Email Threat Radar — June 2026

The latest email threats: real Microsoft login phishing, device code scams with a kill switch, split-click attacks, and the ...
Dark Reading

'Djinn' Stealer Targets Cloud, AI Credentials

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
SecurityWeek

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

The attack that hijacked Claude Code came through Sentry. Datadog, PagerDuty, and Jira have the same exposure.

Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...

Favoured France rolls into knockout round, ready to ‘create danger’ and fill the net

With both teams already qualified for the knockout stages, and only first place in Group I to play for, the Norwegians made ...

Canada’s electronic spy agency conducted cyberattacks on criminals brokering fentanyl ingredients, report says

Canada’s electronic eavesdropping agency conducted cyberattacks to disrupt the activities of online foreign criminals who ...
Microsoft

Chromium extension uses AI‑related branding to redirect browser search

A malicious Chromium-based extension that spoofs the AI-powered answer engine Perplexity AI redirects browser search traffic using MV3 APIs and intermediary infrastructure.