Qihoo 360, which the US has banned, says it’s needed as a deterrent to weaponized Anthropic models This article has been indexed from www.theregister.com – Articles Read the original article: Chinese cybersecurity company claims it’s built a better-than-Mythos bug finder
Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances
ESET Research analyzes Gamaredon’s new toolset and the group’s growing reliance on legitimate online services to hide its C&C infrastructure and exfiltrate stolen data This article has been indexed from WeLiveSecurity Read the original article: Gamaredon in 2025: Leveraging tunnels,…
IT Security News Hourly Summary 2026-06-26 03h : 1 posts
1 posts were published in the last hour 0:37 : Malware gaslights AI
Malware gaslights AI
Mac Malware Gaslights AI, Major Info-Stealer Takedown, OpenAI’s Patch the Planet, and FortiBleed Fallout Mac malware called “Gaslight,” attributed to North Korea-aligned actors, plants fake system messages designed to derail AI-based analysis while stealing data and exfiltrating it via a…
Kitana Shows How AI Is Reshaping Adversary-in-the-Middle Fraud
Kitana combines AI-assisted development with adversary-in-the-middle attacks to steal credentials and payment information in real time. The post Kitana Shows How AI Is Reshaping Adversary-in-the-Middle Fraud appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in Europe and Asia. The campaign uses photo-themed ZIP archives and fake image shortcut files to deliver a persistent Node.js implant and evade detection. The post Photo ZIP…
CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure
Government entities and critical infrastructure were targeted for espionage in SE Asia by attackers using a hybrid toolkit, including custom TinyRCT backdoor. The post CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure appeared first on Unit 42. This article has…
Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs
Spotted in intrusions targeting insurance, education, IT, and professional services sectors This article has been indexed from www.theregister.com – Articles Read the original article: Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-12569 PTC Windchill and FlexPLM Improper Input Validation Vulnerability CVE-2026-20230 Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability These…
IT Security News Hourly Summary 2026-06-26 00h : 5 posts
5 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-06-25 21:36 : FortiBleed Turns FortiGate Access Into Enterprise Credential Theft 21:36 : Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and…
IT Security News Daily Summary 2026-06-25
170 posts were published in the last hour 21:36 : FortiBleed Turns FortiGate Access Into Enterprise Credential Theft 21:36 : Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla 21:10 : Operation Endgame Disrupts StealC Malware…
FortiBleed Turns FortiGate Access Into Enterprise Credential Theft
Arctic Wolf found FortiBleed uses stolen FortiGate credentials to gain enterprise access. The post FortiBleed Turns FortiGate Access Into Enterprise Credential Theft appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: FortiBleed…
Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla
Tata Electronics confirmed a data breach after hackers claimed to steal 630GB of data, including alleged Apple supplier and Tesla documents. Tata Electronics, a major supplier to Apple and Tesla, has confirmed a cybersecurity breach weeks after stolen data was…
Operation Endgame Disrupts StealC Malware Infrastructure
Operation Endgame disrupted StealC infrastructure and seized millions of stolen credentials through a coordinated public-private effort. The post Operation Endgame Disrupts StealC Malware Infrastructure appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Ex-Huntress analyst claims company insider fed info to a ransomware crim. Social media drama ensues
Former employee accuses company of prioritizing pending IPO over client security This article has been indexed from www.theregister.com – Articles Read the original article: Ex-Huntress analyst claims company insider fed info to a ransomware crim. Social media drama ensues
Curl Fixes a 25-Year-Old Bug in Its Largest CVE Release Yet
Curl fixed 18 vulnerabilities, including a 25-year-old bug, with issues spanning auth bypass, memory safety, and host validation in libcurl. Curl maintainers addressed eighteen vulnerabilities with a single update, and one of them goes back 25 years. That’s not a…
Polymarket says hackers stole users’ funds
The prediction market giant Polymarket said it’s refunding users who had funds stolen due to a third party breach. This article has been indexed from Security News | TechCrunch Read the original article: Polymarket says hackers stole users’ funds
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 15, 2026 to June 21, 2026)
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not…
Interpol: Cybercrime Hits 30% of Recorded Crime in Surveyed APAC Countries
Interpol’s latest Asia and South Pacific cybercrime assessment shows how phishing, ransomware, DDoS attacks, infostealers, and AI-enabled scams are raising security risks across APAC. The post Interpol: Cybercrime Hits 30% of Recorded Crime in Surveyed APAC Countries appeared first on…
Denmark Ordered to Pay $12M Over Huawei Equipment Removal
A Danish court ordered the state to compensate TDC NET after the removal of Huawei fiber-network equipment, raising questions about telecom security costs. The post Denmark Ordered to Pay $12M Over Huawei Equipment Removal appeared first on TechRepublic. This article…
Beware of “Parcel Expert” job offers: They’re parcel mule scams
Most parcel mule scams start with fake job offers that trick victims into handling stolen goods. This article has been indexed from Malwarebytes Read the original article: Beware of “Parcel Expert” job offers: They’re parcel mule scams
IT Security News Hourly Summary 2026-06-25 21h : 5 posts
5 posts were published in the last hour 18:34 : Cisco Unified CM SSRF Flaw Is Being Exploited to Drop Webshells 18:34 : Russia Used Cellebrite Tool to Hack Activist’s iPhone Despite Contract Cancellation 18:6 : Beyond IOCs: AI-enabled threat…
Cisco Unified CM SSRF Flaw Is Being Exploited to Drop Webshells
CVE-2026-20230, an SSRF in Cisco Unified CM’s WebDialer component, is being actively exploited via Tor to chain file writes into persistent webshells. Patches exist for release 14; a COP patch covers release 15 until September. Cisco Unified CM SSRF Flaw…
Russia Used Cellebrite Tool to Hack Activist’s iPhone Despite Contract Cancellation
Russian authorities deployed Cellebrite’s Universal Forensic Extraction Device (UFED) to breach the iPhone of opposition politician Andrey Pivovarov in June 2021, months after the Israeli surveillance firm publicly announced it had terminated all contracts with Russian customers, according to a…