Steam Workshop Used to Distribute Malware Through Wallpaper Engine, Risking Steam Account Compromise and Backdoor Installation

330/69 Thursday, June 18, 2026 Security researchers have uncovered a malware campaign leveraging Steam Workshop as a distribution channel for malicious files through wallpapers created for Wallpaper Engine. The attackers abuse the platform’s application wallpapers feature, a wallpaper type that allows Windows applications to run as wallpapers. As a result, seemingly harmless wallpaper files can […]

sittisak mintaboon

June 18, 2026

FulcrumSec Claims Theft of 1.3 TB of Data from Novo Nordisk Following Unauthorized System Access Incident

329/69 Thursday, June 18, 2026 Reports indicate that the hack-and-leak cybercriminal group FulcrumSec has claimed responsibility for breaching and stealing approximately 1.3 terabytes of data from Novo Nordisk, the Danish pharmaceutical giant behind major diabetes and weight-management medications such as Ozempic, Wegovy, Rybelsus, Victoza, and Saxenda, as well as several insulin products. The group’s claim […]

sittisak mintaboon

June 18, 2026

New Android Malware “Rokarolla” Targets Financial Applications and Cryptocurrency Wallets

328/69 Thursday, June 18, 2026 Researchers have identified a new Android malware strain named Rokarolla, which has been specifically developed to target more than 217 financial and cryptocurrency applications. The malware is distributed through fraudulent websites masquerading as legitimate download sources for popular applications such as Google Chrome and TikTok. Once installed, Rokarolla can obtain […]

sittisak mintaboon

June 18, 2026

Microsoft 365 Copilot Vulnerability Could Allow Data Theft Through a Link Click

327/69 Wednesday, June 17, 2026 Security researchers have disclosed a vulnerability in Microsoft 365 Copilot Enterprise Search, known as SearchLeak, which could allow attackers to steal data from emails, files in SharePoint and OneDrive, as well as MFA codes or one-time verification codes. The attack could be carried out by tricking a victim into clicking […]

chanapon

June 17, 2026

Mackay Sugar, Major Australian Sugar Producer, Reports Cyberattack Affecting Operations

326/69 Wednesday, June 17, 2026 Mackay Sugar, one of Australia’s major sugar producers, disclosed that the company experienced a cyberattack on June 10, 2026, which affected some of its operations. Mackay Sugar operates three main sugar mills: Farleigh, Marian, and Racecourse, with an annual raw sugar production capacity of approximately 700,000 tonnes for both domestic […]

chanapon

June 17, 2026

U.S. Authorities Shut Down Deepfake Non-Consensual Intimate Image Websites Under the TAKE IT DOWN Act

325/69 Wednesday, June 17, 2026 The U.S. Department of Justice (DOJ) announced the seizure of the domains CFAKE[.]com and SOCFAKE[.]com, which were used to distribute pornographic images and videos created using artificial intelligence or deepfake technology without the consent of the individuals depicted. This marks the first public domain seizure enforcement action under the TAKE […]

chanapon

June 17, 2026

Supply Chain Attack via CDN Affects Popular WordPress Plugins Used by More Than 1.2 Million Websites

324/69 Tuesday, June 16, 2026 Security researchers have disclosed a supply chain attack affecting WordPress websites using Awesome Motive’s OptinMonster, TrustPulse, and PushEngage plugins. The attackers injected malicious code into JavaScript files served through the provider’s CDN. As a result, websites loading the affected scripts may have received modified code from the original source, without […]

chanapon

June 16, 2026

Extradited Ukrainian Man Pleads Guilty to Involvement in Conti Ransomware Attacks

323/69 Tuesday, June 16, 2026 Oleksii Oleksiyovych Lytvynenko, a 44-year-old Ukrainian national who was extradited from Ireland to the United States, has pleaded guilty in a U.S. court to conspiracy to commit wire fraud for his role in the Conti ransomware operation. Conti was one of the cybercrime groups that caused significant damage during the […]

chanapon

June 16, 2026

FBI Partners with Private Sector to Disrupt Large-Scale AI-Powered Phishing Platform

322/69 Tuesday, June 16, 2026 The U.S. Federal Bureau of Investigation (FBI), together with Google and Lumen’s Black Lotus Labs, has taken action to disrupt and dismantle a large-scale cybercrime network operating as a Phishing-as-a-Service platform under the name Outsider Enterprise. The platform reportedly used artificial intelligence (AI) technology to create phishing websites designed to […]

chanapon

June 16, 2026

Operation Highland Discovered: Threat Actors Maintained Access Inside Internal Networks for More Than a Decade

321/69 Monday, June 15, 2026 Researchers have disclosed details of Operation Highland, a long-running cyber espionage campaign linked to the Velvet Ant threat group. The attackers were able to infiltrate and maintain access within target organizations’ networks-including critical infrastructure environments that were isolated from direct Internet connectivity-for up to 10 years. The intrusion reportedly began […]

sittisak mintaboon

June 15, 2026
1 3 4 5 100