WeedHack Minecraft Malware
WeedHack spreads through fake Minecraft mods and clients, stealing session tokens, passwords, wallets, and adding remote-access risk.
News desk
Security News
Security incidents, exploited vulnerabilities, breach reports, malware campaigns, and urgent patch notes arranged for fast daily scanning.
June 24, 2026
Latest reports
WP Maps Pro CVE-2026-8732
WP Maps Pro CVE-2026-8732 lets unauthenticated attackers create WordPress administrator accounts. Update to 6.1.1 and audit admins/logs.
Flowise Chatflow RCE
Flowise CVE-2026-40933 can turn a malicious chatflow import into server-side command execution. Check self-hosted instances, MCP stdio use, and stored secrets.
Dutch Botnet Takedown Cuts Off 17M Devices
Dutch police and NCSC took down a botnet of at least 17 million infected devices. Here is what to check on PCs, routers, and…
ChatGPhish AI Summary Phish
ChatGPhish shows how a web page summarized by ChatGPT can surface phishing links, fake alerts, and QR codes inside a trusted AI answer.
EMS Patch Trap
FortiClient EMS CVE-2026-35616 was abused to push EKZ Infostealer as a fake patch. Check EMS logs, managed endpoints, browser credentials, and hotfixes.
PAN-OS CVE-2026-0257 Patch
CISA added PAN-OS CVE-2026-0257 to KEV after exploitation. Check GlobalProtect portals and gateways, patch PAN-OS, and disable unsafe authentication override cookies.
Gogs RCE Zero-Day: Check Open Registration
Rapid7 disclosed a critical unpatched Gogs RCE path. Check open registration, repository creation, and rebase merge settings now.
sysupdate.jpeg Malware
sysupdate.jpeg malware is a fake image loader tied to Operation SilentCanvas. Learn what to check, how ScreenConnect is abused, and how to clean Windows…