SecurityWeek Jul 1, 2026, 10:00 AM (UTC)
Read
From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. The post Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors appeared f…
Infosecurity Magazine Jul 1, 2026, 10:00 AM (UTC)
Read
Microsoft has brought forward its timelines for transitioning to post-quantum cryptography (PQC)
BleepingComputer Jul 1, 2026, 09:43 AM (UTC)
Read
The U.S. Federal Trade Commission (FTC) says Amazon will pay a $2.25 million civil penalty to settle charges that it blocked identity theft victims' access to transaction records. [...]
SecurityWeek Jul 1, 2026, 09:30 AM (UTC)
Read
The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users. The post Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari appeared first on SecurityWeek.
Infosecurity Magazine Jul 1, 2026, 09:00 AM (UTC)
Read
Aflac Japan has notified regulators that policy details and personal and banking information have been compromised
SecurityWeek Jul 1, 2026, 08:55 AM (UTC)
Read
The company has publicly launched its solution to help organizations design, build, and operate secure cloud systems. The post Dawnguard Raises $6.3 Million for Security Architecture Automation Platform appeared first on SecurityWeek.
SecurityWeek Jul 1, 2026, 07:46 AM (UTC)
Read
Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY. The post Massive Password Spray Campaign Targeting Azure CLI appeared first on SecurityWeek.
BleepingComputer Jul 1, 2026, 07:34 AM (UTC)
Read
Adobe has released security patches for seven maximum-severity vulnerabilities in the ColdFusion web app development platform and the Campaign Classic marketing automation platform. [...]
The Hacker News Jul 1, 2026, 07:20 AM (UTC)
Read
Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way. Palo Alto Networks' Unit 42 ca…
The Hacker News Jul 1, 2026, 06:46 AM (UTC)
Read
Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos 5 about two and a half weeks earlier. Fable 5 returns to users…
SecurityWeek Jul 1, 2026, 06:14 AM (UTC)
Read
Fifteen of the newly patched flaws have been rated ‘critical’ and 67 have been rated ‘high severity’. The post Google Patches 382 Chrome Vulnerabilities appeared first on SecurityWeek.
The Hacker News Jul 1, 2026, 05:46 AM (UTC)
Read
Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address…
The Hacker News Jul 1, 2026, 05:32 AM (UTC)
Read
ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands behind its fake "prove you're human" pages are now handed out by API-driven servers that give each visitor the same m…
The Hacker News Jul 1, 2026, 03:54 AM (UTC)
Read
Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-servic…
BleepingComputer Jul 1, 2026, 12:35 AM (UTC)
Read
Anthropic has confirmed that the Department of Commerce has lifted export controls on Claude's two most powerful models, Fable 5 and Mythos 5. [...]
BleepingComputer Jun 30, 2026, 11:13 PM (UTC)
Read
Anthropic is now rolling out Sonnet 5, and it's almost as good as the Opus range, but it is designed to be cheaper than the company's flagship model. [...]
BleepingComputer Jun 30, 2026, 09:50 PM (UTC)
Read
A new prompt injection attack dubbed "BioShocking" could trick AI-powered browsers into treating real-world risky actions as part of a fictional scenario, causing them to ignore any safety guardrails. [...]
BleepingComputer Jun 30, 2026, 09:20 PM (UTC)
Read
Microsoft announced today that it is accelerating its quantum-safe security roadmap, saying advances in quantum computing are bringing the need to replace today's encryption standards sooner than previously expected. [...]
BleepingComputer Jun 30, 2026, 09:02 PM (UTC)
Read
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram forks that allow attackers to read arbitrary files on compromised servers. [...]
The Hacker News Jun 30, 2026, 05:46 PM (UTC)
Read
New Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider. The trick is that the agent never breaks a rule. E…
The Hacker News Jun 30, 2026, 05:45 PM (UTC)
Read
A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online services offline. Researchers at QiAnXin's XLab have tracked…
Infosecurity Magazine Jun 30, 2026, 04:00 PM (UTC)
Read
Nissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaign
The Hacker News Jun 30, 2026, 03:47 PM (UTC)
Read
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code exec…
BleepingComputer Jun 30, 2026, 03:46 PM (UTC)
Read
A malicious extension in the Chrome Web Store is masquerading as the Perplexity AI answer engine, intercepting search traffic and collecting browsing information. [...]
The Hacker News Jun 30, 2026, 03:40 PM (UTC)
Read
Cybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction. The cryptocurrency clipper activity has been codenamed…
Infosecurity Magazine Jun 30, 2026, 03:34 PM (UTC)
Read
Attackers exploited a critical SimpleHelp RMM bug to deploy TaskWeaver and Djinn Stealer malware
The Hacker News Jun 30, 2026, 02:26 PM (UTC)
Read
The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades. New research from Adversa AI, which is named the bypass GuardFall, found it works ag…
BleepingComputer Jun 30, 2026, 02:00 PM (UTC)
Read
Business Email Compromise is more than an email scam. It's a coordinated operation involving compromised accounts, financial research, and cash-out networks. Flare explores how underground forums reveal how BEC attacks are planned and executed. [...]
SecurityWeek Jun 30, 2026, 01:56 PM (UTC)
Read
The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.
The Hacker News Jun 30, 2026, 01:49 PM (UTC)
Read
Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable to…
SecurityWeek Jun 30, 2026, 01:00 PM (UTC)
Read
Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors. The post Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks appeared fir…
SecurityWeek Jun 30, 2026, 12:52 PM (UTC)
Read
Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25. The post Aflac Japan Data Breach Impacts 4.38 Million appeared first on SecurityWeek.
Cybersecurity Ventures Jun 30, 2026, 12:37 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 30, 2026 – Watch the YouTube video Anvilogic is on a mission to make advanced detection accessible to every security team, enabling them to detect across hybrid, multi-…
SecurityWeek Jun 30, 2026, 12:00 PM (UTC)
Read
Chris Thompson's journey took him from hacking game controls as a teenager to founding IBM’s X-Force Red team. The post Hacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreat appeared first on SecurityWeek.
Infosecurity Magazine Jun 30, 2026, 12:00 PM (UTC)
Read
ReliaQuest report warns of a surge in ClickFix social engineering attacks against Windows and macOS users
SecurityWeek Jun 30, 2026, 11:48 AM (UTC)
Read
The ruling was made in the case of a bank robber whose identity was discovered through a geofence warrant. The post Supreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location History appeared first on SecurityWeek.
The Hacker News Jun 30, 2026, 11:30 AM (UTC)
Read
The FIFA World Cup 2026 opened on June 11. By that date, according to Check Point Research, the fraud infrastructure targeting it had already been built, staged, and partially deployed. Threat actor activity was pre-planned, months out, across three sectors an…
The Hacker News Jun 30, 2026, 11:18 AM (UTC)
Read
An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-4855…
BleepingComputer Jun 30, 2026, 11:12 AM (UTC)
Read
American insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary's systems and stole personal and bank account information of 4.38 million customers. [...]
BleepingComputer Jun 30, 2026, 10:52 AM (UTC)
Read
Microsoft has introduced a new Teams admin policy that allows organizers to prevent third-party bots from joining meetings without approval. [...]
Infosecurity Magazine Jun 30, 2026, 10:30 AM (UTC)
Read
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware
BleepingComputer Jun 30, 2026, 09:46 AM (UTC)
Read
Kali Linux 2026.2, the second release of the year, is now available for download, featuring 9 new tools and numerous Kali NetHunter improvements. [...]
BleepingComputer Jun 30, 2026, 09:41 AM (UTC)
Read
The Blackfield ransomware gang is asking for a $2 million ransom from Nidec Corporation, a large Japanese manufacturer of electronic components for automotive and computing applications. [...]
Infosecurity Magazine Jun 30, 2026, 09:30 AM (UTC)
Read
SonicWall records 264,000 events in first five months of 2026 as UK hospitals come under siege
The Hacker News Jun 30, 2026, 09:27 AM (UTC)
Read
Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no cables or shared network. An attacker within wireless range, with just a laptop and no prior connection, can crash th…
BleepingComputer Jun 30, 2026, 08:53 AM (UTC)
Read
CISA confirmed on Monday that ransomware gangs are now exploiting a Microsoft Defender privilege escalation vulnerability, dubbed BlueHammer, that has previously been abused in zero-day attacks. [...]
The Hacker News Jun 30, 2026, 08:37 AM (UTC)
Read
Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security firm LayerX that tricked six AI browsers and assistants into copying a user's credentials and sending t…
Infosecurity Magazine Jun 30, 2026, 08:00 AM (UTC)
Read
Report Fraud data reveals that more than half of 323 UK ransomware victims last year were SMEs
The Hacker News Jun 30, 2026, 07:38 AM (UTC)
Read
A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked as CVE-2026-8037, carries a CVSS score of 9.8 according to Z…
The Hacker News Jun 30, 2026, 05:04 AM (UTC)
Read
A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication…
BleepingComputer Jun 29, 2026, 08:40 PM (UTC)
Read
Nissan is warning that it suffered a data breach affecting current and former employees after threat actors exploited an Oracle PeopleSoft vulnerability in data theft attacks previously linked to the ShinyHunters extortion group. [...]
The Hacker News Jun 29, 2026, 04:09 PM (UTC)
Read
WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three billion users on the messaging platform. The optional feature is designed to help users connect with someone on the serv…
The Hacker News Jun 29, 2026, 03:40 PM (UTC)
Read
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redire…
The Hacker News Jun 29, 2026, 03:30 PM (UTC)
Read
Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools like Anthropic Claude and OpenAI Code…
The Hacker News Jun 29, 2026, 03:03 PM (UTC)
Read
The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel. Acronis Threat Research Unit found active comp…
Infosecurity Magazine Jun 29, 2026, 03:00 PM (UTC)
Read
OpenAI is previewing its GPT-5.6 Sol model to a vetted few at the US government's request
The Hacker News Jun 29, 2026, 02:41 PM (UTC)
Read
This week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly the door is open. The noise is not all noise, either. Forums are talking, researchers are finding easy cracks, and def…
Infosecurity Magazine Jun 29, 2026, 02:30 PM (UTC)
Read
Group-IB says Millenium RAT, now rewritten in C++, has hit 62,289 devices in 160+ countries
Cybersecurity Ventures Jun 29, 2026, 12:35 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 29, 2026 – Read the report Forrester forecasts that worldwide information security spending will reach $200 billion in 2026, while Gartner projects $240 billion for 202…
The Hacker News Jun 29, 2026, 11:57 AM (UTC)
Read
New findings unearthed by Infoblox show that more than 236,000 websites are using investment scam templates built using a legitimate Chinese open-source, cross-platform application development framework called DCloud Uni-App. The templates power bogus cryptocu…
The Hacker News Jun 29, 2026, 11:42 AM (UTC)
Read
Today’s encrypted data, such as credentials, may no longer remain confidential in the future because the public-key cryptography protecting it will soon be broken by quantum computers. Although no machine today can break elliptic curve cryptography or RSA, qua…
The Hacker News Jun 29, 2026, 11:40 AM (UTC)
Read
A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing cam…
Infosecurity Magazine Jun 29, 2026, 10:00 AM (UTC)
Read
An attacker has exploited a zero day in Oracle Peoplesoft to gain access to the IT systems of the NAIC, the standard-setting association for the US federal insurance system
Infosecurity Magazine Jun 29, 2026, 09:15 AM (UTC)
Read
Experts warn the Jaguar Land Rover breach bears hallmarks of Kremlin-backed hackers, citing novel ransomware, strategic timing and efforts to obscure attribution
The Hacker News Jun 29, 2026, 08:32 AM (UTC)
Read
Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal credentials and run ad fraud. The company calls it StegoAd, a ma…
Infosecurity Magazine Jun 29, 2026, 08:15 AM (UTC)
Read
The FBI claims Russian spies are targeting Signal backup keys
The Hacker News Jun 29, 2026, 07:06 AM (UTC)
Read
A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No credentials, no user interaction. The bug aff…
The Hacker News Jun 29, 2026, 05:36 AM (UTC)
Read
Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts. "This attack avoids the most common npm execution pat…
The Hacker News Jun 27, 2026, 05:27 PM (UTC)
Read
The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military…
The Hacker News Jun 27, 2026, 12:19 PM (UTC)
Read
OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful, Terra…
The Hacker News Jun 26, 2026, 07:38 PM (UTC)
Read
The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can restor…
The Hacker News Jun 26, 2026, 06:17 PM (UTC)
Read
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the…
The Hacker News Jun 26, 2026, 04:21 PM (UTC)
Read
A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. The activity, particularly aimed at state-own…
The Hacker News Jun 26, 2026, 01:57 PM (UTC)
Read
A flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache me…
The Hacker News Jun 26, 2026, 01:53 PM (UTC)
Read
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it. Tracked as CV…
The Hacker News Jun 26, 2026, 12:31 PM (UTC)
Read
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) so…
Cybersecurity Ventures Jun 26, 2026, 12:11 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 26, 2026 – Watch the YouTube video The 2026 CISO Report from Cybersecurity Ventures in partnership with Sophos reports that in Jan. 2026, the U.S. Cybersecurity and Inf…
The Hacker News Jun 26, 2026, 11:51 AM (UTC)
Read
DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it le…
The Hacker News Jun 26, 2026, 11:30 AM (UTC)
Read
AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn't designed for autonomous actors, a…
The Hacker News Jun 26, 2026, 11:05 AM (UTC)
Read
Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. "The latest a…
Infosecurity Magazine Jun 26, 2026, 10:30 AM (UTC)
Read
A China-linked threat group has been targeting critical infrastructure in Southeast Asia with a new custom backdoor called TinyRCT
The Hacker News Jun 26, 2026, 09:27 AM (UTC)
Read
An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP files to drop a Node.js implant and dig into front-desk machines, Microsoft says. The company has not attri…
The Hacker News Jun 26, 2026, 08:49 AM (UTC)
Read
Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus. The finding…
Infosecurity Magazine Jun 26, 2026, 08:00 AM (UTC)
Read
The UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidents
The Hacker News Jun 26, 2026, 07:15 AM (UTC)
Read
The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Itali…
Infosecurity Magazine Jun 25, 2026, 02:15 PM (UTC)
Read
A high-severity flaw in Cisco Catalyst SD-WAN Manager disclosed in early June was exploited as early as March
The Hacker News Jun 25, 2026, 02:12 PM (UTC)
Read
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code. According to Island, the extension, named Adblock for YouTube, has more than 10 million installs and carries a Featured badge…
Infosecurity Magazine Jun 25, 2026, 01:00 PM (UTC)
Read
Digital Citizens Alliance report claims that millions of Americans may have unwittingly had IP connections used by cybercriminals
The Hacker News Jun 25, 2026, 12:24 PM (UTC)
Read
It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old creds still working, trusted apps doing sketchy crap, browser tricks jumping the fence, and “normal” workflows turning into phishi…
Cybersecurity Ventures Jun 25, 2026, 12:16 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 25, 2026 – Listen to the podcast SlashGear reports that a hacker in Germany was stunned to find he had complete control of a robotic lawnmower. Weighing over 200 pounds…
Infosecurity Magazine Jun 25, 2026, 12:00 PM (UTC)
Read
Cobalt study finds 20-percentage-point drop in number of organizations relying solely on AI automation for testing
Infosecurity Magazine Jun 25, 2026, 11:30 AM (UTC)
Read
New CISA guidance shows federal agencies how to use SASE to move from legacy TIC 2.0 to zero trust
The Hacker News Jun 25, 2026, 11:17 AM (UTC)
Read
Despite the abundance of telemetry at analysts’ disposal, many security operations teams struggle to answer a few basic questions during incident investigation: What happened? What evidence do we have? How do we know we’re seeing it all, in context? Answering…
Infosecurity Magazine Jun 25, 2026, 11:00 AM (UTC)
Read
macos-xpc-flaw-disable-edr-mdm-standard-user-xm-cyber
Infosecurity Magazine Jun 25, 2026, 10:45 AM (UTC)
Read
Analysis of ransomware incidents by researchers at Black Kite found that attacks have risen by over 50% in the last year, with supply chain attacks increasing
The Hacker News Jun 25, 2026, 09:23 AM (UTC)
Read
A previously undocumented Rust-based macOS implant and information stealer has been found to embed a prompt injection payload designed to trick a malware analyst's artificial intelligence (AI) tools and trick it into aborting or refusing an analysis of the art…
The Hacker News Jun 25, 2026, 08:54 AM (UTC)
Read
A new, stealthy backdoor named Mistic has been deployed as part of suspected financially motivated attacks aimed at multiple organizations spanning insurance, education, IT, and professional services sectors since April 2026. According to Symantec and Carbon B…
The Hacker News Jun 25, 2026, 05:46 AM (UTC)
Read
An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant. The vulnerability, trac…
The Hacker News Jun 24, 2026, 05:19 PM (UTC)
Read
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warned of active exploitation of a critical security flaw impacting Lantronix EDS5000 Series devices, urging Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by Jun…
Infosecurity Magazine Jun 24, 2026, 04:05 PM (UTC)
Read
LayerX tricked AI browsers including ChatGPT Atlas and Comet into bypassing their guardrails
The Hacker News Jun 24, 2026, 03:59 PM (UTC)
Read
A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC. "The main common goal was to disrup…
Infosecurity Magazine Jun 24, 2026, 03:25 PM (UTC)
Read
Operation Endgame seized around 50 domains and nearly 200 active IP-based servers associated with the infostealers
Infosecurity Magazine Jun 24, 2026, 02:00 PM (UTC)
Read
SentinelLabs found a North Korea-linked macOS backdoor using prompt injection on AI triage tools
Infosecurity Magazine Jun 24, 2026, 12:45 PM (UTC)
Read
Customers of the affected Japanese email services are “strongly advised” to change their email passwords
Cybersecurity Ventures Jun 24, 2026, 12:23 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 24, 2026 – Read the full story from BreackLock AEV, BAS, and penetration testing each answer a different security question. Adversarial Exposure Validation (AEV) maps w…
Infosecurity Magazine Jun 24, 2026, 12:00 PM (UTC)
Read
An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware
Infosecurity Magazine Jun 24, 2026, 09:30 AM (UTC)
Read
New ReliaQuest study reveals the six ways AI is practically being used in attacks today
Infosecurity Magazine Jun 24, 2026, 08:40 AM (UTC)
Read
Public Accounts Committee (PAC) warns that museums and galleries aren’t getting enough government support on cyber
Infosecurity Magazine Jun 23, 2026, 03:00 PM (UTC)
Read
JFrog found an npm package impersonating postcss-selector-parser to drop a multi-stage Windows RAT
Infosecurity Magazine Jun 23, 2026, 02:15 PM (UTC)
Read
OpenAI expanded Daybreak with a full GPT-5.5-Cyber release to help defenders patch software flaws
Infosecurity Magazine Jun 23, 2026, 02:00 PM (UTC)
Read
All US federal agencies will have to complete their post-quantum cryptography transition by 2031, according to a new Trump Executive Order
Infosecurity Magazine Jun 23, 2026, 01:00 PM (UTC)
Read
Cybercriminals launch fake GTA 6 pre-order sites offering early access for crypto payments
Cybersecurity Ventures Jun 23, 2026, 12:24 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 23, 2026 – Listen to the podcast Richard Seewald, founder and Managing Partner at Evolution Equity Partners, joins Steve Morgan, founder of Cybersecurity Ventures, for…
Infosecurity Magazine Jun 23, 2026, 09:29 AM (UTC)
Read
Two young British men have pleaded guilty to hacking Transport for London as part of a Scattered Spider plot
Infosecurity Magazine Jun 23, 2026, 08:30 AM (UTC)
Read
The Five Eyes Alliance has published a rare call to action for organizations facing AI threats
Infosecurity Magazine Jun 22, 2026, 03:00 PM (UTC)
Read
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates
Infosecurity Magazine Jun 22, 2026, 02:00 PM (UTC)
Read
Apple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devices
Cybersecurity Ventures Jun 22, 2026, 12:19 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 22, 2026 – Visit MidnightInTheWarRoom.com Cybersecurity Ventures predicted that cybercrime would cost the world $10.5 trillion in 2025, according to a post on Public Se…
Infosecurity Magazine Jun 22, 2026, 11:30 AM (UTC)
Read
North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchers
Infosecurity Magazine Jun 22, 2026, 10:15 AM (UTC)
Read
At least four cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integration
Infosecurity Magazine Jun 22, 2026, 09:20 AM (UTC)
Read
The UK’s data protection regulator the information commissioner has resigned after his position became “untenable”
Infosecurity Magazine Jun 22, 2026, 08:30 AM (UTC)
Read
The NCSC has released guidance for Fortinet customers impacted by the FortiBleed threat campaign
Infosecurity Magazine Jun 19, 2026, 11:00 AM (UTC)
Read
Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities
Infosecurity Magazine Jun 19, 2026, 10:15 AM (UTC)
Read
SocGholish malware has been removed from 15,000 sites associated with Evil Corp hackers
Infosecurity Magazine Jun 19, 2026, 09:00 AM (UTC)
Read
Half of cybersecurity leaders lack confidence in detecting threats on Slack, Teams and other non-email platforms, despite growing attacker focus
Infosecurity Magazine Jun 18, 2026, 03:00 PM (UTC)
Read
A Rust crypto clipper hides behind fake GitHub stars and AI-narrated YouTube videos
Infosecurity Magazine Jun 18, 2026, 02:45 PM (UTC)
Read
Hospital insider escapes criminal prosecution after attempting to sell royal’s medical records
Infosecurity Magazine Jun 18, 2026, 12:30 PM (UTC)
Read
Analysis of chatter on underground forums by Sophos finds that hackers fear AI could take work away from them
Infosecurity Magazine Jun 18, 2026, 11:30 AM (UTC)
Read
CloudSEK maps Operation Escaneo, a campaign hitting Latin American infrastructure via perimeter bugs
Infosecurity Magazine Jun 18, 2026, 09:10 AM (UTC)
Read
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors
Infosecurity Magazine Jun 18, 2026, 08:30 AM (UTC)
Read
Interpol claims cybercrime accounts for third of crime in over half of Asia and South Pacific countries
Infosecurity Magazine Jun 17, 2026, 03:00 PM (UTC)
Read
Nisos infiltrated a North Korean IT-worker fraud cell running on AI interviews and a US laptop farm
Infosecurity Magazine Jun 17, 2026, 02:00 PM (UTC)
Read
GitBait phishing kit abuses GitHub Pages and the SheetBest API to steal Mexican banking credentials
Cybersecurity Ventures Jun 17, 2026, 01:20 PM (UTC)
Read
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 17, 2026 – Watch the YouTube video “I started my cybersecurity ‘career’ as one of the earlier virus developers in the world,” Nir Zuk, co-founder of Palo Alto Networks,…
Infosecurity Magazine Jun 17, 2026, 01:15 PM (UTC)
Read
The rise of AI-assistants and applications in the enterprise has seen a 93% increase in employees attempting to upload sensitive data, bringing security challenges
Infosecurity Magazine Jun 17, 2026, 12:30 PM (UTC)
Read
Filigran survey at Infosecurity Europe 2026 reveals AI-powered attacks as the top concern, with false positives, alert fatigue and manual processes draining security teams