Curated intelligence at the intersection of offensive security and AI — the latest items, newest first. See Top Picks for the highest-impact stories.

Sunday, June 21, 2026

MEDIUMAryStinger Botnet Compromises Thousands of D-Link Routersbotnet · d-link · router · malware

Saturday, June 20, 2026

CRITICALMicrosoft Surface Devices Vulnerable to Local Privilege Escalationprivilege-escalation · microsoft-surface · windowsHIGHMicrosoft Attributes Mastra AI Supply Chain Attack to North Korean Hackerssupply-chain · north-korea · npm · aiHIGHHackers Exploiting Gravity SMTP WordPress Plugin Bug to Expose API Keyswordpress · plugin · api-keys · exploit

Friday, June 19, 2026

HIGHJCPenney Breach Exposes 368,418 Employee Accountsdata-breach · jcpenney · shinyhunters · employee-dataHIGHKlue OAuth Breach Exposes Salesforce Customer Data, Icarus Group Claims Attackdata-breach · oauth-tokens · salesforce · supply-chainCRITICALUnpatchable 'usbliter8' Exploit Affects Apple A12 and A13 SecureROMapple · secure-rom · exploit · hardwareHIGHThe Gentlemen RaaS Uses 'GentleKiller' EDR Framework to Disable Securityransomware · edr-evasion · threat-actor · malwareHIGHTexas Government Data Breach Exposes Over 3 Million Driver’s Licensesdata-breach · texas-government · driver-licenses · third-party-riskHIGHAutoJack Attack Enables Remote Code Execution via AI Browsing Agentsai · rce · web-exploit · microsoftCRITICALCISA Warns of Active Exploitation in FortiBleed Campaign Targeting Fortinet Devicesfortinet · fortigate · cisa · credential-theftHIGHApple Patches Beats Studio Buds Flaw Allowing Eavesdroppingapple · beats-studio-buds · vulnerability · eavesdropping

Thursday, June 18, 2026

HIGHPopa Android Botnet Linked to Publicly-Traded Israeli Firm NetNutbotnet · android · proxy-service · fraudCRITICALF5 Patches Critical NGINX Open Source RCE Vulnerabilitiesnginx · rce · f5 · vulnerabilityHIGHMicrosoft Details CryptoBandits Clipper Campaign Using USB LNK Worm and Tor C2malware · crypto-clipper · usb-worm · tor

Wednesday, June 17, 2026

HIGHMicrosoft Confirms RoguePlanet Defender Zero-Day, Patch in Developmentmicrosoft-defender · zero-day · privilege-escalation · cveCRITICALCISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Executionjoomla · cve · rce · cisa

Monday, June 15, 2026

HIGHDOJ Seizes Deepfake Nude Sites CFAKE and SOCFAKE Under TAKE IT DOWN Actdeepfake · ai-abuse · law-enforcement · nonconsensual-imageryHIGHSimpleHelp Vulnerability Allows Unauthenticated Creation of Rogue Remote Support Accountsvulnerability · remote-management · authentication-bypass · simplehelpHIGHChinese Hackers Abuse Google Workspace Rules to Steal Research and Defense Emailsespionage · google-workspace · redcap · threat-actorHIGHNorth Korean Hackers Use Developer Tools as Malware Delivery Channelsnorth-korea · threat-actor · phishing · developer-toolsCRITICAL56 Million Accounts Exposed in June 2026 Stealer Log Dumpdata-breach · infostealer · passwords · credential-stuffingCRITICALOptinMonster, TrustPulse, and PushEngage WordPress Plugins Hit by CDN Supply-Chain Attackwordpress · supply-chain · cdn · plugin-vulnerabilityCRITICALCisco Patches SD-WAN vManage Zero-Day Exploited for Root Privilegescve · zero-day · cisco · privilege-escalationCRITICALLiteLLM Vulnerability Chain Allows Low-Privilege Users to Take Over AI Gateway Serversai-security · vulnerability · privilege-escalation · litellmCRITICALOne-Click 'SearchLeak' Attack on Microsoft 365 Copilot Could Steal Sensitive Datamicrosoft-365 · copilot · prompt-injection · data-exfiltrationHIGHInfinite Campus Data Breach Affects 137,000 School Staff Accountsdata-breach · shinyhunters · education-sector · salesforceCRITICALPalo Alto Networks Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flawpalo-alto · vpn · authentication-bypass · cve

Sunday, June 14, 2026

HIGHFBI Disrupts Massive Chinese AI-Powered Phishing Service 'Outsider Enterprise'phishing · ai-abuse · law-enforcement · cybercrimeCRITICALUnauthenticated SQL Injection Found in Pi.Alertsql-injection · unauthenticated · vulnerability · pialert

Saturday, June 13, 2026

CRITICALCritical Splunk Enterprise Flaw Allows Unauthenticated Remote Code Executionsplunk · rce · unauthenticated · cve

Friday, June 12, 2026

CRITICALOver 400 Arch Linux AUR Packages Hijacked with Infostealer and eBPF Rootkitsupply-chain · linux · aur · infostealer

Thursday, June 11, 2026

CRITICALShinyHunters Exploits Oracle PeopleSoft Zero-Day to Breach Universitieszero-day · oracle · peoplesoft · data-breach