Post

Cybersecurity Newsfeed - 02/06/26

Daily cybersecurity news covering vulnerabilities, adversaries, trends, breaches, and other notable security developments.

Posted
Cybersecurity Newsfeed - 02/06/26
Cybersecurity Newsfeed - 02/06/26
By Prana
2 min read
Cybersecurity Newsfeed - 02/06/26

Cybersecurity Newsfeed

📅 02/06/26

🛡️ Vulnerabilities

  • Windows Netlogon RCE Exploited (CVE-2026-41089): A critical remote code execution vulnerability in the Netlogon protocol is seeing active exploitation. The flaw allows unauthenticated attackers to gain high-level privileges on a domain controller, leading to total network compromise and ransomware deployment. More infoMore info

  • Palo Alto Networks Auth Bypass: Palo Alto Networks issued an urgent advisory regarding an authentication bypass in its security appliances. Attackers can gain administrative access without valid credentials, effectively neutralizing perimeter defenses. More info

  • WP Maps Pro Admin Creation Flaw (CVE-2026-8732): A critical bug in the WP Maps Pro plugin allows unauthenticated users to create administrator accounts without a password, leading to full site takeover. More info

  • CISA Adds Oracle WebLogic Flaw to KEV (CVE-2024-21182): CISA has added this critical Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabilities catalog. It allows unauthenticated network access to compromise the server environment. More info

  • Zero-Click XSS in Pretalx: A vulnerability in the Pretalx conference platform allows hackers to hijack organizer and attendee accounts simply by having the victim view a malicious conference page. More info

🎯 Adversaries

  • China-Aligned Groups Ramp Up Attacks: China-linked threat actors are increasing the frequency of attacks targeting critical infrastructure and government entities for long-term espionage and IP theft. More info

  • Meta AI Support Exploited for Account Hijacks: Hackers used prompt injection and social engineering against Meta’s AI-driven support tools to trick the system into granting administrative overrides for high-profile Instagram accounts. More info

  • Fake BlueWallet Targets macOS: A malicious version of the BlueWallet app is targeting macOS users to steal private keys, passwords, and session tokens, bypassing Gatekeeper with stolen certificates. More info

  • Shai-Hulud Malware Infects NPM: A sophisticated malware strain has compromised Red Hat-related NPM packages, reaching 80,000 weekly downloads to exfiltrate developer credentials and env variables. More info

📈 Trends

  • WordPress Payloads Hidden in Steam Profiles: A new campaign involves injecting scripts into WordPress sites that fetch malicious payloads hosted in the “About” sections of legitimate Steam profiles to bypass filters. More info

  • Thousands of Sites Hijacked for ClickFix/FakeUpdate: Large-scale hijacking of websites is being used to deliver “ClickFix” and “FakeUpdate” malware via deceptive browser update prompts. More info

  • Dashlane Users Hit by Brute-Force Campaign: A coordinated brute-force attack against Dashlane users has triggered widespread account lockouts as automated defense mechanisms freeze access to protect vault integrity. More infoMore info

💥 Breaches & Leaks

  • Spain Arrests Doxer of Govt Employees: Spanish authorities arrested an individual for leaking sensitive data of government employees obtained through unauthorized access to state databases. More info

⬅ Back to Archive

News
cybersecurity vulnerabilities threat-intelligence breaches malware ransomware
This post is licensed under CC BY 4.0 by the author.