Synology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update fixes three flaws: CVE-2026-13136, stemming from faulty authorization checks, may allow remote attackers to read…
KuinaExtractor Uses Telegram Exfiltration, UAC Bypass, and Sandbox Detection for Stealth
A newly uncovered infostealer called KuinaExtractor has been quietly evolving for over six months, posing a serious and growing threat to users across multiple platforms. Written in the Rust programming language, the malware targets browser data, cryptocurrency wallets, and credentials…
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP files to drop a Node.js implant and dig into front-desk machines, Microsoft says. The company has not attributed the activity…
China-Linked Hackers Strike Asian Critical Infrastructure with TinyRCT Backdoor
A China-linked threat group has been targeting critical infrastructure in Southeast Asia with a new custom backdoor called TinyRCT This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Hackers Strike Asian Critical Infrastructure with TinyRCT Backdoor
A decade of infrastructure development, one new name: Coinspaid Dev
The team behind Coinspaid Solutions steps into the spotlight with a mission to become the engineering voice of blockchain infrastructure. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: A…
Scammers Abuse Shopify to Send Fake Invoices and Steal Credentials via Fake Support Calls
Scammers are increasingly exploiting Shopify’s ecosystem and its Shop order-tracking app to deliver fraudulent invoices directly into users’ purchase histories, marking a shift from traditional email-based phishing to in-app social engineering attacks. Security researchers Luis Corrons and Jakub Vavra from…
Hackers Exploit WinRAR CVE-2025-8088 to Plant Startup Shortcut and Run PowerShell Loader
Hackers have weaponized a WinRAR path-traversal flaw tracked as CVE-2025-8088 to silently plant a Startup shortcut and run a multi-stage PowerShell loader that maps a headerless, reflectively loaded PE in memory. The campaign reuses the Ukrainian reconnaissance-themed lure seen in…
$3 Million Reportedly Stolen in Polymarket Hack
The decentralized prediction market said hackers targeted some of its users through a compromise of a third-party vendor. The post $3 Million Reportedly Stolen in Polymarket Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Ransomware gangs find Europe’s weakest link in third-party suppliers
Ransomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and April 2026 in its 2026…
IT Security News Hourly Summary 2026-06-26 12h : 9 posts
9 posts were published in the last hour 9:34 : Russian Authorities Used Cellebrite UFED to Break Into Human Rights Activist’s iPhone 9:34 : Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft 9:34 : Minecraft Malware Loader Uses RSA-Signed…
Russian Authorities Used Cellebrite UFED to Break Into Human Rights Activist’s iPhone
Russian authorities leveraged Cellebrite’s Universal Forensic Extraction Device (UFED) to gain access to a detained human rights activist’s iPhone, according to a detailed forensic investigation that raises fresh concerns over the use of commercial digital forensics tools in political repression.…
Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft
Polymarket confirmed hackers stole funds from some users after attackers injected malicious code through a compromised third-party vendor. Polymarket confirmed that a security breach at a third-party vendor allowed attackers to inject malicious code into its website, leading to the…
Minecraft Malware Loader Uses RSA-Signed Smart Contract Updates for Persistent C2
A new and highly sophisticated malware loader has been found hiding inside what appears to be a harmless Minecraft mod. Researchers have uncovered a campaign that blends blockchain technology and social engineering to steal player credentials and deliver additional malicious…
Miasma Malware Uses binding.gyp and Bun to Execute Hidden Payloads in npm Packages
Supply chain attackers are getting more creative, and the latest threat is proof of that. A malware campaign known as Miasma has been caught hiding inside widely used npm packages, using a clever mix of tools and techniques to stay…
CL-STA-1062 Hackers Use TinyRCT Backdoor to Target Southeast Asian Governments
A Chinese-speaking threat group known as CL-STA-1062 has been running a quiet but aggressive campaign against government agencies and critical energy infrastructure across Southeast Asia. The attackers, active since at least March 2022, spent much of 2025 targeting state-owned enterprises…
Mystery hackers use novel SharkLoader dropper against governments, software devs
Kaspersky researchers have uncovered a previously unknown cyberattack campaign that has compromised government organizations and software development companies in multiple countries. They first stumbled onto the campaign while investigating an attack on a diplomatic organization in Indonesia. What initially looked…
Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials
Mirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious…
Russia Used Cellebrite on Jailed Activist’s iPhone Months After Sales Cutoff
Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus. The finding,…
Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets
Turla has been using the backdoor against government and military organizations in Ukraine for espionage. The post Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst
macOS.Gaslight: DPRK Rust implant for Mac with a prompt injection payload designed to fool AI-based malware analysts. SentinelLabs researchers spotted a Rust-based macOS implant, dubbed macOS.Gaslight, that surfaced in early June after an Apple XProtect update pointed to a VirusTotal…
American Tower – 216,601 breached accounts
In June 2026, telecommunications tower infrastructure company American Tower was the target of a ShinyHunters “pay or leak” extortion campaign. The group subsequently published data allegedly taken from the company containing more than 200k unique email addresses belonging to employees,…
CISA Warns of Cisco Unified CM Vulnerability Exploited in Attacks
CISA has added a critical server-side request forgery (SSRF) vulnerability affecting Cisco Unified Communications Manager (Unified CM) to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies and organizations to apply patches immediately amid active exploitation in the wild. The…
First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild
CISA has added the remote code execution flaw CVE-2026-12569 to its Known Exploited Vulnerabilities catalog. The post First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
SIM-swapping gang busted in international police operation
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) arrested four suspected members of an organized cybercrime group accused of SIM swap attacks, cryptocurrency theft, and money laundering. The operation involved agents from the U.S. Federal Bureau of Investigation (FBI)…