IT Security News Daily Summary 2026-06-18

155 posts were published in the last hour

• 21:34 : Stop Treating Your LLMs Like Web Servers
• 21:34 : How Biometrics Help Combat Human Trafficking at Major Events Like the FIFA World Cup and Super Bowl
• 21:34 : CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
• 20:8 : SearchLeak Flaw Exposed Sensitive Data in Microsoft 365 Copilot
• 19:34 : MacBook Neo vs Windows Laptops for Cybersecurity Tasks
• 19:33 : Accelerate security investigations with Kiro CLI
• 19:9 : Operation Endgame Disrupts SocGholish Malware Infrastructure
• 19:9 : AI Is Finding Bugs Faster Than Enterprises Can Patch — Here’s What Data Security Teams Should Do
• 19:9 : Tor-Based Clipper Malware Targets Wallet Seed Phrases
• 19:9 : F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
• 19:5 : IT Security News Hourly Summary 2026-06-18 21h : 11 posts
• 18:7 : Close Encounters of the Human Kind
• 18:7 : DNS Is Your Most Critical — and Most Misconfigured — Security Control
• 18:7 : Top Java Security Vulnerabilities and How to Prevent Them in Modern Java
• 18:7 : ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
• 18:7 : Are Job Search Platforms Putting Your Data at Risk?
• 18:7 : Operation Endgame Disrupts SocGholish Malware Network Tied to Ransomware Attacks
• 18:7 : CISA Adds One Known Exploited Vulnerability to Catalog
• 18:7 : Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
• 18:7 : Hackers Breached Klue Integration to Steal Salesforce CRM Data via OAuth Tokens
• 18:6 : New iPhone BootROM Vulnerability Exposes Apple SoCs to Full Chain-of-Trust Compromise
• 18:6 : New Forrester study shows customers who unified with Microsoft Security benefited from 124% ROI
• 17:34 : Wordfence Intelligence Weekly WordPress Vulnerability Report (June 8, 2026 to June 14, 2026)
• 17:34 : UK Orders Google To Improve Search Transparency
• 17:34 : Texas government data breach allowed hackers to steal 3 million driver’s licenses and passports
• 17:34 : Majority of Internet-Accessible REDCap Servers Outdated
• 17:5 : Critical Unauthenticated Arbitrary File Deletion Vulnerability Patched in Avada Builder WordPress Plugin
• 17:5 : Rockwell Automation FactoryTalk Historian Site Edition
• 17:5 : Schneider Electric EasyLogic T150 and Saitel DP
• 17:5 : AzeoTech DAQFactory
• 17:4 : Mitsubishi Electric MELSEC iQ-F Series
• 17:4 : AVer PTC cameras
• 17:4 : Cisco fixed a critical ISE vulnerability that lets attackers to gain root access
• 17:4 : Spring 2026 SOC 1 and 2 reports are now available in OSCAL format
• 16:34 : Underground Forum Tutorial Reveals How Cybercriminal Communities Teach Vulnerability Exploitation and Profit-Making
• 16:9 : What Businesses Should Know Before Migrating Their CMS
• 16:9 : Hackers Abuse Claude.ai Shared Chat Feature to Host the ClickFix Social Engineering Instructions
• 16:9 : Hackers Abuse Legitimate RMM Tools to Maintain Persistent Access and Evade Detection
• 16:9 : Hackers Abuse Microsoft Fondue.exe to Side-Load APPWIZ.cpl and Execute Malware
• 16:9 : Hackers Can Leverage SQL Server 2025 AI Features to Exfiltrate Sensitive Data
• 16:9 : Multiple Vulnerabilities in Firefox 152 Enables Remote Code Execution Attacks
• 16:8 : Peter Todd Warns Zcash Privacy Tech Is Too Risky for Bitcoin Consensus Layer
• 16:8 : New Apple Ad Blocker Filtr Expands Protection Beyond Browsers on iPhone, iPad and Mac
• 16:5 : IT Security News Hourly Summary 2026-06-18 18h : 7 posts
• 15:31 : Google told researcher ‘Nice catch!’ Then denied bug bounty for flaw it still hasn’t fixed
• 15:7 : F5 Patches Critical NGINX Vulnerabilities Enabling Unauthenticated Code Execution
• 15:7 : INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023
• 15:7 : Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2
• 15:6 : ICO Cautions Healthcare Worker After Princess of Wales Incident
• 15:6 : Fake GitHub Stars and AI Videos Mask a Crypto Clipper
• 15:6 : Nation-state rivals linked to majority of consequential attacks targeting critical UK sites
• 14:34 : Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
• 14:34 : Cyber Briefing: 2026.06.18
• 14:9 : Meta Faces Privacy Questions After Secret Face Recognition Code Discovery
• 14:9 : DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic
• 13:34 : Evilginx AiTM Attack Captures Microsoft Credentials, MFA Tokens, and Authenticated Sessions
• 13:34 : Hackers Abuse PowerShell Commands to Deliver SmartRAT Through Brazilian Bank Phishing Page
• 13:34 : F5 Patches NGINX Vulnerability That Enables Code Execution and DoS Attacks
• 13:34 : Modern Data Protection Standards: How Organizations Are Strengthening Cybersecurity in 2026
• 13:34 : Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control
• 13:34 : Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push
• 13:7 : DragonForce Ransomware Abused Microsoft Teams to Hide Malware Activity
• 13:7 : F5 Patches NGINX Vulnerability Enabling Code Execution and DoS Attacks
• 13:7 : eSentire links AI-led penetration testing with MDR through Atlas Preempt
• 13:6 : Malware attacks strip Roblox developers of entire games
• 13:6 : Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network
• 13:5 : IT Security News Hourly Summary 2026-06-18 15h : 10 posts
• 12:32 : Privilege Escalation: The Step Between Foothold and Full Compromise
• 12:32 : What Successful Exposure Management Deployments Had in Common in 2026
• 12:32 : No Exploits Required
• 12:32 : 74,000 Fortinet firewall credentials exposed in FortiBleed data leak
• 12:32 : Cybercriminals Are Worried About AI Taking Their Jobs Too
• 12:32 : Critical Command Execution Flaw Patched in Cisco ISE
• 12:32 : Aztec suffers $2.1M exploit in second attack
• 12:32 : EU Develops Shield-6G Network Security
• 12:32 : South Korea arrests 23 in USDT laundering case
• 12:31 : Google launches Agentic Resource Discovery standard
• 12:4 : Dropping Elephant Hackers Use China-Themed Loader Chain to Deploy In-Memory RAT
• 12:4 : Retro gaming fans are the new target for fake GitHub malware
• 12:4 : Welcome to your new telco job – here’s sudo access to a database with full customer info stored in the clear
• 12:4 : Dream Raises $260 Million at $3 Billion Valuation
• 11:35 : AWS Launches Continuum to Detect and Fix Code Vulnerabilities at Machine Speed
• 11:35 : How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras
• 11:35 : Embedding Forbidden Text in Spyware to Discourage AI Analysis
• 11:35 : The Scripts on Your Checkout Page Are Now a PCI DSS Problem
• 11:35 : LATAM Infrastructure Hit by Fortinet and Ivanti Exploits
• 11:7 : Hackers Exploit WordPress SMTP Plugin With 100,000+ Installs to Steal Sensitive Data
• 11:7 : Windows 11 June Patch Triggers Microsoft Office Startup Issues
• 11:7 : Hackers Could Abuse SQL Server 2025 AI Features to Steal Sensitive Data
• 11:7 : FortiBleed Leak Exposes 73,000 Fortinet VPN Credentials
• 11:7 : Navigating the future: Schiphol Airport’s journey to shift-left platform engineering
• 11:7 : Hackers Actively Exploiting WordPress SMTP Plugin With 100,000+ Installs to Access Sensitive Data
• 11:7 : Microsoft Office Applications Might Fail to Open Following Windows 11 June Update
• 11:7 : Rust Clipboard Hijacker Uses Fake GitHub Stars and VirusTotal Upvotes to Steal Crypto
• 11:7 : Hackers Abuse PowerShell, VBScript, and BAT Files to Deliver Xctdoor Backdoor
• 11:6 : PoC Exploit Released for HTTP/2 Bomb Remote DoS Vulnerability in Apache HTTP Server
• 11:6 : Rokarolla Banking Trojan Targets 200 Applications
• 11:6 : Atlassian, Splunk Patch Critical Vulnerabilities
• 10:34 : Splunk AI Toolkit Vulnerability Allows Arbitrary OS Command Execution
• 10:34 : Critical Command Execution Vulnerability Patched in Cisco ISE
• 10:11 : Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model
• 10:11 : Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents
• 10:11 : Modified OpenSSH Binaries Let Velvet Ant Steal Passwords, Log Commands, and Hide Activity
• 10:11 : FortiBleed Exploit Campaign Hits 70,000+ Fortinet Firewalls Worldwide
• 10:11 : Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
• 10:11 : Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
• 10:11 : Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
• 10:11 : F5 Patches Critical, High-Severity NGINX Vulnerabilities
• 10:5 : IT Security News Hourly Summary 2026-06-18 12h : 6 posts
• 9:34 : Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads
• 9:34 : GentleKiller targets more than 400 security processes across 48 products
• 9:34 : Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
• 9:34 : Google to Use IP Addresses for Ad Personalization in UK and EU Starting August 3
• 9:6 : UK Orders Google To Increase Search Transparency
• 9:6 : SailPoint to Acquire Entro in Reported $200 Million Deal
• 8:34 : Key Meta Internal AI Exec To Leave Company
• 8:34 : Hackers Crack Corporate, Government VPNs In Major Incident
• 8:34 : Cybercrime Surges in APAC as Digitalization Takes Hold
• 8:4 : AI-Generated ClickFix Campaign Delivers SmartRAT Banking Trojan via Fake Brazilian Bank Website
• 8:4 : FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls
• 8:4 : Blue Planet helps service providers reduce risk with unified network change governance
• 8:4 : New 42Crunch plugin helps developers find and fix API vulnerabilities in GitHub Copilot
• 8:4 : Barracuda introduces AI-powered email security with automated threat response
• 7:34 : Former Shoe Maker Changes Name, CEO In AI Push
• 7:34 : French Spy Agency To Cut Ties With Palantir
• 7:34 : Kodak Admits Data Breach After ShinyHunters Hack Claims
• 7:34 : Anthropic tells G7 to cooperate, Fortinet VPN leak exposes credentials, Crypto Clipper abuses reviews
• 7:5 : IT Security News Hourly Summary 2026-06-18 09h : 9 posts
• 7:4 : CVE-2026-48907: How the Joomla JCE Exploit Works and What to Do About It
• 7:4 : Hackers Use Reporter Impersonation to Target C-Suite Executives in Social Engineering Attacks
• 6:34 : Alibaba Cloud Launches First French Region
• 6:34 : Malicious LNK Files Disguised as Job Resumes Target Corporate Employees
• 6:34 : Securing digital keys when your phone unlocks the car
• 6:7 : Councils Trial AI To Speed Up Planning Applications
• 6:7 : The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed
• 6:7 : How security teams are getting credential visibility into developer endpoints
• 6:7 : Google’s open standard for AI agents to discover and verify tools
• 5:34 : Hackers Use AI-Generated YouTube Narrators to Promote Crypto Clipper Malware
• 5:33 : What happens to oversight when AI agents write a lab’s own code
• 5:9 : CFGI – 248,235 breached accounts
• 5:9 : Microsoft Confirms Defender RoguePlanet 0-Day Exploit and Working to Release Patch
• 5:9 : Homebrew tightens tap security, begins work on its interface
• 5:8 : AWS Continuum brings AI models to code vulnerability management
• 4:34 : Most agentic AI projects in production have stalled over data problems
• 4:8 : From package to postinstall payload: Inside the Mastra npm supply chain compromise
• 4:5 : IT Security News Hourly Summary 2026-06-18 06h : 1 posts
• 3:31 : Protecting legacy OT systems against modern cyberthreats
• 2:33 : Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign
• 2:9 : The Behavior of Coordinated SSH Brute Force Attacks over the last three months [Guest Diary], (Wed, Jun 17th)
• 2:8 : ISC Stormcast For Thursday, June 18th, 2026 https://isc.sans.edu/podcastdetail/9978, (Thu, Jun 18th)
• 2:8 : Cyber offenses now account for around a third of all crime across Asia and South Pacific
• 1:6 : Crypto Clipper uses Tor and worm-like propagation for persistence and control
• 22:8 : Twistlock: Prisma Cloud Container Security Overview and Analysis for 2026
• 22:5 : IT Security News Hourly Summary 2026-06-18 00h : 3 posts
• 21:55 : IT Security News Daily Summary 2026-06-17