Critical libssh2 PoC Exploit, Browser Malware Hidden in Images, and Gamaredon Attacks

THN Daily Updates Webinar ➞ Source Code, Contracts, PII--Oh My: How to Stop Leaks to ChatGPT Learn how to identify, monitor, and stop data leaks to AI tools like ChatGPT. Discover practical methods to gain real-time visibility, enforce controls, and prevent sensitive data exposure at the source. Download Now Sponsored LATEST NEWS Jun 29, 2026 236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Un... Read More Why Post-Quantum Cryptography Starts With Credentials Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon be broken by quantum computers. Although no machine today can brea... Read More Most Systems Weren’t Designed For How Data Moves Today A practical framework to secure collaboration and data movement across environments. Download the guide. Read More Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said ... Read More Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal credentials and run ad ... Read More Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No cred... Read More Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts. "This att... Read More Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging ac... Read More Webinar ➞ Source Code, Contracts, PII--Oh My: How to Stop Leaks to ChatGPT Learn how to identify, monitor, and stop data leaks to AI tools like ChatGPT. Discover practical methods to gain real-time visibility, enforce controls, and prevent sensitive data exposure at the source. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi