Anthropic begins restoring customer access to Fable 5 and Mythos 5 models after US Commerce Department says security issues addressed This article has been indexed from Silicon UK Read the original article: Anthropic Restores Access After US Restrictions Lifted
ChocoPoC Campaign Abuses GitHub PoC Repositories to Steal Browser Credentials
A coordinated supply-chain campaign has been weaponizing GitHub proof-of-concept (PoC) repositories to compromise vulnerability researchers and penetration testers, delivering a stealthy Python Remote Access Trojan (RAT) dubbed “ChocoPoC.” The lure is simple and effective: newly disclosed high-severity CVEs create urgency…
Hackers shoveled snow for company, were rewarded with network admin access
Fortunately, they were professional red teamers. Unfortunately, they pwned the network This article has been indexed from www.theregister.com – Articles Read the original article: Hackers shoveled snow for company, were rewarded with network admin access
IT Security News Hourly Summary 2026-07-02 09h : 5 posts
5 posts were published in the last hour 7:4 : SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation 6:34 : The endpoint recovery gap many teams discover during an incident 6:5 : Royal Navy To Build Drone Warships…
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-45659 (CVSS score: 8.8), is a…
The endpoint recovery gap many teams discover during an incident
In this interview with Help Net Security, IGEL CTO Matthias Haas explains why backups alone do not equal recovery. He makes the case that endpoint recovery is often overlooked, leaving organizations exposed when thousands of devices go down at once.…
Royal Navy To Build Drone Warships
Ministry of Defence plans hybrid approach for naval development, with crewed vessels directing range of drone platforms This article has been indexed from Silicon UK Read the original article: Royal Navy To Build Drone Warships
LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts
A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million login attempts. This campaign has led to at least 78 confirmed account compromises across 64 organizations between June…
Attackers Downgrade WDigest Protection to Dump Plaintext Credentials With Mimikatz
An incident that began with innocuous enumeration commands but quickly escalated into a focused, multi-stage effort to impair detection and extract credentials. The intruder uploaded a steganographic webshell to an IIS server, used the process w3wp.exe to run OS reconnaissance…
Review: CTRL+ALT+PWN
Hacking gear that once sat in well-funded labs now ships to anyone with a credit card and a video tutorial. Frank Riccardi builds his consumer guide, CTRL+ALT+PWN: The Hacker’s Playbook (And How to Beat It), on that one condition. He…
Critical Cursor IDE Flaws Let Attackers Execute Code via Zero-Click Prompt Injection
Two significant remote code execution (RCE) vulnerabilities in the widely used Cursor ID expose developers to zero-click attacks driven by prompt injection. These vulnerabilities, tracked as CVE-2026-50548 and CVE-2026-50549, collectively known as “DuneSlide,” carry a CVSS score of 9.8. They…
Browser-Only Ransomware Uses File System Access API to Encrypt Files Without Malware Installation
A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level malicious ideas into operational attack chains without any native payload. The proof-of-concept leverages a social engineering…
Catching ransomware on the wire before it locks the file server
Corporate networks keep sensitive files off individual workstations and store them on shared servers that staff reach through mapped network drives. That arrangement hands ransomware operators a target worth chasing. A single compromised laptop can begin encrypting files that live…
Scattered Spider Hacker Arrested in Finland and Extradited to U.S. Over Cyber Intrusion Charges
U.S. authorities have announced federal charges against an alleged member of the notorious cybercriminal group Scattered Spider, following his arrest in Finland and extradition to the United States. The defendant, identified as 19-year-old Peter Stokes, a dual national of the…
FortiBleed Campaign Linked to INC and Lynx Ransomware Operations
A direct operational link between the large-scale FortiBleed credential-harvesting campaign and two active ransomware-as-a-service (RaaS) groups: INC Ransom and Lynx. This finding provides the first confirmed evidence that mass theft of FortiGate credentials is being integrated into ransomware deployment processes,…
What the AI patch gap means for enterprise security
Open-source maintainers are receiving more vulnerability reports than they can act on, and a rising share now comes from an AI system working at machine speed. Over roughly two months this spring, Anthropic’s Claude Mythos Preview combed through more than…
CISA Warns of SimpleHelp Authentication Bypass Vulnerability Exploited in Attacks
CISA has issued a warning about a critical authentication bypass vulnerability in SimpleHelp that is actively being exploited in the wild, raising concerns among organizations relying on the remote support software. The vulnerability, tracked as CVE-2026-48558, affects SimpleHelp deployments configured…
WhatsApp Username Reservations Go Live – What Are the Security Concerns for 2 Billion Users
WhatsApp has begun allowing users to reserve usernames ahead of a broader feature launch planned for later this year, prompting a wave of questions about security, impersonation risk, and account linkage that security researchers should be tracking closely. According to…
Alleged Scattered Spider Member Extradited to the US for His Role in Hacking 100+ Networks
A dual U.S.-Estonian citizen accused of belonging to the notorious Scattered Spider hacking collective has been extradited from Finland to face federal charges in the Northern District of Illinois, the Department of Justice announced Tuesday. Peter Stokes, 19, was arrested…
FortiBleed Password Stealing Attack Linked to INC and Lynx Ransomware Operations
FortiBleed credential-harvesting campaign, which has compromised more than 430,000 FortiGate firewalls worldwide, is directly feeding two active ransomware-as-a-service operations, INC Ransom and Lynx. SOCRadar’s Threat Research Unit identified an operator with access to FortiBleed infrastructure actively logged into negotiation panels…
GitHub’s new tool helps prevent costly open-source license violations
GitHub’s Open Source Program Office (OSPO) uses the new GitHub License Compliance feature, now in public preview, to manage thousands of open-source dependencies and identify dependencies whose licenses require review. The feature is available to GitHub Advanced Security customers and…
ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, July 2nd, 2026…
Healthcare Cybersecurity Threats Persist in 2026
SonicWall found healthcare remains the top cybersecurity target, with rising malware, ransomware, and medical IoT threats. The post Healthcare Cybersecurity Threats Persist in 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Code Injection in Perforce Helix Core (CVE-2026-6902)
Executive Summary In this article, we disclose our latest findings we made on Perforce protocol P4 (Helix Core) between command line client and server, and reveal how a threat actor could leverage it to conduct attacks. This security issue affects P4 (Helix Core) before P4 (Helix Core) 2025.2 Patch 2, was patched and was attributed a…