Cyber Security News
Start. Stay. Grow.
Curated daily. The latest hacks, breaches, and cyber trends—humanized.
Daily cyber brief
Hacking Editorial Brief — June 26, 2026
Iranian National Arrested in Montenegro for Multi-Year Academic Hacking Campaign
Montenegrin police, working with the FBI, have arrested an Iranian national wanted by the United States for a sustained hacking campaign that targeted more than 150 U.S. universities beginning in 2013. The suspect was apprehended in the coastal resort town of Kotor. U.S. authorities allege the individual caused approximately $3.4 billion in damages through the theft of academic research data and intellectual property from higher education institutions. The arrest represents a significant law enforcement action against state-aligned threat activity, though the specific affiliation and operational details of the campaign remain under investigation. The case underscores the persistent targeting of academic and research institutions by nation-state actors seeking to exfiltrate valuable intellectual property and scientific research.
French Government Messaging Platform Breached; Microsoft Defender Zero-Day Released
The French government's secure messaging platform Tchap suffered a breach by threat actor "misere," who claims to have exfiltrated 13.5 GB of data including 73,467 government employee accounts and message history. The compromise of a platform designed specifically for secure government communications raises significant operational security concerns for French administrative operations. In a separate development, security researcher Chaotic Eclipse publicly released a proof-of-concept exploit for "RoguePlanet," a zero-day vulnerability in Microsoft Defender that grants SYSTEM-level privileges on fully patched Windows systems. The public disclosure provides adversaries with ready-made tooling for privilege escalation attacks before patches are available. Additional incidents include a data breach claim against Myanmar's AYA Bank by a group identifying as LAPSUS$, alleging theft of over 120 GB of banking data, and a ransomware group called ShadowByt3$ claiming to have compromised Nintendo of America, stealing internal employee data including financial records.
Sources: Reuters · Iran International · SharkStriker · The Hacker News · Kaseya
Around the Web
Last Updated: N/A
Hacks + Heists
A $2.5 Billion Whodunit: The Hack That Dented the U.K. Economy - The New York Times
Last year, hackers burrowed into the computer systems of Jaguar Land Rover, a crown jewel of British manufacturing. It was a devastating attack ...
Read more →Iranian national sought by US on hacking charges arrested in Montenegro - ABC News
Montenegrin police say they have arrested an Iranian national who is wanted by the United States for mass hacking attacks that caused damage of ...
Read more →CISA Issues Emergency Directive for Check Point VPN Zero-Day Exploited by Ransomware Groups
CISA issued an emergency directive to patch critical Check Point VPN zero-day CVE-2026-50751 being actively exploited by ransomware groups via unauthe...
Read more →FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
... Hacker News. "The same pairs also appear in the actor's input target list EU.txt (the file their Go scanner reloads and re-validates every cycle ....
Read more →Five Eyes cybersecurity agencies warn of new AI models impact on cyber risks - CBC
Cutting-edge artificial intelligence technology is poised to supercharge offensive hacking ... Hacking concerns. The Monday statement from the Five ....
Read more →
Big Cyber
Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware ...
Read more →White House State Infrastructure Cybersecurity Initiative Faces Implementation Delays
The Trump administration's effort to help states implement innovative cybersecurity defenses remains stalled with most states still waiting to partici...
Read more →87% of cybersecurity managers say quick compliance programs are actually increasing risk ...
Speed-focused compliance programs could help businesses get cybersecurity certifications quicker, but security professionals are skeptical if the ...
Read more →White House PQC order 'lights a fire' under post-quantum transition | Federal News Network
Cybersecurity experts are particularly concerned that U.S. adversaries could steal data today and decrypt using a quantum computer in the future ...
Read more →
Hard Tech
React2Shell (CVE-2025-55182)
A 10.0 critical severity vulnerablility affecting server-side use of React.js, tracked as CVE-2025-55182 in React.js and CVE-2025-66478 specifically f...
Read more →Breaking Into a Brother (MFC-J1010DW): Three Security Flaws in a Seemingly Innocent Printer
We discovered three vulnerabilities that when chained together, allow for complete remote compromise:
Read more →Check Point - Wrong Check Point (CVE-2024-24919)
Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This ...
Read more →Backdoor in XZ Utils allows RCE: everything you need to know - CVE-2024-3094
Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgentl...
Read more →Loading...
The Cybersecurity Chronicles
‘The Cybersecurity Chronicles: 2024‘ pulls back the curtain on the digital threats that shaped our world last year, revealing the human stories behind the headlines. From art galleries frozen by ransomware to prison tablets hacked with a minus sign, from British Library archivists racing to protect centuries of knowledge to Spotify users meticulously curating their digital identities – these stories illuminate how cybersecurity touches every aspect of modern life.
Author Mark Nole weaves together intimate portraits of the people on all sides of the digital battlefield: the defenders working through sleepless nights to protect critical infrastructure, the victims grappling with stolen identities and lost savings, and even the attackers themselves, operating from nondescript offices with project management software and performance metrics.
Through detailed reporting and narrative storytelling, Nole reveals how 2024 became the year when cybersecurity stopped being just a technical problem and emerged as a fundamentally human challenge. Whether you’re a security professional or simply someone trying to understand our increasingly digital world, these chronicles offer an unprecedented look at how technology shapes – and sometimes betrays – our trust, our privacy, and our lives.
Stay Updated with Cyber Security News
Get the latest cybersecurity headlines, breaking news, and expert insights delivered directly to your inbox. Stay ahead of threats and informed about the digital landscape.
Join thousands of cybersecurity professionals and enthusiasts. No spam, just valuable insights.