Google Vertex AI Flaw, Mastra npm Hack, Joomla Exploit and More

THN Daily Updates Full Stack Human: The Mindset Upgrade You Need to Stay Human in a World Ruled by Technology ($21.95 Value) FREE for a Limited Time The world needs Full Stack Humans. This is how you become one. Download Now Sponsored LATEST NEWS Jun 17, 2026 Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It's validation. Security teams must decide which findings w... Read More The Top 10 Attack Surface Exposures in 2026 Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let a... Read More Secure the Future with a Georgetown Master’s Georgetown's program prepares you to develop and implement risk governance frameworks. Read More Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider key... Read More 144 Mastra npm Packages Compromised via Hijacked Contributor Account As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as... Read More Why Active Directory Vulnerabilities Demand More Than a Patch CVE-2026-25177 in Microsoft AD lets authenticated users abuse SPNs to escalate privileges, exposing domain-wide identity risks. Read More CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited Vulnerabilities (KEV) cata... Read More Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving infrastructure. Palo Alto ... Read More Full Stack Human: The Mindset Upgrade You Need to Stay Human in a World Ruled by Technology ($21.95 Value) FREE for a Limited Time The world needs Full Stack Humans. This is how you become one. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi