The Behavior of Coordinated SSH Brute Force Attacks over the last three month...
Thursday, June 18, 2026
[This is a Guest Diary by Adam Nason, an ISC intern as part of the SANS.edu BACS program]
.. read more..
INC Ransomware Thrives by Mastering the Basics
Wednesday, June 17, 2026
And one of those basics is focusing on sectors where a ransomware disruption creates immediate pressure to pay up, like with healthcare. .. read more..
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Wednesday, June 17, 2026
Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50656 (CVSS score: 7.8), with the tech giant describing it as a privilege escalation flaw. "Microsoft is ... .. read more..
FortiBleed Attack Exposes Fortinet Firewall Credentials in 194 Countries
Wednesday, June 17, 2026
Researchers say FortiBleed used stolen and tested credentials to access exposed Fortinet firewalls, putting major organizations and public agencies at risk now. .. read more..
The browser blind spot: Why your security tool may not be blocking what you t...
Wednesday, June 17, 2026
[This is a guest diary submitted by Varun Murdula]
.. read more..
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Off...
Wednesday, June 17, 2026
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end. Before his command-and-control server went dark, he installed OpenSSH and Tailscale on a victim's machine, building ... .. read more..
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed ...
Wednesday, June 17, 2026
Multiple firms have observed active exploitation of the FortiSandbox defects, and warn that the attacks originate from multiple sources, not a single campaign. The post Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April appeared first on CyberScoop . .. read more..
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Ch...
Wednesday, June 17, 2026
Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. "Every plugin poses as an AI coding assistant built on DeepSeek and other l... .. read more..
The OpenClaw security risks every CISO needs to know
Wednesday, June 17, 2026
The business case for OpenClaw is clear, but so are the security risks. Learn why a cybersecurity expert says deployments are putting enterprises in real danger. .. read more..
ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat
Wednesday, June 17, 2026
A detailed ESET MDR vs Sophos MDR comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose. .. read more..
The Top 10 Attack Surface Exposures in 2026
Wednesday, June 17, 2026
Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authen... .. read more..
CISA orders feds to patch max severity Joomla plugin flaw by Friday
Wednesday, June 17, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity flaw in the Widget Factory Joomla Content Editor (JCE) plugin that is being actively exploited in the wild. [...] .. read more..
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Ch...
Wednesday, June 17, 2026
Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. "Every plugin poses as an AI coding assistant built on DeepSeek and other l... .. read more..
Microsoft working on Defender patch for RoguePlanet zero-day
Wednesday, June 17, 2026
Microsoft confirmed that it's working on a security patch for a Defender zero-day vulnerability named "RoguePlanet," disclosed one week ago. [...] .. read more..
15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys
Wednesday, June 17, 2026
Hackers are using 15 malicious JetBrains plugins posing as AI coding assistants to steal DeepSeek, OpenAI, and other developer API keys. .. read more..
144 Mastra npm Packages Compromised via Hijacked Contributor Account
Wednesday, June 17, 2026
As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings fro... .. read more..
Kodak confirms data breach claimed by ShinyHunters extortion gang
Wednesday, June 17, 2026
Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data. [...] .. read more..
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
Wednesday, June 17, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2... .. read more..