Latest news as of 6/30/2026, 4:57:07 AM
The Register
According to the one person who actually read the research paper
Have I Been Pwned
In June 2026, a collection of accumulated stealer logs from various sources was added to HIBP. The corpus comprised 56M unique email addresses across hundreds of millions of stealer log records. The data also contained 124M unique passwords, which have been added to and are now searchable. Individuals can view any records captured against their email address in . Organisations can see logs affecting their domain via . Pwned Passwords the stealer logs section of their dashboard the stealer logs API
Bleeping Computer
A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) authentication protocol. [...]
The Hacker News
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famous Chollima, HexagonalRodent, and Void Dokkaebi). According to a report published by Proofpoint, the threat actor has been found orchestrating phishing campaigns using developer role recruitment or code review themes
Dark Reading
Executive leaders may not be saying it aloud, but business objectives and priorities don't always promote timely disclosures.
The Register
Joins the ranks of Nottingham Uni and 100 other unnamed victims
Bleeping Computer
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]
Bleeping Computer
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. [...]
The Hacker News
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface. A server takeover exposes every provider key it holds, the secrets that
The Register
Federal Data Center Enhancement Act (FDCEA) of 2023 covers standards including security and sustainability