ICYMI: 2026-06-15
Latest Headlines
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
The Onboarding Password Mistake That Creates Unnecessary Risk
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Meta Tapped a Pentagon Supplier to Prototype Face Recognition for Its Glasses
Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer
Chinese Hackers Target Medical, Military, and AI Research in North America
NewCore Emerges From Stealth Mode With $66 Million in Funding
Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges
French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
DPAPISnoop Tool Extracts CREDHIST Hashes for Offline Windows Credential Recovery
SHADOWBYT3$ Allegedly Claim Breach of Nintendo, Stealing Sensitive Data
Anthropic Updated Privacy Policy to Include Identity Verification for Claude Users
Critical Microsoft 365 Copilot Vulnerability Allows Attackers to Steal Data in One Click
Hackers Use Microsoft Graph Reconnaissance to Target Payroll and HR Employees
China-Nexus Hackers Use Backdoored PAM Modules for Credential Theft and Authentication Bypass
SearchJack Campaign Uses 23 Chrome Extensions to Hijack Searches of 758,000 Users
PromptSnatcher Ad Blocker Extensions Steal AI Chats From ChatGPT, Claude, and Gemini
DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
SimpleHelp bug lets hackers create rogue remote support accounts
OptinMonster WordPress plugin hacked in CDN supply-chain attack
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Council of Europe investigates ShinyHunters data breach claims
Vibe coders are gonna vibe code: How CISOs are tackling code sprawl
Chinese hackers breach REDCap servers, steal medical research
New attack turned Microsoft 365 Copilot into 1-click data theft tool
Infinite Campus data breach affects 137,000 school staff accounts
Webinar: How behavioral AI stops phishing and account takeovers
– MTZ