IT Security News Daily Summary 2026-06-26

153 posts were published in the last hour

• 21:34 : Russian hackers were behind $2.5B hack of Jaguar Land Rover: Report
• 21:4 : The Chinese Control the Majority of Argentina’s Squid Fleet
• 20:7 : Threat Brief: Mitigating Large-Scale Credential Attacks
• 20:7 : Woodgnat Hackers Use Mistic RAT to Broker Access for Ransomware Gangs
• 20:7 : The New Insider Threat Isn’t Human: Securing AI Agents Before They Secure Themselves
• 20:7 : How to conduct a mobile app security audit
• 20:6 : SOC 2 Compliance Is Reshaping Enterprise Procurement
• 20:6 : FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
• 19:33 : How Dynamic Defense shuts an attacker out without shutting down the business
• 19:5 : IT Security News Hourly Summary 2026-06-26 21h : 10 posts
• 19:2 : New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
• 19:2 : New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
• 18:33 : Chinese APT CL-STA-1062 Expands Attacks on Southeast Asian Critical Infrastructure With Custom Malware
• 18:7 : Five Eyes Warns AI Could Speed Cyberattacks Within Months
• 18:7 : Microsoft Extends Windows 10 Security Updates to 2027
• 18:7 : New License Plate Reader Tech Could Track Phones, AirPods, and Smartwatches
• 18:6 : Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
• 18:6 : Chinese Development Framework Linked to Global Scam Infrastructure
• 18:6 : GEO Poisoning Can Manipulate AI-Generated Answers
• 18:5 : Russian hackers were behind $2.5 billion hack of Jaguar Land Rover: Report
• 17:34 : NO FAKES Act advances: What CISOs need to know
• 17:34 : Russian hackers were behind $2.5 billion hack of Jaguar Land Rover: report
• 17:34 : New Linux pedit COW Exploit Allows Attackers to Gain System Root Access
• 17:34 : Amazon Q Vulnerability Let Attackers Execute Code and Access Sensitive Cloud Environments
• 17:6 : The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials
• 17:6 : Meta Is Testing Facial Recognition for Police and Military
• 17:6 : Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
• 16:5 : IT Security News Hourly Summary 2026-06-26 18h : 18 posts
• 16:3 : Microsoft Defender vs Bitdefender: Compare Antivirus Software in 2026
• 16:3 : Massive Breaches, AI Risks, and Critical Vulnerabilities Define This Week in Cybersecurity in June 2026
• 16:3 : Norton vs McAfee: Compare Antivirus Software in 2026
• 16:3 : Comparing Antivirus Software 2026: Avast vs. AVG
• 16:3 : Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds
• 16:2 : Inside India’s AI Boom: Workers Training Robots to Replace Human Jobs
• 16:2 : AI Credential Security Emerges as Critical Risk in Modern Enterprise Infrastructure
• 15:32 : Gaslight macOS Malware Is a Warning Shot at the AI Security Stack
• 15:32 : More Klue Breach Victims Identified as Hackers Get Hacked
• 15:32 : Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories
• 15:32 : macOS ClickFix Campaign Pushes Infostealer
• 15:32 : Germany train outage halts Deutsche Bahn services
• 15:32 : Five Eyes Warns of AI-Powered Cyberattacks
• 15:32 : $586M FTC Western Union fraud settlement phase 3
• 15:32 : FCC requires emergency alert distributors to secure their systems
• 15:31 : Software, AI companies form alliance to tackle open-source security flaws
• 15:6 : Openclaw And The Agentic AI Inflection Point: From “Cool Demo” To Governed Infrastructure
• 15:6 : Two Clocks Are Running Out at Once, and Almost Nobody Is Watching Both
• 14:34 : In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs
• 14:34 : Cyber Briefing: 2026.06.26
• 14:7 : Tagged vs Untagged VLAN: When You Should Use Each in 2026
• 14:7 : 23 Top Open Source Penetration Testing Tools in 2026
• 14:6 : 8 Best Linux Distros for Forensics & Pentesting in 2026
• 14:6 : New GIFTEDCROOK Chain Abuses WinRAR ADS and Reflective Loading to Steal Browser Data
• 14:6 : Hackers Exploit Weak Credentials and Internet-Facing PLCs to Breach Water Utilities
• 14:6 : New Bluekit Phishing-as-a-Service Bypasses MFA to Steal Microsoft Login Credentials
• 13:34 : The Cloud Giants Are Architecting an Agentic Future They Can’t Run
• 13:34 : 90% of the World’s Businesses are SMEs and MSMEs and AI Is Reshaping Both Their Future and Their Risk
• 13:34 : From CI/CD to Cloud Data: How Shai Hulud Persistence Leads to Redshift Breach
• 13:34 : Malware steals Chrome session cookies to take over your accounts
• 13:34 : Poland arrests four suspects in international SIM-swapping operation linked to multimillion-dollar cryptocurrency thefts
• 13:34 : CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
• 13:34 : New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
• 13:5 : Reasonable Reliance: The Test Duty-Holders Are Quietly Being Held To
• 13:5 : macOS Flaw Allowed Standard Users to Disable CrowdStrike and Kandji Security Tools
• 13:5 : Water and Wastewater Systems Become Strategic Targets for Russia, China, and Iran
• 13:5 : Govern privileged workload boundaries with Red Hat OpenShift, Ansible Automation Platform, and Identity Management
• 13:5 : Nebulock Raises $25 Million for AI-Native Contextual Security
• 13:5 : The Growing Call for a CISO Code of Ethics
• 13:5 : IT Security News Hourly Summary 2026-06-26 15h : 9 posts
• 12:32 : Activist Phone Hacked With Cellebrite After Russia Contract Cancellation
• 12:32 : Static security has run out of road. The case for Dynamic Defense
• 12:32 : Nikkei Warns of Japan’s Ground Self-Defense Force Used USB Drives Infected with a China-linked Malware
• 12:32 : Hackers Leveraged Shopify Oder-Tracking App Shop to Push Fake Invoices
• 12:32 : Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
• 12:32 : Proof’s x401 establishes an open protocol for AI agent identity and authorization
• 12:32 : Guardian Agents: The Next Layer of Identity Governance
• 12:32 : New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets
• 12:32 : AWS unveils agent security, data access tools
• 12:4 : China-Linked Malware Found in Counterfeit USB Drives Used on Japan Defense Force Classified Networks
• 12:4 : Critical open-source projects get a new security framework
• 11:34 : FOSSBilling Flaw Lets Admin Attackers Abuse DI Container for SQL Access and RCE
• 11:34 : U.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog
• 11:34 : One Million Passports Leaked Online
• 11:34 : Critical python.org Vulnerability Allowed Attackers to Forge Admin-Level API Requests
• 11:34 : Linux Foundation Unveils New Open Source Security Project Akrites
• 11:34 : Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
• 11:8 : Synology issues critical fix for MailPlus Server vulnerabilities
• 10:34 : KuinaExtractor Uses Telegram Exfiltration, UAC Bypass, and Sandbox Detection for Stealth
• 10:34 : Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
• 10:34 : China-Linked Hackers Strike Asian Critical Infrastructure with TinyRCT Backdoor
• 10:10 : A decade of infrastructure development, one new name: Coinspaid Dev
• 10:10 : Scammers Abuse Shopify to Send Fake Invoices and Steal Credentials via Fake Support Calls
• 10:10 : Hackers Exploit WinRAR CVE-2025-8088 to Plant Startup Shortcut and Run PowerShell Loader
• 10:9 : $3 Million Reportedly Stolen in Polymarket Hack
• 10:9 : Ransomware gangs find Europe’s weakest link in third-party suppliers
• 10:5 : IT Security News Hourly Summary 2026-06-26 12h : 9 posts
• 9:34 : Russian Authorities Used Cellebrite UFED to Break Into Human Rights Activist’s iPhone
• 9:34 : Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft
• 9:34 : Minecraft Malware Loader Uses RSA-Signed Smart Contract Updates for Persistent C2
• 9:34 : Miasma Malware Uses binding.gyp and Bun to Execute Hidden Payloads in npm Packages
• 9:34 : CL-STA-1062 Hackers Use TinyRCT Backdoor to Target Southeast Asian Governments
• 9:34 : Mystery hackers use novel SharkLoader dropper against governments, software devs
• 9:34 : Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials
• 9:33 : Russia Used Cellebrite on Jailed Activist’s iPhone Months After Sales Cutoff
• 9:6 : Russian APT Deploys ‘StockStay’ Backdoor Against Ukrainian Targets
• 8:32 : macOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst
• 8:32 : American Tower – 216,601 breached accounts
• 8:32 : CISA Warns of Cisco Unified CM Vulnerability Exploited in Attacks
• 8:32 : First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild
• 8:32 : SIM-swapping gang busted in international police operation
• 8:31 : Google Details Turla’s New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
• 8:12 : WhatsApp Adds Security Warning Before Users Start Chat With Unknown Numbers
• 8:11 : KuinaExtractor Stealer Targets Browser Data, Crypto Wallets, Roblox, Steam, and Discord
• 8:10 : New Enterprise-Ready MCP Specification Brings New Security Challenges
• 8:9 : ZeroTier Quantum RC2 brings post-quantum security closer to general availability
• 8:9 : CMC Releases Analysis and Guidance for Education Sector After Canvas Data Breach
• 8:9 : ISA VDA 6.0.3 (part 3) — Information Security Sheet: Human Resources, Physical Security, Identity and Access Management
• 7:34 : How AI-powered cyberthreats are changing home security
• 7:34 : ThreatModeler introduces Nexus to automate threat modeling with AI governance
• 7:34 : ShinyHunters hits MSG, Cal Water confirms no damage, CISA SASE guide
• 7:7 : IBM Unveils 3D-Stacked .7nm Chip Design
• 7:7 : Zhipu’s GLM-5.2 Now World’s Third Most Widely Used AI Model
• 7:7 : ChatGPT 5.6 Release Reportedly Delayed Following Trump Administration Security Request
• 7:7 : Chinese-Speaking Hackers Deploy TinyRCT Backdoor Against Critical Energy Infrastructure
• 7:7 : Microsoft gives Windows 10 users an unexpected extra year of free security updates
• 7:5 : IT Security News Hourly Summary 2026-06-26 09h : 9 posts
• 6:35 : CISA Adds Actively Exploited Cisco Unified CM Flaws to KEV Catalog
• 6:34 : Windows Secure Boot Certificate Expiry Exposes Billions of PCs to Bootkit and Firmware Security Risks
• 6:34 : Security boss thought MFA would be too much security
• 6:34 : A privacy-first take on local malware analysis
• 6:7 : Bitcoin Sinks Below $60,000 Amid AI Focus
• 6:7 : Hackers Use Malicious Minecraft Fabric Mods to Deploy LoaderClient and WeedHack Stealer
• 6:7 : Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets
• 6:6 : Microsoft Extends Windows 10 Security Updates for Users Up to October 2027
• 6:6 : Two CEOs on why security and AI readiness belong together
• 5:32 : Philip Martin Joins Uber as Chief Information Security Officer
• 5:9 : Agentic AI Pentesting Platforms Comparison
• 5:9 : Top 20 Kali Linux Commands Every Hacker Must Know (2026)
• 5:9 : Modelplane: Open-source control plane for AI inference
• 5:9 : Healthcare leaders see a fatal cyber incident as inevitable
• 4:34 : New infosec products of the month: June 2026
• 4:5 : IT Security News Hourly Summary 2026-06-26 06h : 1 posts
• 3:6 : OpenAI Reportedly Delays ChatGPT 5.6 Release Following Trump Administration Request
• 2:5 : Chinese cybersecurity company claims it’s built a better-than-Mythos bug finder
• 1:33 : Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances
• 1:5 : IT Security News Hourly Summary 2026-06-26 03h : 1 posts
• 0:37 : Malware gaslights AI
• 23:44 : Kitana Shows How AI Is Reshaping Adversary-in-the-Middle Fraud
• 23:9 : Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
• 22:32 : CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure
• 22:31 : Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs
• 22:9 : CISA Adds Two Known Exploited Vulnerabilities to Catalog
• 22:5 : IT Security News Hourly Summary 2026-06-26 00h : 5 posts
• 21:55 : IT Security News Daily Summary 2026-06-25