10+ hour, 9+ min ago  (336+ words) The Texas Parks and Wildlife Department (TPWD) has disclosed a cybersecurity incident affecting its hunting and fishing license system vendor, potentially exposing the personal information of more than 3 million people. TPWD stated that there is currently no evidence that individuals…...

9+ hour, 56+ min ago  (354+ words) Security researchers at Paradigm Shift have disclosed usbliter8, a new Secure ROM exploit affecting Apple's A12 and A13 chipsets. The proof-of-concept exploit achieves Boot ROM compromise through a combination of a USB controller hardware bug and a firmware configuration weakness, ultimately enabling code…...

2+ day, 8+ hour ago  (467+ words) A supply-chain attack targeted Shaped Plugin, a Word Press plugin developer with more than 400, 000 active installations across its free products. The incident was disclosed by the Wordfence Threat Intelligence team after it was notified of suspicious activity on June 11, 2026. During…...

2+ day, 9+ hour ago  (187+ words) Cyber Insider Apple's Hide My Email service will soon be easier to identify and block The change will affect newly generated anonymous email addresses, while existing addresses will continue working normally. The domain change has raised concerns among privacy-conscious users....

2+ day, 12+ hour ago  (454+ words) A vulnerability in Firefox's AI chatbot integration could allow malicious websites to inject hidden instructions into AI prompts and extract data from connected services such as email accounts. Mozilla has implemented mitigations, though the researchers who discovered the problem say…...

3+ day, 13+ hour ago  (307+ words) Kodak says it is investigating a cybersecurity incident after the Shiny Hunters extortion group claimed to have stolen more than 2. 2 million records containing customer personally identifiable information (PII) and internal corporate data. The company confirmed that an unauthorized party briefly…...

4+ day, 5+ hour ago  (352+ words) An Akira ransomware affiliate used Easyupload. io, a file-sharing service operated by Lime Wire, to exfiltrate stolen data during a recent attack. The incident was detected on May 29 after Huntress' SOC identified unauthorized remote access to a domain controller. Although…...

4+ day, 12+ hour ago  (291+ words) The malware created hidden administrator accounts and installed stealthy backdoors on affected sites when visited by logged-in Word Press administrators. The campaign was discovered by security firm Sansec, which reported on June 13 that malicious code was being served through CDN-hosted…...

1+ week, 6+ hour ago  (333+ words) Security researcher Arvin Shivram has revealed how a custom AI-powered testing system uncovered dozens of vulnerabilities across Google's vast API ecosystem, earning more than $500, 000 in bug bounty rewards. The findings included access control failures affecting Google Voice, Widevine DRM, Ad…...

1+ week, 1+ day ago  (403+ words) Article Update " VRChat has disputed the authenticity of the notice via an unofficial announcement on its Discord server. We are following this closely to update the post for accuracy. Update 2 " VRChat has confirmed via a statement to Cyber Insider that…...