The U.S. offers up to $10M for information on Russian hackers targeting Signal and WhatsApp accounts of officials and journalists. The U.S. government is offering rewards of up to $10 million for information leading to the identification of members of…
Four years into Ukraine invasion, Russia turns influence-ops back to US and Europe
Not today, Putin This article has been indexed from www.theregister.com – Articles Read the original article: Four years into Ukraine invasion, Russia turns influence-ops back to US and Europe
Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs
Hundreds of contractors working on a project for Meta pretended to be kids—and then prompted rival chatbots like Gemini and ChatGPT to discuss high-risk subjects. This article has been indexed from Security Latest Read the original article: Meta Contractors Posed…
Vulnerability Summary for the Week of June 22, 2026
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info abhisheksaha11–URL Preview The URL Preview plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0 via the ‘url’ parameter. This makes it…
IT Security News Hourly Summary 2026-06-30 00h : 2 posts
2 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-06-29 21:31 : 212 New Venezuela Earthquake Domains Prompt Donation Scam Warnings
IT Security News Daily Summary 2026-06-29
136 posts were published in the last hour 21:31 : 212 New Venezuela Earthquake Domains Prompt Donation Scam Warnings 21:3 : TONResolver RAT Abuses TON Blockchain to Target Japan’s Hotel Industry 21:3 : Update Chrome Now: Google Fixes 18 Security…
212 New Venezuela Earthquake Domains Prompt Donation Scam Warnings
Researchers spotted 212 new domains registered after Venezuela’s earthquake, warning donors of donation scam risks and urging them to verify relief sites first. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
TONResolver RAT Abuses TON Blockchain to Target Japan’s Hotel Industry
In this blog entry, TrendAI™ Research examines a wave of phishing emails observed in May 2026 that targeted Japanese accommodation facilities using Booking.com, detailing the victims, attack techniques used, and characteristics of the malware involved. This article has been indexed…
Update Chrome Now: Google Fixes 18 Security Flaws, Including Critical Bugs
Google’s Chrome 149 security update fixes 18 bugs, including four critical flaws affecting WebGL, Autofill, and Blink components. The post Update Chrome Now: Google Fixes 18 Security Flaws, Including Critical Bugs appeared first on TechRepublic. This article has been indexed…
North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis
SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for C2. The post North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis appeared first on TechRepublic. This article has been indexed…
AI-Driven Identity Attacks Are Surging, PwC Warns
AI has given cybercriminals a big advantage in attacking organizations, which they are using to go after weaknesses on edge devices The post AI-Driven Identity Attacks Are Surging, PwC Warns appeared first on TechRepublic. This article has been indexed from…
KDDI Data Breach May Expose 14.2 Million Email Accounts
KDDI disclosed a breach that may have exposed up to 14.2 million email accounts after attackers exploited a third-party software vulnerability. The post KDDI Data Breach May Expose 14.2 Million Email Accounts appeared first on eSecurity Planet. This article has…
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-48558 SimpleHelp Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant…
Anonymous researcher drops 0-day ‘exploitarium’ repo
At least two vulnerabilities are already under attack This article has been indexed from www.theregister.com – Articles Read the original article: Anonymous researcher drops 0-day ‘exploitarium’ repo
What the June 2026 Threat Technique Catalog update means for your AWS environment
The AWS Customer Incident Response Team (AWS CIRT) encounters patterns that repeat across engagements when helping customers respond to security incidents. We’re passionate about making sure that information is accessible so that everyone can improve their security posture and their…
8 key aspects of a mobile device security audit program
<p>To protect corporate data and prevent security incidents, IT must have a program in place to audit the mobile endpoints that access business systems and data.</p> <p>What falls under the category of “mobile device” for auditing has evolved over the…
Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting…
IT Security News Hourly Summary 2026-06-29 21h : 1 posts
1 posts were published in the last hour 18:31 : Why mobile security audits are important in the enterprise
Why mobile security audits are important in the enterprise
<p>Mobile devices in the enterprise are an increasingly large target for cyberattacks. Mobile security audits help IT identify device, app, network and user risks before those risks lead to data loss or unauthorized access.</p> <p>With the growing amount of both…
U.S. Seizes Hundreds Domains Used to Stream World Cup Matches Illegally
The U.S. Department of Justice (DOJ) has announced the seizure of nearly 400 domains used to illegally stream FIFA World Cup 2026 matches, marking a significant crackdown on global digital piracy networks. The operation, conducted under “Operation Offsides,” targeted websites…
New Claude Code Attack Allows Attackers to Take Full Control of Developers’ Systems
Researchers at Mozilla’s Zero Day Investigative Network (0DIN) have demonstrated a proof-of-concept attack that shows how a completely clean-looking GitHub repository can trick AI-powered coding agents like Claude Code into silently opening a reverse shell on a developer’s machine, without…
EvilTokens Phishing Breaches Finance Firms Using “Ghost” Code Across U.S. and European Businesses
EvilTokens can keep serious account-takeover activity out of your SOC’s view by relying on “ghost” code that only surfaces after the browser decrypts it. Because of this, analysis that looks only at the static URL can overlook the part of the…
WhatsApp Launches New Username Feature to Communicate Without Exposing Phone Numbers
WhatsApp introduces a new privacy update that lets users connect using unique handles, eliminating the need to share phone numbers with strangers or new group members. Earlier, we detailed that WhatsApp is preparing to roll out a long-anticipated username feature.…
Critical Gemini CLI Vulnerability Lets Attackers Execute Arbitrary Code
A critical security vulnerability in Google’s Gemini CLI has been disclosed, allowing attackers to execute arbitrary code in certain CI/CD environments, particularly GitHub Actions workflows. The issue, tracked as CVE-2026-12537, impacts multiple versions of the Gemini CLI and its related…