⚠️ New Agentjacking Attack Hijacks Your AI Coding Agent to Run Code From Hacker's Server Source: cybersecuritynews.com/agentj… New “Agentjacking” attack that hijacks AI coding agents and silently executes attacker-controlled code on developer machines using nothing more than a single injected Sentry error. The technique turns trusted AI assistants like Claude Code and Cursor into an execution layer for malicious commands, without phishing, malware delivery, or any breach of the victim’s infrastructure. In this attack, the entry point is Sentry’s public Data Source Name (DSN). This write-only credential is routinely embedded in frontend JavaScript and indexed across the web. #cybersecuritynews

⚠️ Maine Takes Data Breach Reporting Portal Offline After Fake VRChat and Discord Filings | Source: cybersecuritynews.com/maine-… The Office of the Maine Attorney General has temporarily taken its public-facing data breach reporting database offline after discovering that an unknown entity submitted fabricated breach notifications targeting two major online platforms, VRChat and Discord, in what officials are calling a deliberate abuse of the state's breach disclosure system. On June 12, 2026, the Maine Attorney General's office issued a formal statement confirming that the reported data breaches involving VRChat and Discord were hoaxes. The false filings were submitted by an unidentified third party with no affiliation to either company. #cybersecuritynews

Holy cow Unlimited AI usage!!!! Just run GPT_Claude_Free.exe as admin

🛑 Google says a Chinese cybercrime network turned Gemini into a phishing helper. The service, called Outsider, was tied to: > 1.59M fraudulent URLs > 9,000 fake websites > 100,000 victims > $88/week phishing kits sold on Telegram Read: thehackernews.com/2026/06/go…

💰 Researcher Hacked Google Using AI and Earned $500,000 Bug Bounty Source: cybersecuritynews.com/google… A security researcher known as brutecat has disclosed how an AI-driven fuzzing pipeline uncovered more than $500,000 in vulnerabilities across Google's infrastructure in under three months, exposing systemic access-control failures hidden inside roughly 1,500 APIs. The researcher began by targeting Google's discovery documents machine-readable API specifications, similar to Swagger docs, that list all available endpoints, parameters, and methods. While these documents are publicly available for APIs like the YouTube Data API, many exist for internal Google APIs and require valid API keys to access. #cybersecuritynews

🛡️ Anthropic Fable 5 & Mythos 5 Access Blocked to All Users Following Government Directive Source: cybersecuritynews.com/anthro… Anthropic has disabled its two most capable AI models, Fable 5 and Mythos 5, after the U.S. government issued an export control directive late on June 12 ordering the company to block access for any foreign national, whether inside or outside the United States, including Anthropic's own foreign-national employees. Because the company says it cannot reliably separate foreign users from the rest of its base in real time, the practical result is a worldwide shutoff of both models. All other Anthropic models remain online. The US government, citing national security authorities, delivered the directive to Anthropic at 5:21 PM ET on Friday, June 12, 2026. #cybersecuritynews

🛡️ We added Oracle PeopleSoft Enterprise PeopleTools missing authentication for critical function vulnerability CVE-2026-35273 to our KEV Catalog. Visit go.dhs.gov/Z3Q & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec

Chatbots talk. AI agents act. That shift changes security. If attackers hide commands in data an agent reads, it may run them using trusted tools. We mapped how award-winning cybersecurity solutions are helping teams detect, control, and reduce AI agent risks. Read: awards.thehackernews.com/blo…

⚠️ A poisoned checkpoint could become a server takeover. LangGraph flaws can chain SQL injection with unsafe deserialization to achieve remote code execution. Three bugs are patched. Self-hosted SQLite or Redis checkpointer deployments face the key risk. Read: thehackernews.com/2026/06/la…

⚠️ ServiceNow Confirms Flaw Allowing Unauthorized Access to Customer Instance Tables Source: cybersecuritynews.com/servic… ServiceNow has confirmed a security vulnerability that could allow unauthorized actors to query customer instance tables, raising concerns about potential data exposure across enterprise environments. The issue, disclosed through threat intelligence channels, involves improper access controls that may enable attackers to execute queries against backend instance tables without proper authentication. ServiceNow, widely used for IT service management (ITSM) and enterprise workflows, hosts sensitive operational and business data, making such vulnerabilities particularly critical. #cybersecuritynews