{"data":[{"id":7470238,"title":"Scammers Use TikTok and Instagram Reels to Spread Vidar Infostealer","link":"https://hackread.com/scammers-tiktok-instagram-reels-vidar-infostealer/","summary":"ReversingLabs reveals how hackers exploit social media engagement metrics to deliver Vidar infostealer malware to thousands of unsuspecting users.","source":"HackRead","category":"Vulnerability Disclosure","vendor":null,"published_at":"2026-06-10T17:24:16.000Z","created_at":"2026-06-10 17:29:34","sector":"Manufacturing","mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"63ce646525a0d957","entities_processed":1,"tlp":"WHITE"},{"id":7464172,"title":"Critical Unauthenticated Authentication Bypass Vulnerability Patched in UpdraftPlus WordPress Plugin","link":"https://www.wordfence.com/blog/2026/06/critical-unauthenticated-authentication-bypass-vulnerability-patched-in-updraftplus-wordpress-plugin/","summary":"On June 2nd, 2026, we received a submission for a critical Unauthenticated Authentication Bypass vulnerability in UpdraftPlus, a WordPress plugin with more t...","source":"Wordfence Blog","category":"Vulnerability Disclosure","vendor":"WordPress","published_at":"2026-06-10T16:53:58.000Z","created_at":"2026-06-10 17:01:16","sector":null,"mitre_techniques":[{"id":"T1556","name":"Modify Authentication Process","tactic":"Credential Access"}],"iocs":null,"vendors_all":["WordPress"],"dedup_hash":"3f024642203d5b36","entities_processed":1,"tlp":"WHITE"},{"id":7462411,"title":"Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans","link":"https://www.rapid7.com/blog/post/ai-automated-threat-hunting-turns-threat-intelligence-into-executable-hunt-plans","summary":"Blake McDermott is Senior Threat Hunter at Rapid7. Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports containi...","source":"Rapid7 Blog","category":"TTPs","vendor":"Rapid7","published_at":"2026-06-10T16:26:33.000Z","created_at":"2026-06-10 16:50:58","sector":"Manufacturing","mitre_techniques":null,"iocs":null,"vendors_all":["Rapid7","Intel"],"dedup_hash":"2b3d500a923befee","entities_processed":1,"tlp":"WHITE"},{"id":7459690,"title":"Chinese APTs have made identity part of the intrusion path","link":"https://www.scworld.com/perspective/chinese-apts-have-made-identity-part-of-the-intrusion-path","summary":"Don’t merely identify the attacker – understand how they behave.","source":"SC Media","category":"General","vendor":null,"published_at":"2026-06-10T16:25:24.000Z","created_at":"2026-06-10 16:35:58","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"4b59c3e5b99229fa","entities_processed":1,"tlp":"WHITE"},{"id":7458681,"title":"China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance","link":"https://thehackernews.com/2026/06/china-linked-jdy-botnet-expands-to-1500.html","summary":"Cybersecurity researchers have warned of a \"resurgence and expansion\" of JDY, a covert network associated with China-nexus state-sponsored threat actors.","source":"The Hacker News","category":"Malware","vendor":null,"published_at":"2026-06-10T16:08:42.000Z","created_at":"2026-06-10 16:35:57","sector":null,"mitre_techniques":[{"id":"T1592","name":"Gather Victim Host Information","tactic":"Reconnaissance"}],"iocs":null,"vendors_all":null,"dedup_hash":"ac5602ac159d2f55","entities_processed":1,"tlp":"WHITE"},{"id":7454616,"title":"CISA directive orders agencies to prioritize vulnerability patching in a new way","link":"https://cyberscoop.com/cisa-vulnerability-remediation-directive-bod-26-04/","summary":"A vulnerability that meets all four criteria would need to be fixed within three days, for instance. The post CISA directive orders agencies to prioritize vu...","source":"Cyberscoop","category":"Vulnerability Disclosure","vendor":null,"published_at":"2026-06-10T16:07:11.000Z","created_at":"2026-06-10 16:16:14","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"bc77910f5bf2499d","entities_processed":1,"tlp":"WHITE"},{"id":7452010,"title":"Fake Software Tutorials on TikTok Spread Vidar Stealer","link":"https://www.infosecurity-magazine.com/news/fake-software-videos-tiktok-vidar/","summary":"Threat actors push fake free-software tutorials on TikTok and Instagram to spread Vidar stealer","source":"Infosecurity Magazine","category":"General","vendor":null,"published_at":"2026-06-10T16:00:00.000Z","created_at":"2026-06-10 16:00:16","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"f390f490c0b6dc72","entities_processed":1,"tlp":"WHITE"},{"id":7464355,"title":"Turn specs into evals for any agent with ASSERT","link":"https://commandline.microsoft.com/assert-written-intent-executable-evals/","summary":"Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT) is an open-source framework for converting natural language behavior requirements...","source":"Microsoft Security Blog","category":"General","vendor":"Microsoft","published_at":"2026-06-10T16:00:00.000Z","created_at":"2026-06-10 17:05:57","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":["Microsoft"],"dedup_hash":"1eaab8b6647570a4","entities_processed":1,"tlp":"WHITE"},{"id":7451370,"title":"Ivanti releases patches for critical Sentry vulnerabilities","link":"https://www.scworld.com/brief/ivanti-releases-patches-for-critical-sentry-vulnerabilities","summary":"The vulnerabilities, tracked as CVE-2026-10520 and CVE-2026-10523, affect Ivanti Sentry, formerly MobileIron Sentry, which secures traffic between corporate ...","source":"SC Media","category":"CVE","vendor":"Ivanti","published_at":"2026-06-10T15:37:53.000Z","created_at":"2026-06-10 15:50:55","sector":null,"mitre_techniques":null,"iocs":{"cves":["CVE-2026-10520","CVE-2026-10523"]},"vendors_all":["Ivanti"],"dedup_hash":"e0eebcadb61b2ffe","entities_processed":1,"tlp":"WHITE"},{"id":7446371,"title":"New SilabRAT Trojan Hijacks Sessions to Steal Crypto","link":"https://www.infosecurity-magazine.com/news/silabrat-trojan-session-hijacking/","summary":"MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto","source":"Infosecurity Magazine","category":"Malware","vendor":null,"published_at":"2026-06-10T15:30:00.000Z","created_at":"2026-06-10 15:30:16","sector":"Financial","mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"61dcd254c8248a39","entities_processed":1,"tlp":"WHITE"},{"id":7446372,"title":"Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks","link":"https://www.infosecurity-magazine.com/news/cybersecurity-fails-to-detect/","summary":"Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyb...","source":"Infosecurity Magazine","category":"Phishing","vendor":null,"published_at":"2026-06-10T15:30:00.000Z","created_at":"2026-06-10 15:30:16","sector":null,"mitre_techniques":[{"id":"T1566","name":"Phishing","tactic":"Initial Access"},{"id":"T1598","name":"Phishing for Information","tactic":"Reconnaissance"}],"iocs":null,"vendors_all":null,"dedup_hash":"76c79a84e6214898","entities_processed":1,"tlp":"WHITE"},{"id":7447015,"title":"Cyberattack shuts down major Australian sugar mills, disrupting harvest","link":"https://therecord.media/cyberattack-shuts-down-major-australian-sugar-producer","summary":"Australia's second-largest sugar producer said on Wednesday that it was responding to a cybersecurity incident affecting parts of its operations and had enga...","source":"The Record","category":"General","vendor":null,"published_at":"2026-06-10T15:18:00.000Z","created_at":"2026-06-10 15:30:16","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"98491a2e24620fd9","entities_processed":1,"tlp":"WHITE"},{"id":7445335,"title":"ServiceNow Discloses Security Incident Exposing Customer Data","link":"https://hackread.com/servicenow-security-incident-exposing-customer-data/","summary":"ServiceNow applied a security update after an API access issue exposed customer data, with affected firms notified through direct support cases.","source":"HackRead","category":"Advisory","vendor":"ServiceNow","published_at":"2026-06-10T15:16:09.000Z","created_at":"2026-06-10 15:20:53","sector":"Transportation","mitre_techniques":null,"iocs":null,"vendors_all":["ServiceNow"],"dedup_hash":"288f1c3e4431eb5f","entities_processed":1,"tlp":"WHITE"},{"id":7446171,"title":"Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities","link":"https://thehackernews.com/2026/06/ivanti-fortinet-and-sap-release-patches.html","summary":"Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution ...","source":"The Hacker News","category":"CVE","vendor":"Fortinet","published_at":"2026-06-10T15:10:59.000Z","created_at":"2026-06-10 15:30:16","sector":null,"mitre_techniques":[{"id":"T1059","name":"Command and Scripting Interpreter","tactic":"Execution"}],"iocs":{"cves":["CVE-2026-25089"]},"vendors_all":["Fortinet","Ivanti","SAP"],"dedup_hash":"a6c9931bc591b203","entities_processed":1,"tlp":"WHITE"},{"id":7446172,"title":"Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE","link":"https://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html","summary":"A high-severity unpatched security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under acti...","source":"The Hacker News","category":"CVE","vendor":"Intel","published_at":"2026-06-10T15:00:59.000Z","created_at":"2026-06-10 15:30:16","sector":null,"mitre_techniques":null,"iocs":{"cves":["CVE-2026-5027"]},"vendors_all":["Intel"],"dedup_hash":"82e490c0ad94abe5","entities_processed":1,"tlp":"WHITE"},{"id":7441615,"title":"Turning Millions of Risks Into One Actionable List","link":"https://blog.qualys.com/product-tech/2026/06/10/turning-millions-of-risks-into-one-actionable-list","summary":"Every security leader walks into Monday morning with the same question. The findings are there.","source":"Qualys Blog","category":"General","vendor":null,"published_at":"2026-06-10T15:00:00.000Z","created_at":"2026-06-10 15:00:19","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"93f3222105a7ede2","entities_processed":1,"tlp":"WHITE"},{"id":7443327,"title":"China-linked JDY botnet expands targeting of U.S. military networks","link":"https://www.bleepingcomputer.com/news/security/china-linked-jdy-botnet-expands-targeting-of-us-military-networks/","summary":"The JDY botnet, a malware network previously associated with Chinese threat actors like Volt Typhoon, has significantly expanded its targeting scope and reco...","source":"BleepingComputer","category":"Malware","vendor":null,"published_at":"2026-06-10T15:00:00.000Z","created_at":"2026-06-10 15:15:15","sector":"Defense","mitre_techniques":[{"id":"T1592","name":"Gather Victim Host Information","tactic":"Reconnaissance"}],"iocs":null,"vendors_all":null,"dedup_hash":"8f75dcaa8c09a02d","entities_processed":1,"tlp":"WHITE"},{"id":7440612,"title":"June Patch Tuesday marks a ‘new normal’ with over 200 CVEs, 32 rated ‘critical’","link":"https://www.csoonline.com/article/4183632/june-patch-tuesday-marks-a-new-normal-with-over-200-cves-32-rated-critical.html","summary":"June’s Patch Tuesday security updates have arrived, with SAP fixing four critical vulnerabilities and Microsoft addressing over 200 CVEs. Microsoft’s to-do l...","source":"CSO Online","category":"Vulnerability Disclosure","vendor":"Microsoft","published_at":"2026-06-10T14:53:28.000Z","created_at":"2026-06-10 15:00:18","sector":null,"mitre_techniques":null,"iocs":null,"vendors_all":["Microsoft","SAP","Adobe"],"dedup_hash":"265b6e873a289dd2","entities_processed":1,"tlp":"WHITE"},{"id":7446173,"title":"CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation","link":"https://thehackernews.com/2026/06/cisa-adds-cisco-chrome-and-arista-flaws.html","summary":"The U.S.","source":"The Hacker News","category":"CVE","vendor":"Google","published_at":"2026-06-10T14:44:29.000Z","created_at":"2026-06-10 15:30:16","sector":"Transportation","mitre_techniques":null,"iocs":{"cves":["CVE-2026-20245"]},"vendors_all":["Google","Amazon","Cisco"],"dedup_hash":"9023932fbac11465","entities_processed":1,"tlp":"WHITE"},{"id":7436467,"title":"Identity theft is turning into a chain reaction for victims","link":"https://www.helpnetsecurity.com/2026/06/10/identity-theft-incidents-itrc-report/","summary":"For a growing number of victims, identity theft no longer ends with a fraudulent charge or a compromised account. More than one in four people who contacted ...","source":"Help Net Security","category":"General","vendor":null,"published_at":"2026-06-10T14:23:44.000Z","created_at":"2026-06-10 14:26:59","sector":"Transportation","mitre_techniques":null,"iocs":null,"vendors_all":null,"dedup_hash":"33414427ee6d86ef","entities_processed":1,"tlp":"WHITE"}],"pagination":{"page":1,"limit":20,"total":4596,"pages":230}}