🚨 CISA KEV 3[−]
26 Jun KEVFirst-Ever Exploitation of PTC Windchill Vulnerability Discovered in the WildCISA has added the remote code execution flaw CVE-2026-12569 to its Known Exploited Vulnerabilities catalog. The post First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
26 Jun KEVCISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks ContinueThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known …THEHACKERNEWS.COM
26 Jun KEVWeekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and moreHelp shape the future of Metasploit Framework We are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they function/are presented to users. We are currently accepting responses to our feedback form, which means that you can sha…RAPID7.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 20[−]
26 JunCVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsingInformation published.MSRC.MICROSOFT.COM
26 JunSynology issues critical fix for MailPlus Server vulnerabilitiesSynology has has fixed critical vulnerabilities in MailPlus Server, a software package used to run private email infrastructure on Synology NAS devices. The security update fixes three flaws: CVE-2026-13136, stemming from faulty authorization checks, may allow remote attackers to…HELPNETSECURITY.COM
26 JunNew DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned PacketsDirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it le…THEHACKERNEWS.COM
26 JunNew Linux pedit COW Exploit Enables Root Access by Poisoning Cached BinariesA flaw in the Linux kernel's traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed "pedit COW," is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public,…THEHACKERNEWS.COM
26 JunAmazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP ConfigsA high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it. Tracked as CVE-2026-12957&nb…THEHACKERNEWS.COM
26 JunChromium: CVE-2026-13027 Use after free in FileSystemThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13026 Use after free in Digital CredentialsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13025 Insufficient validation of untrusted input in DevToolsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13024 Insufficient validation of untrusted input in NavigationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13023 Uninitialized Use in GPUThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13022 Inappropriate implementation in AutofillThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13021 Inappropriate implementation in DeviceBoundSessionCredentialsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13036 Use after free in BlinkThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13035 Use after free in BluetoothThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13034 Inappropriate implementation in PasswordsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13033 Out of bounds read in Blink>InterestGroupsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13031 Use after free in BlinkThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13029 Use after free in Web AuthenticationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 JunChromium: CVE-2026-13038 Use after free in AutofillThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.MSRC.MICROSOFT.COM
26 Jun KEVHackers exploit critical PTC Windchill PLM software flawHackers are exploiting a critical vulnerability recently patched in PTC Windchill and FlexPLM, two product lifecycle management solutions used by organizations across a range of industries, including defense, aerospace, automotive, medical, electronics, industrial machinery, and …CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
26 JunMalware gaslights AIMac Malware Gaslights AI, Major Info-Stealer Takedown, OpenAI's Patch the Planet, and FortiBleed Fallout Mac malware called "Gaslight," attributed to North Korea-aligned actors, plants fake system messages designed to derail AI-based analysis while stealing data and exfiltrating …CYBERSECURITYTODAY.LIBSYN.COM
26 JunGDPR at 10: Landmark data protections, increasing business burdenTen years have passed since the General Data Protection Regulation (GDPR) came into force, and the results are mixed. While data protection has become more firmly established in European companies — and beyond — than ever before, the business world remains critical of the regulat…CSOONLINE.COM
26 JunModelplane: Open-source control plane for AI inferenceOrganizations that run open-weight models on hardware they own operate GPU fleets spread across clouds, neoclouds, and on-premise data centers. Each fleet handles model placement, replica scaling, infrastructure provisioning, weight distribution, and traffic routing. Teams have b…HELPNETSECURITY.COM
26 JunNew infosec products of the month: June 2026Here’s a look at the most interesting products from the past month, featuring releases from AISLE, Asimily, Blue Planet, depthfirst, Diligent, Drata, Elastic, Filigran, Flip, Hyland, IDnow, Legit Security, MazeBolt, Noma, Qodo, Ridge Security, Tigera, and WitnessAI. Asimily turns…HELPNETSECURITY.COM
26 JunWhat CISOs need to tell the board about zero trust in OT: A 90-day communication and action planI work as a principal specialist at a pipeline operator where Operational Technology (OT) is the backbone of the business. I do not report to the board or act as a CISO, but the issues that get raised to those levels affect my job every single day. Since the Colonial pipeline ran…CSOONLINE.COM
26 JunProposed US law would make AI risk reporting a legal obligationUS lawmakers on Thursday introduced a bill that would require developers of advanced AI models to report major safety and security incidents to the Commerce Department, establishing a federal oversight framework for high-risk AI systems. The proposed AI Incident Reporting Act wou…CSOONLINE.COM
26 JunMythos is a signal, not a siren: What frontier AI should change for CISOsWhen a new AI capability starts making headlines, I see the same pattern play out in boardrooms and executive staff meetings. The technology is introduced as a looming breakthrough for attackers. The conversation quickly shifts to worst-case scenarios. Then security leaders are a…CSOONLINE.COM
26 JunJapanese telco suffers breach exposing 14.2 million email passwordsKDDI has disclosed that an email system it operates for internet service providers (ISPs) was breached in a cyberattack, potentially exposing email account information belonging to customers of six Japanese service providers. The company says the intrusion exploited a vulnerabili…CYBERINSIDER.COM
26 JunLinux Foundation Unveils New Open Source Security Project AkritesIt will provide the tools and channels to report, patch, and disclose open source software vulnerabilities. The post Linux Foundation Unveils New Open Source Security Project Akrites appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunRansomware gangs find Europe’s weakest link in third-party suppliersRansomware attacks against European organizations increased during the first months of 2026, with third-party suppliers becoming a major entry point for attackers. Black Kite examined 2,066 ransomware incidents across 31 countries between January 2025 and April 2026 in its 2026 E…HELPNETSECURITY.COM
26 JunCritical open-source projects get a new security frameworkOpen source software projects are getting a new framework for handling security vulnerabilities as AI shortens the time between flaw discovery and exploitation. The Linux Foundation has launched Akrites, an industry initiative that brings together technology companies, financial …HELPNETSECURITY.COM
26 JunCyberattacks pose a ‘threat to life’ in AustraliaAustralia’s Security Intelligence Organization (ASIO) has uncovered an attack on a critical infrastructure operator’s network. State-sponsored actors had compromised the network and were preparing to sabotage it, according to its director general, Mike Burgess. Other countries fa…CSOONLINE.COM
26 JunStop Chasing Every New ThreatCybersecurity teams naturally focus on new vulnerabilities, exploits, and attack techniques. But basic practices like patch management, firmware updates, and consistent security hygiene still prevent many successful compromises. Organizations that maintain strong fundamentals are…YOUTUBE.COM
26 JunMore Klue Breach Victims Identified as Hackers Get HackedRoughly two dozen companies have notified their customers of the Klue-Salesforce incident impact. The post More Klue Breach Victims Identified as Hackers Get Hacked appeared first on SecurityWeek .SECURITYWEEK.COM
26 Jun KEVTata Electronics and Bajaj Auto continue recovery from cyberattacks.Threat actors target critical infrastructure across Southeast Asia. CISA warns of actively exploited PTC vulnerability. Polish police disrupt SIM-swapping gang.THECYBERWIRE.COM
26 JunSoftware, AI companies form alliance to tackle open-source security flawsThe emergence of frontier AI models has increased the speed and capabilities of malicious hackers.CYBERSECURITYDIVE.COM
26 JunAmazon Q Flaw Enabled Cloud Credential Theft via Malicious RepositoriesAWS has patched the vulnerability and published its own advisory to inform customers about the potential impact. The post Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunMalware authors subvert AI detection systemsEnterprises that have turned to AI in order to boost their security defenses may have to reconsider their approach. Malware containing code that commands LLM-assisted products to abort their analysis or refuse to implement it is already circulating, according to a post from secur…CSOONLINE.COM
26 JunUnpatched macOS bug could allow tampering trusted applicationsSecurity duo Mysk has disclosed an unpatched macOS vulnerability that they say allows web-installed applications to silently modify other apps' binaries, potentially bypassing key macOS security protections. In a post published on X, Mysk said the issue affects macOS 26 and macOS…CYBERINSIDER.COM
26 JunCisco Adds NHI to Security Stack With Astrix, WideField AcquisitionsCisco joins a growing list of security platform providers who are betting that securing the agentic workforce means turning identity into the primary control plane.DARKREADING.COM
26 Jun KEVCISA sets urgent deadline to fix Cisco flaw exploited in attacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) is giving federal agencies until Sunday to patch a vulnerability in Cisco Unified Communications Manager Server that is being actively exploited. [...]BLEEPINGCOMPUTER.COM
26 JunThe Chinese Control the Majority of Argentina’s Squid FleetChinese companies control nearly two-thirds of Argentina’s own squid fleet.SCHNEIER.COM
26 Jun KEVFactory reset required.Tata Electronics and Bajaj Auto continue recovery from cyberattacks. FCC tightens undersea cable rules to bolster national security. CISA warns of actively exploited PTC vulnerability. Gamaredon expands toolkit, hides behind legitimate services. Iran-linked hackers turn public wa…THECYBERWIRE.COM
📋 SECURITY BULLETINS 1[−]
26 JunMicrosoft gives Windows 10 users an unexpected extra year of free security updatesMicrosoft has given Windows 10 users another year of free security updates, extending its consumer Extended Security Updates (ESU) program until October 12, 2027. “Windows 10 support has ended. You can enroll in ESU any time until the program ends on October 12, 2027. If you’re a…HELPNETSECURITY.COM
📢 SECURITY ADVISORIES 2[−]
26 JunZeroTier Quantum RC2 brings post-quantum security closer to general availabilityZeroTier has announced the release candidate 2 (RC2) for ZeroTier Quantum, its end-to-end quantum-secure networking platform. This milestone marks the final testing phase, positioning the platform one step away from general availability (GA). ZeroTier Quantum addresses the loomin…HELPNETSECURITY.COM
26 JunFBI: Russian hackers now target Signal backup recovery keysThe FBI and CISA are warning that a phishing campaign targeting Signal users tied to Russian intelligence services has evolved to steal Signal Backup Recovery Keys, allowing attackers to access victims' historical messages. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 13[−]
26 JunAmerican Tower - 216,601 breached accountsIn June 2026, telecommunications tower infrastructure company American Tower was the target of a ShinyHunters "pay or leak" extortion campaign . The group subsequently published data allegedly taken from the company containing more than 200k unique email addresses belonging to em…HAVEIBEENPWNED.COM
26 JunCMC Releases Analysis and Guidance for Education Sector After Canvas Data BreachThe UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidentsINFOSECURITY-MAGAZINE.COM
26 JunSIM-swapping gang busted in international police operationOfficers from Poland’s Central Bureau for Combating Cybercrime (CBZC) arrested four suspected members of an organized cybercrime group accused of SIM swap attacks, cryptocurrency theft, and money laundering. The operation involved agents from the U.S. Federal Bureau of Inve…HELPNETSECURITY.COM
26 JunHealthcare leaders see a fatal cyber incident as inevitableHealthcare practices run on a chain of outside vendors. An EMR system holds clinical records, a billing platform processes claims, a telehealth tool supports remote visits, and a cloud provider stores data. Every one of those connections gives an outside company a path into the p…HELPNETSECURITY.COM
26 JunOne Million Passports Leaked OnlineA database of almost a million passports from around the world was leaked online. Note what happened. A high-value credential—a passport—was used in an ancillary low-value authentication system: ID verification for cannabis dispensaries. And it’s the low-value s…SCHNEIER.COM
26 JunMiasma Malware Targets npm Packages and GitHub Actions in Supply Chain AttackCybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. "The latest activity includes mal…THEHACKERNEWS.COM
26 JunPolymarket suffers supply chain attack leading to $3 million crypto theftPolymarket says it has contained a supply chain attack that injected malicious code into its website after a compromised third-party vendor exposed some users to a phishing campaign. This resulted in roughly $3 million in cryptocurrency theft, which the company says will be fully…CYBERINSIDER.COM
26 JunMystery hackers use novel SharkLoader dropper against governments, software devsKaspersky researchers have uncovered a previously unknown cyberattack campaign that has compromised government organizations and software development companies in multiple countries. They first stumbled onto the campaign while investigating an attack on a diplomatic organization …HELPNETSECURITY.COM
26 JunRussia used social engineering to breach prominent messaging accounts, Ukraine saysUkraine's SBU described a long-running Russian operation that used fake tech-support workers to persuade people to hand over credentials to their messaging apps.THERECORD.MEDIA
26 JunIn Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk LayoffsOther noteworthy stories that might have slipped under the radar: Russia used Cellebrite to hack activist’s phone, Five Eyes issue urgent AI threat warning, macOS Gaslight backdoor, Scattered Spider guilty pleas. The post In Other News: Chinese Mythos-Like AI, Tata Electronics Br…SECURITYWEEK.COM
26 JunChinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia CampaignA Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. The activity, particularly aimed at state-owned enterprises in th…THEHACKERNEWS.COM
26 JunNew SharkLoader Malware Deploys Cobalt Strike in StrikeShark CyberattacksA newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the moniker StrikeShark…THEHACKERNEWS.COM
26 JunPolymarket customers lose $3 million in supply-chain attackPolymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform's frontend following a breach at a third-party vendor. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 22[−]
26 JunGoogle Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage AttacksThe Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy. D…THEHACKERNEWS.COM
26 JunRussian APT Deploys ‘StockStay’ Backdoor Against Ukrainian TargetsTurla has been using the backdoor against government and military organizations in Ukraine for espionage. The post Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunNew Enterprise-Ready MCP Specification Brings New Security ChallengesA major overhaul of the Model Context Protocol shifts critical security responsibilities from the protocol itself to developers and platform operators. The post New Enterprise-Ready MCP Specification Brings New Security Challenges appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunPhilip Martin Joins Uber as Chief Information Security OfficerMartin brings experience from Coinbase, Palantir, Amazon, and the U.S. Army to lead Uber's cybersecurity and enterprise security organization. The post Philip Martin Joins Uber as Chief Information Security Officer appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunThreatModeler introduces Nexus to automate threat modeling with AI governanceThreatModeler has announced the general availability of ThreatModeler Nexus, an agentic threat modeling platform that brings governed, architecture-aware security to the way modern software is actually built. As AI writes a growing share of production code, the question is no lon…HELPNETSECURITY.COM
26 JunA privacy-first take on local malware analysisSubmitting a suspicious file to VirusTotal or MalwareBazaar places a copy of that file on a platform other people can search. Analysts across the industry rely on these services to get a quick verdict on whether a binary is dangerous. The convenience carries a condition many over…HELPNETSECURITY.COM
26 JunTwo CEOs on why security and AI readiness belong togetherSuperOps and Guardz are bundling PSA, RMM, MDM, and agentic SecOps into one offering for MSPs. In this Help Net Security Q&A, SuperOps CEO Arvind Parthiban and Guardz CEO Dor Eisner explain how a connected stack cuts the time and context lost to tool-switching, lowers costs …HELPNETSECURITY.COM
26 JunMicrosoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js ImplantAn active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP files to drop a Node.js implant and dig into front-desk machines, Microsoft says. The company has not attributed the …THEHACKERNEWS.COM
26 Jun$3 Million Reportedly Stolen in Polymarket HackThe decentralized prediction market said hackers targeted some of its users through a compromise of a third-party vendor. The post $3 Million Reportedly Stolen in Polymarket Hack appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunMirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentialsMirage2FA, a phishing kit that combines short-lived HTML smuggling with obfuscated JavaScript loaders to deliver fake Microsoft 365 login pages and steal credentials during MFA prompts, has been identified by researchers at Fortra. Fortra based its analysis on a suspicious HTML a…HELPNETSECURITY.COM
26 JunAWS unveils agent security, data access toolsThe updates reflect Anthropic's Mythos model and the speed at which vulnerabilities can be surfaced.CYBERSECURITYDIVE.COM
26 JunNebulock Raises $25 Million for AI-Native Contextual SecurityThe cybersecurity startup provides threat hunting, proactive detection, and behavioral security analytics. The post Nebulock Raises $25 Million for AI-Native Contextual Security appeared first on SecurityWeek .SECURITYWEEK.COM
26 JunProof’s x401 establishes an open protocol for AI agent identity and authorizationProof has launched x401, an open, issuer-neutral protocol that lets any website or API ask for and verify the identity behind agents. With x401, a service can ask for the proof it requires: verified identity, age, membership, organizational affiliation, signing authority, proof o…HELPNETSECURITY.COM
26 JunTurla group adds more malware to Russia’s espionage efforts against UkraineThreat intelligence researchers at Google described StockStay, the latest malware developed by the Russian cyber-espionage group known as Turla.THERECORD.MEDIA
26 JunFCC requires emergency-alert distributors to secure their systemsMore than a decade after a high-profile hacking campaign, the commission is moving from recommending basic security protocols to requiring them.CYBERSECURITYDIVE.COM
26 JunNew Millenium RAT version infects 62,000 Windows systems worldwideA major evolution of the Millenium remote access trojan (RAT) has infected more than 62,000 Windows devices across over 160 countries while continuing to use Telegram bots for command-and-control. Group-IB examined Millenium RAT version 4.*, which it says represents a significant…CYBERINSIDER.COM
26 JunMeta Is Testing Facial Recognition for Police and MilitaryWe know that ICE wants to deploy eyeglasses with facial recognition that can identify people in real time. Turns out Meta is prototyping the feature with a Pentagon supplier. (Alternate news story.)SCHNEIER.COM
26 JunRussian hackers were behind $2.5 billion hack of Jaguar Land Rover: ReportThe hack on car giant Jaguar Land Rover last year was one the most disrupting, damaging, and costly hacks of the last few years.TECHCRUNCH.COM
26 JunCybersecurity firms targeted by fraudulent OpenAI organization invitesThreat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick targets into submitting sensitive company information in chats and projects. [...]BLEEPINGCOMPUTER.COM
26 JunATF cancels controversial commercial geolocation contractThe agency told CyberScoop the tool was a pilot that didn’t meet their needs. Members of Congress say it was accessed for hundreds of active cases. The post ATF cancels controversial commercial geolocation contract appeared first on CyberScoop .CYBERSCOOP.COM
26 JunAI Brain Harvest, Fortibleed, Win 10, Blacksite, Windchill, Cisco, BB-8, Josh Marpet - SWN #593AI Brain Harvest, Fortibleed, Win 10, Blacksite, Windchill, Cisco, BB-8 Sidewalk Bots, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-593YOUTUBE.COM
26 JunMFA Won't Stop This Phishing KitThe Black Site phishing kit pairs with an evasion tool called Cloaked.gg to perform adversary-in-the-middle attacks. By acting as a reverse proxy between the victim and the legitimate website, it can capture credentials and authenticated session data during the login process. Thi…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
26 JunChina-Linked Hackers Strike Asian Critical Infrastructure with TinyRCT BackdoorA China-linked threat group has been targeting critical infrastructure in Southeast Asia with a new custom backdoor called TinyRCTINFOSECURITY-MAGAZINE.COM
26 JunMalware steals Chrome session cookies to take over your accountsA phishing campaign installs a malicious Chrome extension to hijack browser sessions and compromise Windows devices.MALWAREBYTES.COM
📡 INFOSEC NEWS 11[−]
26 JunRussia Used Cellebrite on Jailed Activist's iPhone Months After Sales CutoffRussian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus. The finding, published Jun…THEHACKERNEWS.COM
26 JunGuardian Agents: The Next Layer of Identity GovernanceAI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn't designed for autonomous actors, and the gap between w…THEHACKERNEWS.COM
26 JunFCC votes to toughen rules in bid to better protect undersea cablesIn an unprecedented move, the FCC also said it plans to mandate that owners and operators of submarine line terminal equipment (SLTE) be licensed.THERECORD.MEDIA
26 JunThanks for Crushing the Submissions Inbox. We're Trying to Keep UpIt might be taking a bit longer than usual to respond to your submissions — here's why.DARKREADING.COM
26 JunMCP Auto-Execution: From Git Clone to Cloud Compromise in Amazon Q VS Code ExtensionBy automatically loading MCP servers from workspace files, Amazon Q enabled attackers to execute code and access sensitive cloud environments.WIZ.IO
26 JunRussia accuses Apple of ‘political censorship’ after VK apps removed from App StoreApple removed VK's flagship social network VKontakte, often described as Russia's equivalent of Facebook, along with VK Music, VK Messenger, VK Video, Odnoklassniki and Mail.ru services, including its email application.THERECORD.MEDIA
26 JunMeeting Trump's 2030 Quantum Deadline Will be Expensive, ComplexGetting accurate visibility into IT and OT systems will be compounded by multivendor environments, misaligned update life cycles, and interoperability gaps.DARKREADING.COM
26 JunYour First GRC Agent: A Red Teamer's WalkthroughAI won't replace GRC analysts, but it can eliminate much of the repetitive work they do. Anecdotes walks through building an agent that continuously monitors controls, identifies evidence gaps, and opens remediation tasks. [...]BLEEPINGCOMPUTER.COM
26 JunThe Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security OfficialsExposed records from the private group included the personal information of a senior White House intelligence official and an active-duty special operations officer.WIRED.COM
26 JunAI Won't Wipe-Out Entry-Level Cybersecurity JobsInstead of eliminating jobs for early-career cyber pros, AI is creating new opportunities for candidates with strong human decision-making skills.DARKREADING.COM
26 JunAI Decline? Confidence in Autonomous Penetration Testing FallsCompanies are still experimenting with automated AI systems to find security weaknesses, but fewer are relying on the technology.DARKREADING.COM