🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
22 JunVU#226679: Microsoft WinRE allows for bypass of UEFI/BIOS password enforcementOverview Microsoft Windows Recovery Environment (WinRE) provides a mechanism for recovering and repairing Windows systems using an alternate boot environment. Under certain platform implementations, access to WinRE may allow an attacker to bypass firmware security controls, inclu…KB.CERT.ORG
22 JunFFmpeg ‘PixelSmash’ bug triggers code execution on media file openA critical vulnerability in FFmpeg, the widely used open-source multimedia framework, can be exploited through a specially crafted video file to achieve remote code execution (RCE). Tracked as CVE-2026-8461 and dubbed “PixelSmash,” the flaw affects FFmpeg's MagicYUV decoder. The …CYBERINSIDER.COM
22 JunVU#936962: Multiple file parsing vulnerabilities in FastStone Image Viewer 8.3.0.0Overview Two vulnerabilities have been identified in FastStone Image Viewer 8.3 that may allow remote code execution or control-flow corruption when processing specially crafted image files. The affected components include the JPEG 2000 (JP2) parser and the PSD file parser. An at…KB.CERT.ORG
⚠️ VULNERABILITY DISCLOSURE 28[−]
22 JunStolen OAuth Tokens Hit Security Firms, AryStinger Router Botnet Emerges, AI Deepfake CyberstalkingA breach at market intelligence platform Klue allowed attackers to steal OAuth tokens linking Clue to customers' Salesforce environments, enabling quiet API-driven data extraction from firms including Huntress, Recorded Future, Tanium, and Jamf; Clue revoked tokens, removed the l…CYBERSECURITYTODAY.LIBSYN.COM
22 JunWhy Southeast Asia CISOs Need Zero Trust as Their AI Control Plane – AI Agents, Data Borders and Supply ChainsAt Zenith Live 2026 held on 16-17 June in Vienna, Zscaler sharpened a reality that Southeast Asia CIOs and CISOs are already sensing, which are, AI agents are quickly becoming digital workers inside their organisations, while regulators tighten data residency rules and supply‑cha…CSOONLINE.COM
22 JunHundreds of AI-powered iOS apps found exposing credentialsMobile app developers are packing AI features into everything from writing assistants to productivity tools and lifestyle apps. New research shows that securing access to those services remains a challenge. LLM API credential leakage via network traffic interception (Source: Rese…HELPNETSECURITY.COM
22 JunAgent Beacon: Open-source telemetry layer for AI agentsAI coding agents such as Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, cloud environments, where they edit files, run commands, and call outside tools. Beacon, an open-source project from Asymptote Labs, configures telemetry for those runtim…HELPNETSECURITY.COM
22 JunAnatomy of a retail ransomware attack: Tabletop simulates modern mayhem methodsAttacks on AI systems and disinformation starred as key elements of a ransomware tabletop exercise CSO participated in during this month’s Infosecurity Europe conference. The “Enter the War Room” exercise — organised and run by cybersecurity vendor Semperis — featured a scenario …CSOONLINE.COM
22 Jun6 security leader tips for mastering business riskLongtime security leader Doug Kersten has expanded his list of responsibilities. As CISO of software maker Appfire, he now has accountability for business risks, such as how security tools and processes within customer products and services impact their costs and, thus, profitabi…CSOONLINE.COM
22 JunNavigating Shadow AI in the Enterprise, Verizon's SECOND 2026 report, and the news - ESW #464Interview with Ankita Gupta, CEO of Akto _How to Navigate Shadow AI Risk in the enterprise_ This week, we discuss AI governance in the enterprise, starting with the nuts and bolts of how to discover and understand shadow AI. Following that, we dive into what security and tech lea…YOUTUBE.COM
22 JunKlue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth TokensAt least five cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integrationINFOSECURITY-MAGAZINE.COM
22 JunWhat the Latest ShinyHunters Breaches Reveal About Modern CyberattacksGroups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. The post What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks appeared first on SecurityWeek .SECURITYWEEK.COM
22 JunNew Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhonesThe vulnerability exploited by the Usbliter8 exploit cannot be patched and a PoC exploit has been released by researchers. The post New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones appeared first on SecurityWeek .SECURITYWEEK.COM
22 JunAttackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress DataVulnerable WordPress plugin iterations leak API keys, secrets, tokens, server information, and other data. The post Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data appeared first on SecurityWeek .SECURITYWEEK.COM
22 JunNew OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealerCybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER. According to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the…THEHACKERNEWS.COM
22 JunThe Hidden Risk of Shadow AIShadow AI now includes far more than employees casually using ChatGPT. Organizations are seeing AI agents, MCPs, LLMs, and AI databases quietly appear across enterprise environments. The danger isn’t necessarily the technology itself. It’s visibility. Security teams often have no…YOUTUBE.COM
22 JunUnpatchable BootROM Flaw Impacts Apple A12, A13 ChipsApple BootROM exploit exposes unpatchable USB flaw on A12 and A13 devicesINFOSECURITY-MAGAZINE.COM
22 JunDecades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User DataSquidbleed, discovered with the aid of Claude Mythos Preview, has been described as a Heartbleed-style vulnerability. The post Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data appeared first on SecurityWeek .SECURITYWEEK.COM
22 Jun29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP RequestsA heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy. The bug traces to a 1997 FTP-parsing change and is still live in Squid…THEHACKERNEWS.COM
22 JunResearchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across TenantsCybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily read artificial intelligence (AI) conversions from other customers' application…THEHACKERNEWS.COM
22 JunAWS Continuum offers devs help with securing codeAI coding agents are making it easier than ever to produce software. Ensuring that software is secure before deployment is another matter — one that AWS thinks AI should help with too. As enterprises adopt agentic development workflows, the volume of first-party code being create…CSOONLINE.COM
22 JunKlue breach exposed Salesforce CRM data through stolen OAuth tokensAn attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce and other platforms, and accessed data across multiple customer environments prompting the company to revoke customer OAuth tokens and disable affected integ…CSOONLINE.COM
22 JunIntroducing Patch the PlanetWhat happens when you clear dozens of Trail of Bits engineers’ schedules, pair them with every open-source maintainer they can contact, and unleash the latest frontier models like GPT-5.5-Cyber on critical open-source targets? Thanks to our partnership with OpenAI and its Daybrea…TRAILOFBITS.COM
22 JunOpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s MythosAmid concerns about AI models’ cybersecurity capabilities, OpenAI revealed an improved version of GPT-5.5-Cyber and its “Patch the Planet” initiative to fix open-source software bugs.WIRED.COM
22 JunMicrosoft fixes AutoGen Studio flaw that enabled code executionA vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system simply by visiting a malicious webpage. [...]BLEEPINGCOMPUTER.COM
22 JunA new unpatchable flaw in Apple chips opens the door to an iPhone jailbreakEuropean offensive cybersecurity company Paradigm Shift released details of a flaw and a technique to exploit it that opens the door for hackers to unlock and break into older iPhones.TECHCRUNCH.COM
22 JunAI Guardrails Could BackfireAs commercial AI systems add more restrictions and moderation layers, some users are already moving toward open-source alternatives that offer fewer limitations and more control. The argument here is simple: once AI capability exists publicly, it becomes extremely difficult to su…YOUTUBE.COM
22 JunTrump administration to order agencies to speed up post-quantum migration, boost industryBoth EOs are expected to be signed as soon as Monday per an industry source with knowledge of timing. The White House has a signing ceremony scheduled this afternoon. The post Trump administration to order agencies to speed up post-quantum migration, boost industry appeared first…CYBERSCOOP.COM
22 JunFFmpeg fixes PixelSmash flaw in widely used video decoderA newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. [...]BLEEPINGCOMPUTER.COM
22 JunThe Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data ExfiltrationUnit 42 research details how attackers could exploit global name uniqueness in bucket hijacking to redirect cloud data streams across major CSPs. The post The Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
22 JunGitHub Actions hardens checkout security to block ‘pwn request’ attacksStung by a surge in cyberattacks that have run amok in developer environments, GitHub has strengthened the security of actions/checkout to block ‘pwn request’ attacks that exploit insecure use of the pull_request_target workflow trigger to run an attacker’s code with the workflow…CSOONLINE.COM
📋 SECURITY BULLETINS 1[−]
22 JunThousands of D-Link routers under control of AryStinger botnetThousands of outdated D-Link routers have been absorbed into the AryStinger botnet, with no future security updates available to protect them.MALWAREBYTES.COM
📢 SECURITY ADVISORIES 3[−]
22 JunNCSC Urges Fortinet Customers to Tackle FortiBleed FalloutThe NCSC has released guidance for Fortinet customers impacted by the FortiBleed threat campaignINFOSECURITY-MAGAZINE.COM
22 JunCISA urges device hardening after thousands of Fortinet credentials compromisedSecurity researchers warn of a months-long FortiBleed campaign targeting western organizations.CYBERSECURITYDIVE.COM
22 JunCourt rules SAVE database illegal, orders it dismantledA judge said the administration’s database violates the Privacy Act, the Social Security Act and the Administrative Procedures Act. The post Court rules SAVE database illegal, orders it dismantled appeared first on CyberScoop .CYBERSCOOP.COM
🔥 INCIDENT REPORTING 17[−]
22 JunTexas Parks & Wildlife Data Breach Affects 3 Million IndividualsHackers stole personal information after breaching the systems of a third-party license vendor serving TPWD. The post Texas Parks & Wildlife Data Breach Affects 3 Million Individuals appeared first on SecurityWeek .SECURITYWEEK.COM
22 JunINTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-PacificA new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity. According to INTERPOL's 2025/…THEHACKERNEWS.COM
22 JunInfrastructure downtime has a $50k-per-hour price tag. It’s time to turn hours into minutes.Threats move at machine speed. Network incident response still doesn't. What’s standing in the way?CYBERSECURITYDIVE.COM
22 JunWhatsApp users targeted by ongoing VBScript malware campaignKaspersky researchers have uncovered an ongoing malware campaign that uses compromised WhatsApp accounts to distribute malicious VBScript attachments. The attachments install ManageEngine Endpoint Central, a legitimate remote management tool that can provide attackers with remote…CYBERINSIDER.COM
22 Jun⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and MoreIt’s Monday again. This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much control. The annoying part is how little of this feels new. Wea…THEHACKERNEWS.COM
22 JunKlue hack results in data breach at several cybersecurity firmsHuntress, HackerOne, Jamf, Recorded Future, and Tanium are among the cybersecurity companies that had data stolen following an earlier breach at market research firm Klue.TECHCRUNCH.COM
22 JunSuspected cyberattack triggers false emergency alerts across parts of BrazilThe incident occurred early Saturday when at least a dozen unauthorized alerts were sent through Brazil's Civil Defense Alert system, a platform designed to warn residents about imminent threats such as floods, landslides and other natural disasters.THERECORD.MEDIA
22 JunGentleKiller Framework Disables Victims' Security SoftwareESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliatesINFOSECURITY-MAGAZINE.COM
22 JunPrevent data exfiltration: AWS egress controls for cloud workloadsWhen securing an Amazon Web Services (AWS) environment, teams naturally prioritize inbound controls, firewalls, WAFs, and access policies, because that’s where the most visible threats originate. Outbound traffic, on the other hand, tends to get less attention. It’s often left op…AWS.AMAZON.COM
22 JunKlue supply-chain attack impacts cybersecurity firms.Brand-new Prinz Eugen ransomware is surprisingly polished. Brazil investigates suspected hack of emergency alert system. Texas data breach affects hunting and fishing licensees.THECYBERWIRE.COM
22 Jun22nd June – Threat Intelligence ReportFor the latest discoveries in cyber research for the week of 22nd June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Texas Parks and Wildlife Department has been affected by a third-party data breach involving its license system vendor. The incident …RESEARCH.CHECKPOINT.COM
22 JunOne intrusion, two cyberattackers: Uncovering parallel threat activityRansomware case reveals two parallel threat actors, blending tactics and evasion—showing why isolated signals can often miss modern, overlapping cyberattacks. The post One intrusion, two cyberattackers: Uncovering parallel threat activity appeared first on Microsoft Security Blog…MICROSOFT.COM
22 JunShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain AttackMultiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack after unknown threat actors managed to tamper with the official release channels and push backdoor code. "Attackers compromised the vendor's build and distribution pipeline, injecting backdoor …THEHACKERNEWS.COM
22 JunTata Electronics, a major tech supplier to Apple and Tesla, confirms data breachThe incident comes as Tata Electronics expands its role in global technology supply chains.TECHCRUNCH.COM
22 JunFortiBleed campaign used custom FortiGate sniffer to steal credentialsSecurity firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to harvest authentication secrets from compromised firewalls and steal credentials. [...]BLEEPINGCOMPUTER.COM
22 JunThe Klue is in the data trail.Klue supply-chain attack impacts cybersecurity firms. Brand-new Prinz Eugen ransomware is surprisingly polished. ShinyHunters leak exposes sensitive data of 10,000 Council of Europe employees. Security agencies sound alarm over FortiBleed credential harvesting operation. Texas da…THECYBERWIRE.COM
22 JunJaredFromSubway MEV bot hacked in $15 million crypto theftThe JaredFromSubway Ethereum MEV (Maximal Extractable Value) bot suffered a $15 million loss after an attacker manipulated the opportunity-detection logic by creating fake cryptocurrency trading opportunities. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 16[−]
22 JunISC Stormcast For Monday, June 22nd, 2026 https://isc.sans.edu/podcastdetail/9980, (Mon, Jun 22nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
22 JunProduct showcase: Avira Security for iOS blends security, privacy, and device optimizationAvira Mobile Security for iOS combines security, privacy, and device optimization tools in a single application. The app is also available for Android, macOS, and Windows devices. After downloading the application from the App Store users are guided through a short onboarding pro…HELPNETSECURITY.COM
22 JunWho pays when you gate cyber-capable AI models?In this interview with Help Net Security, Jaya Baloo, COO & CISO at Aisle, examines the debate over restricting access to cyber-capable AI models. She lays out the strongest argument for gating these tools, then explains where it breaks down for security teams who depend on …HELPNETSECURITY.COM
22 JunEncrypted DNS still tells an eavesdropper where to lookEncrypted DNS runs across much of the Internet. DNS over TLS, HTTPS, and QUIC keep the contents of a query away from anyone watching a network link. The encryption covers the message inside each packet. The packet still carries plaintext headers, and those values mark a flow as D…HELPNETSECURITY.COM
22 Jun23 ClawHub plugins squatting official scopes expose AI registry security gapsPlugin registries for AI agents use npm-style scopes like @openclaw/ and @clawhub/ to signal who published a package. But on ClawHub, a registry whose plugins run with Claude, OpenClaw, and other agents, those official scopes weren’t reserved to their owners for every packa…HELPNETSECURITY.COM
22 JunFortinet Responds to FortiBleed CampaignA database of over 86,000 confirmed working credentials was created during the credential-harvesting campaign. The post Fortinet Responds to FortiBleed Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
22 JunMore Cybersecurity Firms Disclose Impact From Klue HackHackerOne, Huntress, Jamf, OneTrust, Recorded Future, Snyk, and Tanium are among the affected Klue customers. The post More Cybersecurity Firms Disclose Impact From Klue Hack appeared first on SecurityWeek .SECURITYWEEK.COM
22 JunAnthropic to introduce age and ID checks for Claude users on July 8Anthropic has updated its privacy policy to disclose that Claude users may be asked to verify their age or identity beginning July 8, a change that could require submitting government-issued identification documents and biometric data. The updated policy states that, in certain c…CYBERINSIDER.COM
22 JunProfessional Athletes and WearablesI haven’t thought about the privacy issues surrounding professional athletes and wearables. Wearables present serious privacy issues for “Average Joe” consumers, who are entrusting tech companies to safely store and protect their biometric data. Imagine the stak…SCHNEIER.COM
22 JunMicrosoft Attributes Mastra AI Supply Chain Attack to North KoreaNorth Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft security researchersINFOSECURITY-MAGAZINE.COM
22 JunNorth Korean Hackers Blamed for Mastra NPM Supply Chain AttackA malicious dependency the attackers added to over 140 Mastra packages fetches a payload targeting cryptocurrency extensions. The post North Korean Hackers Blamed for Mastra NPM Supply Chain Attack appeared first on SecurityWeek .SECURITYWEEK.COM
22 JunWebshells Remain Popular, (Mon, Jun 22nd)Webshells have been popular for a long time. We already covered this topic across multiple diaries[ 1 ][ 2 ]. I spent some time to track them[ 3 ] and slighly paid less attention to them but today I found another one. It seems to be a new player (pus…ISC.SANS.EDU
22 JunIntel agencies: Frontier AI models will reshape cybersecurity faster than expectedThe joint warning from Five Eyes countries mirrors what many cybersecurity and AI experts have been saying for the past year. The post Intel agencies: Frontier AI models will reshape cybersecurity faster than expected appeared first on CyberScoop .CYBERSCOOP.COM
22 JunInterpol, Europol renew agreement to combat hackers and other criminalsExperts say international partnerships are key to taking down sprawling cybercriminal operations.CYBERSECURITYDIVE.COM
22 JunAI-Powered Attacks Are Now a Commodity with Mike Britton, CIO of Abnormal AIMike Britton, CIO at Abnormal AI, joins Dave Bittner on the CyberWire Daily podcast to discuss how AI-powered attacks have evolved from simple phishing assistance into fully productized cybercrime platforms. Drawing on recent research into platforms like VENOM and EvilTokens, as …THECYBERWIRE.COMHTTPS:
22 JunGuarding AI memoryWhat happens when threat actors target what AI remembers? Microsoft breaks down the risks and the defenses. The post Guarding AI memory appeared first on Microsoft Security Blog .MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
22 JunAryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy NetworkA new malware family is turning forgotten home routers into a distributed reconnaissance and proxy network, not the DDoS botnet these devices usually end up in. QiAnXin's XLab calls it AryStinger and counts at least 4,300 infected routers, a total it says is still risin…THEHACKERNEWS.COM
22 JunA week in security (June 15 – June 21)A list of topics we covered in the week of June 15 to June 21 of 2026MALWAREBYTES.COM
22 JunCanada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected DevicesCanada's spy service got a judge's permission to reach into infected servers, home routers, and IoT gear sitting on Canadian soil and neutralize two foreign-run botnets. The Federal Court released a public version of the ruling on June 15. It is the first time the Canadian S…THEHACKERNEWS.COM
22 JunWhatsApp phishing attack uses fake business docs to hack PCsAn ongoing malware campaign is targeting WhatsApp users in multiple countries with deceptive messages that push VBScript files, leading to remote system access. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 13[−]
22 JunA VBScript campaign distributed through WhatsApp deploying RMM softwareA Kaspersky researcher analyzes a global malicious campaign that distributes VBS scripts via WhatsApp delivering a UEMS RMM agent through a multi-stage infection chain.SECURELIST.COM
22 JunAI is transforming enterprise data risk. Here’s how security leaders are responding.New research from 1,700 security leaders reveals 3 imperatives for securing AI adoption.CYBERSECURITYDIVE.COM
22 Jun3 ways AI is transforming security operations - and where it delivers real impactSecurity operations (SecOps) teams have long been exhorted to “work smarter, not harder,” but they need the right tools and processes to actually achieve that aim.CYBERSECURITYDIVE.COM
22 JunWorld Cup Scams Are Getting Harder to SpotFrom fake tickets to cloned websites, AI is magnifying World Cup scams. Can fans distinguish between what’s real and what’s not?WIRED.COM
22 JunUK Information Commissioner Resigns After Workplace InvestigationThe UK’s data protection regulator the information commissioner has resigned after his position became “untenable”INFOSECURITY-MAGAZINE.COM
22 JunStop Your Legacy Infrastructure from Hijacking Your AI AgentsEarlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot most security programs are still not accounting for - how attackers are circumventing AI security programs by using legacy infrastructure to hijack AI agents. AI adoption is moving…THEHACKERNEWS.COM
22 JunGoogle Sets Sept. 30 Deadline for Android Developer Verification in Four CountriesGoogle has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries, and the major device-maker app stores are in from the start. On that date, certified Android phones in Brazil, Indonesia, Singapore, and Thailan…THEHACKERNEWS.COM
22 JunDocument delivery scams: What are they and what’s their goal?A seemingly official voicemail turned out to be a scam. Learn how document delivery scams work and what to do if you receive one.MALWAREBYTES.COM
22 JunA Glimpse into the “Search Your Target” Market for Stolen CredentialsAttackers no longer need to sift through massive credential dumps. They can pay others to do it for them. Flare explores how an emerging underground market searches stolen credential databases for specific companies, domains, and accounts. [...]BLEEPINGCOMPUTER.COM
22 JunCloud-native Security for your Windows environment: Announcing the Wiz Runtime Sensor for WindowsSecure your Windows fleet without sacrificing performance. Wiz pairs real-time threat detection with a memory-safe architecture that scales efficiently to protect your essential cloud infrastructure.WIZ.IO
22 JunCrypto Heist Fueled by Elaborate Fake Reputation-Boosting CampaignAttackers are using multiple online channels — including GitHub, YouTube, and VirusTotal — to build an illusion of trust to spread a cross-platform clipboard hijacker.DARKREADING.COM
22 JunMicrosoft says Windows 11 26H2 is coming soon, details upgrade processMicrosoft has confirmed that Windows 11 version 26H2 will be the next feature update and that devices running Windows 11 24H2 and 25H2 will be able to upgrade using a small enablement package. [...]BLEEPINGCOMPUTER.COM
22 JunAnthropic says Claude may want to see your IDClaude's chatbot may ask to verify your age and identity "in certain circumstances," such as with a passport or driver's license, according to a privacy policy change.TECHCRUNCH.COM