymyr “Bob” Diachenko, a researcher from SecurityDiscovery.com, after the attackers’ infrastructure was exposed on […]
334/69 Monday, June 22, 2026 ESET has published an investigation into the infrastructure of the Ransomware-as-a-Service group known as The Gentlemen, which has been active since late 2025 and has claimed more than 504 victims. Its primary targets are in Southeast Asia, South America, and Western Europe. What makes this group notable is not only […]
333/69 Friday, June 19, 2026 Security researchers have disclosed a supply chain attack affecting ShapedPlugin’s premium WordPress plugins. Attackers were able to inject malicious code into plugin packages distributed through the vendor’s official update infrastructure, meaning website administrators who installed or updated affected plugins through legitimate channels may have unknowingly received compromised files. According to […]
332/69 Friday, June 19, 2026 Kodak has confirmed that it is working with external cybersecurity experts to investigate a data breach after attackers gained unauthorized access to a portion of the company’s data. Kodak, formally known as Eastman Kodak Company, was founded in 1880 and is headquartered in Rochester, New York. The company operates in […]
331/69 Friday, June 19, 2026 Cybersecurity researchers have uncovered a new cybercrime campaign targeting cryptocurrency holders and digital asset investors seeking quick profits. The attackers use sophisticated trust-building techniques to trick victims into downloading and installing malware on their devices. What makes this campaign particularly noteworthy is that the threat actors do not rely solely […]
330/69 Thursday, June 18, 2026 Security researchers have uncovered a malware campaign leveraging Steam Workshop as a distribution channel for malicious files through wallpapers created for Wallpaper Engine. The attackers abuse the platform’s application wallpapers feature, a wallpaper type that allows Windows applications to run as wallpapers. As a result, seemingly harmless wallpaper files can […]
329/69 Thursday, June 18, 2026 Reports indicate that the hack-and-leak cybercriminal group FulcrumSec has claimed responsibility for breaching and stealing approximately 1.3 terabytes of data from Novo Nordisk, the Danish pharmaceutical giant behind major diabetes and weight-management medications such as Ozempic, Wegovy, Rybelsus, Victoza, and Saxenda, as well as several insulin products. The group’s claim […]
