Skip to content
Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

Ravie LakshmananJun 22, 2026Cybersecurity / Hacking It’s Monday again. This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for… 

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canada’s spy service got a judge’s permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets. The Federal Court released a public version of the ruling… 

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

Swati KhandelwalJun 22, 2026IoT Security / Vulnerability A new malware family is turning forgotten home routers into a distributed reconnaissance and proxy network, not the DDoS botnet these devices usually end up in. QiAnXin’s XLab calls it… 

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

Ravie LakshmananJun 22, 2026Cybercrime / Artificial Intelligence A new report from INTERPOL has revealed a “dramatic increase” in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal… 

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Ravie LakshmananJun 20, 2026Vulnerability / Web Security Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that’s installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS score:… 

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. That code is burned into the silicon at manufacture. No software update… 

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor. This mature… 

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites. “With these actions we deprive cybercriminals… 

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

Ravie LakshmananJun 19, 2026Threat Intelligence / Firewall Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at…