Kitefall

New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials 2026-06-10 16:30 Help Net Security A new Browser-in-the-Browser (BitB) phishing campaign is targeting Microsoft 365 users with fake login popups designed to closely mimic legitimate browser authentication windows, according to Palo Alto Networks Unit 42. The attack relies on a fake browser …
Students' data taken in major university cyber-attack 2026-06-10 16:07 BBC In an email sent to students, seen by the BBC, chief governance and risk officer Jason Carter said those behind the major cyber-attack, who had "previously targeted a number of other organisations", were likely behind the breach.
Autonomous AI agents duped into leaking sensitive data in phishing test 2026-06-10 15:38 CSO The test used two configurations: a generic productivity profile and a stricter profile that included email safety instructions telling the agent to be cautious of phishing and verify sender identities before acting on sensitive requests. Varonis said the …
University of Nottingham rocked by 'serious' cyber attack that has exposed financial and personal data 2026-06-10 14:59 Nottingham Evening Post The University of Nottingham has taken the impacted system offline to conduct an investigation(Image: Joseph Raynor/ Reach PLC) The University of Nottingham has been rocked by a major cyberattack that has exposed students' personal and financial …
Check Point VPN Zero-Day Exploited in Attacks Linked to Qilin Ransomware 2026-06-10 14:08 VPNCentral Check Point has released emergency fixes for a critical VPN authentication bypass vulnerability that attackers have already exploited in the wild, including one confirmed post-compromise case tied to a Qilin ransomware affiliate. The flaw is tracked as CVE …
Hackers Abuse TikTok and Instagram Reels to Spread Malware via Fake Free Software Tutorials 2026-06-10 13:54 Cyber Security News Cybercriminals are now turning to short-form video platforms as a new attack surface, using fake software tutorials on TikTok and Instagram Reels to push malware onto unsuspecting users. The tactic is simple but remarkably effective: create polished, …
Hackers Deploy MLTBackdoor Malware via Multi-Stage ClickFix Infection Chain 2026-06-10 13:54 Cyber Security News A newly discovered backdoor malware called MLTBackdoor is making waves in the cybersecurity community after being spotted in a carefully designed, multi-stage attack chain. Identified in May 2026, this threat stands out for its advanced ability to hide …
73 Microsoft Packages Weaponized to Deploy Password Stealer Malware 2026-06-10 13:54 Cyber Security News Seventy-three Microsoft repositories on GitHub were suddenly disabled on June 8, 2026, after a self-replicating worm infected a large portion of the company’s Azure Functions ecosystem. The entire sweep happened in just 105 seconds, with all 73 …
CISA Gives Federal Agencies 72 Hours to Fix VPN Flaw Under Ransomware Attack 2026-06-10 13:11 Bongino Report
Deepfakes and sextortion harass Swiss youngsters 2026-06-10 13:02 Swissinfo Deepfakes and sextortion on the rise among young people in Switzerland Keystone-SDA Reports of deepfakes, sextortion and digital sexual violence are rising sharply in Switzerland, according to the portal clickandstop.ch. Listen to the article Listening …
Lionel Messi and Argentina team-mates have passport details LEAKED in bizarre team sheet data breach 2026-06-10 12:55 Daily Mail By WILL PICKWORTH, SPORTS REPORTER Published: 07:57 EDT, 10 June 2026 | Updated: 07:57 EDT, 10 June 2026 Lionel Messi and his Argentina team-mates were involved in a bizarre data breach before a pre-World Cup friendly that saw their passport details …
Fake X-VPN installers found to spread credential-stealing malware — here's how to stay safe 2026-06-10 12:01 TechRadar Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Fake X-VPN installer found to deploy credential-stealing malware X-VPN was not hacked; only those downloading the fake app were affected First targeting crypto traders …
North Korean Phishing Nets Expand: Hundreds of Tech Workers Lured in Fresh Bid for Crypto Access 2026-06-10 11:08 WebProNews North Korean hackers keep finding new ways in. A fresh phishing wave has hit hundreds of workers in finance, technology and cryptocurrency firms. The goal stays the same. Steal credentials, gain entry to networks and walk off with digital assets. The …
Upper Township gets update on data breach, ransom notice 2026-06-10 10:57 Upper Township Sentinel - New Jersey PETERSBURG – Township Administrator James Van Zlike updated residents at the Monday, June 8, Upper Township Committee meeting on the township’s response to a data breach and ransom notice that occurred on Dec. 8, 2025. A letter was issued by Upper Township …
Hackers Use TikTok and Instagram Reels to Push Fake Software Malware 2026-06-10 10:56 GBHackers An emerging phishing vector that weaponizes short-form social videos on TikTok and Instagram Reels to distribute malware and funnel victims to malicious download sites. Attackers publish polished “how-to” tutorials and casual user-style clips promising …
Hackers Use ClickFix Chain to Deploy MLTBackdoor Malware 2026-06-10 10:56 GBHackers A sophisticated new backdoor family, tracked as MLTBackdoor, that operators are deploying through a multi-stage ClickFix infection chain to establish footholds for ransomware and follow-on activity. The campaign begins with an automotive-themed ClickFix …
OpenClaw AI Agent Leaks Credentials in Phishing Simulation 2026-06-10 10:56 GBHackers Autonomous email agents can become high‑impact phishing victims, leaking cloud credentials and sensitive business data even when wrapped in explicit safety instructions. In a controlled lab deployment on the OpenClaw agent platform, an AI agent dubbed “ …
Tax Phishing Emails Deliver In-Memory Malware to Windows Systems 2026-06-10 10:56 GBHackers Cybercriminals are leveraging tax-themed phishing emails to deploy sophisticated in-memory malware on Windows systems, bypassing traditional disk-based detection mechanisms. The attack cascade begins when victims receive phishing emails containing …
Developers urged to remain vigilant amid continued Miasma malware risks 2026-06-10 10:54 IT Pro Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Security firms are warning that self-replicating malware known as Miasma has spread to 73 Microsoft GitHub repos across environments, including Microsoft Azure and …
UWA cyber attack: Students’ personal details compromised in fresh data breach 2026-06-10 10:29 The West Australian
Budget Saudi detects limited customer data breach on app 2026-06-10 08:38 Eye of Riyadh United International Transportation Co. (Budget Saudi) has detected a cybersecurity incident involving unauthorized access to a limited portion of data belonging to certain customers through the company’s mobile application. In a statement on Tadawul …
Cyberattack on Tchap: an investigation opened by the Paris prosecutor's office 2026-06-10 06:30 Entrevue The secure messaging system used by public employees was the target of a massive intrusion. More than 643,000 messages are believed to have been exposed. The Paris prosecutor's office has opened an investigation following the cyberattack targeting …
Meta Accuses Israel's NSO Group Of Defying Court Order As WhatsApp Thwarts New Pegasus-Linked Phishing Campaign: 'They Trick To Trick People…' 2026-06-10 06:13 Benzinga In a blog post, Meta said it has asked a U.S. federal court to hold NSO Group in contempt, alleging the company was connected to spear-phishing attempts targeting WhatsApp users despite a permanent injunction barring such activity. According to Meta, the …
CBL: Cyberattack contained, investigations ongoing with no signs of impact on customer accounts 2026-06-10 05:53 The Libya Observer The Central Bank of Libya (CBL) announced that some of its systems and technical services were targeted by a cyberattack, stressing that its cybersecurity teams detected the incident immediately and responded in accordance with approved emergency response …
Global cyberattacks ease in May 2026, but ransomware surges 48% as threats reorganize 2026-06-10 04:55 ETCISO.in In May 2026, global cyber-attack activity eased slightly from April’s sharp rebound, though the broader threat landscape remained volatile. Organisations experienced an average of 2,055 weekly cyber-attacks, reflecting a 2% year-over-year increase and a 7% …
Nokia Launches Deepfield Genome Shield for Proactive AI-Driven DDoS Protection 2026-06-10 04:48 The Fast Mode Nokia announced the launch of Nokia Deepfield Genome Shield, the industry’s first security automation system that delivers proactive, always-on DDoS protection for telecommunications providers, hosting companies, internet exchange points, and cloud …
Fox Rothschild Sued Over Data Breach Tied To Ransom Group 2026-06-10 03:43 Law360 By Allison Grande ( June 9, 2026, 10:48 PM EDT) -- Fox Rothschild LLP was hit with a proposed class action in Pennsylvania federal court Tuesday accusing the national law firm of failing to adequately protect the "highly sensitive and confidential…
Cut out ads, trackers, and phishing links on 9 devices for life — $15.97 with no subscription fees 2026-06-10 01:59 PC World TL;DR: Get lifetime ad blocking, privacy protection, and parental controls on up to nine devices with the AdGuard Family Plan, now just $15.97 through June 14 (MSRP $169.99). The internet seems determined to put ads everywhere — between videos, across …
Nokia Launches Deepfield Genome Shield for Proactive AI-Era DDoS Protection 2026-06-10 01:25 Converge Network Digest Nokia introduced Deepfield Genome Shield, a new security automation platform designed to provide proactive, always-on DDoS protection for service providers, hosting companies, internet exchange points, and cloud operators. The company said the solution …
Oxford University Discloses Data Breach 2026-06-10 01:18 Security Magazine On June 1, Oxford University disclosed a data security incident after its career support website was breached. The university was informed of the event by the platform’s third party provider, Group GTI, who stated the threat actor gained unauthorized …
Sextortion cases on the rise; how to keep kids safe online 2026-06-10 01:18 KHQA 7 - Illinois Summer is here, and school is out; with more free time comes more screen time. The Centers for Disease Control and Prevention report that 50% of kids under 17 years of age average four hours or more daily in front of a screen. But the dangers that lurk …
Fiber Internet Co. Failed Customers In Data Breach, Suit Says 2026-06-10 00:42 Law360 By MJ Koo ( June 9, 2026, 12:50 PM EDT) -- A Denver-based fiber internet provider failed to protect customers' sensitive personal information in a cyberattack and waited five months to notify those affected, a customer said in a suit filed in Colorado …
AI Being Used To Diversify Attacks Beyond Phishing, Email Attacks, Says UAE Cybersecurity Chief 2026-06-10 00:33 MENAFN (MENAFN- Khaleej Times) Artificial intelligence (AI) is increasingly being used to diversify cyberattacks beyond traditional phishing and emails attacks, said Dr Mohamed Al Kuwaiti, head of the UAE Cyber Security Council. “We are no longer seeing AI used …
St. George fire district sues IT company over cyberattack 2026-06-10 00:00 WAFB 9 - Louisiana EAST BATON ROUGE PARISH, La. (WAFB) - St. George Fire Protection District No. 2 filed a lawsuit against its former IT security provider, alleging the company’s failures led to a cyberattack that compromised the fire district’s network. St. George Fire …
St. George Fire sues cybersecurity company, alleging negligence left network open to 2023 cyberattack 2026-06-09 23:11 WBRZ - Louisiana ST. GEORGE — The St. George Fire Protection District is suing Baton Rouge cybersecurity company General Informatics, blaming them for allowing hackers to gain access to the fire department's network in 2023. The lawsuit, filed by the fire department on …
Microsoft removes GitHub projects after malware compromise 2026-06-09 22:09 The American Bazaar Microsoft has temporarily removed many of its open source projects from GitHub after discovering potentially malicious code in repositories used by developers, including the ones working with artificial intelligence coding tools. The company confirmed that …
Avoid Online Scams: Phishing Safety Tips for Seniors 2026-06-09 21:13 AOL Scams are big business: every year, criminals steal billions of dollars from people of all ages. And when these criminals target older adults—which they often do—even more is at stake. Scammers steal retirement savings and even government benefits like …
New NFCShare Android Malware Delivered via Weaponized Versions of Egitimate Banking Apps 2026-06-09 20:33 Cyber Security News A newly evolved strain of Android malware known as NFCShare is being spread through fake versions of legitimate banking apps, putting mobile users across Europe at serious risk. The malware is designed to secretly steal payment card data using a phone’s …
New Weedhack Malware-as-a-Service Targets Minecraft Players to Steal Credentials, and Hijack Accounts 2026-06-09 20:33 Cyber Security News A new and dangerous threat has emerged in the gaming world, one that turns a beloved pastime into a gateway for cybercrime. Weedhack, a Minecraft-focused Malware-as-a-Service (MaaS) operation, has been actively targeting players since at least January 2026 …
New Browser-in-the-Browser Phishing Attack to Steal Microsoft 365 Logins 2026-06-09 20:32 Cyber Security News A new and sophisticated Browser-in-the-Browser phishing campaign has been discovered targeting Microsoft 365 users, using a fake login popup that is nearly impossible to tell apart from the real thing. The attack is so convincing that even tech-savvy users …
New MagicAd Android Malware Flood Device With Ads Bypassing Restrictions 2026-06-09 20:32 Cyber Security News A newly discovered Android trojan called MagicAd has been found flooding infected devices with ads, cleverly slipping past the built-in restrictions of the Android operating system. What makes this threat stand out is not just what it does, but how it does …
North Korean hackers are at it again — phishing scheme targets hundreds of workers to try and steal crypto and more 2026-06-09 20:15 TechRadar Pro Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter UNK_DeadDrop targets developers with email‑based fake job lures Campaign mirrors Lazarus tactics but uses new self‑contained payloads Proofpoint says shift to mass …
What Do Ransomware Attacks Truly Cost? 2026-06-09 20:04 Governing Editor's Note: This article appears in Governing's Q2 2026 Magazine. You can subscribe here. It didn’t seem like an emergency at first. Some of the machines at Nevada’s data center weren’t responding. These were important machines — they supported …
Meta says NSO broke US order by phishing WhatsApp users 2026-06-09 19:10 NewsBytes Meta seeks contempt amid NSO controversies NSO Group has a controversial past: its Pegasus spyware was used to hack devices, leading to big lawsuits and the company being blacklisted in the US Meta is now asking the court to hold NSO in contempt for …
Nokia Unveils Deepfield Genome Shield To Strengthen DDoS Defense In The AI Era 2026-06-09 18:59 Eurasia Review Nokia announced Tuesday the launch of Nokia Deepfield Genome Shield, the industry’s first security automation system that delivers proactive, always-on DDoS protection for telecommunications providers, hosting companies, internet exchange points, and cloud …
CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang 2026-06-09 18:44 TechCrunch A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday. …
Maine Govt Portal Lists 10M Discord Data Breach Notice, But Filing Shows Red Flags 2026-06-09 18:40 Hackread A data breach notice submitted to the Maine Attorney General’s office has named Discord Inc. as the affected company, but the filing includes several details that make the claim difficult to treat as confirmed. The notice, submitted on June 8, 2026, lists …
Check Point warns of zero-day flaw targeted by ransomware affiliate 2026-06-09 18:02 Cybersecurity Dive A critical authentication bypass flaw in Check Point Remote Access VPN and Mobile Access deployments has been under exploitation for more than a month, according to a blog post published Monday by Check Point Research. The vulnerability, tracked as CVE- …
Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack 2026-06-09 16:51 Infosecurity Magazine When Jaguar Land Rover (JLR) was hit by a major cyber-attack in September 2025, one of the first things the company’s cybersecurity leader did was to call over 30,000 staff on site to reset their passwords. Speaking during Infosecurity Europe on June 3, …
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks 2026-06-09 16:20 SecurityWeek Check Point on Monday warned that a critical-severity authentication bypass vulnerability affecting its VPN and firewall products has been exploited in the wild as a zero-day. Tracked as CVE-2026-50751 (CVSS score of 9.3), the security defect is described …

TRENDING INFOSEC

Trending