Cyber Hawk

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

June 20, 2026

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVS…

The Hacker News

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

June 19, 2026

The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing sy…

The Hacker News

Forget Data Leakage: Shadow AI's Real Threat Is Access Control

June 19, 2026

The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, domain blocks, and data…

The Hacker News

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

June 19, 2026

Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026. …

The Hacker News

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

June 19, 2026

Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-202…

The Hacker News

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

June 18, 2026

F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems. The vulnerabilities are listed bel…

The Hacker News

Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

June 18, 2026

If an autonomous AI agent interacts with your company's core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is …

Bitcoin Mining

Hot News

Labels

Report Abuse

Recent posts

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

Forget Data Leakage: Shadow AI's Real Threat Is Access Control

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

Popular Feeds

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

Featured News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Random Posts

Popular Posts

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

Bitcoin Mining

Hot News

Labels

Recent posts

Share

Popular Feeds

Featured News

Random Posts

Popular Posts