Several Instagram users had their accounts hijacked after attackers tricked Meta’s AI-powered support tools into believing they were the rightful owners. Thank you for being a Ghacks reader. The post Instagram Accounts Hijacked by Tricking Meta AI Support Into Verifying…
Fake Purchase Orders Spread JS.MonoGlyphRAT in U.S. Enterprise Attacks
Hackers are using highly convincing fake purchase orders and sales documents to sneak a new JavaScript backdoor, JS.MonoGlyphRAT, into US enterprises, where it quietly establishes persistence and enables full remote control of infected systems. The malware arrives as a .js…
Laravel CRLF Injection Flaw Could Disrupt Outbound Email Handling
A high-severity vulnerability in the Laravel framework could allow attackers to manipulate outbound email processing, potentially leading to unauthorized message delivery, data exposure, or the abuse of mail relays. The issue, tracked as CVE-2026-48019, stems from improper neutralization of CRLF…
MazeBolt brings AI-generated attack simulation to DDoS security testing
MazeBolt has announced the launch of RADAR VectorAI, a new MazeBolt module that creates AI-generated DDoS attacks. As AI outpaces human response, enterprises need to have access to validated DDoS vulnerability data about both known and AI-generated attack vectors. Mythos…
Critical Start expands MDR capabilities with multi-agent AI system
Critical Start has released SOC AI, a production-proven multi-agent framework powering its AI-led Managed Detection and Response (MDR). SOC AI coordinates ten specialized agents across the full alert investigation and response lifecycle, covering detection, triage, response, threat hunting, and continuous…
Infosecurity Europe: AI-Powered Cybercrime Tools Surge on Dark Web
Halcyon’s Cynthia Kaiser lifts the lid on the dark web market for AI cybercrime tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Infosecurity Europe: AI-Powered Cybercrime Tools Surge on Dark Web
Russia claims officials’ surveillance, Project Glasswing expands, CISA flags two-year-old Oracle flaw
Russia claims officials’ surveillance Project Glasswing access expands CISA flags two-year-old Oracle flaw Get the show notes here: https://cisoseries.com/cybersecurity-news-russia-claims-officials-surveillance-project-glasswing-expands-cisa-flags-two-year-old-oracle-flaw/ Huge thanks to our episode sponsor, Vanta Your team just added its 67th AI tool. And unfortunately, also your 67th security…
IT Security News Hourly Summary 2026-06-03 09h : 6 posts
6 posts were published in the last hour 7:2 : FSB’s matryoshka #2/3 – Gamaredon’s gifts that keeps unpacking – GammaLoad 7:2 : Hospital Breach Affects Nearly 33,000 Patients 7:2 : Netskope adds AI asset discovery and AISecOps agent to…
FSB’s matryoshka #2/3 – Gamaredon’s gifts that keeps unpacking – GammaLoad
This investigation is published in three parts. Follow the links below to navigate through our findings: Key Takeaways Introduction The Sekoia.io Threat Detection & Research (TDR) team continuously monitors Gamaredon (aka UAC-0010, Armagedon), an FSB operated Russian intrusion-set historically targeting…
Hospital Breach Affects Nearly 33,000 Patients
Bedfordshire NHS trust warns breach could affect patents who had lab results from 2011 to 2020 at two hospitals it operates This article has been indexed from Silicon UK Read the original article: Hospital Breach Affects Nearly 33,000 Patients
Netskope adds AI asset discovery and AISecOps agent to AI security portfolio
Netskope has announced Netskope One AI Command Center, bringing together AI discovery, risk intelligence, and autonomous response capabilities in a single platform. As the latest expansion of the Netskope One AI Security suite, it helps security teams understand what AI…
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims’ systems. The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee Labs, stating the activity has been active…
50+ Malicious Chrome Extensions Hit 30K Users
50+ malicious Chrome extensions posing as “live wallpaper” utilities have been caught running an adware operation that hijacks browser behavior and quietly pushes remote HTML content to around 30,000 users. These extensions were distributed through at least three publisher accounts…
1-Click GitHub Vulnerability Enables OAuth Token Theft
A newly disclosed vulnerability in GitHub’s browser-based editor, GitHub.dev, allows attackers to steal powerful OAuth tokens with just a single click, giving them read and write access to private repositories. The flaw exploits how Visual Studio Code (VSCode) webviews handle…
Hackers Spread WeedHack Malware via YouTube and SEO Poisoning
Hackers are increasingly abusing trusted platforms like YouTube and search engines to distribute malware, and a newly uncovered campaign targeting Minecraft players highlights how effective this tactic has become. Minecraft, originally released in 2011 by Mojang Studios, remains the best-selling…
A small Slovenian team handles 6,000 cyber incidents a year
Online fraud complaints, ransomware cases, and phishing tips reach Slovenia’s national cyber response center in steady volume, and a team of around a dozen analysts sorts through them. Gorazd Božič, who manages SI-CERT at the public agency ARNES, described that…
Red Hat Confirms Supply Chain Breach Impacting @redhat-cloud-services npm Packages
Red Hat has confirmed a supply chain security breach impacting multiple npm packages under the @redhat-cloud-services namespace, as detailed in security bulletin RHSB-2026-006 released on June 2, 2026. The incident was publicly disclosed a day earlier and stems from a…
North Korean APT Targets macOS to Steal Crypto Wallets and SSH Keys
A newly uncovered macOS intrusion campaign attributed to the North Korean state-sponsored threat group Sapphire Sleet, also known as BlueNoroff or UNC1069, is targeting high-value organizations in the financial and cryptocurrency sectors. The operation focuses on venture capital firms, Web3…
Project Glasswing Grows as Anthropic Extends Claude Mythos Preview Program
Anthropic has expanded its Project Glasswing initiative, significantly scaling access to its Claude Mythos Preview model as part of a broader effort to strengthen global software security. The program, first launched in April 2026 with around 50 organizations, has now…
Microsoft MSRC Allegedly Declines Action on Dependency Confusion Vulnerability
Microsoft is facing scrutiny after reportedly declining to treat a critical dependency confusion vulnerability affecting Azure Portal assets as a security issue, despite a proof-of-concept exploit demonstrating remote code execution (RCE). Security researcher Wahid Fayad identified the issue while analyzing…
Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold
Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models. Rapid7’s latest disclosure on CVE-2026-0826 should get serious attention from anyone running HP Poly VoIP phones in…
Agent Threat Rules: Open detection rule format for AI agent security threats
AI agents run inside coding assistants, MCP servers, and multi-agent frameworks, and the access that makes them useful also opens paths to prompt injection, tool poisoning, and credential theft. Public CVE feeds carry agent-execution flaws that reach production faster than…
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign
A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer systems. The malicious code steals credentials from GitHub, cloud platforms, and local machines, then spreads like a worm by republishing trusted…
What CISOs need to do about post-quantum migration in the next 24 months
In this Help Net Security video, Garfield Jones, SVP Global Strategy and Research, QuSecure, lays out what CISOs should do over the next 24 months. A recent Google paper moved the expected arrival of a cryptographically relevant quantum computer from…