Cyber Hawk

The Hacker News

The Scripts on Your Checkout Page Are Now a PCI DSS Problem

June 18, 2026

An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout, their …

The Hacker News

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

June 17, 2026

Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50…

The Hacker News

144 Mastra npm Packages Compromised via Hijacked Contributor Account

June 17, 2026

As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applicati…

The Hacker News

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

June 17, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerab…

The Hacker News

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

June 16, 2026

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's ser…

The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

June 16, 2026

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec,…

The Hacker News

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

June 16, 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Ci…

Bitcoin Mining

The Scripts on Your Checkout Page Are Now a PCI DSS Problem

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

144 Mastra npm Packages Compromised via Hijacked Contributor Account

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

Popular Feeds

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

Featured News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Random Posts

Popular Posts

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

Bitcoin Mining

Share

Popular Feeds

Featured News

Random Posts

Popular Posts