IT Security News Daily Summary 2026-06-29

136 posts were published in the last hour

• 21:31 : 212 New Venezuela Earthquake Domains Prompt Donation Scam Warnings
• 21:3 : TONResolver RAT Abuses TON Blockchain to Target Japan’s Hotel Industry
• 21:3 : Update Chrome Now: Google Fixes 18 Security Flaws, Including Critical Bugs
• 21:3 : North Korea-Linked macOS Malware Uses Prompt Injection to Evade AI Analysis
• 21:2 : AI-Driven Identity Attacks Are Surging, PwC Warns
• 21:2 : KDDI Data Breach May Expose 14.2 Million Email Accounts
• 21:2 : CISA Adds One Known Exploited Vulnerability to Catalog
• 20:34 : Anonymous researcher drops 0-day ‘exploitarium’ repo
• 20:8 : What the June 2026 Threat Technique Catalog update means for your AWS environment
• 19:34 : 8 key aspects of a mobile device security audit program
• 19:34 : Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input
• 19:5 : IT Security News Hourly Summary 2026-06-29 21h : 1 posts
• 18:31 : Why mobile security audits are important in the enterprise
• 18:3 : U.S. Seizes Hundreds Domains Used to Stream World Cup Matches Illegally
• 18:2 : New Claude Code Attack Allows Attackers to Take Full Control of Developers’ Systems
• 18:2 : EvilTokens Phishing Breaches Finance Firms Using “Ghost” Code Across U.S. and European Businesses
• 18:2 : WhatsApp Launches New Username Feature to Communicate Without Exposing Phone Numbers
• 17:8 : Critical Gemini CLI Vulnerability Lets Attackers Execute Arbitrary Code
• 17:8 : Microsoft 365 Apps RCE Vulnerability Exploited Using a Malicious Excel File
• 17:7 : Critical Dell Wyse Vulnerabilities Enable Remote Code Execution Attacks
• 17:7 : Hackers Exploiting Critical Oracle E-Business Suite Vulnerability Actively in Attacks
• 17:7 : Public PoC Released for Deserialization RCE Vulnerability in Splunk Secure Gateway
• 17:6 : FCRF Launches India’s Largest Cybercrime Hackathon for 2026
• 17:6 : Chromium extension uses AI‑related branding to redirect browser search
• 16:33 : In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights
• 16:32 : Factoring RSA Keys with Many Zeros
• 16:32 : JSP webshells being dropped on unpatched PTC Windchill instances
• 16:32 : Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks
• 16:31 : WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private
• 16:5 : IT Security News Hourly Summary 2026-06-29 18h : 16 posts
• 16:2 : WhatsApp Rolling Out Username Feature to Bolster Phone Number Privacy
• 16:2 : Iran-Linked Cyberattacks Against Israel Triple as Critical Infrastructure Faces Rising Threats
• 16:2 : China’s New AI Model Challenges U.S. Cybersecurity Leaders
• 16:2 : Insurance body confirms hackers posted Oracle PeopleSoft breach data
• 15:34 : Amazon Kindle E-Reader: Worth It, and How to Afford More Books?
• 15:34 : Hackers Could Abuse WM_COPYDATA Callback Path to Execute Code Through Win32k Dispatch
• 15:34 : ClawHub Skills Expose AI Agents to Remote Control Backdoors and Data Theft Attacks
• 15:34 : Russia-Linked Turla Uses Compromised Infrastructure to Deploy STOCKSTAY in Ukraine Operations
• 15:33 : OpenAI voluntarily limits new AI models at government’s request
• 15:7 : Beyond the perimeter: The shift to data-centric protection
• 15:7 : DOJ Seizes 400 Illegal FIFA World Cup Streaming Domains
• 15:7 : 119 Edge extensions promised useful tools, instead downloaded malware
• 15:7 : This pay gap is programmed (Lock and Code S07E13)
• 15:7 : Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines
• 15:7 : ⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More
• 15:6 : OpenAI Reveals GPT-5.6 Sol Cybersecurity Model, Restricts Early Access
• 14:34 : From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
• 14:34 : Straiker Raises $64 Million for AI Security Platform
• 14:34 : New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines
• 14:34 : Telegram-Based Millenium RAT Campaign Infects 60,000 Devices
• 14:34 : Cyber Briefing: 2026.06.29
• 14:5 : AI may be good at finding security vulnerabilities, but it can’t beat human stupidity
• 14:5 : Insurance Regulators Group NAIC Hit in Oracle PeopleSoft Hack
• 13:33 : Cybersecurity Firm Cyberbit Shuts Down Israel Operations
• 13:33 : PrivacyHawk Enterprise helps organizations find shadow IT and minimize third-party cyber risk
• 13:32 : 236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers
• 13:32 : Netflix Requires Unique Email Addresses for Each Profile, Adding Login Steps to Shared Accounts
• 13:7 : AI Is Changing Cyber Careers. NICE 2026 Showed What Students Need Next
• 13:7 : Hackers Use Rokarolla Banking Trojan to Intercept SMS Codes and Steal Crypto Credentials
• 13:7 : UNC1151 Ghostwriter Hackers Target Belarusian Politician in Gmail Phishing Campaign
• 13:7 : Millenium RAT Rewritten in C++ Infects 62,000+ Devices Across 160 Countries
• 13:7 : DCloud Uni-App Scam Network Powers RainbowEx-Style Crypto Fraud and WhatsApp Phishing
• 13:7 : LLM-Generated Mythic Agents Enable Disposable Red-Team Tooling From Prompt to Deployment
• 13:6 : Microsoft keeps Windows Server 2022 hotpatching alive into 2027
• 13:5 : IT Security News Hourly Summary 2026-06-29 15h : 4 posts
• 12:32 : Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th)
• 12:32 : Splunk Secure Gateway RCE Vulnerability Lets Low-Privileged Attackers Execute Arbitrary Code
• 12:31 : StegoAd: How 119 Fake Browser Extensions Stole Credentials and Ran Ad Fraud for Two Years
• 12:31 : CISA Warns Attackers Are Targeting Critical Internal Business Platforms
• 12:3 : STOCKSTAY Malware Uses WebSocket C2, RSA Encryption, and Environmental Keying for Stealth
• 12:2 : Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse
• 12:2 : Why Post-Quantum Cryptography Starts With Credentials
• 12:2 : US Offers $10M Bounty for Russian State Hackers
• 12:2 : Malaysia considers National Internet Registry
• 11:32 : Nissan says Oracle PeopleSoft break-in may have spilled payroll records, SSNs
• 11:32 : ‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access
• 11:32 : The Gentlemen RaaS group uses custom backdoors
• 11:31 : Coinbase Base blockchain suffers 2-hour outage
• 11:31 : BT and Verizon merge international operations
• 11:2 : The Human Skills Challenge: Head-to-Head
• 11:2 : ClawHavoc Attack Hits ClawHub With 1,184 Malicious Skills and 247,000 Installations
• 11:2 : Critical Hoppscotch Vulnerability Lets Attackers Overwrite JWT_SECRET and Forge Admin Tokens
• 11:2 : Robot Police Officers
• 11:2 : Mozilla warns of indirect prompt injection risk in AI coding agents
• 10:31 : Top Google Security Staff Warn Search Data Could Be Hacked if EU Rules Change
• 10:31 : OpenAI and Anthropic Limit New AI Models to Trump-Approved Customers During Cybersecurity Review
• 10:7 : Bluekit Phishing Kit Uses Browser-in-the-Middle Attacks to Evade Detection
• 10:7 : The Gentlemen are knocking: сustom backdoors and evolving tactics
• 10:7 : US Federal Insurance Regulator Confirms Data Breach Via Oracle Flaw
• 10:5 : IT Security News Hourly Summary 2026-06-29 12h : 11 posts
• 9:46 : Critical Dell Wyse Management Suite Vulnerabilities Let Attackers Execute Remote Code
• 9:45 : New Windows Injection Technique Hijacks Win32k Callback Dispatch to Execute Shellcode
• 9:44 : Langflow RCE Vulnerability Exploited to Deploy Monero Cryptominer on Exposed AI Servers
• 9:42 : SSU and FBI Uncover Russian Cyber Espionage Operation Against Officials and Military Personnel
• 9:40 : US Offers $10 Million Bounty for Russian State Hackers as Messaging App Attacks Evolve
• 9:39 : GPT-5.6 gets better at cybersecurity
• 9:37 : Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts
• 9:36 : Russian Hackers Accused of Destructive Cyber-Attack on Jaguar Land Rover
• 9:35 : From mythos to reality: Why the 2026 state of pentesting report proves the need for programmatic defenses
• 9:7 : AI-Generated Mythic Agents Challenge Static Signatures and Traditional Implant Detection
• 9:7 : FBI and CISA Warn Russian Hackers Stealing Verification Codes and Account PINs From Signal Users
• 8:33 : FBI Sounds Alarm Over Russian Intelligence Signal Phishing
• 8:6 : Apple Cancels High-End M6 Chips Amid Industry Turmoil
• 8:6 : Microsoft 365 Apps RCE Vulnerability Lets Attackers Execute Code via Malicious Excel Files
• 8:5 : Critical Google Gemini CLI Flaw Lets Attackers Execute Code on Headless CI Platforms
• 8:5 : OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI
• 8:4 : Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw
• 7:34 : Ghostwriter Hackers Use Real-Time WebSocket Relay to Bypass SMS and OTP MFA
• 7:34 : A week in security (June 22 – June 28)
• 7:33 : CISA’s Cisco deadline, China’s Mythos competitor, Amazon Q flaw
• 7:7 : China-Produced AI Chips Dominate Domestic Market
• 7:5 : DOJ Seizes Nearly 400 Domains Used for Illegal World Cup Streaming and Malware Threats
• 7:5 : IT Security News Hourly Summary 2026-06-29 09h : 7 posts
• 6:34 : Family Sues Tesla Over Fatal Texas Crash
• 6:34 : Millenium RAT Uses Base64 and XOR Configuration to Hide Telegram C2 Settings
• 6:34 : Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
• 6:6 : Apple Hikes Laptop, Tablet Prices Nearly 20 Percent
• 6:6 : China’s Zhipu AI Model GLM-5.2 Detects Software Vulnerabilities Like Claude Mythos
• 6:6 : DCloud Uni-App Framework Powers 236,000+ Scam Domains Across Global Fraud Economy
• 6:6 : DarkMoon: Open-source AI pentesting platform
• 5:34 : Rokarolla Uses Fake Google Play Protect App to Target Banking and Cryptocurrency Users
• 5:34 : OpenAI Launches GPT-5.6 Sol AI Model With Advanced Cyber Capabilities And Layered Safeguards
• 5:34 : China’s New Zhipu AI Reportedly Matches Claude Mythos in Vulnerability Detection
• 5:33 : Sycophantic chatbots and the harms that build over many chats
• 5:4 : Companies keep bolting AI onto their products, and the security bill is coming due
• 4:34 : Most teams accept higher risk for faster AI database work
• 4:5 : IT Security News Hourly Summary 2026-06-29 06h : 2 posts
• 4:2 : OpenAI Released GPT-5.6 Sol With Limited Access and Strong Cyberattack Protections
• 4:2 : RedAmon AI Tool that Chains Reconnaissance, Exploitation, and Post-exploitation
• 2:34 : US Restricts Frontier AI models
• 2:4 : ISC Stormcast For Monday, June 29th, 2026 https://isc.sans.edu/podcastdetail/9986, (Mon, Jun 29th)
• 1:5 : IT Security News Hourly Summary 2026-06-29 03h : 1 posts
• 0:6 : Top Cyber Range Providers: A Comparison of 15 Leading Platforms
• 22:5 : IT Security News Hourly Summary 2026-06-29 00h : 2 posts
• 21:58 : IT Security News Weekly Summary 26
• 21:55 : IT Security News Daily Summary 2026-06-28