ICYMI: 2026-06-04
Latest Headlines
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Hackers Spied on a Stock Exchange Executive’s Outlook Mailbox for Five Months
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones
Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
Webinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to Respond
Mirasvit Vulnerability Exploited to Execute Code on Magento Servers
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
Cisco Warns of Available PoC for Critical Unified CM Vulnerability
Hackers Impersonate Ghidra, dnSpy, and SpiderFoot to Spread Malware via Fake Download Sites
binding.gyp Supply Chain Attack Compromises Dozens of npm Packages Across Maintainer Accounts
Hackers Use Malicious Ads to Deliver FlutterShell Backdoor on macOS Systems
Hackers Use Fake Claude Code Install Page to Deliver Fileless .NET Infostealer
IronWorm Supply Chain Attack Uses Malicious npm Packages to Steal Developer Secrets
Stock Exchange Executive’s Outlook Account Targeted to Exfiltrate Credentials
CISA Warns of critical Magento Cache Warmer RCE flaw Exploited in Attacks
Anthropic’s Claude Oceanus-v1-p Opens to Red Team Testing, but Distribution is Compromised
Cybercriminals Shift From Fake Login Pages to Infostealer Malware in Phishing Attacks
Brave Software releases Origin for a paid, bloat-free browsing experience
Credit card theft campaign abuses Stripe to host stolen payment info
UN food agency discloses breach affecting 600,000 Gaza households
New IronWorm malware hits 36 packages in npm supply-chain attack
Hackers Are After the Gaps in Your Vulnerability Program: Here’s Their Playbook
Microsoft blames unexpected Windows driver updates on caching issue
Police dismantles fake ID marketplace used by migrant smugglers
Cisco warns of critical Unified CM flaw with PoC exploit code
– MTZ