IT Security News Daily Summary 2026-06-02

161 posts were published in the last hour

• 21:2 : Threat Actor Uses Stolen Gemini API Keys to Automate Telegram Influence Campaign
• 21:2 : WordPress Malware Abuses Steam Community Profiles for C2 Operations
• 20:32 : Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks
• 20:4 : The Missing `bandit` for AI Agents: How I Built a Static Analyzer for Prompt Injection
• 20:4 : The Meta AI Account Recovery Incident Wasn’t Just a Chatbot Problem
• 20:4 : Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
• 19:34 : CISA Urges Stronger Security for Automatic Tank Gauge Systems
• 19:34 : Identify unused AWS KMS keys and prevent accidental key deletions
• 19:5 : IT Security News Hourly Summary 2026-06-02 21h : 12 posts
• 19:3 : The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)
• 19:2 : Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling
• 19:2 : These convincing copyright notices are designed to steal Google logins
• 19:2 : Cisco sings Mythos’ praises – but doesn’t say how many bugs the model uncovered
• 19:2 : Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
• 19:2 : Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
• 18:32 : Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling
• 18:32 : CISA and Partners Urge Hardening Automatic Tank Gauge Systems
• 18:32 : Russia Says Foreign Spyware Found on High-Ranking Officials’ Mobile Phones
• 18:32 : Red Hat Confirms Supply Chain Compromise of @redhat-cloud-services npm Packages
• 18:32 : Attackers Abuse AWS, Google Cloud, Cloudflare, and Microsoft Services to Hide Malicious Traffic
• 18:32 : Microsoft Build 2026: Securing code, agents, and models across the development lifecycle
• 18:4 : Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware
• 18:4 : Trump signs EO seeking early government access to powerful AI models
• 17:34 : Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk
• 17:34 : Instagram Account Hijacks Expose the Security Risks of AI-Powered Support
• 17:3 : Attackers Actively Exploiting Critical Vulnerability in Burst Statistics Plugin
• 17:3 : Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis
• 17:2 : Dozens of Red Hat npm packages targeted in supply chain attack
• 16:32 : Google Patches Android Zero-Day Under Active Exploitation
• 16:32 : U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
• 16:32 : Secure multi-tenant AI agents with Amazon Bedrock AgentCore resource-based policies
• 16:5 : IT Security News Hourly Summary 2026-06-02 18h : 13 posts
• 16:3 : How to prepare security controls for future AI regulations
• 16:3 : Password manager Dashlane says hackers stole some customers’ password vaults
• 16:3 : Dozens of Red Hat npm packages targeted in supply- chain attack
• 15:34 : Online Shopping Red Flags That Could Signal Fraud and Financial Scams
• 15:34 : Megalodon Malware Backdoors 5,500+ GitHub Repos in 6-Hour Supply-Chain Attack
• 15:34 : Infosecurity Europe: NCSC Urges Immediate Action to Boost Resilience as Uncertainty Persists
• 15:34 : Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators
• 15:6 : Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts
• 15:5 : Anthropic scales Claude Mythos to critical infrastructure in 15+ countries
• 15:5 : Russian spy agency says foreign spies turned officials’ smartphones into surveillance devices
• 15:5 : Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities
• 15:5 : Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
• 15:5 : Infosecurity Europe: Cybersecurity Teams Which Don’t Leverage AI are “Doomed to Fail”
• 14:35 : SolyxImmortal Python Malware Steals Browser Passwords, Cookies, Files, and Keystrokes
• 14:34 : Hackers Use 34 Malicious Packages to Steal Cloud Keys, Wallets, and SSH Credentials
• 14:34 : Mustang Panda Deploys PlugX RAT Through Multi-Stage LNK and PowerShell Attack Chain
• 14:34 : Microsoft MSRC Allegedly Dismissed Dependency Confusion Vulnerability, Claims Researcher
• 14:34 : CISA Flags Palo Alto Networks PAN-OS Vulnerability as Exploited in Attacks
• 14:34 : Cyber Briefing: 2026.06.02
• 14:3 : Anthropic Expanding Mythos Access to 150 New Organizations
• 14:3 : Tuskira Quell identifies, mitigates, and validates zero-day risk before breach
• 14:3 : Noma brings visibility and access governance to AI agents and MCP servers
• 14:2 : Infosecurity Europe: Bayer Reinvents Security Awareness Training to Counter AI Threats
• 13:33 : 5 AI Security Incidents That Broke Things in Production (and What They Have in Common)
• 13:32 : Anthropic’s Mythos Preview Detects Over 10,000 Software Bugs in Project Glassing
• 13:32 : 64,000 accounts exposed in breach of GTA V cheat service Atlas Menu
• 13:32 : Meta adds stricter guardrails for teen feeds
• 13:32 : Turning tension into collaboration: How CIOs and CISOs can lead together
• 13:5 : LABScon25 Replay | Gamaredon x Turla: Unveiling a 2025 Espionage Alliance Targeting Ukraine
• 13:5 : Stolen Gemini API Keys Fuel Automated Telegram Influence Campaign
• 13:5 : Microsoft reaches for olive branch after public dustup with 0-day researcher
• 13:5 : IT Security News Hourly Summary 2026-06-02 15h : 11 posts
• 13:5 : Codex knowledge work expands into research, reports, and spreadsheets
• 13:4 : Operation FlutterBridge macOS Malvertising Campaign
• 13:4 : PSNI warns of phone number spoofing scam
• 13:4 : UK Firms Prioritize AI Threat Preparedness
• 13:4 : California sues 23andMe over 2023 genetic data breach
• 13:4 : Microsoft Threatens Security Researcher
• 12:32 : New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions
• 12:32 : Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches
• 12:32 : The Zero-Knowledge Threat Actor and the End of Responsible Disclosure
• 12:32 : Google fixes actively exploited Android vulnerability (CVE-2025-48595)
• 12:32 : AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
• 12:3 : Halo Security Honored with 2026 MSP Today Product of the Year Award
• 12:3 : Claude Code GitHub Actions Flaw Exposes Repositories to Full Compromise
• 12:3 : Mustang Panda Uses LNK, PowerShell Chain to Deploy PlugX RAT
• 12:3 : Foreign Spyware Found on Phones of Top Russian Officials
• 12:3 : Critical KMW CCTV Flaw Allows Unauthorised Access to Surveillance Feeds
• 12:3 : Wardriving assessment across Mexico: Preparing for the 2026 World Cup
• 12:3 : Hackers Deploy AZUREVEIL Adaptix C2 Agent via Spearphishing Campaign
• 12:3 : Claude Code’s GitHub Actions Vulnerability Lets Attackers Compromise Any Repository
• 12:2 : TP-Link Router Vulnerability Allows Attackers to Execute Arbitrary System Commands
• 12:2 : Claude celebrates Anthropic’s stock market float with blockbuster … outage
• 12:2 : Oracle WebLogic Vulnerability Exploited in the Wild
• 12:2 : Diligent automates cyber risk assessments and reporting
• 11:32 : The Intersection of Encryption and AI
• 11:32 : How Leading Organizations Are Turning EDR Into Operational Resilience
• 11:3 : Microsoft Threatening Security Researcher
• 11:3 : Northern Ireland cops issue PSA after official phone number spoofed by scammers
• 11:3 : Meta AI Hands Over High-Profile Instagram Accounts to Hackers
• 11:2 : Microsoft Entra pushes passkeys, tightens identity security
• 11:2 : Threat Actor Uses AI to Build EDR Evasion Tools
• 10:32 : Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
• 10:32 : CISA Warns of Active Exploitation of Palo Alto Networks PAN-OS Vulnerability
• 10:32 : The Manhattan Institute Helped Kill DEI. Now It’s Coming for Protests
• 10:32 : PHANTOMPULSE RAT Uses Process Injection and UAC Bypass to Compromise Windows Systems
• 10:32 : Web App and API Attacks are Rising: Are You Blind to AI Web Attacks? Join Free WAAP Security Webinar
• 10:32 : 23andMe exposed genetic information of millions, lawsuit says
• 10:32 : Sophos uncovers AI-powered malware lab built for EDR evasion
• 10:5 : IT Security News Hourly Summary 2026-06-02 12h : 10 posts
• 10:3 : Alphabet Plans $80bn Equity Raise For AI Spending
• 10:3 : Palo Alto warns of active exploitation of GlobalProtect authentication bypass flaw
• 10:3 : Supply Chain Attack Hits 32 Red Hat NPM Packages
• 10:3 : Red Hat npm packages compromised in new Mini Shai-Hulud malware wave
• 10:2 : Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
• 10:2 : Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
• 10:2 : Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve
• 9:32 : Motorola Solutions Buys Israeli Anti-Drone Tech Maker
• 9:32 : ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short
• 9:32 : Fake virus alerts are invading mobile games
• 9:3 : EU Cloud Procurement Plan Could Shut Out US Giants
• 9:3 : Gamaredon APT Hides Malware in Windows Features and Abuses Cloud Platforms for C2
• 9:3 : Dashlane Password Manager User Accounts Locked Following Brute-Force Attacks
• 9:3 : Critical StrongDM Vulnerability Allows Attackers to Steal and Reuse Authentication
• 9:3 : Android 0-Day Vulnerability Exploited in Attacks to Gain Complete Device Control
• 9:3 : Nimbus Manticore APT Abuses Fake Recruitment Portal to Deliver Custom Malware
• 9:3 : OpenAI brings frontier AI to existing AWS environments
• 9:2 : Cybanetix unveils Managed AI Service to secure users, models, and agents
• 9:2 : KDE Linux security audit cuts kernel modules and unused packages
• 8:32 : SoftBank Promises €45bn For French AI Hub
• 8:32 : 34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
• 8:32 : Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks
• 8:32 : CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation
• 8:32 : Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads
• 8:31 : Infosecurity Europe: Business Leaders Lack Understanding of Threat Intelligence, Study Warns
• 8:2 : Florida Sues OpenAI Over Safety Practices
• 8:2 : Offline-First Patch Management for 10,000 Edge Nodes: A Practical Architecture That Scales
• 8:2 : Sensitive government personnel data posted online, Spanish police arrest suspect
• 7:32 : New Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)
• 7:32 : Google Engineer Charged With Insider Trading
• 7:32 : Critical StrongDM Flaw Exposes Users to Authentication Token Theft and Reuse
• 7:32 : Hackers Use Spearphishing to Deploy AZUREVEIL Adaptix C2 Agent
• 7:32 : Oracle’s First Monthly Patches Resolve 77 Vulnerabilities
• 7:31 : Meta AI hands over Instagram access, Dutch police dismantle botnet, RedHat packages backdoored
• 7:5 : IT Security News Hourly Summary 2026-06-02 09h : 5 posts
• 7:3 : Man Fined After Claiming Littering Video Was AI-Generated
• 7:3 : Anthropic Files Confidentially For US IPO
• 7:2 : RSA extends passwordless authentication to Linux environments
• 6:32 : SolyxImmortal Malware Steals Passwords, Cookies, Files, and Keystrokes
• 6:32 : GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
• 6:2 : TP-Link Router Security Bug Enables Remote Command Execution Attacks
• 6:2 : PHANTOMPULSE RAT Uses UAC Bypass to Hijack Windows Systems
• 6:2 : Zero trust physical security needs trust decisions at the edge
• 5:32 : Red Hat Cloud Services npm Packages Hijacked in Credential-Theft Malware Campaign
• 5:32 : Nimbus Manticore APT Uses Fake Jobs to Deliver Custom Malware
• 5:32 : Meta’s AI Bot Misused by Hackers to Take Over Instagram Accounts
• 5:32 : Why you need BAS and autonomous pentesting together
• 5:32 : Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
• 5:2 : U.S. Lawmakers Press Telecom Providers for More Action Against Growing Scam Epidemic
• 5:2 : This AI model backdoor attack stays hidden until you customize the model
• 4:31 : Cybersecurity jobs available right now: June 2, 2026
• 4:5 : IT Security News Hourly Summary 2026-06-02 06h : 1 posts
• 4:2 : Hackers Use Meta’s AI Bot to Reset Passwords and Hijack Instagram Accounts
• 2:2 : ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)
• 23:2 : Why Encrypted File Sharing Is Essential for Modern Businesses
• 22:32 : Fake Claude Code Installers Deliver Credential-Stealing Malware
• 22:5 : IT Security News Hourly Summary 2026-06-02 00h : 2 posts
• 22:3 : Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
• 21:55 : IT Security News Daily Summary 2026-06-01