IT Security News Daily Summary 2026-06-04

174 posts were published in the last hour

• 21:32 : Quarterly WordPress Threat Intelligence Report – Q1 2026
• 21:32 : Defense tech, AI, and fundraising take center stage at StrictlyVC Los Angeles on June 18
• 20:34 : Deepfakes, AI Scams, and the Future of Social Media Safety
• 20:4 : IronWorm Supply Chain Attack Uses Malicious npm Packages to Steal Developer Secrets
• 19:34 : OpenAI’s agent chained decade-old DoS attacks to crash web servers in seconds
• 19:34 : Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us
• 19:34 : Gain visibility into DDoS attacks with flow logs in AWS Shield Advanced
• 19:5 : IT Security News Hourly Summary 2026-06-04 21h : 6 posts
• 18:34 : Gartner SRM 2026 Signals a Cybersecurity Shift From Prevention to Resilience
• 18:34 : Imperva Customers Protected Against CVE-2026-49975 (HTTP/2 Bomb) DoS
• 18:34 : Cybercriminals Shift From Fake Login Pages to Infostealer Malware in Phishing Attacks
• 18:34 : Anthropic’s Claude Oceanus-v1-p Opens to Red Team Testing, but Distribution is Compromised
• 18:34 : CISA Warns of critical Magento Cache Warmer RCE flaw Exploited in Attacks
• 18:34 : Stock Exchange Executive’s Outlook Account Targeted to Exfiltrate Credentials
• 18:4 : Reporting from Vegas: Networking, AI, and good boys
• 18:4 : Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones
• 17:34 : iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil
• 17:34 : Malicious WhatsApp, Slack Alerts Could Have Exposed Millions of Android Users
• 17:34 : US Firms Try DeepSeek as Silicon Valley AI Costs Rise
• 17:34 : Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now
• 17:34 : U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
• 17:34 : Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
• 17:5 : Researchers Show How Android Notifications Could Be Used to Manipulate Google Gemini
• 16:34 : Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
• 16:34 : CISA chief says Trump AI executive order implementation will start soon
• 16:5 : IT Security News Hourly Summary 2026-06-04 18h : 17 posts
• 16:2 : GTA 6 Pre-Order Hype Triggers Wave of Scams and Malware Attacks on Fans
• 16:2 : AI Cybersecurity Tools Raise Questions About the Future of Ethical Hacking Competitions
• 16:2 : Customize federated sign-in with new Amazon Cognito Lambda trigger
• 16:2 : CISA chief says Trump AI EO implementation will start soon
• 15:35 : Why eSIMs Are Replacing Traditional SIM Cards
• 15:35 : Hitachi Energy RTU500
• 15:35 : B&R PPT30 Operating System
• 15:35 : Hitachi Energy ITT600 Explorer
• 15:35 : Hitachi Energy MACH HiDraw
• 15:35 : NAVTOR NavBox
• 15:34 : Payouts King Ransomware Evades EDR With Obfuscation and Direct System Calls
• 15:34 : Kali365 PhaaS Operation Expands Beyond Microsoft 365 to Target Okta and MAX Messenger
• 15:34 : Weaponized ChatGPT Download Site Delivers Malware Via Sponsored Search Results
• 15:34 : Proofpoint Warns TA4922 Deploys Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT
• 15:34 : Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk
• 15:34 : Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
• 15:34 : CrowdStrike, Palo Alto Networks defy estimates as AI fuels cyber demand
• 15:4 : Wordfence Intelligence Weekly WordPress Vulnerability Report (May 25, 2026 to May 31, 2026)
• 15:4 : Chinese spies are using LinkedIn to lure Westerners into sharing sensitive information
• 15:4 : Webinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to Respond
• 14:34 : OpenAI’s Altman Urges Minimal Regulation In Washington Meetings
• 14:34 : Barracuda Finds Malicious Microsoft 365 Logins Are Blending In
• 14:34 : Willow Raises $7 Million for Securing Autonomous AI Agents
• 14:34 : ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
• 14:34 : Cyber Briefing: 2026.06.04
• 14:4 : Infosecurity Europe: AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns
• 14:4 : Chinese-Speaking Actor TA4922 Widens Its Global Reach
• 13:34 : Supply Chain Attack Hits Dozens of npm Packages via binding.gyp
• 13:34 : Fake Ghidra, dnSpy & SpiderFoot Sites Used to Spread Malware
• 13:34 : Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026
• 13:34 : Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges
• 13:34 : Cybercriminals Are Targeting the FIFA World Cup 2026
• 13:6 : Putting CLIMATE into Practice: Building an Inventory Management Plan
• 13:5 : Lazarus Group Uses npm Brandjacking Campaign to Target Developers
• 13:5 : Compliance Automated Standard Solution (COMPASS), Part 11: Compliance as Code, the OSCAL MCP Server Way
• 13:5 : Hackers Abusing Microsoft Teams and Google Drive to Deploy Remote Access Malware
• 13:5 : Hackers Actively Exploiting WordPress Plugin Vulnerability to Inject Malicious PHP Code
• 13:5 : Gemini Voice Assistant Hijacked via Messaging Notifications
• 13:5 : Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
• 13:5 : Fake invoice phishing campaign caught mid-rollout
• 13:5 : Ultrahuman breach exposes wellness data via stolen credentials
• 13:5 : Android Introduces Fake Call Detection Feature
• 13:5 : xAI Seeks to Unmask Deepfake Victims in Lawsuit
• 13:5 : Tech Force struggles to hire 1,000 technologists
• 13:5 : IT Security News Hourly Summary 2026-06-04 15h : 9 posts
• 12:32 : Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting
• 12:32 : Winning the cyber marathon with Tony Giandomenico
• 12:32 : Malicious Ads Target macOS Users with FlutterShell Backdoor
• 12:32 : Why Local AI Agents Are Creating a New Governance Blind Spot
• 12:32 : Mirasvit Vulnerability Exploited to Execute Code on Magento Servers
• 12:32 : OAuth marketplace apps keep access after publishers vanish
• 12:32 : FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
• 12:32 : China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
• 12:31 : Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services
• 12:5 : Fake Claude Code Installer Spreads Fileless .NET Infostealer
• 12:4 : Comodo Internet Security 0-Day Flaw Triggers Windows System Crashes
• 12:4 : Travel scams are everywhere. Here’s how to avoid them
• 12:4 : Five Eyes: Watch out for odd LinkedIn connection requests, China’s back on the hunt for state secrets
• 11:34 : Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets
• 11:34 : Hacking Meta’s AI Chatbot
• 11:34 : Duo who sold car crash victims’ data must repay £118k
• 11:34 : Chinese Cybercrime Group in Spotlight for Record Campaign Pace
• 11:5 : Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff
• 11:4 : Hackers Use Fake Chrome Web Store Copyright Notices to Steal Google Credentials
• 11:4 : CISA Warns of Android Framework Integer Overflow Vulnerability Exploited in Attacks
• 11:4 : Cisco Unified Communications Manager Vulnerability Exposed Along With PoC Exploit Code
• 11:4 : Comodo Internet Security 0-Day Vulnerability Lets Attacker Crash the User’s Windows System
• 11:4 : Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown
• 10:34 : IronWorm npm Attack Steals Developer Secrets
• 10:34 : Shadow Brokers Mystery Remains One of Cybersecurity’s Biggest Unsolved Cases
• 10:5 : Stock Exchange Executive’s Outlook Targeted in Credential Theft Attack
• 10:5 : How to secure data at rest, in use and in motion
• 10:5 : IT Security News Hourly Summary 2026-06-04 12h : 10 posts
• 10:5 : Frontline Workers Twice as Likely to Use Unapproved AI
• 10:4 : Meta’s AI support bot happily handed Instagram accounts to hackers
• 10:4 : Hackers Spied on a Stock Exchange Executive’s Outlook Mailbox for Five Months
• 10:4 : Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
• 9:32 : MP Sues xAI Over Sexualised Images
• 9:32 : Proofpoint: TA4922 Deploys New RAT and Loader Arsenal
• 9:32 : PoC Exploit Released for Cisco Unified Communications Manager Security Vulnerability
• 9:32 : Hackers Asked Meta AI To Hack Insta Account – Worked
• 9:32 : Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process
• 9:32 : Infosecurity Europe: How Businesses Can Prepare for a Cybersecurity Crisis with Effective Plans
• 9:4 : MPs Advise NHS To Dump Palantir
• 9:4 : Cisco Warns of Available PoC for Critical Unified CM Vulnerability
• 9:4 : Infosecurity Europe: Ukraine’s Experience Highlights the Need for Preparation and Resilience in Cybersecurity
• 8:34 : EU Launches Delayed Tech Sovereignty Proposals
• 8:34 : Malicious ChatGPT Download Website Tricks Users via Sponsored Search Listings
• 8:34 : Phishing Attacks Pivot to Infostealer Malware Over Fake Login Pages
• 8:34 : Lessons for life: Why children’s data is a long-term identity risk
• 8:34 : Scientists discover a quantum effect that could eliminate batteries
• 8:34 : VS Code Vulnerability Allows One-Click GitHub Token Theft
• 8:34 : CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
• 8:4 : DeepSeek Valuation Rises To $60bn In First Funding Round
• 8:4 : JINX-0164 Targets Crypto Firms With macOS Malware
• 8:4 : ClawHub, Cisco, and Vercel Skill Detection Tools Evaded by Malicious Uploads
• 8:4 : Infosecurity Europe: Raise Security Concerns with Procurement Now, Because Quantum Can’t Wait
• 7:34 : UN Recommends Omitting Politeness With AI To Save Power
• 7:34 : Kali365 PhaaS Expands to Okta, MAX Messenger Attacks
• 7:34 : 29 Arrests, Nine Crime Groups Dismantled: Another Blow to Illegal Streaming
• 7:34 : Dutch police, NCSC take down major botnet
• 7:34 : The missing link in cyber resilience: Bridging the identity visibility gap
• 7:34 : Fake Claude Code Installer Via Google Sites Deliver Credential-Stealing Malware
• 7:34 : Acer Working to Patch Wave 7 Router 0-day Vulnerability
• 7:34 : Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine
• 7:34 : Illegal streamers, EU digital sovereignty, cost of a cyber force
• 7:5 : IT Security News Hourly Summary 2026-06-04 09h : 13 posts
• 7:2 : Meta To Limit Some Aspects Of Employee Tracking
• 7:2 : Google Told To Allow UK Publishers To Opt Out Of AI Tools
• 7:2 : Payouts King Ransomware Bypasses EDR via Obfuscation and Direct Syscalls
• 7:2 : The modern-day business can learn a lot about risk from this year’s mega events
• 7:2 : DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets
• 6:32 : Microsoft’s Coreutils for Windows, (Thu, Jun 4th)
• 6:32 : FSB’s matryoshka #3/3 – Gamaredon’s gifts that keeps unpacking – GammaSteel
• 6:32 : Fake Chrome Web Store Copyright Alerts Used to Steal Google Logins
• 6:32 : CISA Alerts Users to Actively Exploited Android Framework Security Vulnerability
• 6:32 : Spotless compliance evidence can still hide a broken control
• 6:5 : Automated Bots Overtake Human Users in Global Internet Traffic for the First Time
• 6:5 : Acer Confirms Patch in Progress for Wave 7 Router 0-Day Flaw
• 6:5 : Hackers Exploit KnowledgeDeliver Bug to Install Web Shells
• 6:5 : From critical to controlled: Cutting vulnerabilities in a live manufacturing environment
• 5:34 : Hackers Exploit Google Gemini Flaw Using Malicious Messages from WhatsApp, Slack, and SMS
• 5:34 : Microsoft Introduces Always-On AI Agent Scout for Teams, Outlook, and More
• 5:34 : Fake Claude Code Installer on Google Sites Steals Credentials
• 5:34 : Attackers already know the secrets are on your developers’ machines. Do you?
• 5:4 : Bots Surpass Humans in Global Web Traffic for the First Time in Internet History
• 5:4 : All the passwords were stored in Active Directory description fields
• 5:4 : The Growing Threat of AI-Driven Exploitation in Vulnerability Management
• 5:4 : Product showcase: Trend Micro Mobile Security detects scams in messages, QR codes, and websites
• 4:34 : ETSI sets security requirements for AI data centers and cloud platforms
• 4:5 : IT Security News Hourly Summary 2026-06-04 06h : 1 posts
• 3:31 : Signed Lenovo Driver Could Be Misused to Shut Down Security Software, Researcher Warns
• 3:2 : Microsoft Unveils Always-On AI Agent Scout to Integrate With Teams, Outlook, and More
• 3:2 : UK Visa Application Service Left More Than 100,000 Identity Documents Accessible Online
• 2:4 : ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)
• 1:5 : IT Security News Hourly Summary 2026-06-04 03h : 1 posts
• 0:32 : DentaQuest – 2,553,599 breached accounts
• 23:4 : Commvault says it’s time to rethink resiliency as AI crooks leave victims in a ‘dark, dead’ state
• 22:34 : CISA and Partners Warns of Cyberattacks Targeting U.S.-based Automatic Tank Gauge Systems
• 22:34 : Hackers Use Fake Purchase Orders to Deploy JS.MonoGlyphRAT Targeting US Enterprises
• 22:34 : The Gentlemen Ransomware Group Uses Fortinet Exploits, AI, and Custom C2 Frameworks
• 22:34 : HazyBeacon Camapign Weaponizes Amazon Web Services for Stealthy Communications
• 22:34 : New Google Gemini Vulnerability Exploited via Prompt Injections from WhatsApp, Slack, and SMS
• 22:5 : CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited
• 22:5 : Microsoft Tests Wearable AI Badge for Office Workers
• 22:5 : Apple’s 2026 Security Events: iPhone Exploits, Zero-Days Put Millions at Risk
• 22:5 : IT Security News Hourly Summary 2026-06-04 00h : 3 posts
• 21:55 : IT Security News Daily Summary 2026-06-03