Your Daily Dose of Cybersecurity News

Data Breaches

Novo Nordisk Breached: Ozempic Maker Suffers 264 GB Data Leak Mocked for Weak Password 'novo123'

The breach includes source code, proprietary information on both marketed and pipeline drugs, clinical trial records, data on employees, doctors, and...

Jun 19, 2026 · SecurityXP

AI/ML Security

AI-Enabled Hacker Caught: Leaked Prompts Expose Resume, IP, and local Claude/Codex Agent Operations

He had Claude and Codex agents locally and was using them remotely to carry out reconnaissance, exploitation, and data exfiltration activities.

Jun 19, 2026 · SecurityXP

Cybercrime

14,971 WordPress Sites Cleaned in Global SocGholish Takedown Cybercrime

Data from Infoblox shows that approximately 55% of its cloud customers attempted to reach SocGholish infrastructure this year alone, with the attacks...

Jun 19, 2026 · SecurityXP

Latest News

Vulnerabilities & ExploitsJun 19, 2026·3 min read

Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap Vulnerability

The security update fixes CVE-2025-20701, a vulnerability discovered by Dennis Heinze and Frieder Steinmetz of German cybersecurity firm ERNW. The issue is...

AI/ML SecurityJun 19, 2026·2 min read

Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way AI Security

This is no longer theoretical, 65% of organizations experienced a security incident involving an AI agent in the past year, with 61% reporting exposure or...

Application SecurityJun 19, 2026·3 min read

What Is Application Security Testing? Tools and Types App Security

Organizations that already enforce quality gates in CI/CD can extend that model into deployment workflows by requiring review of critical cloud exposures...

Vulnerabilities & ExploitsJun 18, 2026·3 min read

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development Vulnerability

I think it even works in the case of passive mode, but not really sure, haven't tested that." Microsoft told The Hacker News last week that it's aware of the...

CybercrimeJun 18, 2026·3 min read

SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies

SpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in...

AI/ML SecurityJun 18, 2026·2 min read

OVHcloud previews AI workspace with encrypted tools AI Security

OVHcloud says OVHai Workspace includes an end-to-end encryption option covering data and communications, including within partner applications integrated...

Application SecurityJun 18, 2026·3 min read

Mastra npm packages compromised in 'easy-day-js' supply chain attack App Security

By exploiting npm’s install-time script execution, attackers gained the ability to harvest browser data from Chrome, Edge, and Brave, extract credentials...

Data BreachesJun 17, 2026·3 min read

Kodak Confirms Data Breach Following ShinyHunters’ Claim of Stolen Customer Records

One week ago, the extortion group also claimed responsibility for a new series of breaches at over 100 organizations(including the University of Nottingham)...

Vulnerabilities & ExploitsJun 17, 2026·3 min read

CISA Warns of Oracle PeopleSoft 0-Day Vulnerability Exploited in Ransomware Attacks (CVE-2026-35273)

Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical vulnerability in Oracle...

AI/ML SecurityJun 17, 2026·3 min read

Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It

London, United Kingdom, June 17th, 2026, CyberNewswire New research from cybersecurity company Heimdal finds 29% of US executives say AI risk is under...

Application SecurityJun 17, 2026·3 min read

144 Mastra npm Packages Compromised via Hijacked Contributor Account App Security

"This makes the Mastra ecosystem an exceptionally high-value target for supply chain attackers." The "easy-day-js" package launches an obfuscated payload...

Vulnerabilities & ExploitsJun 17, 2026·1 min read

JetBrains Plugin Security Alert: 70,000+ Installs Linked to AI Key Theft Vulnerability

While these plugins function as advertised, offering features like code review, chat, and […] The post JetBrains Plugin Security Alert: 70,000+ Installs...

Vulnerabilities & ExploitsJun 16, 2026·1 min read

Zyxel security advisory (AV26-603) Vulnerability

Serial number: AV26-603Date: June 16, 2026 On June 16, 2026, Zyxel published a security advisory to address vulnerabilities in the following products: GS1900...

Data BreachesJun 15, 2026·3 min read

Chinese hackers breach REDCap servers, steal medical research Data Breach

"Their research areas span a broad spectrum of modern medicine, from molecular discovery and clinical drug trials to state-level public health policy and...

AI/ML SecurityJun 15, 2026·3 min read

How attackers are jailbreaking LLMs with CTF framing and how to catch them AI Security

Over the past 30 days, we’ve collected data from other source IPs that validate our jailbreaking theory: 159.89.93.86 created a LiteLLM master-scoped API key...

Vulnerabilities & ExploitsJun 15, 2026·5 min read

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More Vulnerability

Check the list, patch what you have, and hit the ones marked urgent first - CVE-2026-11645 (Google Chrome), CVE-2026-50751 (Check Point Remote Access VPN and...

Threat IntelligenceJun 15, 2026·2 min read

Chinese-linked hackers targeted US, Canadian research facilities for a year: Google Threat Alert

Between September 2023 and November 2025, the hackers sought information related to defense intelligence, military strategy in the Indo-Pacific, artificial...

Vulnerabilities & ExploitsJun 15, 2026·5 min read

Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw Vulnerability

"Only a small portion of the probed devices actually established VPN sessions, resulting in gateway-connected events." The company has also released...

CybercrimeJun 15, 2026·3 min read

Conti Ransomware Conspirator Pleads Guilty in $150M Scheme Cybercrime

Department of Justice announced that Oleksii Oleksiyovych Lytvynenko, 44, admitted to participating in a conspiracy that deployed Conti ransomware against...

Application SecurityJun 15, 2026·3 min read

Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN App Security

According to the company's investigation, attackers exploited a known vulnerability in a third-party plugin called UpdraftPlus running on a marketing website...

Security Digest

Get the latest cybersecurity news, vulnerability alerts, and threat intelligence delivered to your inbox.

SecurityXP — Cybersecurity News, Threat Intelligence & Infosec Utilities

Novo Nordisk Breached: Ozempic Maker Suffers 264 GB Data Leak Mocked for Weak Password 'novo123'

AI-Enabled Hacker Caught: Leaked Prompts Expose Resume, IP, and local Claude/Codex Agent Operations

14,971 WordPress Sites Cleaned in Global SocGholish Takedown Cybercrime

Latest News

Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap Vulnerability

Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way AI Security

What Is Application Security Testing? Tools and Types App Security

Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development Vulnerability

SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies

OVHcloud previews AI workspace with encrypted tools AI Security

Mastra npm packages compromised in 'easy-day-js' supply chain attack App Security

Kodak Confirms Data Breach Following ShinyHunters’ Claim of Stolen Customer Records

CISA Warns of Oracle PeopleSoft 0-Day Vulnerability Exploited in Ransomware Attacks (CVE-2026-35273)

Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It

144 Mastra npm Packages Compromised via Hijacked Contributor Account App Security

JetBrains Plugin Security Alert: 70,000+ Installs Linked to AI Key Theft Vulnerability

Zyxel security advisory (AV26-603) Vulnerability

Chinese hackers breach REDCap servers, steal medical research Data Breach

How attackers are jailbreaking LLMs with CTF framing and how to catch them AI Security

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More Vulnerability

Chinese-linked hackers targeted US, Canadian research facilities for a year: Google Threat Alert

Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw Vulnerability

Conti Ransomware Conspirator Pleads Guilty in $150M Scheme Cybercrime

Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN App Security

Security Digest