🚨 New Cisco SD-WAN vulnerability under active exploitation.

CVE-2026-20245 lets authenticated netadmin attackers run commands as root via crafted file uploads.

No patches or mitigations are available.

Check /var/log/scripts.log for IoCs.

Read: https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html

🚨 73 Microsoft GitHub repos just went dark.

They were hit by Miasma, a self-replicating supply chain attack spreading through trusted open-source channels.

Azure and MicrosoftDocs repos were among those impacted.

Read this: https://thehackernews.com/2026/06/miasma-worm-hits-73-microsoft-github.html

🔥 AI just found 21 zero-days in FFmpeg.

That’s the video library bundled inside many apps, tools, containers, and devices. Some bugs sat untouched for 15–20 years.

Google Chrome also dropped PATCHES for a record 429 vulnerabilities this week.

Read: https://thehackernews.com/2026/06/ai-agent-uncovers-21-zero-days-in.html

🚨 A SolarWinds Serv-U bug is now on CISA’s exploited list.

CVE-2026-28318 can let unauthenticated requests crash the file server.

Patch: Serv-U 15.5.4 HF1.

Federal agencies have until June 19, 2026.

Read: https://thehackernews.com/2026/06/cisa-adds-actively-exploited-solarwinds.html

⚡ Your Smart TV might be scraping the web for 🤖 AI.

Not hacked. You tapped "accept" for fewer ads.

It said "occasionally." The fine print allows 200 GB a month.

Read ➝ https://thehackernews.com/2026/06/free-apps-are-quietly-turning-smart-tvs.html

Your IP. Your bandwidth. Someone else's bot.

OpenAI is adding “LOCKDOWN MODE” to #ChatGPT.

It won’t stop prompt injections.

It’s built to reduce what attackers want next: a way to leak your data out.

The mode limits tools that connect to the web or external services, including browsing, images, deep research, agent mode, and file downloads.

Read ➝ https://thehackernews.com/2026/06/new-chatgpt-lockdown-mode-limits-tools.html

⚡ #Microsoft is adding a 2-hour delay before VS Code extensions auto-update.

The wait gives maintainers more time to catch bad or compromised releases before they spread further.

⁃ Microsoft, #GitHub, and #OpenAI extensions update instantly
⁃ Manual updates still work anytime
⁃ npm, pnpm, Bun, Yarn, and Bundler added similar delays

Read details: https://thehackernews.com/2026/06/vs-code-adds-2-hour-extension-auto.html

🚨 Dozens of U.S. firms were targeted with a simple playbook:

> Fake invoice email
> Fake IT support call
> Screen share
> Remote access tool
> Data theft
> Extortion demand within 30 mins

UNC3753 hit legal, finance, and professional services firms in Jan–May 2026.

Read: https://thehackernews.com/2026/06/unc3753-used-vishing-and-physical.html

⚠️ China-linked spies hid where security tools often don’t look.

They used BRICKSTORM, PLENET, and AGENTPSD on #Linux appliances, including Egnyte Storage Sync, pfSense, and Synology NAS.

The access lasted at least 18 months.

Full story: https://thehackernews.com/2026/06/verdantbamboo-deploys-bsd-variant-of.html

AI isn’t just finding open-source bugs.

It may turn thousands of ignored scanner alerts into real attack chains — faster than maintainers can patch them.

That could force a new model for open-source security.

Why this matters now: https://thehackernews.com/2026/06/the-hardest-fork.html

🛑 Hackers can get into some Check Point VPNs without knowing the password.

And it’s already being exploited.

The bug is CVE-2026-50751 and affects IKEv1 Remote Access/Mobile Access setups.

Check if your gateways are exposed.

Read: https://thehackernews.com/2026/06/critical-check-point-vpn-flaw-exploited.html

AI is finding zero-days faster than security teams can respond.
NIST can't keep pace with CVEs.
Exploitation windows are now measured in hours.

Most vulnerability management programs weren't built for this environment.

In the latest Resilient Cyber episode, Chris Hughes sits down with Ivan Dwyer of Axonius to discuss what comes next — asset visibility, board conversations, AI vs. AI, and the metrics that actually matter when the volume explodes.

The Vulnpocalypse Playbook >> https://thn.news/vulnpocalypse-guide

🚨 Meta caught NSO Group trying again.

This time, the spyware vendor was linked to phishing links aimed at #WhatsApp users — even after a court order barred it from targeting them.

Now Meta wants NSO held in contempt.

Details: https://thehackernews.com/2026/06/meta-blocks-nso-groups-new-whatsapp.html

⚠️ AI didn't just make phishing better. It made it endless.

Attackers now spin up fake login pages and tailored lures in minutes. Every polished email piles onto your Tier 1 queue, and a real credential theft can sit buried while your team clears the noise.

Here's how SOCs are cutting through it 👇 https://thehackernews.com/2026/06/ai-phishing-is-crushing-socs-with-alert.html

> A worm loose in #Microsoft's own repos.
> A phone flaw is already being used to break in.
> Accounts stolen just by chatting with a support bot.
> A browser update that quietly mined crypto.
> Fake job ads hunting people with security clearances.
> A spy sitting in one inbox for five months.

That was just last week.

Here's everything you missed 👇 https://thehackernews.com/2026/06/weekly-recap-instagram-account-hacks.html

🚨 A single stray "!" in the #Linux kernel's firewall code (nftables).

That one character let any normal logged-in user become root, and step out of the container.

The fix? One line.

And the exploit (CVE-2026-23111) to abuse it just went public.

Read: https://thehackernews.com/2026/06/one-character-linux-kernel-flaw-enables.html

🚨 Hackers are already exploiting a flaw in LiteLLM, a widely used open-source AI gateway.

One bug (CVE-2026-42271) lets any logged-in user run commands on the server. Chain it with a second bug, and attackers get in with no login at all.

At risk: API keys, stored secrets, and everything connected to it.

🔗 Details: https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.html

The "IT helpdesk" messaging you on Microsoft Teams could be a complete stranger.

Then your manager calls to confirm it's urgent. Same voice, except it's an AI clone built from a clip online.

Brian Long, founder of Adaptive Security, takes apart the rest: no malware, no exploit, all built-in Microsoft tools. The only thing they have to break is you.

The 10-minute window where nobody notices 👇 https://thehackernews.com/expert-insights/2026/06/how-attackers-are-adding-ai-voice.html

🛑 37 poisoned wheels. 19 PyPI packages.

The malware can run when Python starts, before you import the poisoned PyPI package.

"Hades" installs Bun, starts a hidden stealer, and grabs GitHub, cloud, CI/CD, SSH, Docker, and developer secrets.

Read more on the Hades PyPI attack: https://thehackernews.com/2026/06/hades-pypi-attack-19-packages-poisoned.html

🚨 A website can figure out what you're doing on your computer.

No download. No permission. No popup.

> It's called FROST.
> Up to 95% accurate.
> And there's no fix yet.

You just leave the tab open, and JavaScript times your SSD to tell which sites you visit and which apps you open.

🔗 Learn how this works: https://thehackernews.com/2026/06/new-frost-attack-lets-websites-track.html

🚨 WARNING: Google just fixed a Chrome zero-day already used in real attacks.

The bug (CVE-2026-11645) hits V8, Chrome’s JavaScript engine, and can let attackers run code through a crafted HTML page.

Update your browser now.

Read the full story: https://thehackernews.com/2026/06/chrome-v8-zero-day-cve-2026-11645.html