📰 DAILY THREAT BRIEFING
Sunday, June 28, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of June 28, 2026.

  1. Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
    — The Hacker News

    The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campai…
  2. Clean GitHub repo tricks AI coding agents into running malware
    — Bleeping Computer

    An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remain…
  3. OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
    — The Hacker News

    OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as par…
  4. Third-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk
    — Dark Reading

    Rising threats from third-party actors are forcing institutions to play defense to protect student data from ransomware and other attacks.
  5. FBI: Russian hackers now target Signal backup recovery keys
    — Bleeping Computer

    The FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Sign…
  6. CISA sets urgent deadline to fix Cisco flaw exploited in attacks
    — Bleeping Computer

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a vulnerability in Cisco U…
  7. FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
    — The Hacker News

    The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step…
  8. AI Decline? Confidence in Autonomous Penetration Testing Falls
    — Dark Reading

    Companies are still experimenting with automated AI systems to find security weaknesses, but fewer are relying on the technology.
  9. Threat Brief: Mitigating Large-Scale Credential Attacks
    — Unit 42

    We provide guidance for preparing for and mitigating large-scale credential attacks, focusing on recent campaigns targeting security vendors…
  10. Cisco Adds NHI to Security Stack With Astrix, WideField Acquisitions
    — Dark Reading

    Cisco joins a growing list of security platform providers that are betting that securing the agentic workforce means turning identity into t…
  11. CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure
    — Unit 42

    Government entities and critical infrastructure were targeted for espionage in SE Asia by attackers using a hybrid toolkit, including custom…
  12. What do Ports Hear When Nobody's Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
    — SANS ISC

    [This is a Guest Diary by Nicole Phillips, an ISC intern as part of the SANS.edu BACS program]

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7430 in last 30 days).
Critical: 1 · High: 2 · Medium: 17 · Low: 0. View full dashboard →

  1. CVE-2026-8095
    — CVSS 8.1 (HIGH)

    The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfm_dir_path parameter san…
  2. CVE-2026-10643
    — CVSS 8.7 (HIGH)

    Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg_controllen < pktinfo…
  3. CVE-2026-9242
    — CVSS 5.3 (MEDIUM)

    The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versio…
  4. CVE-2026-9233
    — CVSS 4.3 (MEDIUM)

    The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying th…
  5. CVE-2026-3462
    — CVSS 6.5 (MEDIUM)

    The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'upload_csv' and 'process_batch' functions in all versions up to, and including, 1.8.9. This…
  6. CVE-2026-13295
    — CVSS 6.4 (MEDIUM)

    The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via panels_data Parameter in all versions up to, and including, 2.34.3 due to insufficient input sanitization and output es…
  7. CVE-2026-12471
    — CVSS 4.3 (MEDIUM)

    The Spexo theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the activate_plugin function in all versions up to, and including, 2.0.11. This makes it possible for authenticated …
  8. CVE-2026-12432
    — CVSS 5.3 (MEDIUM)

    The WP Full Stripe Free plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 8.4.3 via the wpfs_update_failed_payment_status AJAX action. The handler is registered through both wp…
  9. CVE-2026-12399
    — CVSS 4.4 (MEDIUM)

    The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input s…
  10. CVE-2026-11987
    — CVSS 4.3 (MEDIUM)

    The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.4 …
  11. CVE-2026-11783
    — CVSS 6.4 (MEDIUM)

    The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Product SKU in all versions up to, and includ…
  12. CVE-2026-11773
    — CVSS 4.3 (MEDIUM)

    The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying th…
  13. CVE-2026-11597
    — CVSS 6.4 (MEDIUM)

    The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'infusionsoft-form' shortcode in versions up to, and including, 2.0.1. This is due to insufficient input sanit…
  14. CVE-2026-11364
    — CVSS 4.3 (MEDIUM)

    The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check …
  15. CVE-2026-13245
    — CVSS 6.1 (MEDIUM)

    The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and outpu…
  16. CVE-2026-12404
    — CVSS 5.3 (MEDIUM)

    The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user i…
  17. CVE-2026-12415
    — CVSS 9.8 (CRITICAL)

    The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravel_invoice_edit_account() AJAX action in versions up to, and including, 1.0.0. The handler is …
  18. CVE-2026-13422
    — CVSS 4.3 (MEDIUM)

    The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdq_validate_nonce function. This makes it possible for…
  19. CVE-2026-13335
    — CVSS 6.4 (MEDIUM)

    The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'cpm_point' Post Meta in all versions up to, and including, 1.2.6 due to insufficient input sanitization and o…
  20. CVE-2026-13333
    — CVSS 6.5 (MEDIUM)

    The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via 'query[select]' Parameter in all versions up to, and including, 4.5.5 due to insufficient esca…

Source: NVD CVE API 2.0


Generated by CryptXNet.ai Threat Intelligence Platform · June 28, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com