ShinyHunters Publishes Data Allegedly Stolen from DentaQuest, Potentially Affecting 2.6 Million People

308/69 Tuesday, June 9, 2026 Reports indicate that the ShinyHunters cybercrime group has published 234 GB of data it claims to have stolen from DentaQuest, one of the largest dental benefits administrators in the United States, after ransom negotiations failed. The group had listed DentaQuest on its Tor-based data leak site in May before later […]

chanapon

June 9, 2026

CISA Adds Actively Exploited SolarWinds Serv-U Vulnerability to KEV Catalog

306/69 Monday, June 8, 2026 CISA has added a high-severity vulnerability in SolarWinds Serv-U to its Known Exploited Vulnerabilities (KEV) catalog after finding evidence that it has been actively exploited in attacks. The vulnerability, tracked as CVE-2026-28318, has a CVSS score of 7.5 and is a Denial-of-Service (DoS) flaw that could cause service disruption under […]

chanapon

June 8, 2026

Claude Opus 4.8 Finds Vulnerability in Zcash Privacy System That Could Be Used to Create Hard-to-Detect Counterfeit Coins

305/69 Monday, June 8, 2026 Reports indicate that security researcher Taylor Hornby used Claude Opus 4.8 to help discover a critical vulnerability in Zcash’s Orchard Privacy Pool, the newer shielded transaction system of Zcash that has been in use since May 2022. The system uses Zero-Knowledge Proof technology to verify the validity of transactions without […]

chanapon

June 8, 2026

Critical Everest Forms Pro Vulnerability Exploited to Take Over WordPress Websites

304/69 Monday, June 8, 2026 Reports indicate that threat actors are actively exploiting a critical vulnerability (CVE-2026-3300) affecting the Everest Forms Pro plugin for the WordPress content management system, versions 1.9.12 and earlier. The vulnerability allows attackers to execute malicious code on the server without authentication, enabling threat actors to fully take control of affected […]

chanapon

June 8, 2026

WordPress Administrators Urged to Update Kirki and Burst Statistics Plugins Following Website Takeover Risks

303/69 Friday, June 5, 2026 Researchers from Defiant (Wordfence) have warned that threat actors are actively exploiting vulnerabilities in the WordPress plugins Kirki and Burst Statistics to escalate privileges and take control of vulnerable websites. The first flaw, tracked as CVE-2026-8206 (CVSS 9.8), affects Kirki versions 6.0.0 through 6.0.6. It is a privilege escalation and […]

sittisak mintaboon

June 5, 2026

Cyber Espionage Campaign Targeted Stock Exchange Executive’s Outlook Account for Over Five Months

302/69 Friday, June 5, 2026 Researchers from the Threat Hunting teams at Broadcom Symantec and Carbon Black have uncovered a cyber espionage campaign targeting the Outlook account of a senior executive at a major global stock exchange. The attackers maintained access to the compromised mailbox for approximately 150 days, from October 2025 to March 2026. […]

sittisak mintaboon

June 5, 2026

Threat Actors Leverage AI to Develop Automated Malware Testing Platform for EDR Evasion

301/69 Friday, June 5, 2026 Cybersecurity researchers have revealed that threat actors are increasingly leveraging artificial intelligence (AI) to develop automated malware testing platforms designed to evade Endpoint Detection and Response (EDR) solutions. The activity was observed targeting leading security products, including Sophos, CrowdStrike, and Microsoft Defender. The campaign was uncovered after suspicious payloads triggered […]

sittisak mintaboon

June 5, 2026

Google Releases Android Security Updates Addressing 124 Vulnerabilities, Including Actively Exploited CVE-2025-48595

300/69 Thursday, June 4, 2026 Google has released the June 2026 Android Security Bulletin, addressing a total of 124 vulnerabilities. Among the most significant is CVE-2025-48595, a privilege escalation vulnerability with a CVSS score of 8.4 that has reportedly been exploited in the wild. Google stated that there are indications of “limited, targeted exploitation” of […]

sittisak mintaboon

June 4, 2026

GoDaddy Discovers Malware on Nearly 2,000 WordPress Sites Using Steam as a Command-and-Control Infrastructure

299/69 Thursday, June 4, 2026 Security researchers at GoDaddy have reported the discovery of malware infecting approximately 1,980 WordPress websites. The malware uses the Valve Corporation Steam Community platform as its Command-and-Control (C2) infrastructure. Instead of communicating with traditional malicious servers, the malware retrieves commands from comments posted on Steam user profiles. While these comments […]

sittisak mintaboon

June 4, 2026

OpenAI Announces GPT-5.5 System Updates and Plans to Retire Older AI Models

298/69 Thursday, June 4, 2026 OpenAI has announced a new round of system updates aimed at improving the performance of GPT-5.5 Instant while also preparing to retire several older AI models, including o3 and GPT-4.5. The changes will directly affect paid users currently relying on these models. According to the company, the transition is intended […]

sittisak mintaboon

June 4, 2026
1 5 6 7 100