Cyber News

This category focuses on cyber developments, including newly released updates, remediation guidance, patch rollups, urgent fixes, and security updates from major vendors and technology providers.

Critical StrongDM Vulnerability Allows Attackers to Steal and Reuse Authentication Screenshot2026-06-021105421

Screenshot2026-06-021105421

Critical StrongDM Vulnerability Allows Attackers to Steal and Reuse Authentication

Advisoryloom Editor June 2, 2026

A critical authentication flaw in StrongDM’s desktop application has been identified that allows attackers to hijack user...

Oracle’s First Monthly Patches Resolve 77 Vulnerabilities

Oracle’s First Monthly Patches Resolve 77 Vulnerabilities

Oracle’s First Monthly Patches Resolve 77 Vulnerabilities

Advisoryloom Editor June 2, 2026

Oracle’s monthly Critical Security Patch Update (CSPU) rollouts are meant to deliver critical fixes faster. The post...

Dashlane Password Manager User Accounts Locked Following Brute-Force Attacks

Dashlane Password Manager User Accounts Locked Following Brute-Force Attacks

Dashlane Password Manager User Accounts Locked Following Brute-Force Attacks

Advisoryloom Editor June 2, 2026

Dashlane has disclosed a security incident involving a large-scale brute-force attack targeting user accounts, beginning on May...

Gamaredon APT Hides Malware in Windows Features and Abuses Cloud Platforms for C2 Screenshot2026-06-011954071

Screenshot2026-06-011954071

Gamaredon APT Hides Malware in Windows Features and Abuses Cloud Platforms for C2

Advisoryloom Editor June 2, 2026

Gamaredon, a Russian state-backed espionage group, is deploying a new VBScript worm that hides inside native Windows...

Critical WP Maps Pro Vulnerability Allow Attackers to Create Administrator Account Screenshot2026-06-011822321

Screenshot2026-06-011822321

Critical WP Maps Pro Vulnerability Allow Attackers to Create Administrator Account

Advisoryloom Editor June 2, 2026

A critical security vulnerability in the popular WP Maps Pro WordPress plugin could allow attackers to gain...

Hackers Use Meta’s AI Bot to Reset Passwords and Hijack Instagram Accounts metatakedown

metatakedown

Hackers Use Meta’s AI Bot to Reset Passwords and Hijack Instagram Accounts

Advisoryloom Editor June 1, 2026

A critical logic flaw in Meta’s AI-powered Instagram support chatbot allowed attackers to bypass two-factor authentication entirely,...

ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)

ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)

ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)

Advisoryloom Editor June 1, 2026

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Advisoryloom Editor June 1, 2026

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates...

Red Hat npm packages compromised to steal developer credentials

Red Hat npm packages compromised to steal developer credentials

Red Hat npm packages compromised to steal developer credentials

Advisoryloom Editor June 1, 2026

More than 30 npm packages under Red Hat’s ‘@redhat-cloud-services’ namespace were compromised in a supply-chain attack that...

Microsoft’s Zero-Day Legal Threats Spark Backlash

Microsoft’s Zero-Day Legal Threats Spark Backlash

Microsoft’s Zero-Day Legal Threats Spark Backlash

Advisoryloom Editor June 1, 2026

After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges...