Threat actors are actively exploiting a critical security flaw in the widely used Gravity SMTP WordPress plugin to extract sensitive configuration data, including API keys and authentication tokens. The vulnerability, tracked as CVE-2026-4020 with a CVSS score of 5.3, affects…
Windows 11 June Patch Triggers Microsoft Office Startup Issues
Microsoft’s June 2026 cumulative update for Windows 11 (KB5095051, OS Build 28000.2269) introduces an unexpected application compatibility issue that may disrupt enterprise workflows, as users report that Microsoft Office applications fail to launch when opened via certain third-party applications. The…
Hackers Could Abuse SQL Server 2025 AI Features to Steal Sensitive Data
A new security analysis has revealed that Microsoft SQL Server 2025’s native AI capabilities can be repurposed by attackers to stealthily exfiltrate sensitive data and establish command-and-control (C2) channels directly within the database engine, significantly expanding the post-exploitation attack surface.…
FortiBleed Leak Exposes 73,000 Fortinet VPN Credentials
Cyber threat actors successfully targeted and gained access to nearly 73,000+ internet-connected Fortinet VPN and firewall devices globally.… The post FortiBleed Leak Exposes 73,000 Fortinet VPN Credentials appeared first on Hackers Online Club. This article has been indexed from Hackers…
Navigating the future: Schiphol Airport’s journey to shift-left platform engineering
At the OpenShift Commons gathering in Amsterdam at KubeCon + CloudNativeCon earlier this year, attendees got a front-row seat to the digital transformation of one of the world’s most complex hubs. Roel Donker, Technology Lead within Royal Schiphol Group, joined…
Hackers Actively Exploiting WordPress SMTP Plugin With 100,000+ Installs to Access Sensitive Data
Hackers are actively abusing a sensitive information exposure flaw in the Gravity SMTP WordPress plugin, aggressively targeting over 100,000 sites to harvest configuration data and live email credentials. The vulnerability, tracked as CVE‑2026‑4020 and rated 5.3 (Medium), affects all Gravity…
Microsoft Office Applications Might Fail to Open Following Windows 11 June Update
Microsoft’s June 2026 Patch Tuesday update for Windows 11 (KB5095051) is causing unexpected issues, with users reporting that Microsoft Office applications fail to launch when accessed through certain third-party applications. The issue is listed as a known problem in the…
Rust Clipboard Hijacker Uses Fake GitHub Stars and VirusTotal Upvotes to Steal Crypto
A newly discovered malware campaign is quietly draining cryptocurrency wallets by doing something most security tools never see coming. Instead of relying on brute-force attacks or dark web exploits, the threat actor behind this campaign built a fake reputation engine…
Hackers Abuse PowerShell, VBScript, and BAT Files to Deliver Xctdoor Backdoor
A new wave of cyberattacks is targeting corporate employees through files that look exactly like legitimate job documents. Hackers are distributing malicious LNK files disguised as resumes, and the moment a victim opens one, the infection quietly begins. The attack…
PoC Exploit Released for HTTP/2 Bomb Remote DoS Vulnerability in Apache HTTP Server
A proof-of-concept (PoC) exploit has been publicly released for a critical Denial of Service vulnerability in Apache HTTP Server, tracked as CVE-2026-49975, dubbed the “HTTP/2 Bomb.” The flaw allows remote attackers to exhaust server memory and disrupt services without authentication,…
Rokarolla Banking Trojan Targets 200 Applications
The Android malware allows its operators to take control of infected devices and harvest sensitive information. The post Rokarolla Banking Trojan Targets 200 Applications appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Rokarolla…
Atlassian, Splunk Patch Critical Vulnerabilities
Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies. The post Atlassian, Splunk Patch Critical Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Splunk AI Toolkit Vulnerability Allows Arbitrary OS Command Execution
Splunk has disclosed a critical security vulnerability in its AI Toolkit that could allow authenticated administrators to execute arbitrary operating system commands on affected systems, raising significant concerns for enterprises that rely on Splunk for security analytics and automation. The…
Critical Command Execution Vulnerability Patched in Cisco ISE
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root. The post Critical Command Execution Vulnerability Patched in Cisco ISE appeared first on SecurityWeek. This article has been indexed…
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM…
Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents
Tenet researchers reveal how fake Sentry bug reports can trick AI coding agents into running code, exposing a new Agentjacking risk for developers today. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity
A long-running, stealthy campaign attributed to the China-nexus actor tracked as Velvet Ant has been found to include deeply engineered backdoors in the authentication stack: modified OpenSSH binaries and tampered PAM modules that exfiltrate credentials, record every executed command, and…
FortiBleed Exploit Campaign Hits 70,000+ Fortinet Firewalls Worldwide
A large-scale cyber espionage campaign dubbed “FortiBleed” has compromised more than 70,000 Fortinet firewalls and VPN gateways worldwide, exposing enterprise networks across 194 countries. The activity, first identified by security researcher Volodymyr Diachenko and further analyzed by Hudson Rock and…
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on…
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the…
Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
The photography giant confirmed a data breach after ShinyHunters claimed it stole 2.2 million records and threatened to leak them. This article has been indexed from Malwarebytes Read the original article: Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
F5 Patches Critical, High-Severity NGINX Vulnerabilities
Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code. The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
IT Security News Hourly Summary 2026-06-18 12h : 6 posts
6 posts were published in the last hour 9:34 : Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads 9:34 : GentleKiller targets more than 400 security processes across 48 products 9:34 : Hostile States Behind 75% of…
Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads
A novel evolution of LLMjacking: a threat actor leveraging a publicly exposed Ollama model server as the reasoning engine for an automated, multi-stage offensive framework. Rather than using the model for chat or resale, the attacker integrated unauthenticated model inference…