163 Organizations Hit by Thai Gambling SEO Poisoning Campaign
Researchers at Cyble Research & Intelligence Labs uncovered a massive Thai gambling SEO‑poisoning campaign that has compromised 163 organizations in over 30 countries. The attackers exploit abandoned cloud DNS delegations—primarily Azure—to seize subdomains and serve Thai‑language gambling pages under legitimate corporate domains. Using valid Let's Encrypt wildcard certificates, the malicious sites rank in search results and funnel traffic to affiliate gambling links. At the time of reporting, 161 of the affected entities remain actively compromised.
ServiceNow Flaw Exploited by Threat Actors to Access Customer Instances
ServiceNow disclosed that an unauthenticated access vulnerability was exploited by unknown threat actors, allowing them to query data from a subset of customer instances. The company issued an emergency security update on June 5, 2026, modifying endpoint configurations to restrict access to...
AI Heads to UK Courts, Bringing New Cybersecurity and Governance Challenges
The UK government announced a pilot of AI legal assistants in Crown Court to streamline research, case analysis, and administrative duties, aiming to cut backlogs. An AI‑driven scheduling tool will help judges group trial‑ready cases, improving courtroom utilization. All probation...
Kuwait and Oman Sign Cybersecurity Pact to Counter Rising Digital Threats
Kuwait and Oman have signed a Memorandum of Understanding to deepen bilateral cybersecurity cooperation. The pact creates channels for sharing threat intelligence, joint training of incident‑response teams, and coordinated response to attacks on critical infrastructure. It also sets the stage...
Cisco Warns of Active Exploitation of Catalyst SD-WAN Flaw With No Patch Available
Cisco has issued an urgent alert that a high‑severity flaw (CVE‑2026‑20245) in its Catalyst SD‑WAN Manager is being actively exploited, allowing attackers with netadmin credentials to execute arbitrary commands as root. The vulnerability stems from insufficient input validation in the...
DPDP and Cybersecurity: Why the Safest Data May Be the Data You Delete
The Digital Personal Data Protection (DPDP) law in India is reframing cybersecurity by treating unnecessary data as a liability. A 2021 report found 70 % of sensitive enterprise data has gone untouched for years, exposing it to breaches that now cost...
China’s VerdantBamboo Experimented With Three Re-Entries and Three Malware in a Company Network
China’s state‑sponsored group VerdantBamboo infiltrated a corporate network for 18 months, initially via a compromised Egnyte file‑sync appliance supplied by a managed service provider (MSP). The attackers installed the Golang‑based BRICKSTORM trojan and a custom Python reverse shell, then leveraged...
New Threat Actor Targets Crypto Firms’ Development Infrastructure
Wiz Research has uncovered a new threat group, JINX-0164, that targets cryptocurrency firms through LinkedIn‑based recruiter scams. The actors deliver custom macOS malware to developers, harvest credentials, and move laterally into cloud and CI/CD environments. Their focus on software supply‑chain...
Pink Extortion Group Emerges Targeting Microsoft 365 Data
A newly identified cyber‑extortion group called Pink, tracked as CL‑CRI‑1147, is targeting Microsoft 365 environments through voice‑phishing (vishing) and rapid cloud data theft. The actors impersonate IT staff, capture credentials via spoofed password‑reset domains, and immediately harvest SharePoint and OneDrive...
AI-Powered Bots Are Blurring the Line Between Users and Cyber Threats
A new study of 300 North American enterprise leaders reveals AI‑powered bots are now capable of mimicking legitimate user behavior, making them harder to detect. Credential‑based attacks are the top concern for 74% of respondents, followed by DDoS (51%) and...
The NHS Was Lucky. The Next Victim Might Not Be.
In May 2026 a malicious code injection dubbed “Mini Shai‑hulud” slipped into NHS software packages, exploiting automated CI/CD pipelines and package registries. The attack was detected quickly, limiting damage, but highlighted systemic vulnerabilities in modern software supply chains. The UK’s...
Ransomware and Geopolitical Tensions Drive Cyber Threats Across META in Q1 2026
Cyble’s Q1 2026 META Threat Landscape Report shows ransomware activity surged across the Middle East, Turkey, and Africa, with 116 incidents disclosed. Turkey recorded the highest number of attacks, while construction, government, and financial services were the most targeted sectors....
Ransomware Attacks Surge 30% in 2026 as Qilin and INC Ransom Intensify Operations
Ransomware attacks jumped 30% in the first half of 2026 versus the same period last year, with healthcare remaining the most targeted sector. Qilin ransomware‑as‑a‑service logged 168 confirmed healthcare victims, while INC Ransom carried out 47 attacks in January alone...
Miasma Malware Targets Red Hat Npm Packages in New Supply Chain Attack
A new supply‑chain campaign called Miasma has compromised seven Red Hat cloud‑services npm packages, embedding install‑time malware that harvests credentials and secrets. The malicious code exfiltrates encrypted data to api.anthropic.com and uses stolen GitHub tokens to push signed, encrypted commits, mimicking...
New ChatGPhish Technique Uses Prompt Injection to Manipulate ChatGPT Responses
Security researchers have disclosed "ChatGPhish," a novel browser‑based prompt‑injection technique that manipulates ChatGPT's page‑summarization feature. By embedding malicious instructions in ordinary web pages, attackers can coerce the model into appending phishing alerts, links, or QR codes to otherwise legitimate summaries....