🚨 CISA KEV 2[−]
30 Jun KEVHow CISA BOD 26-04 redefines vulnerability management metrics for security leadersCISA’s BOD 26-04 changes how federal agencies patch and how security leaders must measure, justify, and communicate cyber risk to executives and boards. Key takeaways BOD 26-04 requires agencies to make and defend risk-based vulnerability prioritization decisions, including decis…TENABLE.COM
30 Jun KEVU.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalogU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a SimpleHelp flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a SimpleHelp flaw, tracked as CVE-2026-48558 (CVSS score v3.1 …SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 18[−]
30 Jun KEVOracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the WildA critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Paym…THEHACKERNEWS.COM
30 JunApple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit BugsApple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools like Anthropic Claude and OpenAI Codex Security. The WebK…THEHACKERNEWS.COM
30 JunCVE-2026-54369 acl < 2.4.0 Symlink Traversal Privilege Escalation via libacl FunctionsInformation published.MSRC.MICROSOFT.COM
30 JunCVE-2026-54371 attr < 2.6.0 Symlink Traversal Privilege Escalation via getfattr/setfattrInformation published.MSRC.MICROSOFT.COM
30 JunCVE-2026-53325 agp/amd64: Fix broken error propagation in agp_amd64_probe()Information published.MSRC.MICROSOFT.COM
30 JunProgress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-AuthA critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked as CVE-2026-8037, carries a CVSS score of 9.8 according to ZDI. A patc…THEHACKERNEWS.COM
30 Jun KEVAttackers actively exploit the Oracle E-Business Suite flaw CVE-2026-46817Attackers are exploiting a critical flaw in Oracle E-Business Suite, CVE-2026-46817, that allows remote, unauthenticated attackers to take over Oracle Payments. A critical vulnerability in Oracle E-Business Suite, tracked as CVE-2026-46817, is being actively exploited in the wild…SECURITYAFFAIRS.COM
30 JunSimpleHelp vulnerability exploited to deliver mighty Djinn Stealer (CVE-2026-48558)Attackers are exploiting CVE-2026-48558, a recently patched authentication bypass vulnerability in SimpleHelp RMM, to drop the novel Djinn Stealer malware on victim computers. The malware is capable of targeting Windows, macOS, and Linux systems, and “collects credentials a…HELPNETSECURITY.COM
30 JunAttackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn StealerAn unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10.0)…THEHACKERNEWS.COM
30 Jun KEVBlueHammer Vulnerability Exploited in Ransomware AttacksThe Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunOracle E-Business Suite Payments flaw under attack (CVE-2026-46817)Exploitation attempts targeting a critical vulnerability (CVE-2026-46817) in Oracle Payments, the payment-processing module within Oracle’s E-Business Suite (EBS), have been spotted over the weekend, threat intelligence company Defused warned on Monday. The detected exploit…HELPNETSECURITY.COM
30 JunCVE-2026-42910 Windows Hotpatch Monitoring Service Elevation of Privilege VulnerabilityUpdated an acknowledgement. This is an informational change only.MSRC.MICROSOFT.COM
30 JunLangflow RCE Exploited to Deploy Monero Miner on Exposed AI App EndpointsThreat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerab…THEHACKERNEWS.COM
30 JunCitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451)Well, well, well - once again, the cat has dragged us in and spat us out. Today, we find ourselves questioning the reality we sit within. Must it be so predictable, and why us? “But watchTowr, what do you mean?” Well, if you’re here, you likely fitLABS.WATCHTOWR.COM
30 Jun KEVCitrix patches a new NetScaler flaw with echoes of CitrixBleedThe bulletin includes six NetScaler issues, but attention is centered on a high-severity flaw with similarities to earlier actively exploited bugs. The post Citrix patches a new NetScaler flaw with echoes of CitrixBleed appeared first on CyberScoop .CYBERSCOOP.COM
⚠️ VULNERABILITY DISCLOSURE 38[−]
30 JunMalicious Perplexity Chrome Extension Intercepted Searches and Address Bar InputMicrosoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real …THEHACKERNEWS.COM
30 JunCybersecurity jobs available right now: June 30, 2026AI Offensive Security Engineer AGAPI | UAE | On-site – View job details As an AI Offensive Security Engineer, you will leverage AI and LLMs to accelerate offensive security research, exploit development, vulnerability discovery, and security automation. You will v…HELPNETSECURITY.COM
30 JunVulnerability reports are arriving faster than GitHub can review themAcross the open source world, people are reporting software flaws in record numbers, and the systems built to verify those reports are straining under the weight. The GitHub Advisory Database, which feeds automated security alerts to millions of projects, has reached a point wher…HELPNETSECURITY.COM
30 JunHottest cybersecurity open-source tools of the month: June 2026Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory AI a…HELPNETSECURITY.COM
30 JunOpenClaw for iOS: The viral open-source AI agent comes to iPhone and iPadOpenClaw, a self-hosted personal AI assistant that connects to existing chat apps, is now available on iPhone, iPad and Apple Watch. The release brings chat, real-time voice conversations, approvals, device capabilities, and private automations to iOS. Connecting OpenClaw to iPho…HELPNETSECURITY.COM
30 JunReducing Attack Surface & Evaluating Efficiency in Agents - ASW #389SquidBleed reveals another vuln that's been lurking for decades, but its real lesson is in managing an attack surface. Regardless of whatever programming language you use, removing code is one of the best security steps you can take, followed by changing default configs to turn o…YOUTUBE.COM
30 JunHow ransomware syndicates weaponize corporate-style organizationFrom outsourced labor to tiered pricing models, an inside look at how today's top ransomware threats operate less like rogue hackers and more like Fortune 500 companies. The post How ransomware syndicates weaponize corporate-style organization appeared first on CyberScoop .CYBERSCOOP.COM
30 JunCISA: Windows BlueHammer flaw now exploited by ransomware gangsCISA confirmed on Monday that ransomware gangs are now exploiting a Microsoft Defender privilege escalation vulnerability, dubbed BlueHammer, that has previously been abused in zero-day attacks. [...]BLEEPINGCOMPUTER.COM
30 JunCritical SimpleHelp Vulnerability Exploited for Malware DeliveryThe threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling. The post Critical SimpleHelp Vulnerability Exploited for Malware Delivery appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunShipping post-quantum cryptography to PythonPost-quantum cryptography is now one pip-install away for the entire Python ecosystem. With funding from the Sovereign Tech Agency , we implemented support for ML-KEM, the NIST-standard key-establishment primitive, and ML-DSA, the NIST-standard digital-signature primitive, in pyc…TRAILOFBITS.COM
30 JunCloser than Cuba: the Able Archer Nuclear Crisis of 1983It's November of 1983, the closest the world came to nuclear war, some may argue even closer than the Cuban Missile Crisis of 1962. Yet the Able Archer 1983 exercise incident is relatively unknown by comparison. A series of events that started with the Soviet shootdown of a Korea…THECYBERWIRE.COM
30 JunMalicious Chromium extension spoofs Perplexity AI to hijack browser searchesGoogle has removed a malicious browser extension masquerading as Perplexity AI after Microsoft researchers found it was intercepting users’ search traffic and routing queries through attacker-controlled servers before forwarding them to legitimate search engines. Microsoft Threat…CSOONLINE.COM
30 JunInsurance giant Aflac discloses data breach after subsidiary hackAmerican insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary's systems and stole personal and bank account information. [...]BLEEPINGCOMPUTER.COM
30 JunHacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreatChris Thompson's journey took him from hacking game controls as a teenager to founding IBM’s X-Force Red team. The post Hacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreat appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunExploitation of Recent Oracle E-Business Suite Vulnerability BeginsThe critical-severity defect allows unauthenticated attackers to take over the E-Business Suite’s Payments product. The post Exploitation of Recent Oracle E-Business Suite Vulnerability Begins appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunDecades-Old Bash Tricks Expose AI Coding Agents to Supply Chain AttacksDecades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors. The post Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunAikido Security acquires Root to expand backported fixes for open source vulnerabilitiesAikido Security has acquired Root, uniting behind a shared mission to make it easy for developers and agents to build with secure open source and tackle the growing threat of supply chain attacks. Open source is the foundation of almost every application in the world, and it has …HELPNETSECURITY.COM
30 JunJamf enables AI Governance and shadow AI detection on MacJamf has announced general availability of AI Governance, a new capability within Jamf for Mac that enables IT and security teams to discover actively-used AI tools, enforce policy controls, and generate audit-ready reporting. Many organizations struggle to confidently audit and …HELPNETSECURITY.COM
30 JunInsurance giant Aflac discloses data breach at Japan subsidiarySergiu Gatlan reports: American insurance giant Aflac has disclosed a new data breach after attackers breached its Japan subsidiary’s systems and stole personal and bank account information. Aflac (short for American Family Life Assurance Company) is a Fortune 500 company a…DATABREACHES.NET
30 JunGuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection RisksThe safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been public for decades. New research from Adversa AI, which is named the bypass GuardFall, found it works against ten of th…THEHACKERNEWS.COM
30 Jun KEVUS Supreme Court rules that geofence searches generally require warrants.Maximum-severity SimpleHelp flaw is now actively exploited. US government offers $10 million reward for info on Russian state-backed hackers.THECYBERWIRE.COM
30 JunCritical flaw in SimpleHelp exploited in attacks targeting sensitive credentialsResearchers found two previously undisclosed malware samples used to steal AI assistant tokens and other valuable secrets.CYBERSECURITYDIVE.COM
30 JunNissan Discloses Employee Data Breach Linked to Oracle Zero-DayNissan says employees' data was stolen via the Oracle PeopleSoft zero-day campaignINFOSECURITY-MAGAZINE.COM
30 JunCritical SimpleHelp Vulnerability Exploited For Malware DeliveryAttackers exploited a critical SimpleHelp RMM bug to deploy TaskWeaver and Djinn Stealer malwareINFOSECURITY-MAGAZINE.COM
30 JunFake Perplexity extension on Chrome Web Store tracked searchesA malicious extension in the Chrome Web Store is masquerading as the Perplexity AI answer engine, intercepting search traffic and collecting browsing information. [...]BLEEPINGCOMPUTER.COM
30 JunThe Human Element: Building A Trusted Workforce in the Age of DPRK Employment FraudFrom Nisos: Earlier this year, our DPRK employment fraud investigation revealed how North Korean operatives infiltrate US companies at industrial scale. In June, we released Part 2 of our research, featured on Nicole Perlroth’s “To Catch a Thief” podcast, that t…DATABREACHES.NET
30 JunThe Fall of XSS Forum: From DaMaGeLaB to the 2025 takedownRansomnews has published a history and analysis of XSS Forum from its inception to its seizure in 2025. There is so much that is interesting and informative in their report that it’s hard to know what to mention here, but here are just two portions below: As an overview: XS…DATABREACHES.NET
30 JunHackers Steal Data of 4.38 Million Aflac Japan CustomersHackers stole data from 4.38 million Aflac Japan customers after accessing its systems for 10 days before the breach was detected. Aflac Japan disclosed that hackers stole the personal information of 4.38 million customers and agents after gaining access to its systems between Ju…SECURITYAFFAIRS.COM
30 JunKaspersky Lab experts have discovered a new attack vector and toolkit for compromising corporate Gmail accountsKaspersky Labs writes: It is used by the ToddyCat group. Kaspersky Lab experts have discovered a new attack vector and toolkit for compromising corporate Gmail accounts. Using this toolkit, attackers can access user accounts via an API, read conversations, and harvest data from c…DATABREACHES.NET
30 Jun KEVAnton’s Security Blog Quarterly Q2 2026My Anton’s Security Blog Quarterly covers both Anton on Security and my posts from Google Cloud blog , Google Cloud community blog , and our Cloud Security Podcast ( subscribe on Spotify, now with VIDEO ). Top 10 posts with the most lifetime views (excluding paper announcement bl…MEDIUM.COM
30 JunThe court draws a privacy line.The Supreme Court limits geofence warrants. DHS moves to expand CISA. The State Department offers $10 million for Russian hackers. A legal theory could reshape EU-U.S. data sharing. Plus, cyberattacks hit D.C. housing, Oracle and SimpleHelp flaws face active exploitation, malware…THECYBERWIRE.COM
30 JunScammers race to cash in on Venezuelan earthquake disasterScammers wasted no time exploiting Venezuela's devastating earthquake, with researchers uncovering 212 newly-registered relief-themed domains in just five days. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
30 JunFake Bug Report Hijacks AI Coding Agents at Scale"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.DARKREADING.COM
30 JunUK journalists and NGOs risk terrorism prosecutions under new security billMEE reports: New national security legislation being rushed through the UK’s parliament could criminalise British foreign correspondents and NGO workers engaging with designated state-backed groups, experts warn. The National Security (State Threats) Bill, which is moving t…DATABREACHES.NET
30 JunThe Green Shirt AI JailbreakAn LLM refused a request until the prompt included fabricated internal reasoning claiming the action was acceptable because of a "green shirt." The model then complied, illustrating how prompt-based attacks can bypass intended restrictions. Unlike traditional software exploits, m…YOUTUBE.COM
30 JunUS Supreme Court limits police access to people’s location historyThe US Supreme Court has ruled that law enforcement's acquisition of historical location data through geofence warrants constitutes a Fourth Amendment search, marking a major victory for digital privacy. While the Court stopped short of declaring geofence warrants unconstitutiona…CYBERINSIDER.COM
30 JunAnthropic to restore Claude Fable access on WednesdayAnthropic has confirmed that the Department of Commerce has lifted export controls on Claude's two most powerful models, Fable 5 and Mythos 5. [...]BLEEPINGCOMPUTER.COM
30 JunXSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’tPolice arrested the alleged admin of XSS.is, a major cybercrime forum whose trusted escrow service helped power the underground economy. On 22 July 2025, French and Ukrainian police arrested a 38-year-old man in Kyiv and shut down XSS.is, the most influential Russian-language cyb…SECURITYAFFAIRS.COM
📋 SECURITY BULLETINS 1[−]
30 JunApple Fixes WebKit Flaws in iOS and macOS, With Help From AI ToolsApple released updates for iOS, iPadOS, macOS, and Safari, fixing WebKit flaws, four of which were found using AI tools like Claude and Codex Apple pushed out security updates for iOS, iPadOS, macOS, and Safari on Monday, and this round comes with a twist worth noticing. Four of …SECURITYAFFAIRS.COM
📢 SECURITY ADVISORIES 12[−]
30 JunHalf the defense base still builds security around complianceCMMC requirements are appearing in defense contracts and moving down through supplier networks to thousands of companies new to this kind of compliance work. Many run on limited budgets with lean security teams. The picture comes from nearly 900 defense contractors, C3PAOs, feder…HELPNETSECURITY.COM
30 JunNew Controller Flaws Expose Highway Signs and Billboards to Remote HackingCISA has published an advisory to inform organizations about three vulnerabilities found by a researcher in Daktronics controllers. The post New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunCompleting Compliance with Evidence : A Bottom-Up Approach to NIS2, DORA, and the Cyber Resilience ActGRC (Governance, Risks and Compliance) as it is most often practiced works top-down, you read a piece of regulation, draft a policy, declare coverage, and archive a documentary record. This approach has value, it structures, it documents, it meets an auditor's formal expectations…SYNACKTIV.COM
30 JunCequence Platform 9.0 uses AI to simplify API security and complianceCequence Security has announced general availability of Cequence Platform 9.0, an AI-native release that changes how users interact with API security tools. Platform 9.0 ships with a built-in AI Assistant, an open Model Context Protocol (MCP) server that exposes every platform ca…HELPNETSECURITY.COM
30 JunDHS proposes new framework for public-private infrastructure security collaborationThe Trump administration eliminated the previous system in 2025, sparking a backlash from experts and infrastructure operators.CYBERSECURITYDIVE.COM
30 JunDHS to unveil replacement council for critical infrastructure cybersecurityThe Department of Homeland Security is bringing back a key cybersecurity information sharing effort with critical infrastructure, more than a year after the Trump administration shuttered an existing nerve center between government and private sector. The Alliance of National Cou…CYBERSCOOP.COM
30 JunHouse passes kids’ online safety bill, but Senate approval unlikelyThe Kids Internet and Digital Safety (KIDS) Act passed with bipartisan support by a 267-117 margin, winning the two-thirds majority needed to greenlight the legislation under a process that speeds up a bill’s path to a vote but requires more than a simple majority.THERECORD.MEDIA
30 JunTrump budget boss Russell Vought open to re-staffing CISADHS Secretary Markwayne Mullin has been floating the idea of adding back 600 CISA personnel after deep Trump administration cuts. The post Trump budget boss Russell Vought open to re-staffing CISA appeared first on CyberScoop .CYBERSCOOP.COM
🔥 INCIDENT REPORTING 10[−]
30 JunProduct showcase: Scam calls, phishing, and data breaches? Meet AVG Mobile SecurityAVG Mobile Security for iOS helps protect users against online threats with features including Web Guard, VPN, Scam Guardian Pro, Hack Alerts, and Photo Vault. It also identifies suspicious calls and scam text messages and helps keep personal information private while using Wi-Fi…HELPNETSECURITY.COM
30 JunOver 300 UK Firms Hit by Ransomware in a YearReport Fraud data reveals that more than half of 323 UK ransomware victims last year were SMEsINFOSECURITY-MAGAZINE.COM
30 JunBlackfield ransomware asks Nidec Corporation for $2 million ransomThe Blackfield ransomware gang is asking for a $2 million ransom from Nidec Corporation, a large Japanese manufacturer of electronic components for automotive and computing applications. [...]BLEEPINGCOMPUTER.COM
30 JunNissan Employee Data Breached in Oracle PeopleSoft HackOnly a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed. The post Nissan Employee Data Breached in Oracle PeopleSoft Hack appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunAflac Japan Data Breach Impacts 4.38 MillionHackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25. The post Aflac Japan Data Breach Impacts 4.38 Million appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunLessons from the Underground: How to Combat Business Email CompromiseBusiness Email Compromise is more than an email scam. It's a coordinated operation involving compromised accounts, financial research, and cash-out networks. Flare explores how underground forums reveal how BEC attacks are planned and executed. [...]BLEEPINGCOMPUTER.COM
30 JunStop Policing AI PromptsAI security is changing. Instead of focusing only on preventing bad responses or prompt abuse, organizations increasingly need to control what AI agents are actually allowed to do inside real systems. As AI agents gain access to identities, applications, and workflows, the bigges…YOUTUBE.COM
30 JunWeekly Update 510: Live From Mallorca with Scott HelmePresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite How's the view?! Back to business, it's now 8 years ago that Scott and I thought it would be a cool idea to build Why no HTTP…TROYHUNT.COM
30 JunMicrosoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak DataNew Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider. The trick is that the agent never breaks a rule. Every step …THEHACKERNEWS.COM
30 JunMalicious PyPI packages give hackers control of Telegram bot serversA campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram forks that allow attackers to read arbitrary files on compromised servers. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 24[−]
30 JunISC Stormcast For Tuesday, June 30th, 2026 https://isc.sans.edu/podcastdetail/9988, (Tue, Jun 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 JunWSL containers now build and run Linux workloads on WindowsContainers power a large share of cloud-native applications, AI workloads, and testing and deployment pipelines. Developers working on Windows have long pulled in third-party software to build and run them. That step becomes optional with WSL containers, a feature that arrived at…HELPNETSECURITY.COM
30 JunQuantifind Raises $200 Million for AI-Native Risk IntelligenceQuantifind will accelerate international expansion and extend its platform’s localized risk intelligence capabilities. The post Quantifind Raises $200 Million for AI-Native Risk Intelligence appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunAirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes beginPhones and laptops ship with a feature that sends files to nearby devices over the air, with no cables, accounts, or prior pairing. Apple calls its version AirDrop. Google and Samsung call theirs Quick Share. Both run inside privileged background services that wake when another d…HELPNETSECURITY.COM
30 JunKali Linux 2026.2 trims VM boot times, refreshes its desktopsPenetration testers who run Kali Linux inside virtual machines boot their systems faster after the 2026.2 release. The change comes from a decision about graphics firmware, the code that drives NVIDIA, AMD, and Intel GPUs. That firmware has grown large enough to slow the early st…HELPNETSECURITY.COM
30 JunToddyCat: your hidden email assistant. Part 2An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.SECURELIST.COM
30 JunThe AI Token Costs That Can Break CybersecurityAs cybersecurity platforms embrace agentic AI, organizations must balance detection performance against the escalating costs of token consumption, deployment architecture, and AI credits. The post The AI Token Costs That Can Break Cybersecurity appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunAirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass ChecksTwo researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no cables or shared network. An attacker within wireless range, with just a laptop and no prior connection, can crash the sharing service on…THEHACKERNEWS.COM
30 JunSupreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location HistoryThe ruling was made in the case of a bank robber whose identity was discovered through a geofence warrant. The post Supreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location History appeared first on SecurityWeek .SECURITYWEEK.COM
30 JunThe Realities of AI Video SurveillanceThe Financial Times has a good article on how AI is changing the capabilities of video surveillance, with information from both Israel/Iran and Russia. I wrote about this sort of thing a few years ago, how AI enables mass spying in the way that computers and networks enabled mass…SCHNEIER.COM
30 JunMozilla tightens rules for certificate authorities to improve web securityMozilla has released version 3.1 of its Mozilla Root Store Policy (MRSP), introducing new requirements aimed at improving transparency and oversight across the public Web PKI. The updated policy, which takes effect on July 1, 2026, focuses on stronger Certification Authority (CA)…CYBERINSIDER.COM
30 JunWhat the Numbers Say About FIFA 2026 Cyber RiskThe FIFA World Cup 2026 opened on June 11. By that date, according to Check Point Research, the fraud infrastructure targeting it had already been built, staged, and partially deployed. Threat actor activity was pre-planned, months out, across three sectors and at least ten langu…THEHACKERNEWS.COM
30 JunDigi International’s DANI automates network diagnostics and device managementDigi International has announced the launch of DANI, the Digi Artificial Network Intelligence agent, a purpose-built AI network operations agent natively embedded in a networking device management platform, Digi Remote Manager (DRM). Embedded directly within DRM as a value-added …HELPNETSECURITY.COM
30 JunOpenMatter Network brings verifiable trust to AI governanceOpenMatter Network has announced the launch of its cryptographically verifiable platform for secure collaboration and AI governance, built on a simple premise: Don’t Trust Data. Prove It. For decades, organizations have relied on trust-based assumptions to secure data, exec…HELPNETSECURITY.COM
30 JunChrome and Firefox Free VPN extensions caught stealing clipboard dataTwo browser extensions masquerading as free VPN services were transformed into clipboard stealers through malicious updates. The Chrome and Firefox add-ons retained working proxy functionality to appear legitimate while secretly monitoring copied data and transmitting it to attac…CYBERINSIDER.COM
30 JunProton launches Lumo 2.0 with advanced reasoning and image generationProton has announced Lumo 2.0, a major upgrade that significantly expands the assistant's capabilities while maintaining the privacy protections that distinguish it from mainstream AI platforms. The new release introduces stronger reasoning models, image recognition and generatio…CYBERINSIDER.COM
30 JunWhat’s new in Microsoft Security: June 2026This month’s updates help security and IT teams strengthen identity and multicloud foundations, protect data wherever it lives, and secure the developer workflows powering AI innovation. The post What’s new in Microsoft Security: June 2026 appeared first on Microsoft Security B…MICROSOFT.COM
30 JunSecuring AI agents: When AI tools move from reading to actingMCP tool poisoning turns trusted AI agents into a control plane for data loss. Learn how threat actors manipulate tool descriptions to trigger unauthorized actions, and how to detect, contain, and prevent it. The post Securing AI agents: When AI tools move from reading to acting …MICROSOFT.COM
30 JunNew Gartner® Report on Preemptive Exposure ManagementThe 2026 Gartner report titled Emerging Tech: Top Funded Startups for Preemptive Exposure Management, that names Eclypsium in the Domain Specific Exposure Management category, was published in April. While this is only a small part of what the Eclypsium Hardware Supply Chain Secu…ECLYPSIUM.COM
30 JunBTS #77 - FortiBleed Uncovered: How Attackers Harvest Credentials from Fortinet DevicesPaul Asadoorian is joined by Chase Snyder and Vlad Babkin to unpack FortiBleed, a large-scale Fortinet credential-harvesting campaign, and what it reveals about network edge security. Welcome to episode 77 of Below the Surface. Paul Asadoorian sits down with Chase Snyder and Vlad…ECLYPSIUM.COM
30 JunWhen AI Chooses Your VendorTyler Shields argues that companies are beginning to publish pricing specifically for AI agents, making it easier for software—not just people—to compare services automatically. As agents evaluate cost, security, and available integrations, support for MCP could become increasing…YOUTUBE.COM
30 JunAccelerating the quantum-safe timelineWe’re accelerating quantum-safe readiness—and sharing what organizations can do now to transition earlier and with confidence. The post Accelerating the quantum-safe timeline appeared first on Microsoft Security Blog .MICROSOFT.COM
30 JunAI Cocaine Recipes, Russian Hack, Scattered Spider, Cisco, Amazon Q – Aaran Leyland - SWN #594AI Cocaine Recipes, Green Shirt Jailbreak, JLR Russia Hack, Scattered Spider, Cisco Root, Amazon Q Pwned – Aaran Leyland – SWN #594 Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-594YOUTUBE.COM
30 JunProton’s pitch for Lumo 2.0: Frontier AI without the data grabProton has unveiled Lumo 2.0, a major upgrade to its zero-access encrypted AI assistant. Built on a new architecture, the release brings the assistant closer to frontier AI models with new AI models, multimodal capabilities, Memory, improved web search, and enterprise features. T…HELPNETSECURITY.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
30 JunDefending the Authentication Flow: Device Code Phishing with Selena LarsonHost Caleb Tolin sits down with Selena Larson, Staff Threat Researcher and Lead, Intelligence Analysis and Strategy at Proofpoint and Host of the DISCARDED podcast, to discuss the mechanics of device code phishing and the widespread abuse of Microsoft OAuth authentication flows. …THECYBERWIRE.COM
30 JunUSB drives carrying China-linked malware infected Japanese military networks for nearly a yearRead more in my article on the Hot for Security blog.BITDEFENDER.COM
30 JunHackers Leverage Blockchain to Hit Japan's Hotels Through Booking.com PhishingA wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malwareINFOSECURITY-MAGAZINE.COM
30 JunClickFix Now Cybercriminals' Favorite Malware Delivery TechniqueReliaQuest report warns of a surge in ClickFix social engineering attacks against Windows and macOS usersINFOSECURITY-MAGAZINE.COM
30 JunRustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoSA new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online services offline. Researchers at QiAnXin's XLab have tracked it since F…THEHACKERNEWS.COM
30 JunPhishers Gain Persistence at EU, Asia Hospitality OrgsSeparate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social engineering and obsfucation, including blockchain abuse.DARKREADING.COM
🎙️ PODCASTS 1[−]
30 JunBetween Two Nerds: Set cyberspace ablazeIn this edition of Between Two Nerds, Tom Uren and The Grugq discuss whether cyber organisations should actually be separated from Signals Intelligence organisations. The Grugq argues that having cyber expertise subordinate to intelligence collection means that many opportunities…RISKY.BIZ
📡 INFOSEC NEWS 21[−]
30 JunNew BioShocking Attack Tricks AI Browsers Into Leaking User CredentialsConvince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security firm LayerX that tricked six AI browsers and assistants into copying a user's credentials and sending them to an attac…THEHACKERNEWS.COM
30 JunJune 2026 Apple Updates, (Tue, Jun 30th)Apple released updates for iOS/iPadOS, macOS, and Safari on Monday. There have been no updates for other Apple operating systems (visionOS, watchOS, tvOS). Usually, Apple updates all products at the same time.
ISC.SANS.EDU
30 JunUK Healthcare Sector Records Tenfold Increase in Cyber-AttacksSonicWall records 264,000 events in first five months of 2026 as UK hospitals come under siegeINFOSECURITY-MAGAZINE.COM
30 JunKali Linux 2026.2 released with 9 new tools, NetHunter updatesKali Linux 2026.2, the second release of the year, is now available for download, featuring 9 new tools and numerous Kali NetHunter improvements. [...]BLEEPINGCOMPUTER.COM
30 JunMircosoft adds smarter bot protection to Teams meetingsMicrosoft has introduced a new Teams admin policy that allows organizers to prevent third-party bots from joining meetings without approval. [...]BLEEPINGCOMPUTER.COM
30 JunVerifiable Digital Credential PresentmentThis blog post is #4 in our series on Verifiable Digital Credentials (VDCs). Our other posts can be found via Post #1, Post #2, and Post #3. In earlier posts, we discussed how verifiable digital credentials (VDCs) are issued and compared the underlying credential formats (ISO/IEC…NIST.GOV
30 JunAI-Generated Workflows Are a Silent Security DisasterTeams are dealing with a truly dangerous problem — automation that works, but that no one understands.DARKREADING.COM
30 JunTrain, triage, repeat: The AI agent changing how we fight phishingLearn how Red Canary engineered a super agent—blending ML, a rules engine, similarity, agentic AI, and LLMs—to classify phishing emails.REDCANARY.COM
30 JunAn intelligence budget 'super user' job is now in the hands of Russ VoughtRussell Vought, director of the White House Office of Management and Budget (OMB), assumed hands-on responsibility for overseeing the spending plans of intelligence agencies following the recent departure of Amaryllis Fox Kennedy, a senior intelligence official who simultaneously…THERECORD.MEDIA
30 JunMicrosoft 365 Hardening and Huntress Managed ISPMMost Microsoft 365 environments are missing more than half of the recommended security controls, even with tooling in place. Here's why that happens and what Huntress Managed ISPM does about it.HUNTRESS.COM
30 Jun282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic StudyResearchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many cases, the path in was visible just by watching what the app sent: a plaintext API key, a reusable token, or a backend se…THEHACKERNEWS.COM
30 JunUpdate time: Apple releases security patches for iOS, MacOS Tahoe, SafariA new Apple update fixes a multitude of browser and browser related vulnerabilities which have been public knowledge for a whileMALWAREBYTES.COM
30 Jun6 Key Takeaways: Strengthening Public Safety Through Collective DefenseHere are six key takeaways from a CIS webinar for how U.S. SLTT agencies can strengthen public safety through collective defense.CISECURITY.ORG
30 JunSilent Swap Crypto Clipper Uses Fake Google Notes Extension to Replace Wallet AddressesCybersecurity researchers have flagged an active browser extension campaign that is designed to steal cryptocurrency by stealthily replacing wallet addresses when unsuspecting users initiate a transaction. The cryptocurrency clipper activity has been codenamed Silent Swap by McAf…THEHACKERNEWS.COM
30 JunCIA chief highlights major shifts in agency’s tech approachCIA Director John Ratcliffe said artificial intelligence capabilities are "akin to digital nuclear weapons.”THERECORD.MEDIA
30 JunWhy Identity Security Is Your Cyber Career Entry PointAs AI reshapes cybersecurity workflows, John Paul Cunningham, CISO at SIlverfort, says the technology is creating opportunities rather than eliminating jobs — and there are more ways than ever to break into the essential field.DARKREADING.COM
30 JunWatch out for “high paying, low effort” Amazon job textsScammers are using Amazon and the promise of big money to lure people in to their trap.MALWAREBYTES.COM
30 JunNew BioShocking attack manipulates AI browser into data theftA new prompt injection attack dubbed "BioShocking" could trick AI-powered browsers into treating real-world risky actions as part of a fictional scenario, causing them to ignore any safety guardrails. [...]BLEEPINGCOMPUTER.COM
30 JunMicrosoft accelerates quantum-safe roadmap as risks growMicrosoft announced today that it is accelerating its quantum-safe security roadmap, saying advances in quantum computing are bringing the need to replace today's encryption standards sooner than previously expected. [...]BLEEPINGCOMPUTER.COM
30 JunAttackers Hijack Exposed AI Endpoints to Power Offensive OpsAttackers don't need any special authentication to reach a target endpoint — they just need to know where it is.DARKREADING.COM
30 JunAnthropic rolls out Sonnet 5 with near-Opus 4.8 performance at a lower priceAnthropic is now rolling out Sonnet 5, and it's almost as good as the Opus range, but it is designed to be cheaper than the company's flagship model. [...]BLEEPINGCOMPUTER.COM