Latest Cybersecurity News

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

The Hacker News 2026-06-19 12:06 UTC

Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization impacting the Airoha Bluetooth audio SDK that makes it possible to pair a Bluetooth audio…

Read original →

Hackers Use Weaponized Windows Shortcuts to Spread Crypto Clipper Across USB Drives

Cybersecurity News 2026-06-19 07:50 UTC

A newly discovered cryptocurrency clipper malware has been quietly stealing digital assets from victims since February 2026, spreading through a trick that most users would never suspect: weaponized Windows shortcut files on USB drives. The malware is not just a simple thief. It comes with worm-like behavior, Tor-based communication, and the ability to…

Read original →

Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC

Security Week 2026-06-19 07:22 UTC

WideField will accelerate Agentic SOC capabilities by expanding the lens on threat investigation to include identity, credentials, sessions, and blast radius. The post Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC appeared first on SecurityWeek .

Read original →

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Security Week 2026-06-19 06:46 UTC

Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame. The post 15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown appeared first on SecurityWeek .

Read original →

AI-Powered Public Surveillance and Biometric Data Collection Expand Government Monitoring

Cybersecurity News 2026-06-19 06:38 UTC

Governments are expanding their digital reach in ways unimaginable just a decade ago. A growing wave of AI-powered surveillance, biometric data collection, and commercial spyware is reshaping how states monitor citizens and visitors. The scale of this shift is drawing urgent attention from security professionals and human rights organizations worldwide. A…

Read original →

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Security Week 2026-06-19 04:10 UTC

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek .

Read original →

CISA warns Fortinet users to secure devices after FortiBleed leak

BleepingComputer 2026-06-19 02:47 UTC

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed "FortiBleed." [...]

Read original →