Two concurrent espionage campaigns by Mustang Panda targeting Indian government and energy-sector organisations, deploying a novel malware suite that includes SHARDLOADER, MINIRECON and ZOHOMURK. The intrusions, observed in June 2026, focused on hydropower entities and government offices engaged in MOUs…
Microsoft builds a bouncer to keep bots out of Teams meetings
Allows ISVs to put their names on the door so desirable bots always get in This article has been indexed from www.theregister.com – Articles Read the original article: Microsoft builds a bouncer to keep bots out of Teams meetings
AirDrop and Quick Share vulnerabilities affect protocols on five billion devices as fixes begin
Phones and laptops ship with a feature that sends files to nearby devices over the air, with no cables, accounts, or prior pairing. Apple calls its version AirDrop. Google and Samsung call theirs Quick Share. Both run inside privileged background…
Ford Rehires Humans To Fix AI Quality Failures
Ford Motor says it brought back more than 300 expert engineers to oversee quality control, after disappointment with automated systems This article has been indexed from Silicon UK Read the original article: Ford Rehires Humans To Fix AI Quality Failures
Malicious Chromium Extension Spoofs Perplexity AI to Hijack Browser Searches
A malicious Chromium extension that impersonated the Perplexity AI brand to intercept browser searches and capture keystrokes before delivering users to legitimate search results. The extension, listed as “Search for perplexity ai” (ID flkebkiofojicogddingbdmcmkpbplcd, version 2.2), used Manifest V3 capabilities,…
How to Become a SOC Analyst With No Experience (Step-by-Step 2026)
By HOC Team | Last updated: June 2026 | Read time: ~15 min The SOC Analyst role is… The post How to Become a SOC Analyst With No Experience (Step-by-Step 2026) appeared first on Hackers Online Club. This article has…
Product showcase: Scam calls, phishing, and data breaches? Meet AVG Mobile Security
AVG Mobile Security for iOS helps protect users against online threats with features including Web Guard, VPN, Scam Guardian Pro, Hack Alerts, and Photo Vault. It also identifies suspicious calls and scam text messages and helps keep personal information private…
New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking
CISA has published an advisory to inform organizations about three vulnerabilities found by a researcher in Daktronics controllers. The post New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking appeared first on SecurityWeek. This article has been indexed…
Hottest cybersecurity open-source tools of the month: June 2026
Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory AI…
Vulnerability reports are arriving faster than GitHub can review them
Across the open source world, people are reporting software flaws in record numbers, and the systems built to verify those reports are straining under the weight. The GitHub Advisory Database, which feeds automated security alerts to millions of projects, has…
Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild
A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), refers to an improper privilege management and authentication flaw in Oracle Payments…
Mistic Malware Blends Into Microsoft Endpoint Components Using Malicious EndpointDlp.dll
A newly identified Windows backdoor, dubbed Mistic, that has been observed in intrusions since April 2026 and appears designed for stealthy, long-term access. The malware uses DLL sideloading, in-memory execution, and self-deletion to blend into enterprise environments and minimize forensic…
Nissan Confirms Data Breach Following Oracle PeopleSoft 0-Day Attacks
Nissan Americas has officially confirmed a data breach affecting current and former employees across four countries after threat actors exploited a critical zero-day vulnerability in Oracle PeopleSoft software, a campaign attributed to the ShinyHunters extortion group. The attack stems from…
Half the defense base still builds security around compliance
CMMC requirements are appearing in defense contracts and moving down through supplier networks to thousands of companies new to this kind of compliance work. Many run on limited budgets with lean security teams. The picture comes from nearly 900 defense…
WSL containers now build and run Linux workloads on Windows
Containers power a large share of cloud-native applications, AI workloads, and testing and deployment pipelines. Developers working on Windows have long pulled in third-party software to build and run them. That step becomes optional with WSL containers, a feature that…
Cybersecurity jobs available right now: June 30, 2026
AI Offensive Security Engineer AGAPI | UAE | On-site – View job details As an AI Offensive Security Engineer, you will leverage AI and LLMs to accelerate offensive security research, exploit development, vulnerability discovery, and security automation. You will validate…
ISC Stormcast For Tuesday, June 30th, 2026 https://isc.sans.edu/podcastdetail/9988, (Tue, Jun 30th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, June 30th, 2026…
India’s central bank mandated use of .bank domains to enhance trust – but its registry leaked sensitive info
Open API leaked everything an attacker needs to impersonate bank officials This article has been indexed from www.theregister.com – Articles Read the original article: India’s central bank mandated use of .bank domains to enhance trust – but its registry leaked…
Inside the inbox: Why cybercriminals want to break into your email account
Your inbox is an identity system all of its own: whoever owns it may own a lot more This article has been indexed from WeLiveSecurity Read the original article: Inside the inbox: Why cybercriminals want to break into your email…
IT Security News Hourly Summary 2026-06-30 03h : 2 posts
2 posts were published in the last hour 0:6 : BioShocking AI: AI Browser Vulnerability Lets Attackers Bypass Guardrails 0:6 : Security researchers tricked LLMs into giving them cocaine recipes by abusing role models for prompt injection
BioShocking AI: AI Browser Vulnerability Lets Attackers Bypass Guardrails
LayerX researchers discovered a technique that tricks AI browsers into bypassing security guardrails. The post BioShocking AI: AI Browser Vulnerability Lets Attackers Bypass Guardrails appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Security researchers tricked LLMs into giving them cocaine recipes by abusing role models for prompt injection
If you want a picture of the future of LLM security, imagine Whac-a-Mole meets Groundhog Day This article has been indexed from www.theregister.com – Articles Read the original article: Security researchers tricked LLMs into giving them cocaine recipes by abusing…
WhatsApp Usernames Are Coming. You Can Reserve Yours Right Now
WhatsApp will introduce usernames later this year, letting its 3 billion users connect without sharing phone numbers. WhatsApp has over three billion users, and it’s finally letting them talk to each other without exchanging phone numbers. The company announced this…
U.S. Targets Russian Cyber Spies With $10M Bounty Over Messaging App Attacks
The U.S. offers up to $10M for information on Russian hackers targeting Signal and WhatsApp accounts of officials and journalists. The U.S. government is offering rewards of up to $10 million for information leading to the identification of members of…