OpenClaw’s agentic marketplace, ClawHub, was designed to accelerate AI-driven workflows by letting third-party “skills” extend an AI agent’s capabilities. Those skills are markdown-driven packages with broad local access, and that design choice made ClawHub a critical and sensitive link in…
Cisco Catalyst SD-WAN Manager Zero-Day Exploited to Gain Root Access via Malicious CSV Upload
Cisco Catalyst SD-WAN Manager instances are currently being targeted in a zero-day exploitation campaign that allows attackers to escalate their privileges to root through a malicious CSV upload mechanism. Mandiant reported this information on June 24, 2026. The vulnerability, identified…
Scoring AI hackers when there is no answer key
AI models are solving more and more of the offensive-cyber tests built to measure them. Once a model solves most of a benchmark, that benchmark runs out of room and says little about the best systems anymore. Many of those…
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant. The vulnerability, tracked as CVE-2026-20245 (CVSS…
Europol Disrupts Cybercrime-as-a-Service Networks Used for Ransomware and Financial Fraud
Europol, in collaboration with global law enforcement agencies and private sector partners, has successfully disrupted a significant cybercrime-as-a-service (CaaS) infrastructure used for ransomware deployment and financial fraud. This effort, part of Operation Endgame, was announced on June 24, 2026, and…
StrikeShark Campaign Uses New SharkLoader Malware to Deploy Cobalt Strike Beacon
During a recent investigation into activity affecting a diplomatic mission in Indonesia, researchers uncovered a previously undocumented loader family they named SharkLoader. What began as an isolated incident rapidly expanded into a multi-country campaign tracked as StrikeShark where SharkLoader consistently…
Best practices for AI in open-source work
Free and open source software developers us AI coding assistants such as Claude Code, Copilot CLI, Antigravity, and OpenCode in their daily work. The Software Freedom Conservancy responded to that trend with a set of recommendations for contributors who use…
Agentic Red-Team Tools Flaws Let Hackers Steal API Keys, Escape Sandboxes, and Compromise Hosts
Agentic red-team tools designed for autonomous offensive security operations are themselves vulnerable, allowing attackers to steal API keys, weaponize the agents, escape sandboxes, and fully compromise the hosts that run them. A new academic study by Arxiv presents the first…
Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’
To defuse another attack, Oz spies called foreign counterparts to tell them an op was a bust This article has been indexed from www.theregister.com – Articles Read the original article: Nation-state actors cracked critical Australian infrastructure to ‘cripple it at…
Ubiquiti UniFi OS Flaw Under Active Exploitation CISA Alerts Users
A new focus on network infrastructure devices has been drawn after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) flagged several security vulnerabilities in Ubiquiti’s UniFi OS platform. Following evidence of active exploitation, the KEV catalog was updated to…
Most teams will ship AI-written infrastructure code with little review
AI-assisted development has settled into everyday practice across software organizations, and developers using it move from idea to working code in hours. That code does not stay with the developers who prompt it. It flows downstream to the DevOps and…
What your next cyber insurance renewal will demand
In this Help Net Security video, Michael Loewy, co-founder, Tide Foundation, explains how cyber insurance is rewriting security programs at renewal time. Insurers want more questionnaires, more evidence, and more attestations, because the market is moving from trusting your answers…
IT Security News Hourly Summary 2026-06-25 06h : 2 posts
2 posts were published in the last hour 4:4 : Chrome 149 Security Update — Patch for Critical Flaws that Enable Code Execution Attacks 3:33 : Cyber Briefing: 2026.06.24
Chrome 149 Security Update — Patch for Critical Flaws that Enable Code Execution Attacks
Google has released a critical security update for its Chrome browser, pushing the Stable channel to version 149.0.7827.196/197 for Windows and Mac, and 149.0.7827.196 for Linux. The update addresses 18 security vulnerabilities, including four rated Critical and fourteen rated High…
Cyber Briefing: 2026.06.24
A £39 million hit to London’s transit network: inside the Scattered Spider trial, a massive utility breach, and the rise of weaponized AI marketplace skills. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.06.24
Anthropic Accuses Alibaba of ‘Illicitly’ Accessing Its Claude AI Models in Largest Known Distillation Attack
Anthropic has formally accused Chinese tech and e-commerce giant Alibaba of orchestrating a massive, unauthorized extraction campaign targeting its Claude AI model, marking what the company describes as the largest known distillation attack in its history. In a letter dated…
ESET takes part in Operation Endgame to disrupt Amadey and Stealc
ESET researchers assisted in the global disruption of the Amadey botnet and Stealc infostealer, providing technical analysis, infrastructure tracking, and affiliate-level insights This article has been indexed from WeLiveSecurity Read the original article: ESET takes part in Operation Endgame to…
CVE-2025-54068 Laravel Livewire Credential Theft Campaign: 6,000+ Applications Compromised
Introduction On May 24, 2026, Imperva observed exploitation attempts against Laravel Livewire applications, blocked by the Imperva Cloud WAF. What initially appeared to be unremarkable deserialization attack traffic turned out to be part of a large-scale credential theft operation exploiting…
IT Security News Hourly Summary 2026-06-25 03h : 1 posts
1 posts were published in the last hour 1:4 : What do Ports Hear When Nobody’s Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
What do Ports Hear When Nobody’s Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
[This is a Guest Diary by Nicole Phillips, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: What do Ports Hear When Nobody’s…
The hits keep on coming for Cisco vulnerabilities
CVE-2026-20230 under exploitation, while an earlier SD-WAN 0-day looks even worse than we thought This article has been indexed from www.theregister.com – Articles Read the original article: The hits keep on coming for Cisco vulnerabilities
LastPass Confirms Vendor Breach Exposed Customer Contact, Support Data
LastPass said customer contact and support data were exposed after attackers used stolen Klue OAuth tokens to access its Salesforce environment and CRM records. The post LastPass Confirms Vendor Breach Exposed Customer Contact, Support Data appeared first on TechRepublic. This…
Apple’s £3B iCloud Lawsuit Could Affect 40M UK Users
Apple lost a bid to narrow a UK iCloud lawsuit from Which?, keeping a £3 billion competition claim on track for an October 2028 trial. The post Apple’s £3B iCloud Lawsuit Could Affect 40M UK Users appeared first on TechRepublic.…
Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People
Xsolis confirmed a healthcare data breach affecting nearly 1.4 million people after a phishing attack exposed health and identity data. The post Healthcare Vendor Xsolis Reports Breach Affecting 1.4M People appeared first on TechRepublic. This article has been indexed from…