IT Security News Daily Summary 2026-06-11

165 posts were published in the last hour

• 21:7 : France’s Tchap Breach: 650,000 Messages, 73,000 Accounts Exposed
• 21:7 : CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways
• 21:7 : Microsoft Restricts Claude Fable 5 Access Amid AI Safety Review
• 21:6 : South Korea Drops a $409M Fine on Coupang in Historic Data Breach Ruling
• 21:6 : ShinyHunters hacked 100+ orgs by exploiting an Oracle PeopleSoft 0-day
• 21:6 : ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
• 20:32 : Oracle warns of security bug that hackers abused to breach 100+ companies
• 20:32 : SIG report: AI-generated code is linked to twice the security risk and rising technical debt
• 20:9 : Red Card: The 2026 FIFA World Cup Scam Landscape
• 20:9 : ShinyHunters Leak 40GB of University of Nottingham Student Data
• 20:9 : Grok Is Still Hosting Sexualized Deepfakes of Famous Women
• 19:32 : ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
• 19:32 : The prosecution gap: Why cybercrimes go unpunished
• 19:32 : How to build AI security guardrails without blocking innovation
• 19:5 : IT Security News Hourly Summary 2026-06-11 21h : 16 posts
• 19:2 : ShinyHunters claims it hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day
• 19:2 : Red Hat Investigates npm Package Compromise After Malware Found in Official Repository
• 18:34 : CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release
• 18:34 : Miasma worm spreads from Red Hat packages to Microsoft repositories
• 18:34 : BMW advances humanoid robotics in vehicle production, testing AI-powered automation designed to improve efficiency and factory flexibility
• 18:34 : New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
• 18:34 : New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
• 18:10 : A tale of two eras
• 18:10 : Hackers Abuse SniperDz PhaaS Ecosystem for Brand Impersonation and Browser Hijacking
• 18:10 : Critical Langflow Vulnerability Exploited to Execute Malicious Code
• 18:9 : GoFlateLoader Uses Massive PE Overlay to Deliver Lumma, Vidar, and StealC Infostealers
• 18:9 : OceanLotus APT Compromises FireAnt MetaKit in Supply-Chain Attack on Stock Investors
• 18:9 : CISA Requires Federal Agencies to Patch Critical Vulnerabilities Within 3 Days
• 18:9 : Microsoft’s worst ‘Nightmare’ unleashes BitLocker bypass 0-day
• 18:9 : Akira Gang Claims Ransomware Attack at Convention Center, Extorts $250 Million
• 18:9 : WordPress Malware Campaign Hides Payloads in Steam Profiles
• 17:32 : Wordfence Intelligence Weekly WordPress Vulnerability Report (June 1, 2026 to June 7, 2026)
• 17:5 : Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts
• 17:5 : Hackers Use BLUERABBIT Backdoor to Encrypt Files and Wipe Disks Across Windows Systems
• 17:5 : Hackers Use Weaponized DMG Files to Target macOS Users With Infostealer Malware
• 17:5 : CISA Warns of Check Point Security Gateway Vulnerability Actively Exploited in Ransomware Attacks
• 17:5 : Claude Mythos Turning N-Days Into N-Hours With Rapid Working Exploit Creation
• 17:5 : GitHub to Automate Disable npm Script Installs to Block Supply Chain Attacks
• 17:4 : Google can be liable for false AI Overviews, court rules
• 17:4 : The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
• 16:32 : Decade-Long SniperDz Phishing Network Disrupted in Operation Ramz
• 16:32 : Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts, Report Finds
• 16:32 : Brickcom Cameras
• 16:32 : Naxclow IoT Platform
• 16:32 : Yarbo Android/iOS Mobile Application and Cloud Infrastructure
• 16:32 : CISA orders federal agencies to “patch smarter”
• 16:5 : IT Security News Hourly Summary 2026-06-11 18h : 9 posts
• 16:5 : Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative
• 16:4 : 2.4M+ VRChat users’ data accessed following cloud breach
• 15:32 : Cybercriminals Abuse Chinese-Language Guarantee Marketplaces to Trade Stolen Credentials
• 15:32 : Hackers Abuse Residential Proxy Networks to Hide Malicious Activity and Evade Detection
• 15:32 : Enterprises report increasing budgets for security training in AI and other critical topics
• 15:9 : CISA Offers Vital Resources as Venues Prepare for Key 2026 Events
• 15:9 : Brazil Strengthens AI Election Rules Amid Growing Concerns Over Democratic Integrity
• 15:9 : Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes
• 15:9 : CISA Orders Agencies to Patch by Risk, Not Severity
• 14:32 : OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft
• 14:32 : Signal Users Targeted in Sophisticated Phishing Campaigns Aimed at Stealing Chat Backups
• 14:32 : Cyber Briefing: 2026.06.11
• 14:5 : Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface Management
• 14:5 : Ivanti Command Injection Vulnerability Exploited in Attacks Following PoC Release
• 14:5 : Alert Fatigue Is Becoming a Security Threat of Its Own
• 14:5 : Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks
• 14:5 : Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware
• 14:5 : ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Action Patch + 28 New Stories
• 14:4 : Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories
• 14:4 : Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
• 13:32 : Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware
• 13:32 : OceanLotus Targets Stock Investors in FireAnt MetaKit Supply-Chain Hack
• 13:32 : When Your AI Agent’s Memory Becomes a Security Liability
• 13:32 : South Korea hits Coupang with $400M+ fine for data breach that affected millions
• 13:32 : Threat Actors Weaponize AI Hype to Deliver AsyncRAT
• 13:32 : CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk
• 13:7 : LABScon25 Replay | Keynote: Steps to an Ecology of Cyber
• 13:7 : Breaking Free Of The Cyber Insurance Market’s Moment Of Frustration
• 13:6 : The Hidden Security Risks of Poor Software Testing
• 13:6 : GreatXML Zero-Day Enables BitLocker Bypass Through Windows Defender Offline Scan
• 13:6 : GoFlateLoader Hides Infostealers in Massive PE Overlay
• 13:5 : OnyxC2 Stealer Offers Cybercriminals Enterprise-Grade Theft for $250 a Month
• 13:5 : Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert
• 13:5 : Episource Cyberattack Affects 6.7M Individuals
• 13:5 : Check Point expands MSP platform with AI governance
• 13:5 : IT Security News Hourly Summary 2026-06-11 15h : 17 posts
• 13:5 : FBI Seizes 13 Domains in Chinese Intelligence Op
• 13:4 : AI Coding Adoption at 97% but Governance Lags
• 12:32 : Multiple Splunk Enterprise Vulnerabilities Allow Attackers to Execute Malicious Script
• 12:32 : Hackers Abuse VMware-Signed Binary to Sideload NIGHTFORGE Loader in Espionage Attacks
• 12:32 : GreatXML BitLocker Bypass 0-Day Exploited Via Windows Defender Offline Scan
• 12:32 : Oracle Emergency Security Update to Fix Critical RCE Vulnerability
• 12:32 : PoC Exploit Released for Guest-to-Host Escape Linux Kernel Vulnerability
• 12:32 : Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats
• 12:7 : GitHub Introduces Automatic Controls to Prevent Malicious npm Install Scripts
• 12:7 : Hackers Exploit SniperDz PhaaS for Brand Spoofing and Browser Hijacking
• 12:7 : Attackers Exploit Critical Langflow Flaw for Remote Code Execution
• 12:7 : Claude Fable 5 vs Mythos: Which AI Model Better Cybersecurity Teams?
• 12:7 : Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps
• 12:6 : Data of 2.4 million VRChat users stolen
• 12:6 : Siemens Says Desigo CC Files Flagged as Malware by Security Engines
• 12:6 : Hackers Exploit Langflow Vulnerability for Remote Code Execution
• 12:6 : AI Broke Vulnerability Management. That’s Why CISOs Are Moving Budget to BAS.
• 11:32 : Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research
• 11:32 : Enhanced License Plate Tracking
• 11:32 : Children’s phones must block nude images by September, UK says
• 11:32 : FBI Seizes 13 Websites That Officials Say Were Used by China to Target and Recruit US Workers
• 11:32 : Interpol Dismantles SniperDz Phishing-as-a-Service Platform
• 11:3 : Weaponized DMG Files Deliver macOS Infostealer Malware
• 11:3 : May 2026 Cyber Attacks Statistics
• 11:3 : Hackers Abuse AWS CloudTrail and Google Cloud Logging to Evade Detection and Exfiltrate Logs
• 11:3 : Splunk, Palo Alto Networks Patch Severe Vulnerabilities
• 11:3 : FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort
• 10:32 : Trust No Skill: Integrity Verification for AI Agent Supply Chains
• 10:32 : BLUERABBIT Backdoor Encrypts Files, Wipes Windows Systems
• 10:32 : Fortinet patched a new critical FortiSandbox flaw
• 10:32 : OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
• 10:31 : Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
• 10:5 : IT Security News Hourly Summary 2026-06-11 12h : 8 posts
• 10:2 : Canada Proposes Social Media Ban For Under 16s
• 10:2 : Judge Denies New Trial For Meta, Google After California Decision
• 10:2 : Hackers Use Residential Proxies Networks to Evade Detection
• 10:2 : ‘GreatXML’ Zero-Day Exploit Bypasses BitLocker
• 9:32 : Microsoft Exchange Server 0-Day Vulnerability Exploited in Attacks Using Weaponized Email
• 9:32 : China-Linked JDY Botnet Uses 1,500+ SOHO and IoT Devices for Rapid Vulnerability Exploitation
• 9:32 : 9 out of 10 people can no longer distinguish real from AI-generated content
• 9:31 : New “Agentjacking” Attacks Could Hijack AI Coding Agents
• 9:2 : China Warns Of Malicious AI Agent Extensions
• 9:2 : Researchers Uncover BTMOB Malware Capable of Taking Over Android Phones
• 9:2 : Check Point expands MSP platform with with AI governance and unified security bundles
• 8:34 : Met Police Warns Of Cuts After Mayor Blocks £50m Palantir Deal
• 8:34 : Kainos To Hire Hundreds In Northern Ireland
• 8:34 : Amazon Opening Pair Of Warehouses In Northamptonshire
• 8:34 : JDY Botnet Evolves After KV Takedown, Targets Military Networks
• 8:34 : University of Nottingham Confirms Breach After Hackers Leak Data
• 8:34 : IDnow launches Trust Platform to help regulated firms move from KYC to continuous trust
• 7:34 : APT28, an evolution of tradecraft
• 7:34 : Cybercriminals Exploit Chinese Guarantee Markets to Sell Stolen Credentials
• 7:34 : Big Patch Tuesday, ‘Nightmare Eclipse’ drops Windows 0-day, Claude Fable restricted at Microsoft
• 7:20 : Cyber-Attack Disrupts Exams At Bucks School
• 7:20 : Hackers Abuse VMware-Signed Binary to Deploy NIGHTFORGE Loader
• 7:20 : Every employee’s password was stored in a single Excel file
• 7:20 : Microsoft Patches Exploited Exchange Server Vulnerability
• 7:20 : GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
• 7:5 : IT Security News Hourly Summary 2026-06-11 09h : 4 posts
• 6:34 : China-Linked JDY Botnet Hijacks 1,500+ IoT Devices for Rapid Exploits
• 6:34 : GitLab Patches Multiple Vulnerabilities Allowing Account Takeover
• 6:34 : Hackers Exploit AWS CloudTrail and Google Cloud Logging to Hide Attacks and Steal Logs
• 6:34 : Threat actors are recruiting the people who hold cloud logins
• 6:4 : PoC Exploit Released for Linux Kernel Guest-to-Host Escape Vulnerability
• 6:4 : Making the cloud prove it followed your privacy wishes
• 5:32 : Ivanti Command Injection Flaw Exploited After PoC Code Release
• 5:32 : Prompt injection still drives most agentic AI security failures in production
• 5:4 : Anthropic’s Claude Fable 5 AI Model Jailbroken for Stack Exploit Creation
• 5:4 : Ivanti Endpoint Manager Mobile Vulnerability Enables Remote Code Execution Attacks
• 5:4 : X Square Robot open sources its robot-free data collection framework
• 4:34 : SMB cyber-readiness: What makes or breaks it
• 4:34 : Organizations can’t see much of their mobile AI activity
• 4:5 : IT Security News Hourly Summary 2026-06-11 06h : 1 posts
• 4:4 : Anthropic’s Claude Fable 5 Jailbroken to Generate Stack Exploits
• 2:32 : ISC Stormcast For Thursday, June 11th, 2026 https://isc.sans.edu/podcastdetail/9968, (Thu, Jun 11th)
• 1:5 : IT Security News Hourly Summary 2026-06-11 03h : 1 posts
• 1:4 : GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026
• 0:4 : Chinese agents caught rebuilding botnets and stirring the pot on AI datacenter debate
• 23:34 : University of Nottingham – 454,635 breached accounts
• 22:8 : Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations
• 22:5 : IT Security News Hourly Summary 2026-06-11 00h : 1 posts
• 21:55 : IT Security News Daily Summary 2026-06-10