WordPress Plugins: Supply Chain Attack Puts 1.2 Million Sites at Risk

In a supply chain attack, attackers install backdoors through the WordPress plugins OptinMonster, TrustPulse, and PushEngage.

Miasma worms its way onto GitHub as attack kit goes open source

As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire ...
Infosecurity Magazine

New “Agentjacking” Attacks Could Hijack AI Coding Agents

Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code ...
The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
Tech Times

npm v12 Security Overhaul Blocks Install Scripts by Default: July Deadline for CI Migration

July 2026, blocking install scripts, Git dependencies, and remote URL sources by default. Every team running npm install in ...

WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Chrome's WebMCP guidance warns that AI agents can be manipulated through the tools they are built to trust.

Harley dealers unite behind CEO Starrs amid Indian Motorcycle attack ad

Harley-Davidson dealers are speaking out against a new Indian Motorcycle campaign that attacks Harley and its CEO Artie ...

Top things businesses need to know about fraud prevention in today’s environment

Treasury and fraud specialists Scott Edwards, Director of Fraud Risk Management, and Todd Martin, SVP, Treasury Management ...
Indianapolis Business Journal

Even with deal to reopen Strait of Hormuz, it could take weeks or months for oil to fully flow

All told, oil prices, inflation and energy flows simply won’t see an immediate return to what they were before the war — not ...

Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws

Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...

Trump says deal to end war means Iran will 'never get nuclear weapon'

The US president was speaking at a G7 summit in France, with details of an agreement set to be formally signed on Friday yet ...

Update Chrome ASAP to protect yourself from this active exploit

If you use Chrome, you're vulnerable until you install this update.