Splunk has disclosed a critical security vulnerability in its AI Toolkit that could allow authenticated administrators to execute arbitrary operating system commands on affected systems, raising significant concerns for enterprises that rely on Splunk for security analytics and automation. The…
Critical Command Execution Vulnerability Patched in Cisco ISE
Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root. The post Critical Command Execution Vulnerability Patched in Cisco ISE appeared first on SecurityWeek. This article has been indexed…
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
Cisco Talos detailed a new approach to reverse engineering that pairs local AI agents with traditional analysis tools like the VB6 disassembler vbdec. Instead of awkwardly bolting AI onto the software, vbdec exposes its parsed data through a live COM…
Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents
Tenet researchers reveal how fake Sentry bug reports can trick AI coding agents into running code, exposing a new Agentjacking risk for developers today. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity
A long-running, stealthy campaign attributed to the China-nexus actor tracked as Velvet Ant has been found to include deeply engineered backdoors in the authentication stack: modified OpenSSH binaries and tampered PAM modules that exfiltrate credentials, record every executed command, and…
FortiBleed Exploit Campaign Hits 70,000+ Fortinet Firewalls Worldwide
A large-scale cyber espionage campaign dubbed “FortiBleed” has compromised more than 70,000 Fortinet firewalls and VPN gateways worldwide, exposing enterprise networks across 194 countries. The activity, first identified by security researcher Volodymyr Diachenko and further analyzed by Hudson Rock and…
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on…
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the…
Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
The photography giant confirmed a data breach after ShinyHunters claimed it stole 2.2 million records and threatened to leak them. This article has been indexed from Malwarebytes Read the original article: Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
F5 Patches Critical, High-Severity NGINX Vulnerabilities
Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code. The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
IT Security News Hourly Summary 2026-06-18 12h : 6 posts
6 posts were published in the last hour 9:34 : Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads 9:34 : GentleKiller targets more than 400 security processes across 48 products 9:34 : Hostile States Behind 75% of…
Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads
A novel evolution of LLMjacking: a threat actor leveraging a publicly exposed Ollama model server as the reasoning engine for an automated, multi-stage offensive framework. Rather than using the model for chat or resale, the attacker integrated unauthenticated model inference…
GentleKiller targets more than 400 security processes across 48 products
Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR) products,…
Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Google to Use IP Addresses for Ad Personalization in UK and EU Starting August 3
Google has informed advertisers that starting on or shortly after August 3, 2026, it will begin using IP addresses for ad measurement and personalization in the Thank you for being a Ghacks reader. The post Google to Use IP Addresses…
UK Orders Google To Increase Search Transparency
CMA tells Google that search rankings must be fairer and more transparent, after businesses complain of unexpected changes This article has been indexed from Silicon UK Read the original article: UK Orders Google To Increase Search Transparency
SailPoint to Acquire Entro in Reported $200 Million Deal
Israel-based Entro specializes in non-human identity and credential security solutions, and it will enable SailPoint to enhance its products. The post SailPoint to Acquire Entro in Reported $200 Million Deal appeared first on SecurityWeek. This article has been indexed from…
Key Meta Internal AI Exec To Leave Company
Emily Dalton Smith, in charge of key part of Meta’s unpopular internal AI strategy, to exit as $2bn Manus deal unravels This article has been indexed from Silicon UK Read the original article: Key Meta Internal AI Exec To Leave…
Hackers Crack Corporate, Government VPNs In Major Incident
Researcher accidentally uncovers trove of credentials for 75,000 Fortinet firewalls including US government agencies, major companies This article has been indexed from Silicon UK Read the original article: Hackers Crack Corporate, Government VPNs In Major Incident
Cybercrime Surges in APAC as Digitalization Takes Hold
Interpol claims cybercrime accounts for third of crime in over half of Asia and South Pacific countries This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercrime Surges in APAC as Digitalization Takes Hold
AI-Generated ClickFix Campaign Delivers SmartRAT Banking Trojan via Fake Brazilian Bank Website
Multiple instances of typosquatting domains hosting malicious content generated with AI-powered website creation tools. One striking campaign combined an AI-created fake Brazilian bank site with a ClickFix social-engineering lure to deliver a PowerShell-based remote access trojan Zscaler named SmartRAT. The…
FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls
FortiBleed: Admin Passwords for 75,000 Fortinet Firewalls Are Out in the Wild. Half the Internet-Facing Fortinets on the Planet. Security researcher Bob Diachenko found a server sitting open on the internet containing what appeared to be valid Fortinet VPN credentials,…
Blue Planet helps service providers reduce risk with unified network change governance
Blue Planet is closing the governance gap in network operations by unveiling Blue Planet Configuration and Change Management (CCM), unifying device configuration, change, and lifecycle management across multi-vendor networks. Backed by Blue Planet’s deep Operations Support System (OSS) expertise, CCM…
New 42Crunch plugin helps developers find and fix API vulnerabilities in GitHub Copilot
42Crunch has announced the availability of the 42Crunch API Security Testing Plugin for GitHub Copilot. This latest advance enables developers to continuously audit, test, remediate and validate API security vulnerabilities directly within AI-assisted development workflows. Organizations are struggling to secure…