PhishingMalware campaign uses VirusTotal manipulation, legitimate news sites to gain reputationLaura FrenchJune 18, 2026The clipboard hijacker campaign also uses “ghost networks” on social media to boost engagement.
Vulnerability ManagementMax severity Joomla Content Editor extension flaw targeted in automated attacksLaura FrenchJune 17, 2026The flaw was added to CISA’s Known Exploited Vulnerabilities catalog with a three-day deadline.
Critical Infrastructure SecurityAUR suspends new registrations as 1,500-plus malicious packages flood repositoryLaura FrenchJune 17, 2026Malicious build scripts deploy a Rust-based infostealer and eBPF rootkit.
AI/ML100-plus cyber leaders, experts urge feds not to block Fable accessLaura FrenchJune 16, 2026The growing list includes 26 CISO and CSOs, 21 CEOs, and experts from companies including Google, Sophos and NVIDIA.
Vulnerability ManagementCISA gives agencies 3 days to patch maximum severity Ivanti vulnerabilityLaura FrenchJune 12, 2026CISA’s newest binding operational directive imposes short deadlines for the most severe flaws.
Threat IntelligenceFBI shuts down 13 ‘consulting’ websites used for suspected Chinese espionageLaura FrenchJune 11, 2026The sites were used to lure security clearance holders into divulging classified information.
AI/ML‘Mythos-level’ Fable model released to public: How Anthropic plans to prevent misuseLaura FrenchJune 11, 2026Safeguard layers aim to block and reroute cyber-related requests while retaining Mythos-level capabilities.
Supply chainMini Shai-Hulud ‘Hades’ variant affects 23 PyPI package versionsLaura FrenchJune 10, 2026The JavaScript stealer payload includes an anti-analysis LLM prompt injection.
PhishingSuspected North Korean actors use fake ‘coding assignments’ to steal cryptoLaura FrenchJune 9, 2026Targets are encouraged to clone Git repositories to their VS Code or Cursor code editors.
Supply chainIronWorm malware, similar to Shai-Hulud, hits 57 projects across 9 organizationsLaura FrenchJune 5, 2026The malware targets developer credentials and cryptocurrency and self-propagates on npm.
