Cyber Threat Intel Feeds

BleepingComputer
2026-06-05 20:09:47

Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and Age...

The Hacker News
2026-06-05 20:05:30

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a R...

BleepingComputer
2026-06-05 19:50:58

Dark web Nemesis Market vendor gets 26 years for selling drugs

A California man was sentenced to more than 26 years in federal prison for trafficking fentanyl and methamphetamine through Nemesis Market, one of the world's largest dark web m...

404 Media
2026-06-05 18:51:47

ICE’s Plan to Let Cops Around the Country Scan Faces to Verify Immigration Status

ICE plans to give potentially more than a thousand agencies access to a facial recognition app that verifies a person's immigration status.

404 Media
2026-06-05 17:51:06

Behind the Blog: Dangerous Memes

This week, we discuss controversial memes, good times at Meta, and more.

404 Media
2026-06-05 17:28:06

The U.S. Military Quietly Turned GPS Into a Global ‘Numbers Station,’ Evidence Suggests

A random sequence in an innocuous GPS message field is likely encrypted traffic from the U.S. military's system for remotely updating cryptographic keys around the world.

The Hacker News
2026-06-05 16:53:40

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first dete...

404 Media
2026-06-05 16:52:30

K-pop Fans Are Calling Out Creepy Deepfakes of Idols

With some fans making sexualized AI-generated images and videos of idols, the rest of the fandom is standing up against the behavior.

BleepingComputer
2026-06-05 16:50:15

Over 900 US gas station tank gauge systems exposed to attacks

Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been f...

Unit 42
2026-06-05 16:05:42

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257

We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257. The post Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 appeared first on Unit 42.

BleepingComputer
2026-06-05 16:00:10

What 2026 DBIR Confirms: Attacks Are Living in the Browser

Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-laye...

The Hacker News
2026-06-05 14:33:38

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 (where "OP" stands for "opponent") that has been observed targeting Microsoft Inte...

The Hacker News
2026-06-05 13:20:00

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Eighteen months ago, the AI SOC was a marketing line. Today it's a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowin...

ANY.RUN's Cybersecurity Blog
2026-06-05 12:43:14

Leader in Malware Analysis: ANY.RUN Named Top Vendor in G2 Summer 2026 Awards

We are proud to announce that ANY.RUN has earned the title of Momentum Leader and ranked #1 in the Relationship Index in the latest G2 Summer Reports. Reflecting real security t...

Malwarebytes
2026-06-05 10:56:57

AI: Threat, tool, or both?

Public concern about AI is rising. We look at what's driving it, and why cybersecurity occupies a unique place in this debate.

The Hacker News
2026-06-05 10:38:59

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading...

The Hacker News
2026-06-05 09:01:41

FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins

Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe th...

Have I Been Pwned latest breaches
2026-06-05 08:53:15

BCD Travel - 396,313 breached accounts

In May 2026, the corporate travel management company BCD Travel was claimed as a victim of the ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from BCD wa...

BleepingComputer
2026-06-05 08:24:20

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root pri...

The Hacker News
2026-06-05 07:34:19

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay net...

404 Media
2026-06-05 00:03:02

Satya Nadella ‘Not Sure’ Who Said Microsoft Wanted to Make Addictive AI, Is Looking for Guy Who Did This

Microsoft's CEO seems unaware of what's going on at his own company.

BleepingComputer
2026-06-04 23:37:10

Brave Software releases Origin for a paid, bloat-free browsing experience

Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetization-focused feat...

BleepingComputer
2026-06-04 23:27:25

Hola Browser for Windows compromised to deliver cryptominer

The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. [...]

BleepingComputer
2026-06-04 22:47:16

Credit card theft campaign abuses Stripe to host stolen payment info

A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. [...]

404 Media
2026-06-04 21:02:38

I Must Attempt to Explain the LEGO Scandal Rocking YouTube, Entire State of Utah

The Bricks & Minifigs / Reckless Ben beef is breaking containment and can no longer be ignored.

BleepingComputer
2026-06-04 20:36:27

DentaQuest data breach exposed info of 2.6 million accounts

A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts. [...]

404 Media
2026-06-04 20:34:16

Immigrant Rights Lawyers File Lawsuit Over Palantir’s ELITE

Just Futures Law is seeking a wealth of documents related to the tech Palantir provides to ICE.

Cisco Talos Blog
2026-06-04 20:00:59

Reporting from Vegas: Networking, AI, and good boys

Joe’s on-the-ground report from Cisco Live U.S. is here, complete with therapy dog pictures and tips on handling conference overstimulation.

The Hacker News
2026-06-04 18:55:51

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is track...

The Hacker News
2026-06-04 17:15:26

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a si...

The Hacker News
2026-06-04 17:10:00

Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic'...

Data Matters Privacy Blog
2026-06-04 17:06:15

Cyber Strategy at the AI Frontier: President Trump Releases Executive Order to Promote Advanced Artificial Intelligence Innovation and Security

On June 2, 2026, President Trump issued the Executive Order, Promoting Advanced Artificial Intelligence Innovation and Security. The Executive Order carries forward several prio...

404 Media
2026-06-04 16:33:57

Watch These Judges Rip Into Lawyers For Citing Cases That Don't Exist

“It's striking, concerning, disappointing, and saddening to think that members of the bar would forward cases to a court that don't exist, and to think that the lawyers on the o...

Rapid7 Cybersecurity Blog
2026-06-04 15:53:41

How the “Swiss Cheese” model can help you choose the right MDR provider

Not all managed detection and response (MDR) solutions are equal. Finding the differences between vendors can be quite hard, and then understanding how those differences impact ...

404 Media
2026-06-04 15:30:13

Google Employees Internally Share Memes About How Its AI Sucks

Google’s CEO says 75% of the company’s code is AI-generated. The people who write that code say the AI they’re using is overhyped.

Cisco Talos Blog
2026-06-04 14:05:31

Winning the cyber marathon with Tony Giandomenico

Tony Giandomenico, Senior Director of Product Management, joins Amy to discuss the Talos Threat Hunting launch what he's excited about for the future of cybersecurity, and, of c...

NETSCOUT
2026-06-04 14:05:19

How to Operationalize Threat Hunting with NETSCOUT, SIEM, XDR, EDR, and SOAR

Threat hunting does not fail because security teams lack tools. It fails because the tools are often used as separate workspaces instead of connected parts of the same investiga...

Cisco Talos Blog
2026-06-04 14:05:05

Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting

Learn how Cisco Talos Threat Hunting uses hypothesis-driven methods and multi-domain telemetry correlation to find stealthy threats operating below automated detection thresholds.

Malwarebytes
2026-06-04 13:28:12

Travel scams are everywhere. Here’s how to avoid them

Learn how to spot travel scams, avoid risky bookings, and keep your personal information out of the wrong hands.

ANY.RUN's Cybersecurity Blog
2026-06-04 13:18:51

Q1 2026 Cyber Risk Report: Insights from 2.1 Million Malware and Phishing Investigations

Based on 2,101,483 malware and phishing investigations from Q1 2026, ANY.RUN‘s Cyber Risk report provides a real-world view of modern attack trends. It covers trending malware f...

Malwarebytes
2026-06-04 11:09:09

Meta’s AI support bot happily handed Instagram accounts to hackers

Hackers convinced an AI support bot to hand over Instagram accounts by changing recovery email addresses.

Have I Been Pwned latest breaches
2026-06-04 00:56:30

DentaQuest - 2,553,599 breached accounts

In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters "pay or leak" extortion campaign that resulted in the group publicly publishing hundre...

404 Media
2026-06-03 20:07:10

Demand Is Booming for New No Tech, Repairable Tractor

"There is consumer pressure to back away from technology that is unnecessary to perform everyday tasks."

Malwarebytes
2026-06-03 20:05:19

We found this fake-invoice campaign while scammers were still building it

Invoices pretending to be from Amazon, PayPal, and others reveal how criminals use fear and phone calls to steal money and devices.

Rapid7 Cybersecurity Blog
2026-06-03 18:27:08

A Day in the Life of an MDR Analyst: Inside the Modern SOC

What actually happens inside a SOC when an incident unfolds? Most teams see the alerts and the outcomes, but the decision-making in between is often less visible.At the Rapid7 2...

TRU Security by Acronis
2026-06-03 16:13:02

Backup operations at scale: Turning "green" indicators into recovery readiness

During disruptions — ransomware, outages or accidental deletions — what matters is whether recoverable points exist, how recent they are, and whether restores can be performed q...

Malwarebytes
2026-06-03 14:16:04

Keep getting calls from questionable numbers? Meet Scam Number Check

Scam Number Check lets you quickly check whether a number has been linked to scams before you call back, share information, or send money.

ANY.RUN's Cybersecurity Blog
2026-06-03 12:22:21

Release Notes: Decision-Ready SOC Reporting, Elastic Security Integration, and 1400+ Threat Coverage Updates

Security leaders are under growing pressure to reduce the time between threat detection and response without adding more complexity to already overloaded SOC workflows. ANY.RUN’...

Malwarebytes
2026-06-03 10:59:47

Infostealers are becoming the go-to phishing payload

Cybercriminals prefer infostealers to traditional phishing techniques because they reduce friction, scale well, and are widely available.