Security news.
Today's security news highlights critical vulnerabilities under active exploitation, significant supply chain attacks, and major law enforcement actions against cybercrime. Developers and IT teams should prioritize patching and be aware of new threats targeting popular platforms and development tools.
Miasma Supply Chain Attack Hits Red Hat npm Packages
A new Mini Shai-Hulud campaign, codenamed Miasma, has compromised @redhat-cloud-services npm packages to steal credentials and deliver a self-propagating worm.
WP Maps Pro Vulnerability Exploited on WordPress Sites
A critical security defect (CVE-2026-8732) in the WP Maps Pro WordPress plugin is being actively exploited by unauthenticated attackers to create administrative accounts.
Critical Windows Netlogon Vulnerability Under Active Exploitation
Organizations are urged to patch CVE-2026-41089, a critical Windows Netlogon vulnerability, as soon as possible due to ongoing exploitation.
Palo Alto PAN-OS Auth Bypass Bug Actively Exploited
A Palo Alto Networks PAN-OS GlobalProtect VPN authentication bypass vulnerability (CVE-2026-0257) is under active exploitation, with adversaries leveraging it in two attack waves since mid-May.
Dutch Police Dismantle Massive 17-Million-Device Botnet
Dutch authorities have seized command-and-control servers linked to a botnet of 17 million infected devices, allegedly used for a residential proxy network and cybercrime.
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
Instructions circulated on Telegram show how attackers tricked Meta's "AI support assistant" bot into resetting Instagram account passwords, leading to the defacement of high-profile accounts.
Dashlane Password Manager Users Locked Out by Brute Force Attacks
Multiple Dashlane users have been locked out of their accounts following brute-force login attempts from distant locations and unknown devices.
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
Proof-of-concept exploit code has been released for the CIFSwitch flaw, allowing low-privileged users to escalate to root on vulnerable Linux systems.