Cyber Security News
Start. Stay. Grow.
Curated daily. The latest hacks, breaches, and cyber trends—humanized.
Daily cyber brief
Hacking Editorial Brief — June 14, 2026
Russian APTs Refine Evasion Tactics with Legitimate Infrastructure
Russia-linked threat actors are leveraging trusted infrastructure to evade detection in ongoing campaigns. Fancy Bear (APT28) is now abusing EdgeRouters and legitimate cloud services to obfuscate command-and-control traffic, maintaining persistence while blending into normal network activity. Separately, China-nexus Mustang Panda has adapted to endpoint security by weaponizing Microsoft's legitimate MAVInject.exe utility to inject malicious payloads specifically when ESET antivirus is detected on target systems. This living-off-the-land technique allows the group to bypass signature-based detection while maintaining operational flexibility. Both campaigns demonstrate continued APT investment in anti-forensic tradecraft and environment-aware deployment mechanisms.
Microsoft Delivers Record Patch Tuesday Amid Zero-Day Activity
Microsoft's June 2026 Patch Tuesday addresses 206 vulnerabilities—the largest single-month release on record—including six zero-days, one of which was actively exploited in the wild. Among the fixes is a comprehensive patch for MiniPlasma, a vulnerability that researcher Chaotic Eclipse disclosed as an incomplete remediation of CVE-2020-17103, originally addressed in December 2020. The patch volume reflects both accumulated technical debt and active adversary reconnaissance of Microsoft's ecosystem. Organizations should prioritize deployment of the actively exploited fix and review the five publicly disclosed zero-days for applicability to their environments, as public disclosure typically accelerates exploitation timelines.
Sources: Cybersecurity News · The Hacker News · BleepingComputer · The Hacker News
Around the Web
Last Updated: N/A

Hacks + Heists
Chrome V8 JavaScript Engine Zero-Day (CVE-2026-11645) Under Active Wild Exploitation
Google confirmed that CVE-2026-11645, an out-of-bounds memory access vulnerability in Chrome's V8 JavaScript engine, is being actively exploited in th...
Read more →Ozempic Drug Maker Loses Clinical Trial Data in Hack - GovInfoSecurity
A hack on Danish pharmaceutical manufacturer Novo Nordisk has compromised some patients' clinical trial information, the maker of popular weight ...
Read more →Iranian hacker group alleges it breached Bakersfield, Visalia, Chico water systems
An alleged breach of several California water systems by an Iranian-linked hacker group did not compromise any water production or delivery ...
Read more →Cisco SD-WAN Zero-Day CVE-2026-20245 Actively Exploited in the Wild With No Patch Available
CVE-2026-20245 marks the seventh actively exploited zero-day in Cisco SD-WAN management software this year, with no security patch currently available...
Read more →ShinyHunters Hackers Exploit Unpatched Oracle Bug to Steal Data From 100+ Companies
Hackers exploited an unpatched Oracle PeopleSoft flaw to breach over 100 organizations. No patch exists yet — here's what we know.
Read more →
Big Cyber
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
ShinyHunters exploited a critical unpatched flaw in Oracle PeopleSoft to breach over 100 organizations, primarily targeting universities, stealing dat...
Read more →The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
... cybersecurity company said. "Additionally, LARVA-368 relies heavily on ... The individual's identity has since been outed by cybersecurity ...
Read more →Beijing escalating AI espionage to catch up with the U.S. on tech, cybersecurity firm says - CNBC
U.S. cybersecurity giant CrowdStrike said China-based entities made over half of state-sponsored cyberattacks on tech firms for artificial ...
Read more →UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of ...
Read more →
Hard Tech
React2Shell (CVE-2025-55182)
A 10.0 critical severity vulnerablility affecting server-side use of React.js, tracked as CVE-2025-55182 in React.js and CVE-2025-66478 specifically f...
Read more →Breaking Into a Brother (MFC-J1010DW): Three Security Flaws in a Seemingly Innocent Printer
We discovered three vulnerabilities that when chained together, allow for complete remote compromise:
Read more →Check Point - Wrong Check Point (CVE-2024-24919)
Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This ...
Read more →Backdoor in XZ Utils allows RCE: everything you need to know - CVE-2024-3094
Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgentl...
Read more →Loading...
The Cybersecurity Chronicles
‘The Cybersecurity Chronicles: 2024‘ pulls back the curtain on the digital threats that shaped our world last year, revealing the human stories behind the headlines. From art galleries frozen by ransomware to prison tablets hacked with a minus sign, from British Library archivists racing to protect centuries of knowledge to Spotify users meticulously curating their digital identities – these stories illuminate how cybersecurity touches every aspect of modern life.
Author Mark Nole weaves together intimate portraits of the people on all sides of the digital battlefield: the defenders working through sleepless nights to protect critical infrastructure, the victims grappling with stolen identities and lost savings, and even the attackers themselves, operating from nondescript offices with project management software and performance metrics.
Through detailed reporting and narrative storytelling, Nole reveals how 2024 became the year when cybersecurity stopped being just a technical problem and emerged as a fundamentally human challenge. Whether you’re a security professional or simply someone trying to understand our increasingly digital world, these chronicles offer an unprecedented look at how technology shapes – and sometimes betrays – our trust, our privacy, and our lives.

Stay Updated with Cyber Security News
Get the latest cybersecurity headlines, breaking news, and expert insights delivered directly to your inbox. Stay ahead of threats and informed about the digital landscape.
Join thousands of cybersecurity professionals and enthusiasts. No spam, just valuable insights.