Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

June 18, 2026 at 05:28PM If an autonomous AI agent interacts with your company's core intellectual property today, can your s…

The Scripts on Your Checkout Page Are Now a PCI DSS Problem

June 18, 2026 at 04:30PM An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the…

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

June 17, 2026 at 11:06PM Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day…

144 Mastra npm Packages Compromised via Hijacked Contributor Account

June 17, 2026 at 01:08PM As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open…

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

June 17, 2026 at 11:20AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity sec…

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

June 17, 2026 at 12:35AM A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's pro…

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

June 16, 2026 at 11:11PM Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders ca…

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

June 16, 2026 at 11:11AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Lit…

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

June 16, 2026 at 01:14AM A China-linked espionage group hid inside North American medical, academic, and military research networ…

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

June 16, 2026 at 01:02AM Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a pe…

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

June 15, 2026 at 03:29PM An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMons…

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

June 15, 2026 at 11:47AM Palo Alto Networks has revealed that it has observed "active exploitation" of a recently discl…