HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of June 26, 2026.
-
Anthropic is testing desktop-like Claude Cowork for mobile
— Bleeping Computer
Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. […] -
Poland busts SIM-swapping gang tied to millions in crypto theft
— Bleeping Computer
Authorities in Poland have arrested four members of an organized cybercrime group accused of breaching telecommunications partners and hijac… -
CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure
— Unit 42
Government entities and critical infrastructure were targeted for espionage in SE Asia by attackers using a hybrid toolkit, including custom… -
In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw
— Dark Reading
The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified CM SME deployme… -
Russian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses
— Dark Reading
The FSB state-sponsored operation has gotten a lot better at loading its malware and hiding its servers. -
EdTech Attackers Shift From Schools to Their Software Suppliers
— Dark Reading
Educational institutions, the edtech companies they rely on, and, more concerningly, the challenges they pose for schools are the focus of t… -
Order-tracking app Shop abused to push callback phishing attacks
— Bleeping Computer
Threat actors are increasingly abusing Shop, the order-tracking app from Shopify, by adding fake purchase receipts in users' order histories… -
Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
— The Hacker News
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code. Accord… -
ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
— The Hacker News
It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old creds … -
Surviving the Mythos Era: Richard Bejtlich on the Case for NDR
— The Hacker News
Despite the abundance of telemetry at analysts’ disposal, many security operations teams struggle to answer a few basic questions during i… -
What do Ports Hear When Nobody's Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
— SANS ISC
[This is a Guest Diary by Nicole Phillips, an ISC intern as part of the SANS.edu BACS program] -
Linux Process Name Masquerading, (Wed, Jun 24th)
— SANS ISC
In a previous diary, I talked about stack strings[1] with a practical example of them. Since my SEC6…
🪲 NVD — Last 20 Scored Vulnerabilities
Latest scored CVEs from the National Vulnerability Database (8305 in last 30 days).
Critical: 1 · High: 9 · Medium: 9 · Low: 1. View full dashboard →
-
CVE-2026-9222
— CVSS 8.1 (HIGH)
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior only require the password hash when authenticating with backend services from the client. This could allow an attacker, who knows the hash, t⦠-
CVE-2026-9221
— CVSS 7.5 (HIGH)
The Setracker2 Android Companion App (com.tgelec.setracker) versions 3.1.5 and earlier uses MD5 to generate a request signature for authenticating communications between the mobile client and the backend REST API. Attack⦠-
CVE-2026-9220
— CVSS 7.5 (HIGH)
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior encrypts requests between the watch and its backend with static hardcoded AES keys and initialization vectors. This allows an attacker to dec⦠-
CVE-2026-9219
— CVSS 6.5 (MEDIUM)
Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior have a predictable registration ID derived from IMEI. The enrollment system lacks additional authentication before assignment. If an attacker⦠-
CVE-2026-13322
— CVSS 3.8 (LOW)
A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine(), which buffers input indefinitely until a newline character is received, with no len⦠-
CVE-2026-13318
— CVSS 6.4 (MEDIUM)
A server-side request forgery (SSRF) flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance (VMI), virt-api reads the target IP from vmi.Status.Inte⦠-
CVE-2026-13218
— CVSS 4.2 (MEDIUM)
A flaw was found in KubeVirt's virt-handler network cache handling. The WriteToCachedFile function writes data to a launcher-rooted path using os.WriteFile and os.Chown without symlink protection. A user with access to t⦠-
CVE-2026-13083
— CVSS 6.9 (MEDIUM)
A flaw was found in the Pen Drive report generator. Cluster-sourced data is rendered into HTML reports without proper escaping or sanitization. An attacker with cluster administrator privileges can inject a stored cross-⦠-
CVE-2026-12993
— CVSS 6.5 (MEDIUM)
A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE declarations or enable FEATURE_SECURE_PROCESSING. An attacker with artifact-⦠-
CVE-2026-40084
— CVSS 6.5 (MEDIUM)
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report format_file Parameter, causing arbitrary file read. This vulnerability oc⦠-
CVE-2026-40083
— CVSS 7.2 (HIGH)
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsanitized unserialize+implode in managers.php. At line 756 of managers.php, the application assi⦠-
CVE-2026-40082
— CVSS 5.4 (MEDIUM)
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate_id() after login, leading to Session Fixation. session_regenerate_id() is NOT called after suc⦠-
CVE-2026-40080
— CVSS 6.1 (MEDIUM)
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring check rather than a host check at str_contains($referer, CACTI_PATH_URL). ⦠-
CVE-2026-54479
— CVSS 7.3 (HIGH)
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predictable session identi⦠-
CVE-2026-50176
— CVSS 7.5 (HIGH)
The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks or brute-force attacks⦠-
CVE-2026-44622
— CVSS 6.5 (MEDIUM)
Charging station authentication identifiers are publicly accessible via web-based mapping platforms. -
CVE-2026-40702
— CVSS 9.4 (CRITICAL)
WebSocket endpoints lack proper authentication mechanisms, enabling attackers to impersonate charging stations. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform un⦠-
CVE-2026-22879
— CVSS 8.1 (HIGH)
vtk vtk-dicom vtkDICOMItem::NewDataElement heap-based buffer overflow vulnerability -
CVE-2026-12992
— CVSS 7.4 (HIGH)
A flaw was found in Apicurio Registry. The WSDLReaderAccessor creates a wsdl4j WSDLReader without disabling the javax.wsdl.importDocuments feature. When the VALIDITY rule is set to FULL, an attacker with Developer-role a⦠-
CVE-2026-12975
— CVSS 8.5 (HIGH)
A flaw was found in Apicurio Registry. The ContentTypeUtil.isParsableXml() method creates a SAXParserFactory without enabling secure processing features or disabling external entity resolution. An attacker with artifact-â¦
Source: NVD CVE API 2.0
Generated by CryptXNet.ai Threat Intelligence Platform · June 26, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com
Leave a Comment