βXsolis Data Breach Impacts 1.4 Million People
https://securityaffairs.com/194067/cyber-crime/xsolis-data-breach-impacts-1-4-million-people.html
https://securityaffairs.com/194067/cyber-crime/xsolis-data-breach-impacts-1-4-million-people.html
Security Affairs
Xsolis Data Breach Impacts 1.4 Million People
Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clientsβ systems.
βUplevelling Black Hat Threat Hunters
https://blogs.cisco.com/security/bhasia-2026-noc-uplevelling-black-hat-threat-hunters/
https://blogs.cisco.com/security/bhasia-2026-noc-uplevelling-black-hat-threat-hunters/
Cisco Blogs
Uplevelling Black Hat Threat Hunters
Once you ingest major telemetry sources, how can we add value for our Threat Hunters? Check out how we brought in potentially malicious sandbox submissions to the analystsβ queue for triage.
βScattered Spider Hackers Plead Guilty on Day 1 of Trial
https://krebsonsecurity.com/2026/06/scattered-spider-hackers-plead-guilty-on-day-1-of-trial/
https://krebsonsecurity.com/2026/06/scattered-spider-hackers-plead-guilty-on-day-1-of-trial/
Krebs on Security
Scattered Spider Hackers Plead Guilty on Day 1 of Trial
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The duo wereβ¦
β€2
βSonicWall CVE-2024-40766 Proves Patching Is Not Remediation
https://latesthackingnews.com/2026/06/23/sonicwall-cve-2024-40766-patching-not-enough/
https://latesthackingnews.com/2026/06/23/sonicwall-cve-2024-40766-patching-not-enough/
LHN
SonicWall CVE-2024-40766 Proves Patching Is Not Remediation
A SANS audit of 14 patched SonicWall firewalls shows Akira ransomware still getting in via stale accounts and LDAP misconfigurations the firmware update never touched.
βAlgerian man charged with running two cybercrime marketplaces
https://cyberscoop.com/algerian-man-charged-cybercrime-marketplaces/
https://cyberscoop.com/algerian-man-charged-cybercrime-marketplaces/
CyberScoop
Algerian man charged with running two cybercrime marketplaces
Algerian man Abdellah Belmili was extradited to the U.S. and charged with running two illicit cybercrime marketplaces that targeted major American banks.
βHow hackers use PowerShell scripts to steal Telegram accounts | Kaspersky official blog
https://www.kaspersky.com/blog/telegram-no-password-session-stealer/56006/
https://www.kaspersky.com/blog/telegram-no-password-session-stealer/56006/
Kaspersky official blog
How hackers use PowerShell scripts to steal Telegram accounts
Cybercriminals are using a PowerShell script to hijack Telegram sessions and gain access to users' accounts without a password or verification codes.
βJustice Department seizes infrastructure used by cyber scam and criminal marketplace
https://cyberscoop.com/doj-huione-group-cybercrime-seizure/
https://cyberscoop.com/doj-huione-group-cybercrime-seizure/
CyberScoop
Justice Department seizes infrastructure used by cyber scam and criminal marketplace
The DOJ seized cloud infrastructure tied to Cambodia's Huione Group, disrupting a massive cybercrime marketplace used for billions in crypto scams and laundering.
βDifyTap: Four Bugs Put over 1 million AI Apps at Risk
https://securityaffairs.com/194081/hacking/difytap-four-bugs-put-over-1-million-ai-apps-at-risk.html
https://securityaffairs.com/194081/hacking/difytap-four-bugs-put-over-1-million-ai-apps-at-risk.html
Security Affairs
DifyTap: Four Bugs Put over 1 million AI Apps at Risk
Four flaws in Dify exposed cross-tenant data, documents and AI conversations. Two critical bugs enabled unauthenticated access and data theft
ββmacOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox
https://www.sentinelone.com/labs/macos-gaslight-rust-backdoor-turns-prompt-injection-on-the-analyst-not-the-sandbox/
https://www.sentinelone.com/labs/macos-gaslight-rust-backdoor-turns-prompt-injection-on-the-analyst-not-the-sandbox/
SentinelOne
macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox
DPRK-linked implant embeds 38 fabricated system messages that spoof an LLM triage harness, hiding a credential stealer and Telegram C2 underneath.
βTfL Hackers Plead Guilty After Breach Exposed Customer Data and Cost Β£29 Million
https://thecyberexpress.com/transport-for-london-cyberattack-plead-guilty/
https://thecyberexpress.com/transport-for-london-cyberattack-plead-guilty/
The Cyber Express
Transport For London Cyberattack Hackers Plead Guilty
Two alleged Scattered Spider members pleaded guilty to the Transport for London cyberattack that exposed customer data.
βMultiple Vulnerabilities in QNAP NAS Devices Resolved Through Security Updates
https://thecyberexpress.com/vulnerabilities-in-qnap-nas-cve-2025-59382/
https://thecyberexpress.com/vulnerabilities-in-qnap-nas-cve-2025-59382/
The Cyber Express
Vulnerabilities In QNAP NAS Expose Systems To Multiple Risks
Vulnerabilities in QNAP NAS, including CVE-2025-59382, could enable code execution, data theft, privilege escalation, and DoS attacks.
βNational Health Care Fraud Takedown Charges 455 Defendants in $6.5 Billion Fraud Crackdown
https://thecyberexpress.com/national-health-care-fraud-takedown/
https://thecyberexpress.com/national-health-care-fraud-takedown/
The Cyber Express
National Health Care Fraud Takedown Charges 455 Defendants
The National Health Care Fraud Takedown led to charges against 455 defendants tied to over $6.5 billion in alleged health care fraud.
βKDDI Data Breach May Have Exposed Up to 14.22 Million Email Accounts
https://thecyberexpress.com/kddi-data-breach-14-million-email-leak-2026/
https://thecyberexpress.com/kddi-data-breach-14-million-email-leak-2026/
The Cyber Express
KDDI Data Breach Exposes 14.22M Email Accounts
KDDI data breach exposes up to 14.22M emails and passwords via ISP systems after threat actor exploited third-party software flaws.
βOne Railway Radio Outage Stopped Trains Across Germany and Nobody Knew Why
https://securityaffairs.com/194117/security/one-railway-radio-outage-stopped-trains-across-germany-and-nobody-knew-why.html
https://securityaffairs.com/194117/security/one-railway-radio-outage-stopped-trains-across-germany-and-nobody-knew-why.html
Security Affairs
One Railway Radio Outage Stopped Trains Across Germany and Nobody Knew Why
A nationwide GSM-R outage halted trains across Germany, exposing the risks of relying on an aging rail communications system.
βPostCSS npm Typosquat: How to Check If Your Machine Is Compromised
https://latesthackingnews.com/2026/06/24/malicious-npm-packages-postcss-rat-detection/
https://latesthackingnews.com/2026/06/24/malicious-npm-packages-postcss-rat-detection/
LHN
PostCSS npm Typosquat: How to Check If Your Machine Is Compromised
Three malicious npm packages posing as PostCSS tools have been installing a Windows RAT on developer machines. Here is how to detect them and what to do if you find them.
βOpen-source security is posing challenges governments canβt easily solve
https://cyberscoop.com/open-source-software-security-crisis/
https://cyberscoop.com/open-source-software-security-crisis/
CyberScoop
Open-source security is posing challenges governments can't easily solve
An epidemic of cyberattacks exposes widening gaps in open source software security, as experts warn that U.S. government defense efforts have stalled.
βFortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product Catalog
https://securityaffairs.com/194132/cyber-crime/fortibleed-the-broker-who-turned-73000-firewalls-into-a-product-catalog.html
https://securityaffairs.com/194132/cyber-crime/fortibleed-the-broker-who-turned-73000-firewalls-into-a-product-catalog.html
Security Affairs
FortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product Catalog
FortiBleed exposed credentials for 73,000+ Fortinet firewalls, revealing a large-scale access-brokering operation targeting orgs worldwide
βU.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/194142/security/u-s-cisa-adds-ubiquiti-unifi-os-and-lantronix-eds5000-plugin-flaws-to-its-known-exploited-vulnerabilities-catalog.html
https://securityaffairs.com/194142/security/u-s-cisa-adds-ubiquiti-unifi-os-and-lantronix-eds5000-plugin-flaws-to-its-known-exploited-vulnerabilities-catalog.html
Security Affairs
U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 flaws to its Known Exploited Vulnerabilities catalog.
βStrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader
https://securelist.com/strikeshark-campaign/120326/
https://securelist.com/strikeshark-campaign/120326/
βCisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild
https://securityaffairs.com/194153/uncategorized/cisco-unified-cm-flaw-cve-2026-20230-actively-exploited-in-the-wild.html
https://securityaffairs.com/194153/uncategorized/cisco-unified-cm-flaw-cve-2026-20230-actively-exploited-in-the-wild.html
Security Affairs
Cisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild
Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access
βWhy Frontier AI makes prioritization the most important part of your CTEM program
https://securityaffairs.com/194161/ai/why-frontier-ai-makes-prioritization-the-most-important-part-of-your-ctem-program.html
https://securityaffairs.com/194161/ai/why-frontier-ai-makes-prioritization-the-most-important-part-of-your-ctem-program.html
Security Affairs
Why Frontier AI makes prioritization the most important part of your CTEM program
Frontier AI could drive a 10x surge in vulnerabilities. CTEM helps orgs continuously identify, prioritize, and reduce real cyber risk