9 posts were published in the last hour 9:34 : SmartApeSG Hackers Abuse Okendo Reviews Widget in E-Commerce Supply Chain Attack 9:34 : China-Linked Showboat Malware Uses Linux Persistence to Target Telecom Companies 9:34 : Cybersecurity Firms Impacted by Klue…
SmartApeSG Hackers Abuse Okendo Reviews Widget in E-Commerce Supply Chain Attack
A supply-chain style compromise in the Okendo Reviews widget that enabled the SmartApeSG threat actor to deliver staged JavaScript loaders across a wide e-commerce surface. Okendo’s client-facing review widget is deployed by more than 18,000 brands and commonly appears on…
China-Linked Showboat Malware Uses Linux Persistence to Target Telecom Companies
A sophisticated China-linked malware framework has been quietly targeting telecom companies across the Middle East for nearly four years. Showboat is a Linux-based tool that stayed completely hidden from antivirus systems until April 2026, raising serious concerns about the security…
Cybersecurity Firms Impacted by Klue Supply Chain Attack
The hackers exfiltrated data from Salesforce instances of Klue customers, such as Huntress and Recorded Future. The post Cybersecurity Firms Impacted by Klue Supply Chain Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Accenture to buy Dragos, runZero, and NetRise in $4.2 billion cybersecurity deal
Accenture is expanding its position with the acquisition of a majority stake in Dragos and all of runZero and NetRise to deliver end-to-end operational technology (OT) security for the critical infrastructure and industrial operations underpinning power grids, pipelines, manufacturing, distribution…
Google sets timeline for Android developer verification enforcement
Android’s developer verification protections will take effect on September 30, 2026, starting with users in Brazil, Indonesia, Singapore, and Thailand. Developers distributing apps through participating stores in those markets must complete the verification process by the deadline. Google Play, HONOR…
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data
Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026. To that end, organizations will be unable to connect to Salesforce…
CISA Issues Alert on Critical Splunk Enterprise Bug Under Active Exploitation
CISA has issued an urgent alert regarding a critical vulnerability in Splunk Enterprise, tracked as CVE-2026-20253, which is now listed in the Known Exploited Vulnerabilities (KEV) catalog following evidence of active exploitation. The flaw, categorized under CWE-306 (Missing Authentication for…
HazyBeacon Abuses AWS Lambda Function URLs for Stealthy Command-and-Control Operations
HazyBeacon is a stealthy cloud-native malware campaign identified as CL-STA-1020. It is exploiting Amazon Web Services (AWS) Lambda Function URLs to create covert command-and-control (C2) channels, marking a significant evolution in attacker tactics. According to recent Qualys research, the campaign…
Confidence Lacks in Threat Detection Across Non-Email Channels like Slack and Teams
Half of cybersecurity leaders lack confidence in detecting threats on Slack, Teams and other non-email platforms, despite growing attacker focus This article has been indexed from www.infosecurity-magazine.com Read the original article: Confidence Lacks in Threat Detection Across Non-Email Channels like…
Node.js Releases Security Updates for 12 Vulnerabilities, Two Rated High Severity
Node.js has announced critical security updates that address 12 vulnerabilities across its supported release lines. Among these, two high-severity flaws could lead to denial-of-service (DoS) conditions and authentication bypass. These updates, released on June 18, 2026, affect Node.js versions 22.x,…
The Invisible CEO of Crisis: Breaking the Cycle of CISO Burnout
When a major cyber incident hits, all eyes are on the CISO. They become the invisible CEO of crisis, steering the entire enterprise through the storm, managing stakeholders and making major decisions under immense pressure. The clock is ticking. Every…
Expanding Our Footprint: Local Cloud Availability for Prisma AIRS in Japan
Securing the Future of Japan’s AI Landscape The shift from static LLMs to autonomous agents has fundamentally changed the global threat surface. Frontier models like Anthropic’s Mythos can now autonomously discover hundreds … The post Expanding Our Footprint: Local Cloud…
Hackers Use Weaponized Windows Shortcuts to Spread Crypto Clipper Across USB Drives
A newly discovered cryptocurrency clipper malware has been quietly stealing digital assets from victims since February 2026, spreading through a trick that most users would never suspect: weaponized Windows shortcut files on USB drives. The malware is not just a…
Node.js Fixes 12 Vulnerabilities, Including 2 High-Severity Authentication Bypasses
Node.js has released a new round of security updates addressing 12 vulnerabilities across its supported release lines, including two high-severity flaws that could lead to authentication bypass and denial-of-service (DoS) attacks. The updates impact Node.js versions 22.x, 24.x, and 26.x,…
CISA Warns of Splunk Enterprise Critical Function Vulnerability Actively Exploited in Attacks
CISA has issued a high-priority alert warning organizations about a critical vulnerability in Splunk Enterprise that is actively being exploited in the wild. The flaw, tracked as CVE-2026-20253, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling immediate…
Frontier Airlines API Exposes Passport, Credit Card, and Personal Data via Boarding Pass Information
A security researcher known as BobDaHacker has revealed significant vulnerabilities in Frontier Airlines’ booking system. Thank you for being a Ghacks reader. The post Frontier Airlines API Exposes Passport, Credit Card, and Personal Data via Boarding Pass Information appeared first…
Did Iranian hackers cause operational disruptions to water and wastewater systems in the USA?
No, they did not. Handala, a hacker organization with alleged ties to the Islamic Republic of Iran, recently claimed it had gained the ability to… The post Did Iranian hackers cause operational disruptions to water and wastewater systems in the…
INC Ransomware Uses Double Extortion and Printer Ransom Notes to Pressure Victims
INC has matured from an emerging RaaS operation into one of 2026’s most active ransomware families, claiming more than 800 victims since 2023 and capitalizing on disruption among competitors to expand its affiliate base. The group’s recent campaigns demonstrate both…
ISA VDA 6.0.3 (part 2) — Information Security Sheet: IS Policies and Organization
This is the part 2 of the series about the TISAX label: TISAX getting started: A Deep Dive into the ISA Assessment Workbook (part 1). ISA VDA 6.0.3 (part 2) — Information Security Sheet: IS Policies and Organization …
Peter Thiel ‘s Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail
A simple website flaw exposed members, political profiles, login tokens, and dating data from Peter Thiel ‘s secretive Dialog network. Dialog, a private invitation-only organization cofounded in 2006 by billionaire tech investor Peter Thiel, has spent two decades refusing to…
eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th)
I detected an interesting phishing email this morning. It targets a major Belgian bank: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th)
AI-Powered Public Surveillance and Biometric Data Collection Expand Government Monitoring
Governments are expanding their digital reach in ways unimaginable just a decade ago. A growing wave of AI-powered surveillance, biometric data collection, and commercial spyware is reshaping how states monitor citizens and visitors. The scale of this shift is drawing…
Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC
WideField will accelerate Agentic SOC capabilities by expanding the lens on threat investigation to include identity, credentials, sessions, and blast radius. The post Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC appeared first on SecurityWeek. This article has…