Security AffairsSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 101Sun, 14 Jun 2026 13:23:29 +0000 Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter IronWorm: Shai-Hulud’s rustier cousin Trojanized ai-sdk-ollama Delivers Miasma, a Self-Replicating npm Worm via binding.gyp Inside the Cross-Platform Propagation of a New Gafgyt Variant C0XMO Using AI Agents to Analyze Malware on REMnux The Miasma […] Security Affairs newsletter Round 581 by Pierluigi Paganini – INTERNATIONAL EDITIONSun, 14 Jun 2026 13:03:56 +0000 A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of […] Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware SchemeSun, 14 Jun 2026 05:58:21 +0000 Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide. Oleksii Oleksiyovych Lytvynenko (44), a Ukrainian national extradited from Ireland to the U.S., has pleaded guilty to conspiracy to commit wire fraud for his involvement in the Conti ransomware operation. Prosecutors said he helped conduct attacks […] Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching.Sat, 13 Jun 2026 14:32:09 +0000 Anthropic disputes restrictions on Mythos 5 and Fable 5, arguing the decision lacks transparency and isn’t based on clear technical evidence. On Friday June 12 at 5:21pm ET, Anthropic received a letter from the US Commerce Department, signed by Commerce Secretary Howard Lutnick and drafted with officials from the Bureau of Industry and Security. The […] U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalogSat, 13 Jun 2026 09:19:14 +0000 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle PeopleSoft Enterprise PeopleTools flaw, tracked as CVE-2026-35273 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Oracle PeopleSoft Enterprise PeopleTools is the underlying technology platform […] Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.Fri, 12 Jun 2026 21:34:22 +0000 Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it […] U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14Fri, 12 Jun 2026 18:47:49 +0000 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Sentry flaw, tracked as CVE-2026-10520 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti Sentry is a secure gateway appliance that sits between an organization’s internal […] Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters CampaignFri, 12 Jun 2026 10:49:15 +0000 ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran […] 21,786 Home Cameras, No Password, No WarningFri, 12 Jun 2026 08:34:10 +0000 21,786 live cameras stream with zero authentication. Cheap gear is the real risk, webcamXP open 46% of the time. Your home router is the broadcast tower. In May 2026, Mysterium VPN queried a public internet-wide device index to count every camera and recorder that answers the open internet. They found more than three million reachable […] CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch ReleaseThu, 11 Jun 2026 17:57:40 +0000 Attackers are exploiting the critical CVE-2026-10520 flaw in Ivanti Sentry, compromising many internet-exposed gateways shortly after patches were released. Threat actors have started exploiting a maximum-severity OS command injection flaw in Ivanti Sentry, tracked as CVE-2026-10520, that allows remote code execution with root privileges. “An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote […] |
The Hacker NewsCritical Splunk Enterprise Flaw Lets Attackers Run Code Without AuthenticationSat, 13 Jun 2026 18:53:03 +0530 Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system. "In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign NationalsSat, 13 Jun 2026 11:12:50 +0530 Anthropic said on Friday it will "abruptly disable" its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national security concerns. The AI company said it received an order at 5:21 p.m. ET, instructing it to suspend Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF RootkitSat, 13 Jun 2026 01:03:25 +0530 Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to hide itself. The AUR is Arch Linux's community package collection, and it is separate Google Sues Chinese Smishing Network Accused of Using Gemini AI in PhishingSat, 13 Jun 2026 00:29:32 +0530 Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. "The operation weaponized Gemini to help China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a DecadeFri, 12 Jun 2026 23:47:55 +0530 Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who is allowed to sign in, planting its access where ordinary cleanup could not reach it. The network it targeted had no Agentjacking Attack Tricks AI Coding Agents Into Running Malicious CodeFri, 12 Jun 2026 17:34:33 +0530 Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Security, the attack can be triggered by means of a fake error report crafted using Sentry, an open-source error-tracking and performance-monitoring platform. "The attack Rethinking MDR as Attackers and Defenders Embrace AIFri, 12 Jun 2026 16:30:00 +0530 For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and needed someone else to handle the alert queue. MDR stepped in. It worked well enough. Until now. The threat landscape has changed faster than the MDR model can adapt. Attackers are using AI to move faster, generate more LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code ExecutionFri, 12 Jun 2026 15:20:36 +0530 Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph is an open-source framework created by LangChain to build complex, stateful, and multi-agent artificial intelligence (AI) agentic applications. "An SQL injection in LangGraph's function could INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests AdministratorFri, 12 Jun 2026 14:22:55 +0530 An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and saw authorities from 13 countries in the Middle East and North Africa (MENA) region making 201 arrests. Included among them was Guedz, the primary Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware GangsFri, 12 Jun 2026 12:08:41 +0530 Authorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a "key financial pipeline used to wash hundreds of millions in illicit profits." The service is estimated to have been used to launder more than €336 million (~$389 million) since the ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach UniversitiesFri, 12 Jun 2026 01:59:23 +0530 The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private. The campaign hit universities hardest. Google's Mandiant attributes it to the group it tracks as UNC6240, and dates the activity between May 27 and June 9. Oracle did not publish its advisory until June 10, so the bug was a New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking SecretsThu, 11 Jun 2026 23:16:32 +0530 Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs. Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built a test agent on New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML FilesThu, 11 Jun 2026 23:13:52 +0530 Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. "This was an accidental discovery, it took a total of 4 hours to find this," the researcher said in a post on Blogger. "If you ever attempted to use Windows Defender Offline Scan, you're The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a WormThu, 11 Jun 2026 22:20:47 +0530 A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service (RaaS) schemes like LockBit (aka Tenacious Mantis), Qilin (aka Pestilent Mantis), and Medusa (aka Venomous Mantis). According to a detailed report Cybersecurity Stars Awards 2026: Winners Announced Across 95 CategoriesThu, 11 Jun 2026 18:56:13 +0530 Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four main award categories. The reason is simple. Cybersecurity is full of work that deserves recognition and rarely gets it. Products that quietly close real gaps. Teams that stop incidents nobody reads about. Companies that raise the ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New StoriesThu, 11 Jun 2026 18:50:41 +0530 It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones browsers, and research showing AI agents can be tricked into leaking real credentials. The bigger problem is how polished this all looks now. Mule networks run like SaaS. AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.Thu, 11 Jun 2026 17:00:00 +0530 For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was straightforward enough; triage by severity, schedule the fix, validate, and move on. The buffer was what made that work. Today, that buffer is gone. AI didn't make your team slower. It changed the other side of the OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt AttackThu, 11 Jun 2026 15:15:58 +0530 The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a prolonged cyber espionage operation aimed at a Vietnamese infrastructure and transport construction corporation between mid-2024 and February 2026, as well as a supply chain attack GitHub to Disable npm Install Scripts by Default to Stop Supply Chain AttacksThu, 11 Jun 2026 11:53:03 +0530 GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the "npm install" command to trigger the execution of malicious code using npm lifecycle hooks. "Npm install" is used to download and install all the necessary China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber ReconnaissanceWed, 10 Jun 2026 21:38:42 +0530 Cybersecurity researchers have warned of a "resurgence and expansion" of JDY, a covert network associated with China-nexus state-sponsored threat actors. "The JDY botnet comprises over 1,500 SOHO [small office and home office] and IoT devices and operates as a centrally controlled, high-performance scanner used to discover, fingerprint, and continuously map exposed services at scale," Lumen's Ivanti, Fortinet, and SAP Release Patches for Multiple Critical VulnerabilitiesWed, 10 Jun 2026 20:40:59 +0530 Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. It's tracked as CVE-2026-25089 (CVSS score: 9.1). "An Langflow Vulnerability CVE-2026-5027 Exploited for Unauthenticated RCEWed, 10 Jun 2026 20:30:59 +0530 A high-severity security flaw in Langflow, an open-source low-code platform to build artificial intelligence (AI) applications, has come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability in question is CVE-2026-5027 (CVSS score: 8.8), a case of path traversal that could allow an attacker to write files to arbitrary locations. "The 'POST /api/v2/ CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active ExploitationWed, 10 Jun 2026 20:14:29 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation. The list of vulnerabilities is as follows - CVE-2026-20245 (CVSS score: 7.8) - An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an Your Automated Pentest Looks Clean. See What It Missed in This Expert WebinarWed, 10 Jun 2026 15:57:49 +0530 Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads "stable" as "secure." It usually isn't. The work slows down. The risk does not. That gap is what a The Hacker News webinar with Picus Security sets out to close. Autumn Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE BugsWed, 10 Jun 2026 15:08:13 +0530 Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63 privilege escalation, 56 remote code execution, 30 information disclosure, 27 spoofing, 20 security Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber SafeguardsWed, 10 Jun 2026 13:07:59 +0530 On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by capability but by a layer of safety classifiers. Fable 5 goes to the public. Its twin, Claude Mythos 5, the same underlying model with the cyber safeguards lifted, stays locked to a vetted group of cyber ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer InstancesWed, 10 Jun 2026 12:32:08 +0530 ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. "On June 5, 2026, ServiceNow applied a security update to hosted customer instances," the company revealed in an advisory that requires customer access. "The update concerned a security issue that could allow an unauthenticated user, in Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated WindowsWed, 10 Jun 2026 10:52:01 +0530 The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit under a new GitHub account "MSNightmare" said. "I have managed to get a 100% success rate on Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoSWed, 10 Jun 2026 10:38:35 +0530 Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution (RCE) and denial-of-service (DoS) attacks. "In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger Meta to Use Off-Site Business Data for Feed and AI PersonalizationTue, 09 Jun 2026 22:33:58 +0530 Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence (AI) chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to make ads more relevant," Meta said in a statement. "We already use this data - like games you play Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote CodeTue, 09 Jun 2026 22:09:47 +0530 Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," Veeam said in a Tuesday advisory. It Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe ContinuesTue, 09 Jun 2026 22:04:52 +0530 Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being compromised to inject an information stealer into the code. "Our priority is to protect customers and the broader ecosystem," a Microsoft spokesperson told The Hacker News via email. "We temporarily removed some WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in UkraineTue, 09 Jun 2026 17:56:10 +0530 Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu (aka Gamaredon) and SHADOW-EARTH-066 (aka UAC-0226). It involves the exploitation of CVE-2025-8088, a path traversal flaw that allows an Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight ModelsTue, 09 Jun 2026 17:29:03 +0530 University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service. The preprint, posted to arXiv on Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch NowTue, 09 Jun 2026 17:28:49 +0530 Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome's JavaScript and WebAssembly engine. "Out-of-bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 The Hidden Security Risk in Modern Networks: The Work Between ToolsTue, 09 Jun 2026 17:00:00 +0530 Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD TimingTue, 09 Jun 2026 15:20:41 +0530 A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the drive for contention in the background. Researchers at Graz University of Technology built it and Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential StealerTue, 09 Jun 2026 14:43:32 +0530 The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems. "The compromised releases shipped a *-setup.pth file that attempts to execute automatically LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCETue, 09 Jun 2026 11:56:14 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-42271 (CVSS score: 8.7), is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now PublicTue, 09 Jun 2026 01:47:39 +0530 Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw, CVE-2026-23111, sits in the kernel's nf_tables packet-filtering code and was patched upstream on February 5, 2026. Exodus Intelligence released its full technical walkthrough on June 8, and it is not even Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt OrderMon, 08 Jun 2026 22:38:44 +0530 Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users. "They tried to trick people into clicking on malicious links to drive them to external websites Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 SetupsMon, 08 Jun 2026 19:47:39 +0530 Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 (CVSS score: 9.3), is a case of a logic flow weakness in certificate validation that allows an unauthenticated remote attacker to bypass user AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 OverloadMon, 08 Jun 2026 18:49:13 +0530 Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be dismissed at a glance. As the queue grows, a credential theft attempt or malware delivery can easily ⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and MoreMon, 08 Jun 2026 18:48:57 +0530 Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A chatbot got fooled. A bot token got leaked inside the malware. The same old mistakes showed up again. And while everyone chased the loud stuff, quieter attackers sat in inboxes for months, reading mail and The Hardest ForkMon, 08 Jun 2026 17:23:00 +0530 Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this line right here is wrong, and that's RCE." They're novel combinations of a few dozen issues out of thousands of things every SAST scanner already finds, chained together into something much worse. It's real creativity, VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux AppliancesMon, 08 Jun 2026 15:57:32 +0530 A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with hacking groups known as Clay Typhoon (Microsoft), UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion CampaignMon, 08 Jun 2026 13:09:28 +0530 Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is also known as VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain AttacksMon, 08 Jun 2026 11:38:44 +0530 Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats. "When automatic updates are enabled, new versions are auto-updated two hours after they are published, adding an extra layer of protection New ChatGPT Lockdown Mode Limits Tools That Could Enable Data ExfiltrationSat, 06 Jun 2026 19:06:57 +0530 OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees. Lockdown Mode is available to logged-in users across Free, Go, Plus, and Pro, and Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AISat, 06 Jun 2026 13:59:05 +0530 A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic for a data business Bright Data markets heavily to the AI industry. The company, the successor to Luminati, operates what it calls the largest residential proxy network in the world, |
darkreadingShinyHunters Uses Oracle Zero-Day to Rampage Higher EdFri, 12 Jun 2026 20:26:32 GMT A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data. Claude Fable 5 Doesn't Change the Mythos Security StoryFri, 12 Jun 2026 13:01:00 GMT Stay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos "made safe for general use," Anthropic explained. Phishing Attack Volume Down 20%, But Risk Still RisingFri, 12 Jun 2026 00:58:07 GMT Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiply them. Max-Severity Ivanti Flaw Exploited 24 Hours After DisclosureThu, 11 Jun 2026 18:43:57 GMT Initial methods suggest attackers had likely mapped out Ivanti's asset landscape upfront and acted quickly once the exploit became public. Segmentation Works for OT If Operators Are Paying AttentionThu, 11 Jun 2026 14:51:48 GMT Even the best segmentation strategy will fall apart without constant oversight and disciplined operations. Chinese, N. Korean Threat Groups Build on Asia-Pacific SuccessThu, 11 Jun 2026 00:01:00 GMT North Korea's gross domestic product (GDP) has grown, in part because of the nation's state-sponsored cybercrime groups, which target financial firms and other businesses. CISA Rewrites Federal Patching Requirements for AI Threat EraWed, 10 Jun 2026 21:17:12 GMT The new directive gives federal agencies three days to fix the most dangerous flaws, while less severe issues can be deferred. Bug Bounty Research Triggers ServiceNow Security AlertWed, 10 Jun 2026 20:07:53 GMT Security research inadvertently led organizations to believe they were being breached through their ServiceNow instances. AI Risk Worries Insurers & Businesses AlikeWed, 10 Jun 2026 19:34:43 GMT As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage? Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanetWed, 10 Jun 2026 16:31:02 GMT The disgruntled researcher released yet another PoC for a Windows Defender bug that allows for system takeover, showing no signs of abandoning their ongoing feud with Microsoft. The Invisible Battlefield: How Cyberwar Is Reshaping Everyday LifeTue, 09 Jun 2026 21:57:11 GMT Former National Cyber Director Chris Inglis warns that cyberattacks threaten hospitals, utilities, and essential services. Blame AI: Patch Tuesday Hits Record 206 CVEsTue, 09 Jun 2026 21:42:57 GMT Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery. Microsoft Exchange Flaw Lets Attackers Spoof Any Email AddressTue, 09 Jun 2026 20:20:00 GMT “Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's being actively abused in the wild. Miasma Supply Chain Worm Burrows Into 73 Microsoft RepositoriesTue, 09 Jun 2026 19:33:45 GMT The attacks stemmed from a GitHub account that was also compromised in a previous Miasma attack on Microsoft last month. Russian Attackers Weaponize WinRAR Flaw Against Ukrainian OrgsTue, 09 Jun 2026 15:37:02 GMT Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine. AI Slop Will Kill Cybersecurity Storytelling If We Let ItMon, 08 Jun 2026 22:05:49 GMT AI-generated content threatens credibility in cybersecurity. This "Ask the Expert" column explores why human oversight matters and how to maintain authentic narratives. Silent Ransom Group Hits US Law Firms in Escalating Extortion AttacksMon, 08 Jun 2026 20:59:52 GMT The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims. Check Point VPN Flaw Exploited Since Early MayMon, 08 Jun 2026 20:28:35 GMT A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident. Iran Signed a Ceasefire — Its Hackers Didn'tMon, 08 Jun 2026 19:07:48 GMT An extension of the Geneva Conventions could impose restrictions on cyberwarfare under ceasefire conditions and close a major loophole in international conflict. 'Hades' Campaign Against PyPI Puts New Spin on Shai-HuludMon, 08 Jun 2026 16:13:41 GMT The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat. Exposed Fuel Tank Gauges Under Attack in the USFri, 05 Jun 2026 19:04:36 GMT Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption. Adaptive, Agentic AI Worms Loom as Next Enterprise ThreatFri, 05 Jun 2026 14:40:11 GMT AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strike within a year, researchers say. Trump AI Order Seeks Voluntary Frontier Model TestingFri, 05 Jun 2026 13:00:00 GMT The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal security. Rust-Written IronWorm Hits NPM Supply ChainThu, 04 Jun 2026 21:47:06 GMT Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel. China's TA4922 Expands Cybercrime Attacks GloballyThu, 04 Jun 2026 21:23:59 GMT One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia. 4 Critical Threats Where Attackers Have the AdvantageThu, 04 Jun 2026 21:08:16 GMT Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections. Bugcrowd Launches EU Data Residency Option For Evolving Data Sovereignty NeedsThu, 04 Jun 2026 14:22:20 GMT Organizations are growing serious about which nation's rules apply to their data. Experts point to geopolitical tensions as a main contributing factor. Pakistan Spies on Afghan Finance Ministry With Xeno RATThu, 04 Jun 2026 04:01:00 GMT Despite broadly connected digital infrastructure, standard fare TTPs are enough to cause trouble for Afghanistan's porous cybersecurity. Attackers Use AI to Automate EDR Evasion TestingWed, 03 Jun 2026 21:34:07 GMT Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender. Tropical Blend: Cyber & Politics Ramp Up Across Latin AmericaWed, 03 Jun 2026 19:52:32 GMT China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests. Cyber Insurance Rates Are Dropping, but Exclusions WidenWed, 03 Jun 2026 19:10:58 GMT Cyber insurance coverage is slowly changing, and some policies may not provide coverage for social engineering attacks like ClickFix. Coding Gaffe Exposes Microsoft 365 Accounts to Widespread TakeoverWed, 03 Jun 2026 19:00:41 GMT A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to steal logins and data. Malicious Notifications Could Trick Google Gemini UsersWed, 03 Jun 2026 12:01:00 GMT A prompt injection flaw in Google Gemini's voice assistant let attackers hide malicious commands in notifications, enabling social engineering and more. Global Stock Exchange Hit by Monthslong Email CampaignWed, 03 Jun 2026 10:01:00 GMT A threat actor got a near-continuous view into an influential finance executive's email inbox, thanks to clever use of legitimate, native Windows tools. Zoom CISO: AI as a Security Enabler, Not Role-ReplacerTue, 02 Jun 2026 21:51:07 GMT Zoom CISO Sandra McLeod discusses the challenges of securing a global communication platform, the promise of AI-driven security workflows, and her advice for aspiring cybersecurity leaders. FBI-Flagged Phishing Kit Kali365 Expands Its ReachTue, 02 Jun 2026 21:32:24 GMT Once targeting just Microsoft 365, the phishing-as-a-service platform now aims at AWS, Okta, and Russian platforms, while relying on device code phishing. DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate AttacksTue, 02 Jun 2026 20:11:51 GMT A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware. China Uses Dual-Method Cyberattack on Czech OrgsTue, 02 Jun 2026 19:50:53 GMT China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware. Securing AI Agents Before They Go Rogue Is Next to ImpossibleTue, 02 Jun 2026 19:10:14 GMT High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act now before they become the next horror story. Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise DefenseTue, 02 Jun 2026 12:00:00 GMT Twenty years after Dark Reading launched, we're looking ahead at what's next for enterprise security. Spoiler: It's hyper-segmented, AI-orchestrated, and way more sophisticated than your dad's firewall. Anthropic to Open Mythos AI to EU's ENISAMon, 01 Jun 2026 21:07:48 GMT The European security agency's entry to Project Glasswing is the result of "strong bilateral cooperation" between the European Commission and Anthropic. Microsoft's Zero-Day Legal Threats Spark BacklashMon, 01 Jun 2026 18:52:26 GMT After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges were in order. Patch Now: Another Palo Alto Auth Bypass Bug Under Active ExploitMon, 01 Jun 2026 14:35:51 GMT Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May. Name That Toon: Mark of (Cybersecurity) ProgressFri, 29 May 2026 20:22:04 GMT As part of Dark Reading's 20th anniversary package, we asked readers for a cybersecurity-related caption that captures their thoughts about the industry's last two decades. As Global Powers Explore Humanoid Robots, Cyber-Risk LoomsFri, 29 May 2026 15:56:23 GMT The future of cybersecurity is germinating, as nation-states vie for dominance in the embodied AI market and its supply chain. Asia's Cyber Insurance Market Shows Signs of LifeFri, 29 May 2026 14:35:33 GMT The cyber insurance industry has made relatively weak inroads into Asia due to a variety of factors, but that could be changing. With Complex Cloud Integrations, Small Errors Lead to Major CompromisesFri, 29 May 2026 13:00:01 GMT Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service. 'The Com' Cyberattacks Support Violence & SexploitationFri, 29 May 2026 12:00:00 GMT Your organization's security failures have consequences for everyone else as well since this criminal gang uses its cyber winnings to support more violent and widespread crimes. Dutch Raid Fails to Dent Russian Bulletproof HostThu, 28 May 2026 19:04:37 GMT Dutch law enforcement seized 800 servers and arrested two operators of THE.Hosting but left the hosting provider's core IP address space intact. Name That Toon Contest |
Krebs on SecurityWho Runs the Ransomware Group ‘The Gentlemen?’Wed, 10 Jun 2026 14:03:44 +0000 A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group. A Record-Breaking Patch Tuesday for June 2026Tue, 09 Jun 2026 22:07:28 +0000 Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft's most dire "critical" rating, and exploit code for at least three of the weaknesses is now publicly available. Hackers Used Meta’s AI Support Bot to Seize Instagram AccountsMon, 01 Jun 2026 17:32:50 +0000 The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting account passwords. Netherlands Seizes 800 Servers, Arrests 2 for Aiding CyberattacksMon, 25 May 2026 13:21:49 +0000 Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions, an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia's intelligence agencies. Lawmakers Demand Answers as CISA Tries to Contain Data LeakFri, 22 May 2026 16:34:24 +0000 Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials. Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and CanadaThu, 21 May 2026 21:50:25 +0000 Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service (DDoS) attacks over the past six months. KrebsOnSecurity publicly named the suspect in February 2026 after the accused launched a volley of DDoS, doxing and swatting campaigns against this author and a security researcher. He now faces criminal hacking charges in both Canada and the United States. CISA Admin Leaked AWS GovCloud Keys on GithubMon, 18 May 2026 20:48:21 +0000 Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history. Patch Tuesday, May 2026 EditionTue, 12 May 2026 21:46:45 +0000 Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this month with some of the more widely-used software makers -- including Apple, Google, Microsoft, Mozilla and Oracle -- fixing near record volumes of security bugs, and/or quickening the tempo of their patch releases. Canvas Breach Disrupts Schools & Colleges NationwideFri, 08 May 2026 02:58:46 +0000 An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions. Anti-DDoS Firm Heaped Attacks on Brazilian ISPsThu, 30 Apr 2026 14:04:26 +0000 A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm's chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company's public image. |
Hackread – Cybersecurity News, Data Breaches, AI and MoreHackers Hide New Argamal Malware Inside Working Hentai GamesSun, 14 Jun 2026 17:46:03 +0000 Kaspersky found Argamal malware hidden in hentai game installers, giving hackers remote access through working games shared on adult sites and torrents. Extradited Ukrainian Man Admits Role in Conti Ransomware AttacksSat, 13 Jun 2026 14:31:38 +0000 Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments. Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver MalwareFri, 12 Jun 2026 18:17:16 +0000 Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware. ShinyHunters Target Universities in Oracle PeopleSoft Zero-Day AttackFri, 12 Jun 2026 14:06:24 +0000 Google says ShinyHunters exploited Oracle PeopleSoft zero-day to steal data from 100+ organisations, with universities making up most victims. The SpaceX Pre-IPO Market: How Crypto Rails Are Opening Synthetic AccessFri, 12 Jun 2026 13:07:21 +0000 SpaceX Pre-IPO demand is growing as crypto exchanges offer synthetic exposure to its reported $1.75T valuation without direct equity ownership. Feds Seize AudiA6 and Dark2Web in $389M Crypto Laundering CaseFri, 12 Jun 2026 10:00:00 +0000 Feds seized AudiA6 and Dark2Web in a major crypto laundering case, arresting two suspects linked to over $389M in alleged illicit transactions. ShinyHunters Leak 40GB of University of Nottingham Student DataThu, 11 Jun 2026 20:05:18 +0000 ShinyHunters hackers leak 40GB of University of Nottingham personal and financial data, allegedly impacting 450,000 students and staff records. Decade-Long SniperDz Phishing Network Disrupted in Operation RamzThu, 11 Jun 2026 16:18:37 +0000 Group-IB, INTERPOL and Algerian Police dismantle decade-old SniperDZ phishing network used to steal credentials, with its alleged developer arrested. Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface ManagementThu, 11 Jun 2026 14:00:25 +0000 Torrance, United States / California, 11th June 2026, CyberNewswire Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT MalwareThu, 11 Jun 2026 13:20:34 +0000 Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions. |
Hacker CombatSnowflake Data Breach: What Happened and How to Prevent ItTue, 05 Aug 2025 18:00:42 +0000 In 2024, the cybersecurity landscape was shaken by an unexpected and widespread incident—the Snowflake data breach. Despite being a leading provider of cloud-based data warehousing solutions, Snowflake found itself at... The post Snowflake Data Breach: What Happened and How to Prevent It appeared first on Hacker Combat. Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk ManagementFri, 13 Dec 2024 12:04:08 +0000 Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat. Zero Trust ArchitectureMon, 02 Dec 2024 10:43:16 +0000 Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and... The post Zero Trust Architecture appeared first on Hacker Combat. What Is a Security Operations Center (SOC)?Mon, 02 Dec 2024 07:51:03 +0000 A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat. XDR vs SIEM Security Information and Event ManagementFri, 29 Nov 2024 12:53:23 +0000 The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to... The post XDR vs SIEM Security Information and Event Management appeared first on Hacker Combat. Best Free EDR for Windows PCFri, 29 Nov 2024 11:19:32 +0000 Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),... The post Best Free EDR for Windows PC appeared first on Hacker Combat. Free EDR Solutions for Home Users in 2025Tue, 26 Nov 2024 07:46:59 +0000 EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go... The post Free EDR Solutions for Home Users in 2025 appeared first on Hacker Combat. Cloud Security EssentialsMon, 28 Oct 2024 04:57:20 +0000 Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –... The post Cloud Security Essentials appeared first on Hacker Combat. Antivirus SoftwareMon, 28 Oct 2024 02:43:18 +0000 Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity... The post Antivirus Software appeared first on Hacker Combat. How to Protect Against Ransomware Attacks?Fri, 25 Oct 2024 03:57:42 +0000 Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat. |
Flipboard.com CybercriminalitéIA : Bruxelles met en garde Washington sur les restrictions visant AnthropicSun, 14 Jun 2026 16:17:33 GMT Bruxelles réagit après l’exclusion des Européens des modèles d’IA les plus avancés d’Anthropic, dénonçant une pratique discriminatoire. La décision américaine d’imposer des restrictions à l’exportation sur les modèles d’IA les plus avancés d’Anthropic suscite l’attention de la Commission européenne, … Searcher: pourquoi l’outil de recherche en ligne de données volées est-il illégal, et surtout que risquent ses utilisateurs?Sun, 14 Jun 2026 13:11:55 GMT Apparu en ligne début juin, mais devenu célèbre après une enquête de FranceInfo, Searcher permet de facilement chercher, dans des bases de données … Renseignés par des hackers, les faux policiers agressent un père de famille pour son épargne en cryptomonnaiesSun, 14 Jun 2026 11:48:38 GMT Trois faux policiers venus d’Ile-de-France ont agressé un couple à Nancy (Meurthe et Moselle) pour leur voler 20 000 euros investis en … Cybercriminalité : Les banques devront désormais rembourser les victimes de phishing... 5 chiffres pour comprendre pourquoi c'est une révolutionSun, 14 Jun 2026 05:00:00 GMT Un jugement anversois à inversé le principe de responsabilité en alignant la Belgique sur le modèle britannique. En Grande-Bretagne, où ce principe … Cyberguerre: comment l'Ukraine est devenue un "laboratoire mondial" des nouvelles armes numériques et de la guerre hybrideSun, 14 Jun 2026 08:22:00 GMT SÉRIE CYBERGUERRE. Depuis l’invasion russe de 2022, l’Ukraine est le théâtre de combats d’une intensité rare. Mais le champ de bataille ne se limite … "Ça va lui apprendre à créer des fausses images pornos avec ma tête" : Karine Lemarchand fait emprisonner un informaticien françaisSat, 13 Jun 2026 19:30:00 GMT L’animatrice phare de M6, Karine Le Marchand, vient de remporter une victoire judiciaire majeure contre la cybercriminalité. Victime de deepfakes à … Tout commence par un e-mail : c’est quoi cette arnaque Prime Video qui fait des ravages en France ?Sat, 13 Jun 2026 15:42:30 GMT Une escroquerie particulièrement dangereuse qui se déploie en ce moment. Le prochain hacker milliardaire de la crypto pourrait agir à une vitesse surhumaineSat, 13 Jun 2026 18:00:00 GMT Le nouveau Claude Fable 5 d’Anthropic met des outils cyber puissants derrière des filtres de sécurité. La DeFi, déjà frappée par plus de 840 millions … Google s’attaque à un réseau mondial d’arnaques dopées à l’IASun, 14 Jun 2026 10:00:03 GMT Google attaque en justice un réseau accusé d’avoir inondé Android de faux SMS. Derrière, une machine à phishing dopée à l’IA. 2,5 millions de textos … Désinformation, cyberattaques, achats de voix… En Moldavie, laboratoire des ingérences russes, « le temps presse »Sun, 14 Jun 2026 04:53:00 GMT Alors que s’ouvrent ce lundi les négociations d’adhésion à l’Union européenne, l’ancienne république soviétique, assise sur une faille géopolitique, … Un groupe lié à la Chine accusé d'avoir espionné un réseau pendant dix ansSat, 13 Jun 2026 15:56:00 GMT Depuis 2016, le groupe Velvet Ant, lié à la Chine, a maintenu un accès clandestin au réseau isolé d'une grande organisation. L'entreprise de … Ces pistolets en plastique tirent de vraies balles : un trafic inédit découvert en FranceSat, 13 Jun 2026 07:16:56 GMT Des armes en plastique quasi indétectables, conçues via le Darknet et expédiées par la poste pour quelques centaines d’euros : la police judiciaire … Pour lutter contre les cyberattaques, ChatGPT déploie un mode Verrouillage : Voici comment protéger votre compte et vos données | TF1 InfoSun, 14 Jun 2026 07:00:00 GMT Les cybercriminels sont à l’affût de toutes les failles informatiques pour dérober les données personnelles et bancaires. Les pirates ont l’habitude … 9 banques européennes sont dans le viseur d’un redoutable malware qui exploite le NFC de votre smartphoneSat, 13 Jun 2026 06:00:13 GMT Une cyberattaque vise plusieurs banques européennes depuis quelques mois. Repérée début 2026 par les chercheurs de d3Lab, l’opération repose sur un … Réseaux sociaux sous surveillance : Surfshark bloque les menaces avant le clicSun, 14 Jun 2026 08:30:00 GMT À l’occasion du Social Media Day, les usages numériques s’intensifient : défilement continu sur les réseaux sociaux, échanges de messages, partages … Bornes de recharge électrique : des agents IA montent la garde contre les pirates et les voleurs d'énergieSat, 13 Jun 2026 15:18:00 GMT Des chercheurs de l'université de Malaga ont conçu un système d'agents IA capables de surveiller les réseaux de bornes de recharge en temps réel. … Oracle confronté à une faille zero-day déjà exploitée à grande échelleSat, 13 Jun 2026 12:00:36 GMT Oracle alerte sur une faille critique dans PeopleSoft, déjà exploitée par ShinyHunters. Plus de 100 organisations sont dans le viseur. Le problème est … Quand les hackers frappent à votre porte : de faux techniciens se rendent désormais dans les entreprises qu'ils veulent piraterSat, 13 Jun 2026 08:01:49 GMT Le FBI et Google tirent la sonnette d’alarme. Depuis janvier 2026, un groupe de cybercriminels baptisé Silent Ransom Group s’attaque massivement à … Les meilleurs antivirus pour Mac sont en promo ! N'attendez pas d'être infecté...Fri, 12 Jun 2026 16:26:43 GMT Le nouvel antivirus Intego ONE est en promo peu après sa sortie en français . C'est le moment d'équiper votre Mac du meilleur antivirus actuellement … Un groupe de hackers lié à l’Iran menace la Coupe du monde après avoir pris le contrôle des drones du FBIFri, 12 Jun 2026 11:31:48 GMT Un groupe de hackers liés à l’Iran serait parvenu à prendre le contrôle des drones du FBI, affirme le SITE Intelligence Group, une organisation … Anthropic vantait l'IA la plus blindée de son histoire : un hacker l'a contournée en moins de 48 heuresFri, 12 Jun 2026 09:05:45 GMT Anthropic vantait Claude Fable 5 comme l’un de ses modèles les plus blindés. Un hacker connu affirme l’avoir contourné en moins de 48 heures. Un … États-Unis, Iran… une nouvelle énorme menace plane sur la Coupe du Monde !Fri, 12 Jun 2026 12:02:54 GMT La Coupe du Monde est lancée mais les sources d’inquiétudes liées au contexte géopolitique sont encore bien présentes. Alors que les États-Unis de … NIS2 : le retard de la France pourrait la mener à une sanction - ZDNETFri, 12 Jun 2026 07:25:14 GMT La France est en retard dans sa transposition de la directive européenne NIS2. Le texte de loi est à l'agenda de l'Assemblée nationale, mais n'a … Cynthia Kaiser (Halcyon) : "Il existe quatre catégories d'outils IA utilisés par les cybercriminels"Fri, 12 Jun 2026 13:14:50 GMT Après vingt ans passés à la division cybersécurité du FBI et désormais vice-présidente senior du Grand Seminar Research Center d'Halcyon, Cynthia … Votre vie privée à portée de clic ? Une enquête révèle numéro de Sécu, IBAN, rendez-vous médicaux… par simple recherche !Fri, 12 Jun 2026 19:07:25 GMT Désormais n’importe qui peut trouver en quelques secondes où vous habitez, votre numéro de téléphone portable, et même vos informations bancaires ou … Que faire face aux + 74 % de cyberattaques en cinq ans en France ? Les réponses de l'école Epitech Moulins - La MontagneFri, 12 Jun 2026 05:43:00 GMT L’école d’informatique Epitech a organisé, lundi 1er juin, une journée de prévention contre les cyberattaques et la cybercriminalité, à Moulins. Des … La nouvelle technique des escrocs pour vous soutirer de l'argentThu, 11 Jun 2026 14:00:00 GMT Des escrocs ont déjà trouvé le moyen de contourner une règle récemment mise en place dans la zone euro pour protéger les virements bancaires. Ces … La BNP prête à tester Mythos, le nouveau modèle IA d'Anthropic qui fait frémir tous les experts de la cybersécuritéFri, 12 Jun 2026 15:23:06 GMT Selon nos informations, la société américaine Anthropic a autorisé trois banques européennes, dont BNP Paribas, à tester son modèle Mythos, capable … Identité, IBAN, numéro de Sécu : un moteur de recherche gratuit dévoile des millions de données de FrançaisThu, 11 Jun 2026 18:08:09 GMT Retrouvées dans des sources publiques, des millions de données personnelles de Français ont été mises en ligne par des hackers sur un site internet. … «Protéger le débat démocratique» : Sébastien Lecornu présente ce jeudi les risques et réponses sur les ingérences étrangères avant la présidentielle 2027Thu, 11 Jun 2026 06:52:41 GMT Le président de la République, lui-même victime d’ingérence dans sa campagne en 2017 avec la cyberattaque «Macron leaks», a notamment ciblé la Russie … |
CyberScoopAnthropic disables new models after government calls them a national security concernSat, 13 Jun 2026 18:29:36 +0000 The Commerce Department’s expert control decree led to the company shutting off access to Fable 5 and Mythos 5 worldwide, drawing sharp criticism from researchers and industry analysts. The post Anthropic disables new models after government calls them a national security concern appeared first on CyberScoop. FBI takes down massive China-based cybercrime network that caused $1.9B in lossesFri, 12 Jun 2026 21:56:29 +0000 Outsider provided phishing kits and infrastructure for cybercriminals to scam victims with lures claiming they missed packages, had unpaid tolls or parking violations. The post FBI takes down massive China-based cybercrime network that caused $1.9B in losses appeared first on CyberScoop. US, France, and Italian authorities shut down massive deepfake porn siteFri, 12 Jun 2026 18:21:05 +0000 The website specialized in non-consensual sexual images of famous women, including politicians, first ladies, royalty, journalists, television presenters, athletes, and entertainers, and others. The post US, France, and Italian authorities shut down massive deepfake porn site appeared first on CyberScoop. Conti ransomware group member pleads guilty, faces up to 20 years in prisonFri, 12 Jun 2026 17:44:36 +0000 Oleksii Lytvynenko, a 44-year-old Ukrainian national, admitted to joining the prolific cybercrime group in 2021. Officials said he engaged in cybercrime up until his arrest in Ireland in 2023. The post Conti ransomware group member pleads guilty, faces up to 20 years in prison appeared first on CyberScoop. ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flawFri, 12 Jun 2026 16:12:34 +0000 Oracle still hasn't patched the vulnerability the group has been using in its attacks since late May. The post ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw appeared first on CyberScoop. CyberCorps is adapting to AI. The budget isn’t keeping up.Fri, 12 Jun 2026 11:57:27 +0000 CyberCorps is evolving to tackle AI threats. But budget cuts could derail it before the work even starts. The post CyberCorps is adapting to AI. The budget isn’t keeping up. appeared first on CyberScoop. Russian national charged in connection with Void Blizzard espionage campaignThu, 11 Jun 2026 17:11:12 +0000 Denis Obrezko accused of orchestrating cyberattacks that compromised at least 11 U.S. companies as part of the Kremlin-linked group's sprawling espionage operation.\ The post Russian national charged in connection with Void Blizzard espionage campaign appeared first on CyberScoop. OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centersWed, 10 Jun 2026 20:20:25 +0000 The company says there’s little evidence it influenced any real policy discussion. The post OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers appeared first on CyberScoop. CISA directive orders agencies to prioritize vulnerability patching in a new wayWed, 10 Jun 2026 16:07:11 +0000 A vulnerability that meets all four criteria would need to be fixed within three days, for instance. The post CISA directive orders agencies to prioritize vulnerability patching in a new way appeared first on CyberScoop. Microsoft breaks Patch Tuesday record with 206 vulnerabilitiesTue, 09 Jun 2026 19:53:18 +0000 Fears and warnings about a roaring flood of error-riddled software have materialized. And the disease is spreading. The post Microsoft breaks Patch Tuesday record with 206 vulnerabilities appeared first on CyberScoop. |