Bitcoin Mining

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution The Hacker News

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

June 17, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerab…

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting The Hacker News

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

June 16, 2026

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's ser…

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

June 16, 2026

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec,…

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation The Hacker News

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

June 16, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Ci…

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails The Hacker News

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

June 15, 2026

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email. The way in was…

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

June 15, 2026

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, Hexago…

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

June 15, 2026

An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site admin…