The threat group’s remarkable success targeting open-source software was inevitable and fueled by the industry’s decision to prioritize code shipping over security.
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023 | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.
USB worm spreads crypto-stealing malware via Windows shortcut files
Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self-spreading capabilities and using the Tor network to conceal communication.
Accenture shells out $4.18B on three companies in big industrial cybersecurity push | CyberScoop
Accenture is investing $4.18 billion to acquire Dragos, runZero, and NetRise, marking a major software-driven expansion into operational technology security.
Cyberattaque Novo Nordisk (Ozempic) : ce que l'on sait du vol de données
Le 16 juin 2026, un groupe d’extorsion a affirmé avoir volé plus d’un téraoctet de données à Novo Nordisk, le géant danois derrière Ozempic et Wegovy. L’entreprise avait reconnu quelques jours plus tôt un incident de sécurité touchant certains systèmes internes. Son nom est moins connu du grand public que celui de
Nation-state rivals linked to majority of consequential attacks targeting critical UK sites
The nation’s top cybersecurity official warned that business leaders, authorities need to rethink how they protect critical infrastructure from state-sponsored adversaries.
OSS tool to scan packages, agent configs, editors, and browser extensions for malware, tactics for evading cloud logging, a specification to generate your own custom agentic AI security scanning system
FortiBleed, la fuite qui menace la moitié des pare-feu Fortinet dans le monde - Numerama
Environ 75 000 pare-feu FortiGate de Fortinet ont vu leurs identifiants VPN volés et exploités par des attaquants, touchant 194 pays et de grandes entreprises comme Samsung, Siemens ou Oracle. Le premier signal d’alarme vient de Volodymyr « Bob » Diachenko, via une publication sur LinkedIn du 16 juin 2026. D’emblée,
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Market intelligence platform Klue suffered a OAuth breach that enabled the "Icarus" threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign.
5 reasons Microsoft 365 backup isn’t enough for business data protection
Microsoft 365 helps keep services running, but protecting and recovering business data remains your responsibility. Acronis breaks down five gaps organizations should consider when evaluating Microsoft 365 data protection.
Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp
International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian cybercrime group.
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM interface.
ShapedPlugin update flow hacked to infect WordPress sites
Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor's official update system.
Meet Your Tireless Red Teamer: Continuous Validation for AI-Assisted Attacks
CrowdStrike’s 2026 Global Threat Report found AI-enabled adversaries increased activity by 89%. As attackers become faster and more adaptive, FourCore ATTACK helps teams assess defenses, validate control effectiveness, and improve remediation against real exploitable gaps.
Telegram admits it couldn't police exam-leak channels, India tells court
India's government has told the Delhi High Court that Telegram was warned about two weeks before it was blocked, and that the platform admitted it could not proactively detect the channels selling leaked exam papers. Telegram says it cooperated and the ban is unlawful.
Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users' conversations.
Retro gaming fans are the new target for fake GitHub malware | Malwarebytes
Retro gaming fans should be careful with GitHub projects that claim to be tools or plugins for their consoles. We looked at one example aimed at PlayStation Vita owners.
F5 issues out-of-band patches for critical NGINX vulnerabilities
Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities, including two critical-severity flaws that could allow attackers to execute code on vulnerable systems.
Embedding Forbidden Text in Spyware to Discourage AI Analysis - Schneier on Security
At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis. Details: The _index.js payload begins with a large JavaScript block comment containing fake system instructions and policy-triggering content. Because it is inside a comment, it does not affect JavaScript execution. The runtime skips it. The real malware begins after the comment with a try{eval(…)} wrapper around a large character-code array and a ROT-style substitution function. This header appears designed for AI-mediated analysis, not for Node, Bun, or Python. It attempts to derail scanners or analyst copilots that feed the beginning of a file to a language model without clearly isolating the content as untrusted data. In weak pipelines, this can cause refusal behavior, prompt confusion, context pollution, or premature classification before the scanner reaches the actual malware...
Steam : des malwares cachés dans Wallpaper Engine volent des comptes - Numerama
Des fonds d’écran animés diffusés sur le Steam Workshop ont servi à installer des malwares via Wallpaper Engine, rapporte Kaspersky le 16 juin 2026. Certains packs piégés, téléchargés des milliers de fois, visaient notamment à voler des comptes Steam et à garder un accès aux ordinateurs infectés. Attention si vous