Unpachable Apple Exploit, RaaS EDR Killer, Autojack AI Attack, WordPress SMTP Hack

THN Daily Updates The Vibe Coding Playbook: Building Your Tech Business with AI ($35.00 Value) FREE for a Limited Time A detailed and up-to-date walkthrough for entrepreneurs with limited (or non-existent) coding skills who want to build profitable software companies using new gen-AI tools. Download Now Sponsored LATEST NEWS Jun 20, 2026 Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medi... Read More Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned in... Read More CrowdStrike Falcon: AI-native endpoint + cloud security on AWS CrowdStrike Falcon consolidates endpoint, cloud, and identity protection into a single AI-native platform - one lightweight agent, unified threat intelligence, and real-time detection. Deployed on AWS Marketplace. Reduces tool sprawl and stops breaches before impact. Read More The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before... Read More AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, and that pag... Read More Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress webs... Read More CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-a... Read More From Assistive to Agentic: The AI Shift That's Redefining Threat Management Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping)... Read More The Vibe Coding Playbook: Building Your Tech Business with AI ($35.00 Value) FREE for a Limited Time A detailed and up-to-date walkthrough for entrepreneurs with limited (or non-existent) coding skills who want to build profitable software companies using new gen-AI tools. Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | K.P BLock, Pitampura, Delhi