117Articles
8Categories
2026-06-02Date
🚨 CISA KEV 3[−]
2 Jun KEVAttackers exploit Palo Alto GlobalProtect flaw days after disclosureA Palo Alto Networks vulnerability that allows attackers to establish unauthorized VPN access into corporate networks is being actively exploited in the wild, weeks after the company disclosed the flaw as a medium-severity issue and said it was unaware of any attacks. However, ac…CSOONLINE.COM
2 Jun KEVOracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active ExploitationThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The vulnerability, CVE-2024-21182 (CVSS …THEHACKERNEWS.COM
2 Jun KEVTwo-year old Oracle WebLogic Server vulnerability is being exploitedUS federal government departments have been given until Thursday to patch a two-year old high severity vulnerability in Oracle WebLogic Server that could allow an unauthenticated attacker to access critical data. The vulnerability, CVE-2024-21182 , was added Monday to the Cyberse…CSOONLINE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 14[−]
2 Jun KEVOracle WebLogic Vulnerability Exploited in the WildThe vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers. The post Oracle WebLogic Vulnerability Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
2 Jun KEVGoogle fixes actively exploited Android vulnerability (CVE-2025-48595)Google has announced the June 2026 Android security updates, which fix a bucketload of vulnerabilities, including a high-severity vulnerability (CVE-2025-48595) in the Android Framework that “may be under limited, targeted exploitation.” About CVE-2025-48595 CVE-2025-…HELPNETSECURITY.COM
2 JunVU#873170: Collibra Agent contains improper authentication and path traversal vulnerabilitiesOverview The Collibra Platform Agent contains vulnerabilities that can be chained by a remote, unauthenticated attacker to achieve remote code execution. An attacker can exploit these issues by uploading a crafted ZIP archive that writes attacker-controlled files to arbitrary loc…KB.CERT.ORG
2 Jun KEVAndroid June 2026 update patches actively exploited zero-dayGoogle has released the June 2026 Android security updates, addressing dozens of vulnerabilities across the mobile operating system, including a high-severity zero-day flaw that is under active, targeted exploitation. The update also fixes multiple critical privilege-escalation a…CYBERINSIDER.COM
2 JunVU#615987: Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE DeploymentsOverview VoLTE deployments on Verizon’s IMS network have historically lacked IPsec-based integrity protection for SIP signaling, contravening well-established requirements in 3GPP TS 33.203 and GSMA IR.92. As a result, SIP messages—including registration ( REGISTER ), call setup …KB.CERT.ORG
2 JunVU#265691: Appsmiths SQL Query autocomplete renderer contains a cross site scripting vulnerabilityOverview A stored cross-site scripting (XSS) vulnerability has been discovered in Appsmith, specifically in the CodeMirror based SQL query editor’s autocomplete renderer. CVE-2026-7299 has been assigned to track the vulnerability. An attacker with developer level access to a shar…KB.CERT.ORG
2 JunAndroid Update Patches Exploited Zero-Day, 123 Other VulnerabilitiesGoogle says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunPresident Trump picks housing director Bill Pulte to serve as acting DNI.Federal watchdog warns of management issues for NIST's NVD. Spanish National Police arrest suspect in government doxxing case.THECYBERWIRE.COM
2 JunGamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against UkraineThe Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversa…THEHACKERNEWS.COM
2 JunHP Poly VoIP vulnerability sets the stage for executive voice deepfakesHP has released patches for a critical buffer overflow vulnerability in multiple IP-enabled conference phones from its Poly Voice line. The flaw allows unauthenticated attackers to obtain root privileges on the underlying operating system, potentially enabling them to execute oth…CSOONLINE.COM
2 JunCritical Kirki flaw exploited to hijack WordPress admin accountsHackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 32[−]
2 JunTrusting the wrong package.Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Selena Larson⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Proofpoint⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ intelligence analyst and host of their podcast ⁠⁠…THECYBERWIRE.COM
2 JunDashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users DownloadedPassword manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an "external" threat actor launched a brute-fo…THEHACKERNEWS.COM
2 JunWhy you need BAS and autonomous pentesting togetherMost security teams know the drill: A new autonomous penetration testing tool gets deployed, and the first run is genuinely impressive. The dashboard surfaces critical findings, maps lateral movement paths nobody had documented before, and exposes a legacy service account that ha…HELPNETSECURITY.COM
2 Jun175: BayrobIt started with a fake car listing on eBay. What looked like a simple online scam quietly grew, over more than a decade, into one of the most sophisticated cybercrime operations the FBI had ever traced. Custom malware. Opsec off the charts. Fleets of infected computers mining cry…DARKNETDIARIES.COM
2 Jun7 tabletop exercise mistakes that sabotage incident responseDiscussion-based, low-stress simulations during which IT, legal, and other key leadership stakeholders walk through theoretical scenarios to test their preparedness for cyber incidents is a popular and highly useful tool. Yet unless tabletop training is properly handled, the resu…CSOONLINE.COM
2 JunDashlane Brute-Force Attack Leads to Limited Encrypted Vault DownloadsDashlane’s security systems automatically locked accounts to protect them against the hacking attempts. The post Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunPakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RATCybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote access trojan called Xeno RAT. "The campaign opens with a spear phishing d…THEHACKERNEWS.COM
2 JunAttack targeting OpenAI Codex users exposes AI software supply chain risksA malicious npm package posing as a remote user interface for OpenAI Codex exfiltrated developer authentication tokens, after attackers allegedly published code to npm that was not visible in the project’s public GitHub repository. Researchers at Aikido said the package, called c…CSOONLINE.COM
2 JunThe Manhattan Institute Helped Kill DEI. Now It’s Coming for ProtestsThe right-wing think tank is actively pushing “civil terrorism”—increasing penalties for minor crimes committed while people engage in constitutionally protected free speech.WIRED.COM
2 JunRed Hat npm packages compromised in new Mini Shai-Hulud malware waveUnknown attackers have compromised 30+ Red Hat Cloud Services npm packages with malware that goes after credentials stored in developers’ build environment. What the malware stole and how it can spread further The compromised packages were published in two different GitHub …HELPNETSECURITY.COM
2 JunMicrosoft Threatening Security ResearcherAn anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal action against the researcher. Lots of recrimi…SCHNEIER.COM
2 JunMeta AI Hands Over High-Profile Instagram Accounts to HackersExploiting a confused deputy weakness, the hackers simply asked the chatbot to link the account to a new email address. The post Meta AI Hands Over High-Profile Instagram Accounts to Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
2 Jun KEVGoogle fixes one actively exploited Android zero-day, 124 flawsGoogle has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]BLEEPINGCOMPUTER.COM
2 JunAI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window between a vulnerability being disclos…THEHACKERNEWS.COM
2 JunInfected Red Hat npm packages expose developer credentialsDevelopers who pulled packages from Red Hat’s @redhat-cloud-services npm namespace over the weekend got a secret-stealing worm instead. Security researchers from several cybersecurity outlets are warning of a new supply chain attack compromising over 30 Red Hat Cloud Services-rel…CSOONLINE.COM
2 Jun KEVCISA flags two-year-old Oracle flaw as actively exploited in attacksCISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
2 JunCritical Vulnerability in HP VoIP Phones Enables Enterprise Network BreachesA stack-based buffer overflow bug can be exploited for remote code execution on a vulnerable device. The post Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunCodex knowledge work expands into research, reports, and spreadsheetsOffice workers in the United States lose hours each week to email triage and to searching for files spread across disconnected systems. Roughly 40 percent of US labor, about 72 million people, works primarily with information such as analysis, documents, designs, and communicatio…HELPNETSECURITY.COM
2 JunEuro-Office adds encrypted email provider Tuta ahead of public releaseTuta has announced that it has joined the Euro-Office project, a European initiative developing an open-source, cloud-based office suite designed to reduce dependence on Microsoft and Google services. The announcement has been released just one week before the launch of Euro-Offi…CYBERINSIDER.COM
2 JunDashlane confirms user vaults were copied by hackers in recent attackDashlane has disclosed that attackers were able to download copies of encrypted password vaults for a small subset of users during a brute-force attack that targeted customer accounts over the weekend. The company says the incident did not involve a breach of its internal systems…CYBERINSIDER.COM
2 JunNoma brings visibility and access governance to AI agents and MCP serversNoma has announced the launch of Noma Agent Access Control, which helps security teams discover, govern, and enforce access policies for AI agents and Model Context Protocol (MCP) servers throughout the enterprise. AI agents and MCP servers have proliferated across developer envi…HELPNETSECURITY.COM
2 JunTuskira Quell identifies, mitigates, and validates zero-day risk before breachTuskira launched Quell, its exposure-led zero-day defense capability. Quell helps enterprises survive the window between a zero-day’s disclosure and a patch by determining which zero-days are reachable in their environment, whether existing controls would stop them, and whi…HELPNETSECURITY.COM
2 JunMeta adds stricter guardrails for teen feedsMeta has expanded its Teen Accounts 13+ content settings globally on Instagram, Facebook, and Messenger. The safeguards are designed to help young users see age-appropriate content by default. The company also introduced Limited Content on Instagram for parents seeking stricter r…HELPNETSECURITY.COM
2 JunAnthropic scales Claude Mythos to critical infrastructure in 15+ countriesAnthropic is expanding Project Glasswing, its security vulnerability program, and access to Mythos to 150 organizations across 15 countries — targeting critical infrastructure in power, water, healthcare, and communications where a cyberattack could affect 100 million people.TECHCRUNCH.COM
2 JunAnthropic shares Mythos with 150 more organizations, including critical infrastructure operatorsThe AI firm also said it’s exploring how to help open-source developers deal with a flood of vulnerability reports.CYBERSECURITYDIVE.COM
2 JunPassword manager Dashlane says hackers stole some customers’ password vaultsThe password manager giant said hackers were able to 'brute-force' its two-factor system, allowing them to access customer accounts and download their password vaults.TECHCRUNCH.COM
2 JunSecure multi-tenant AI agents with Amazon Bedrock AgentCore resource-based policiesSoftware as a service (SaaS) providers building AI-powered applications on Amazon Bedrock AgentCore often need to serve multiple tenants with distinct security requirements from a shared infrastructure. Some tenants require cross-account access from their own Amazon Web Services …AWS.AMAZON.COM
2 JunUnpatched NTLM Coercion in Windows search: URI Handler, Same Bug, No CVE, No FixThe same NTLM coercion primitive that got patched in the Snipping Tool exists in Windows Explorer's search: handler. No CVE. No fix. If your patching relies on CVE coverage, you have a blind spot.HUNTRESS.COM
2 JunTwo New Reports Offer Competing Explanations for Cybersecurity’s Growing CrisisAs AI shortens the path from vulnerability disclosure to exploitation, researchers disagree on whether the problem is inadequate security tools or inadequate operational control. The post Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis appear…SECURITYWEEK.COM
2 JunTrump revives parts of canceled AI order with cybersecurity-focused directiveUS President Donald Trump signed an executive order aimed at strengthening cybersecurity defenses and establishing a voluntary framework for cooperation between the federal government and developers of advanced artificial intelligence models, reviving portions of a broader AI ini…CSOONLINE.COM
2 JunThe Rise of Shadow AISecurity teams once worried about shadow IT and shadow cloud. Now a growing concern is shadow AI: employees using AI services outside approved corporate accounts and workflows. According to the discussion, a large percentage of AI usage may still be occurring through non-corporat…YOUTUBE.COM
2 JunThe bugs are piling up faster than the fixes.A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Steam comments. Researchers spot AI-assisted malware development. Attackers compromi…THECYBERWIRE.COM
📢 SECURITY ADVISORIES 8[−]
2 JunSensitive government personnel data posted online, Spanish police arrest suspectThe Spanish National Police arrested a man in Granada for allegedly leaking personal data belonging to members of several sensitive state institutions. According to police, the suspect published the information on multiple online platforms, exposing personnel associated with orga…HELPNETSECURITY.COM
2 JunInfosecurity Europe: NCSC Urges Immediate Action to Boost Resilience as Uncertainty PersistsNCSC director of operations, Paul Chichester, says it’s time to future-proof cybersecurity todayINFOSECURITY-MAGAZINE.COM
2 JunTrump administration releases scaled-back AI executive orderThe order – which Trump refrained from signing at the last minute, appears to make significant concessions to industry compared to earlier drafts. The post Trump administration releases scaled-back AI executive order appeared first on CyberScoop .CYBERSCOOP.COM
2 JunDOD wants to integrate cyber in all operations, and integrate security into AITop Pentagon cyber policy official Katherine Sutton said recent conflicts have emphasized the importance of cyber, and that the department can’t make old mistakes with AI security. The post DOD wants to integrate cyber in all operations, and integrate security into AI appeared fi…CYBERSCOOP.COM
2 JunTrump signs EO seeking early government access to powerful AI modelsThe directive represents an about-face for an administration that previously repudiated government AI reviews.CYBERSECURITYDIVE.COM
2 JunIdentify unused AWS KMS keys and prevent accidental key deletionsAs you scale your use of Amazon Web Services (AWS), managing KMS keys becomes increasingly important. Whether you manage a handful of keys or thousands across multiple AWS accounts and AWS Regions, there’s often a need to audit key usage to help you meet compliance requirements, …AWS.AMAZON.COM
2 JunWhite House unveils pared-back AI executive orderThe order notes that federal access to the models should be subject to “appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property protection, use, and nondisclosure requirements.”THERECORD.MEDIA
2 JunTrump Signs Executive Order That Invites Vetting of Top AI Models for National Security RisksThe order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release. The post Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks ap…SECURITYWEEK.COM
🔥 INCIDENT REPORTING 8[−]
2 JunThe Intersection of Encryption and AIAs part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite piece and share their reflections on the topic today. This is my section. Renowned technologist and au…SCHNEIER.COM
2 JunBeyond Assume-Breach: How AI-Native Security Will Reshape Enterprise DefenseTwenty years after Dark Reading launched, we're looking ahead at what's next for enterprise security. Spoiler: It's hyper-segmented, AI-orchestrated, and way more sophisticated than your dad's firewall.DARKREADING.COM
2 JunRed Hat removes tainted packages after software pipeline compromiseAccording to the company’s preliminary analysis, a compromised GitHub account was used to push the malicious code out to customers, hitting 32 packages downloaded roughly 117,000 times a week.THERECORD.MEDIA
2 Jun64,000 accounts exposed in breach of GTA V cheat service Atlas MenuAtlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, has been added to the Have I Been Pwned database following a data breach that exposed tens of thousands of user records. The incident exposed approximately 64,000 accounts, including email addresses, usernam…HELPNETSECURITY.COM
2 JunRussia claims foreign spy agencies hacked officials' phonesIn a statement, Russia's Federal Security Service (FSB) said it had uncovered what it described as a "large-scale operation" involving malicious software installed on the mobile devices of senior Russian officials.THERECORD.MEDIA
2 JunAI-built ransomware toolkit automates EDR evasion, AD discoveryA threat actor is using an AI-built attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. [...]BLEEPINGCOMPUTER.COM
2 JunChina Uses Dual-Method Cyberattack on Czech OrgsChina is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.DARKREADING.COM
2 JunOne Account, Total BreachA single account can serve as an entry point into interconnected systems. With technologies like single sign-on and widespread SaaS adoption, one compromised credential may provide access to multiple services and environments. The impact of identity compromise is no longer isolat…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 30[−]
2 JunFrom API key to live threat detections in minutes: how Elastic Security ingests Google Threat IntelligenceFind out how Elastic Security ingests Google Threat Intelligence for continuous detection and uses AI-driven workflows to enrich alerts in real time, from API key to live detections in minutes.ELASTIC.CO
2 JunISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 JunThis AI model backdoor attack stays hidden until you customize the modelMost teams that deploy AI start with a backbone model. They download a large pre-trained system, adapt it to a specific task, and put it into production. The download step carries a security question: the origin of the model. A research team built an attack called BadBone. It pla…HELPNETSECURITY.COM
2 JunCybersecurity jobs available right now: June 2, 2026Agentic Safety and Ecosystem Architect, Trust and Safety Google | USA | On-site – View job details As an Agentic Safety and Ecosystem Architect, Trust and Safety, you will define safety controls and permission models for autonomous agents on Android, helping ensur…HELPNETSECURITY.COM
2 JunZero trust physical security needs trust decisions at the edgeIn this interview with Help Net Security, Chuck Davis, VP, Global Information Security at Hikvision, explains how zero trust applies to physical security systems like cameras and door controllers. He breaks down how to make trust decisions at the edge without recreating old perim…HELPNETSECURITY.COM
2 JunRSA extends passwordless authentication to Linux environmentsRSA has expanded its passwordless authentication capabilities to Linux environments, advancing its goal of delivering secure, password-free access for every user in every environment. Linux is ubiquitous in enterprise infrastructure, powering servers, developer workstations, and …HELPNETSECURITY.COM
2 JunNew Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. No URL in the body, just “an image”, that's the perf…ISC.SANS.EDU
2 JunOracle’s First Monthly Patches Resolve 77 VulnerabilitiesOracle’s monthly Critical Security Patch Update (CSPU) rollouts are meant to deliver critical fixes faster. The post Oracle’s First Monthly Patches Resolve 77 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunInfosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study WarnsA new Silobreaker and SANS Institute paper examines the ‘Intelligence-Stakeholder Gap’ and what organizations must do to achieve business buy-in on threat intelligenceINFOSECURITY-MAGAZINE.COM
2 JunKDE Linux security audit cuts kernel modules and unused packagesKDE Linux, the in-progress operating system from the KDE community, removed several kernel modules and software packages after a security audit of the components shipped with the system. The work followed the discovery of multiple security issues in the upstream Linux kernel duri…HELPNETSECURITY.COM
2 JunCybanetix unveils Managed AI Service to secure users, models, and agentsCybanetix has announced the launch of its Managed AI Service to address all three aspects of AI use within the enterprise. Covering employee AI usage, AI governance, and embedded AI, the Managed AI Service combines technology from NOMA, SentinelOne, Microsoft, and Exabeam with Cy…HELPNETSECURITY.COM
2 JunOpenAI brings frontier AI to existing AWS environmentsOpenAI frontier models and Codex are now available on AWS, giving customers access to OpenAI capabilities within AWS environments and the controls needed to move more quickly from evaluation to deployment. OpenAI capabilities on Amazon Bedrock These capabilities are available thr…HELPNETSECURITY.COM
2 JunBadHost, Dead CTFs, Exploding NPMs, and the Verizon DBIR - ASW #385We dedicate an episode to catching up on appsec news with Kalyani Pawar. We see parsing problems that led to the BadHost vuln, which exposed lots of LLMs, MCPs, and agents to potential compromise. We wonder where to look for security education and practice as the camaraderie of t…YOUTUBE.COM
2 JunSupply Chain Attack Hits 32 Red Hat NPM PackagesHackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. The post Supply Chain Attack Hits 32 Red Hat NPM Packages appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunThreat Actor Uses AI to Build EDR Evasion ToolsA threat actor used AI coding tools to build and test EDR evasion malware, Sophos findsINFOSECURITY-MAGAZINE.COM
2 JunOperation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell BackdoorOperation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework. The post Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
2 JunMicrosoft Entra pushes passkeys, tightens identity securityMicrosoft has released multiple identity and network access capabilities for Entra, its family of identity and network access products that help organizations implement a zero trust security strategy, over the last 30 days. Features reaching general availability Identity and auth…HELPNETSECURITY.COM
2 JunSophos uncovers AI-powered malware lab built for EDR evasionA threat actor used AI technologies to build a malware-testing framework for developing and refining endpoint detection and response (EDR) evasion techniques, according to Sophos. The investigation began after an anomalous endpoint in a customer environment triggered alerts tied …HELPNETSECURITY.COM
2 JunDiligent automates cyber risk assessments and reportingDiligent has announced Diligent Cyber Risk Management, an agentic solution designed to help organizations manage cybersecurity risk in a business context. Available in summer 2026, the platform reduces cyber risk assessment work from weeks to hours and links cyber threats to stra…HELPNETSECURITY.COM
2 JunLABScon25 Replay | Gamaredon x Turla: Unveiling a 2025 Espionage Alliance Targeting UkraineESET researchers show how Gamaredon facilitated Turla access to Ukrainian targets, revealing rare cooperation between FSB-linked espionage groups.SENTINELONE.COM
2 JunTurning tension into collaboration: How CIOs and CISOs can lead togetherIf properly managed and channeled, age-old friction between IT and cybersecurity can create a more resilient organization.CYBERSECURITYDIVE.COM
2 JunThe Zero-Knowledge Threat Actor and the End of Responsible DisclosureAI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. The post The Zero-Knowledge Threat Actor and the End of Responsible Disclosure appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunAnthropic Expanding Mythos Access to 150 New OrganizationsOnly approximately 50 companies have had access to Mythos until now and they have found thousands of vulnerabilities in their products. The post Anthropic Expanding Mythos Access to 150 New Organizations appeared first on SecurityWeek .SECURITYWEEK.COM
2 JunAI's Real Security ProblemMany AI security conversations focus on prompt injection attacks. In this clip, Kalyani Pawar and Mike argue that AI may not be creating entirely new security threats. Instead, it often amplifies existing security problems that organizations already struggle with. The bigger conc…YOUTUBE.COM
2 JunAnthropic expanding access to Project GlasswingRoughly 150 new organizations across critical infrastructure sectors will gain access to Claude Mythos Preview, Anthropic's most capable — and most restricted — AI model. The post Anthropic expanding access to Project Glasswing appeared first on CyberScoop .CYBERSCOOP.COM
2 JunWeedHack Minecraft malware campaign infects over 116,000 PCsMcAfee researchers have uncovered a large Malware-as-a-Service (MaaS) operation targeting Minecraft players through trojanized mods, cheats, and game clients. The campaign, dubbed WeedHack, has infected more than 116,000 systems since January 2026 and offers aspiring cybercrimina…CYBERINSIDER.COM
2 JunExclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at RiskA simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations. The post Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk appeared f…SECURITYWEEK.COM
2 JunDozens of Red Hat npm packages targeted in supply- chain attackResearchers said a variant of the mini Shai-Hulud is involved in the compromise.CYBERSECURITYDIVE.COM
2 JunMicrosoft Build 2026: Securing code, agents, and models across the development lifecycleDiscover how Microsoft enables fast, secure AI development with MDASH and new security capabilities. The post Microsoft Build 2026: Securing code, agents, and models across the development lifecycle appeared first on Microsoft Security Blog .MICROSOFT.COM
2 JunHeraclitus, AI LLMs, SSO, TTP, NetLogon, PAN-OS, AI Cost, Aaran Leyland - SWN #586Heraclitus Unbound, AI LLMs, SSO, TTP, NetLogon, PAN-OS, AI Cost, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-586YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
2 JunFake virus alerts are invading mobile games"Your device is infected!" Fake account warnings and virus alerts are turning some in-game ads into malware traps.MALWAREBYTES.COM
2 JunAttackers Hijack Red Hat npm Scope to Steal Cloud SecretsAttackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secretsINFOSECURITY-MAGAZINE.COM
2 JunInfosecurity Europe: Cybersecurity Teams Which Don’t Leverage AI are "Doomed to Fail"Humans still need to be part of cyber defense, but refusing to deploy AI is no longer optional against AI-enhanced cyber threats, warns Dataminr’s Joe SlowikINFOSECURITY-MAGAZINE.COM
2 JunDriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate AttacksA sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware.DARKREADING.COM
2 JunOver 116,000 Mincraft systems infected in WeedHack malware campaignA large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 17[−]
2 Jun23andMe exposed genetic information of millions, lawsuit saysWhat began with stolen passwords ended with the exposure of nearly seven million users' DNA-related data, according to California's lawsuit.MALWAREBYTES.COM
2 JunInfosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks EvolveUK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defenseINFOSECURITY-MAGAZINE.COM
2 JunThe Weather Report that Changed History"If any blame or fault attaches to the attempt, it is mine alone." This is the end of the announcement Supreme Allied Commander General Dwight David Eisenhower had prepared in June 1944 in case the D-Day landings failed. He never had to deliver it, but the fact that he wrote it t…THECYBERWIRE.COM
2 JunHow Leading Organizations Are Turning EDR Into Operational ResilienceMost organizations now recognize that endpoint protection alone is no longer sufficient. That's why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organizations understand that modern attacks move faster, evade traditional prevention co…THEHACKERNEWS.COM
2 JunWardriving assessment across Mexico: Preparing for the 2026 World CupIn the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential exposure risks.SECURELIST.COM
2 JunInfosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI ThreatsBayer’s security awareness training now focuses on psychological approaches rather than technical methods for detecting social engineeringINFOSECURITY-MAGAZINE.COM
2 JunInstagram users locked out after Meta AI abused to steal accountsMultiple Instagram users had their accounts hijacked after attackers convinced Meta's AI-powered support tools that they were the legitimate owners. [...]BLEEPINGCOMPUTER.COM
2 JunWhy the browser is now the front line for AI securityAI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI governance. [...]BLEEPINGCOMPUTER.COM
2 JunMicrosoft Exchange Online outage causes email delays, failuresMicrosoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany. [...]BLEEPINGCOMPUTER.COM
2 JunAndroid Is Fighting Phone Scams With a New Feature to Prove Who's CallingAvailable for Android 12 and later, the anti-scam feature is baked into Google Dialer, which sends a silent “confirmation signal” to ensure whoever's calling you is who they appear to be.WIRED.COM
2 JunThese convincing copyright notices are designed to steal Google loginsScammers use fake takedown requests, countdown timers, and spoofed sign-in screens to steal Google logins from Chrome developers.MALWAREBYTES.COM
2 JunSecuring AI Agents Before They Go Rogue Is Next to ImpossibleHigh-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act now before they become the next horror story.DARKREADING.COM
2 JunFBI-Flagged Phishing Kit Kali365 Expands Its ReachOnce targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing.DARKREADING.COM
2 JunCyera eyes $12B valuation at 80x ARR multiple despite operating lossesThe cybersecurity company is nearing a $300 million round led by Evolution Equity Partners.TECHCRUNCH.COM
2 JunMicrosoft's Coreutils project brings Linux commands to WindowsMicrosoft announced today at its Build 2026 developer conference the release of Coreutils for Windows, bringing many commonly used Linux command-line utilities to Windows as native applications. [...]BLEEPINGCOMPUTER.COM
2 JunOpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT modelsOpenAI says it's rolling out a new update that improves the existing GPT-5.5 Instant model, and this move comes ahead of the scheduled retirement of multiple legacy models, including o3. [...]BLEEPINGCOMPUTER.COM
2 JunZoom CISO: AI as Security Enabler, Not Role-ReplacerAs Zoom's CISO, Sandra McLeod, discusses the challenges of securing a global communication platform, the promise of AI-driven security workflows, and advice for aspiring cybersecurity leaders.DARKREADING.COM