@thehackernews is monitored as a public Telegram source. This profile preserves source metadata and links back to the original channel rather than treating posts as independently verified reporting.
🔥 A new supply chain attack has hit official Red Hat Cloud Services npm packages. The Miasma campaign, a fresh Mini Shai-Hulud variant, plants a malicious preinstall hook that steals GitHub secrets, cloud credentials, SSH keys, and more from developer and CI/CD environments. It also adds persistence and downstream...
Telegram media itemMedia served by Telegram. The preview loads from telegram.org when this card is visible.Open original Telegram post
The “vCISO platform” label is outdated for today’s MSPs. Service providers need portfolio-wide security programs, CISO-grade intelligence, and revenue insights. That’s why the Security Growth Platform category has emerged — and Cynomi currently defines it with its unified frameworks and 100% partner-only model. Read:...
Telegram media itemMedia served by Telegram. The preview loads from telegram.org when this card is visible.Open original Telegram post
🛑 China-aligned hackers are intensifying espionage campaigns. Operation Dragon Weave is hitting Czech Republic and Taiwan with spear-phishing ZIPs to deploy AdaptixC2 via Azure Blob Storage. It gives attackers full remote control with 36 commands. Learn More:...
Telegram media itemMedia served by Telegram. The preview loads from telegram.org when this card is visible.Open original Telegram post
🚨 A legitimate-looking npm package for OpenAI Codex has been stealing developer auth tokens for over a month. codexui-android, marketed as a remote web UI, has seen 29,000+ weekly downloads. Since version 0.1.82 it quietly sends ~/.codex/auth.json — including non-expiring refresh tokens — to an attacker server. Read:...
Telegram media itemMedia served by Telegram. The preview loads from telegram.org when this card is visible.Open original Telegram post
⚠️ Threat actors are actively exploiting a critical vulnerability in WP Maps Pro. CVE-2026-8732 (CVSS 9.8) lets unauthenticated attackers create admin accounts and take over sites. It affects all versions up to 6.1.0. Update to 6.1.1 now. Read: https://thehackernews.com/2026/06/critical-wp-maps-pro-flaw-actively.html
Telegram media itemMedia served by Telegram. The preview loads from telegram.org when this card is visible.Open original Telegram post
Dutch authorities have dismantled a botnet comprising at least 17 million infected devices, including computers, smartphones, tablets, and IoT devices. More than 200 servers in the Netherlands supported the operation. Police seized a subset of the infrastructure, and the hosting provider subsequently took the network...
Telegram media itemMedia served by Telegram. The preview loads from telegram.org when this card is visible.Open original Telegram post
🚨 CVE-2026-0257, a PAN-OS and Prisma Access authentication bypass flaw, is under active exploitation. The CVSS 7.8 bug can enable unauthorized VPN access and, in some observed cases, access to internal networks. Patch immediately or apply mitigations. Details:...
Telegram media itemMedia served by Telegram. The preview loads from telegram.org when this card is visible.Open original Telegram post