Brave Software launched Brave Origin, a paid browser variant that removes cryptocurrency, AI, rewards, and other monetization features while keeping Brave Shields. The release packages a cleaner, privacy-focused configuration for users who want a more minimal browsing experience. Pricing is a $59.99 one-time license for up to 10 devices, with a free Linux version also available.

The Hola Browser for Windows supply chain delivered an undeclared Monero miner, putting some installations at risk of unauthorized CPU use and persistence. Researchers found the payload during AppEsteem certification checks after it had already been distributed through the browser pipeline. The executable was identified as me.exe and was installed in some cases under the Hola program directory.

The Windows version of Hola Browser suffered a supply chain compromise that pushed an undeclared cryptocurrency miner, exposing some users to unwanted code execution and persistence. The affected build installed a hidden executable and persistence components on Windows systems. Hola said the issue affected about 0.1% of users and there was no evidence of data access or theft.

The Magecart campaign is abusing Stripe's API infrastructure and Google Tag Manager containers to steal checkout data from Magento/Adobe Commerce stores. The skimmer loads from a GTM container, runs on checkout pages, and routes both the payload and stolen cards through api.stripe.com, helping it blend into trusted payment traffic. A variant also uses Google Firestore to hide the payload and stolen data in a project called braintree-payment-app. The operation has been active since at least December 24, 2025, increasing the risk of payment-card theft and hard-to-detect exfiltration across online stores.

DentaQuest confirmed a June 2, 2026 cybersecurity incident involving unauthorized access to a limited portion of its network, creating limited disruption to customer service and prompting an active investigation. The company said it moved to secure the environment and contain the attack while keeping systems operational.

DentaQuest's public leak exposed records for 2.6 million accounts, putting personal and health-related data at risk. The leak followed ShinyHunters' claim to have stolen more than 234 GB of data and to have posted the company on a leak site. The exposed dataset included email addresses, government-issued IDs, health insurance information, and dates of birth.

Everest Forms Pro has an actively exploited critical remote code execution vulnerability, CVE-2026-3300, that lets unauthenticated attackers run PHP and take over WordPress sites. The flaw affects releases through 1.9.12, and WPEverest fixed it in 1.9.13. Wordfence says abuse began on April 13, 2026, and its firewall has already blocked more than 29,300 exploit attempts.

The IronWorm malware has infected 36 npm packages, creating a supply-chain risk for developer and CI environments that can leak secrets and receive trojanized updates. It targets 86 environment variables and 20 credential files, including OpenAI, AWS, Anthropic, and npm credentials, plus SSH keys and Exodus wallet files. The malware also self-propagates by stealing publishing credentials, including secrets tied to npm Trusted Publishing, so a single compromise can spread to more packages.

asteroiddao suffered a compromised-account incident that let malicious npm package versions and repository commits seed a wider supply-chain attack. The account was used to publish packages carrying a Rust ELF binary executed via preinstall. That compromise matters because it turned a trusted publishing identity into an infection path for developers and CI systems consuming npm packages.

Anthropic's Claude Code GitHub Action had a trigger-check bypass that let a malicious GitHub issue escalate into repository takeover for vulnerable public repositories. The flaw also enabled secret extraction from CI/CD workflows that trusted the action's access model. Anthropic shipped a fix in claude-code-action v1.0.94 after the report in January 2026.

Anthropic shipped claude-code-action v1.0.94 to close a trigger-check bypass in Claude Code GitHub Action, reducing takeover risk for public repositories that run the workflow. The flaw let a single opened GitHub issue slip past the write-access gate when the actor name ended in [bot]. Because the action runs with broad repository permissions, the bug could expose downstream projects to secret theft and workflow poisoning. Anthropic fixed the issue within four days and continued hardening the workflow through spring 2026.

Willow emerged from stealth with $7 million in seed funding, giving the startup new capital to scale an identity and access platform for enterprise AI agents. The company is positioning the product as a security layer for organizations that want to deploy Claude, Gemini, ChatGPT, and custom models with tighter control. The funding round adds momentum to a cybersecurity-focused business aimed at reducing risk around autonomous AI access.

Willow emerged from stealth with an identity and access platform for enterprise AI agents, giving organizations centralized control over agent identities, approvals, and runtime access. The launch matters because autonomous AI systems can now be tied to least-privilege rules, approved integrations, and audit logging instead of broad default access. The platform also supports deployment models including SaaS, dedicated cloud, and air-gapped environments.

A Hercules tutorial is turning vulnerability exploitation into a repeatable underground workflow, widening access for novice threat actors and strengthening cybercrime recruitment. The thread explains how to scan, validate, exploit, and monetize flaws, including RCE, authentication bypass, account takeover, IDOR, and data exposure. Its plain-language format and split between “legal” disclosure and “illegal” exploitation paths make the method easier to copy. The guidance spread beyond one discussion space and was reposted across four additional forums, extending its influence.

The JustAskJacky campaign is distributing a fake AI assistant that installs a backdoor, turning trusted-looking software into a malware delivery path. The operation uses professional-looking interfaces and valid digital signatures to make the installer seem legitimate. It also adds Java persistence that keeps control through a scheduled task running every four hours. Targeting people looking for AI tools increases the chance that employees or organizations will install malicious software during normal productivity workflows.

Bugcrowd’s ExploitBench now shows frontier AI models can progress through staged Google Chrome exploit chains, raising the risk of faster AI-assisted exploit development. In head-to-head runs against a vulnerable V8 build, Claude Mythos outscored GPT-5.5, reaching the top tier on 21 of 41 vulnerabilities and averaging 9.90/16 versus 5.51. The benchmark measures five exploitation tiers up to arbitrary code execution rather than a simple crash/no-crash result, giving a clearer signal of offensive capability. The findings suggest models are closing the gap with elite human researchers and could shorten the time from flaw discovery to usable exploit.

A macOS malvertising campaign is delivering FlutterShell through malicious ads and trojanized apps, expanding browser-hijacking and backdoor risk across the U.S., Canada, Australia, France, and Germany. The operation is tracked as CL-CRI-1089 and Operation FlutterBridge, and it has been active since at least 2023. Recent detections as of March 2026 show the activity remains ongoing and adaptive. The payload can execute shell commands, manipulate files, steal browser session data, and redirect traffic through attacker-controlled infrastructure.

Cisco released security updates for Cisco Unified Communications Manager (Unified CM) to fix CVE-2026-20230, a critical flaw that could let a remote attacker reach root privileges. The update matters because Cisco says public proof-of-concept exploit code is available even though it has not seen active exploitation. Administrators are being told to install 14SU6 or 15SU5 or disable Cisco WebDialer Web Service until patching is complete.

CVE-2026-20230 exposes Cisco Unified CM systems with WebDialer enabled to remote SSRF abuse that can lead to root-level compromise. The flaw can be triggered without privileges and with low complexity. Public proof-of-concept exploit code is available, but Cisco has not found evidence of active exploitation.

A large-scale campaign is impersonating open-source and freeware project sites to route download clicks through a Traffic Distribution System (TDS) and deliver malware, putting users searching for tools like Ghidra, dnSpy, and SpiderFoot at risk.

SessionGate is now identified as a multi-stage loader that uses anti-analysis and benign-installer pivots to hide payload delivery, complicating sandboxes and detection. It is delivered through a gated TDS chain after click interception, and can retrieve an encrypted configuration before running the next stage via cmd.exe. Telemetry showing about 2,000 to 3,500 samples tied to the family suggests broader distribution than a one-off build.

Active exploitation of CVE-2026-45247 is hitting Mirasvit Cache Warmer on Magento stores, with malicious requests carrying serialized PHP payloads that can lead to remote code execution. The wave has primarily targeted gaming and business sites and has been seen across the U.S., U.K., France, and Australia. Imperva reported that attackers are using the CacheWarmer cookie to deliver payloads and test whether code execution succeeds. CISA added the flaw to the KEV catalog, and unpatched versions prior to 1.11.12 remain exposed.

Active exploitation of CVE-2026-45247 in Mirasvit Cache Warmer has turned a critical Magento extension flaw into a live remote-code-execution risk for exposed storefronts. The vulnerability affects versions before 1.11.12 and abuse centers on crafted serialized PHP objects sent through the CacheWarmer cookie, with observed requests attempting to validate code execution on vulnerable servers. The activity has progressed from patch release into confirmed in-the-wild exploitation and CISA KEV action. Mirasvit released fixes on May 25, 2026, and Federal Civilian Executive Branch agencies were then given a June 6, 2026 deadline to remediate, while available evidence still leaves the full reach, victim list, and actor identity unresolved.

The U.S. government continued Scam Center Strike Force, an ongoing anti-fraud initiative aimed at dismantling cyber-enabled fraud and pig butchering networks targeting Americans. The effort focuses on scam compounds in Southeast Asia and the human trafficking and money laundering operations that sustain them. The initiative adds coordinated public-sector pressure to the fight against transnational fraud infrastructure and the stolen funds it helps move.

Authorities arrested seven scammers in Thailand and disrupted a crypto fraud network tied to Disruption Week, expanding pressure on transnational scam operations targeting Americans. The coordinated action began May 18, 2026 and led to the takedown of millions of social media, email, and internet access accounts used by groups in Southeast Asia. Private-sector partners froze over $3.8 million in cryptocurrency tied to laundering stolen funds. The operation also interrupted more than 1.4 million accounts, pages and groups, plus 20,000 Microsoft accounts and thousands of Starlink kits.

TA4922, a China-linked and likely financially motivated malware activity, has expanded beyond East Asia into Europe and Africa. The group uses Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT/Winos 4.0 to gain remote access, steal browser credentials and other data, and support fraud and access resale. Delivery commonly relies on DLL side-loading, localized phishing lures, and staged payloads from consumer file-sharing services, while the actor also pushes targets toward LINE, WhatsApp, and Microsoft Teams to continue social engineering outside email defenses.

TA4922 is a China-linked cybercrime campaign that has expanded from East Asia into Europe and Africa, including the U.K., Germany, Italy, and South Africa. The actor is financially motivated and uses localized tax, payroll, invoice, and HR lures to drive credential theft, fraud, and remote access for access resale. Recent waves have used Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT/Winos 4.0, often delivered through DLL sideloading and staged via consumer file-sharing services. The activity also pushes targets to LINE, WhatsApp, and Microsoft Teams, extending social engineering beyond email and increasing the risk of persistent intrusion and Chrome data theft.

OFAC sanctioned Nobitex and designated its executives and founders, freezing covered U.S.-jurisdiction assets and blocking U.S. business with the exchange and its leaders. The action targets Iran's largest cryptocurrency exchange over payments tied to terrorist activities, sanctions evasion, and IRGC-linked transactions. Treasury said Nobitex processed more than 50 percent of Iranian digital asset inflows in 2025 and helped move hundreds of millions of dollars in stablecoins for the Central Bank of Iran. The sanctions also add pressure across the wider Iranian crypto ecosystem named in the same enforcement action.

Researchers found a notification-based prompt-injection bypass in Google Gemini on Android that could turn hostile notification text into unauthorized assistant actions and account-memory poisoning. The attack widened the input surface to apps that can push notifications, including WhatsApp, Slack, SMS, Signal, Instagram, and Messenger. Google later mitigated the path with server-side changes, and no CVE or in-the-wild use was identified.

Vendors released fixes for the HTTP/2 Bomb DoS issue, closing a path that could let a single client exhaust server memory within seconds. The patch set covers nginx 1.29.8 and Apache httpd mod_http2 2.0.41, and Apache's fix was assigned CVE-2026-49975. The release reduces exposure for affected HTTP/2 deployments and leaves unpatched platforms dependent on mitigations such as disabling HTTP/2 or enforcing hard header-count limits.