TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)
This diary continues the Internet Storm Center&#;x26;#;39;s tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the Security Scanner Became the Weapon
Gogs patches critical zero-day enabling remote code execution
Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). [...]
EU-Untersuchung: Großer Teil von Funkspielzeug erzeugt Interferenzen
Verbraucherschutzorganisationen haben von der EU finanziertes ferngesteuertes Spielzeug getestet - und viele Nieten gefunden. (<a href="https://www.golem.de/specials/elektronisches-spielzeug/">Spielzeug</a>, <a href="htt
Critical UniFi OS bug lets hackers gain root without authentication
Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authentication. [...]
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability
Reducing security operations complexity with Wazuh Cloud
Security teams are increasingly overwhelmed by alert fatigue, infrastructure maintenance, and complex hybrid environments. This article explores how Wazuh Cloud helps simplify SIEM/XDR operations through managed infrastr
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for T
⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A chatbot got fooled. A bot tok
Check Point links VPN zero-day attacks to Qilin ransomware gang
Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in zero-day attacks. [...]
Comodo Internet Security: Crash-Lücke in Firewall, Update nicht in Sicht
Wer sich eine Internet Security Suite installiert, möchte den Rechner absichern. Im Fall von Comodo kommt eine Sicherheitslücke mit.
The Hardest Fork
Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this line right here is wrong, and that's RCE.
Datenschutz mit Loupe: Neue App gewährt Einblicke in Fingerprinting unter iOS
iOS-Apps können auf allerhand Daten zugreifen, mit denen sich Nutzer potenziell identifizieren lassen. Loupe zeigt, wie das im Detail aussieht. (<a href="https://www.golem.de/specials/datenschutz/">Datenschutz</a>, <a hr
VMware: Mehrere Produkte mit Stored-Cross-Site-Scripting-Lücken
Broadcom warnt vor mehreren Stored-Cross-Site-Scripting-Lücken in VMware Cloud Foundation und weiteren Produkten. Updates helfen.
Oxford University discloses data breach after careers platform hack
The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised. [...]
VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux syst
Schweizer Rüstungsunternehmen RUAG zahlt Lösegeld an Cybergang
Nachdem die Cybergang Akira bei der RUAG-Tochter Mecanex USA Daten abgezogen hat, hat RUAG ein Lösegeld gezahlt.
Moritz Hennemann: Koalition einigt sich auf neuen Datenschutzbeauftragten
Nach dem Amtsverzicht von Specht-Riemenschneider haben Union und SPD einen BfDI-Nachfolger gefunden. Dieser steht der DSGVO kritisch gegenüber. (<a href="https://www.golem.de/specials/bfdi/">Bundesbeauftragter für Datens
Passwortmanager Dashlane: Angreifer kopieren fast 20 Passwort-Vaults
Dashlane informiert darüber, dass Angreifer nach massiven Brute-Force-Attacken rund 20 Passwort-Vaults kopiert haben.
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between J
Kein Patch verfügbar: Bitlocker-Exploit Bitskrieg veröffentlicht
Microsofts empfohlene Korrektur für den Bitlocker-Exploit Yellowkey ist offenbar unvollständig. Mit Bitskrieg soll sie sich umgehen lassen. (<a href="https://www.golem.de/specials/sicherheitsluecke/">Sicherheitslücke</a>
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackl
Over 20,000 Instagram accounts stolen in Meta AI support hack
Meta has revealed that 20,225 Instagram users had their accounts hijacked in a recent incident where attackers used Meta's AI-powered support system to reset passwords. [...]
SolarWinds Serv-U: Angreifer missbrauchen DoS-Lücke in FTP-Server
In SolarWinds-Serv-U-Servern können Angreifer eine Schwachstelle für Denial-of-Service-Angriffe missbrauchen. Laut CISA tun sie das bereits.
ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Hands on with Intelligent Terminal, an AI-powered Windows Terminal
Microsoft has created an open-source fork of Windows Terminal called "Intelligent Terminal," and it allows you to use AI directly inside Terminal without interfering with the regular session. [...]
C0XMO botnet spreads via DD-WRT router flaw, kills rival malware
A new variant of the Gafgyt botnet called C0XMO is targeting DD-WRT router firmware and can move to other device types with various CPU architectures. [...]
Silent Ransom Group targets law firms with fake IT support calls
The Silent Ransom Group extortion gang is actively targeting U.S. law firms and professional services organizations in social engineering attacks that often lead to data theft within hours of initial contact, according t
(g+) Cloud Security 2026: Zero Trust für die Wolke?
Wer die Cloud schützen will, muss Sicherheit schneller, kontextbezogener und näher an den Identitäten, Workloads sowie Datenströmen denken als bisher. Ein Ratgebertext von Fabian Deitelhoff (<a href="https://www.golem.de
Critical Everest Forms Pro flaw exploited to take over WordPress sites
Hackers are actively exploiting a critical vulnerability (CVE-2026-3300) in the Everest Forms Pro plugin, which lets them take complete control of a WordPress website. [...]
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and o
Google warnt: Angreifer geben sich als IT-Techniker aus und betreten Büros
Die Google Threat Intelligence Group warnt vor der Gruppe UNC3753. Die Angreifer geben sich vor Ort als IT-Techniker aus, um Daten per USB-Stick zu stehlen.
Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI
A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic for a data busi
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalo
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost everything that touches video, all of them found by an a
Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack
Microsoft's GitHub repositories have become the latest to fall victim to the ongoing Miasma self-replicating supply chain attack campaign. The incident impacted 73 Microsoft repositories across four of its GitHub organiz
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0
Suspicious Polyfill login prompts pop up on Toshiba, Muji websites
Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. [...]
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
CISA warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. [...]
Chinese APT deploys new malware to keep access to hacked networks
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. [...]
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-sp
Wird alle 30 Minuten aktualisiert · CH/DE: BACS Schweiz, BSI, Allianz Cyber-Sicherheit, Heise Security, Golem · EN: BleepingComputer, The Hacker News, Fortinet, SANS ISC, Microsoft Security, Krebs on Security, Kaspersky