← Latest brief

Security news.

·Morning Brief

Today's security news highlights critical vulnerabilities and ongoing cybercrime operations. Several reports detail active exploitation of flaws in popular software, alongside widespread phishing and malware campaigns by various threat groups. Law enforcement also announced significant disruptions to cybercriminal infrastructure.

SECURITYWEEKVULN
Jun 4READ

Google Gemini Voice Assistant Vulnerability

A flaw allowed attackers to hijack Google Gemini's voice assistant via messaging notifications, potentially controlling smart home devices or initiating calls.

SECURITYWEEKEXPLOIT
Jun 4READ

Mirasvit Magento Vulnerability Exploited

A critical vulnerability (CVE-2026-45247) in the Mirasvit Full Page Cache Warmer extension for Magento is being actively exploited to execute code without authentication. CISA has added this to its KEV catalog.

BLEEPINGVULN
Jun 4READ

Cisco Warns of Critical Unified CM Flaw with PoC

Cisco has issued updates for a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges, with proof-of-concept exploit code now available.

SECURITYWEEKBREACH
Jun 4READ

VS Code Vulnerability Allows GitHub Token Theft

A one-click vulnerability in Microsoft Visual Studio Code (VS Code) could allow attackers to steal GitHub OAuth tokens, granting read and write access to repositories.

THNPHISHING
Jun 4READ

China-Linked TA4922 Expands Phishing Attacks

The China-linked cybercrime group TA4922 is expanding its phishing and malware distribution campaigns, now targeting organizations in the UK, Germany, Italy, and South Africa with tools like ValleyRAT and Atlas RAT.

THNMALWARE
Jun 4READ

FlutterShell Backdoor Spreads to macOS via Malicious Ads

A malvertising campaign, "Operation FlutterBridge," is distributing the new FlutterShell backdoor to macOS users through malicious Google and YouTube ads.

SECURITYWEEKPOLICY
Jun 4READ

1.4 Million Accounts Disrupted in Cybercrime Crackdown

Law enforcement and tech companies have disrupted infrastructure linked to scammers operating across Southeast Asia, impacting over 1.4 million accounts.

THN
Jun 4READ

Hackers Spied on Stock Exchange Executive's Mailbox

Attackers maintained access to a senior executive's Outlook mailbox at a major global stock exchange for five months, exfiltrating data through cloud services like Dropbox and OneDrive.

Generated twice daily from public security RSS feeds. Informational only.