A large-scale cyber espionage campaign dubbed “FortiBleed” has compromised more than 70,000 Fortinet firewalls and VPN gateways worldwide, exposing enterprise networks across 194 countries. The activity, first identified by security researcher Volodymyr Diachenko and further analyzed by Hudson Rock and…
Microsoft Confirms RoguePlanet Zero-Day Exploit Targeting Defender
Microsoft has confirmed a newly disclosed zero-day vulnerability, tracked as CVE-2026-50656, affecting Microsoft Defender, following the public release of a proof-of-concept (PoC) exploit dubbed “RoguePlanet” by security researcher NightmareEclipse. The vulnerability, classified as an elevation-of-privilege flaw, was officially published on…
Microsoft Confirms RoguePlanet Zero-Day in Defender, Patch Under Development
Microsoft confirmed the RoguePlanet Defender zero-day (CVE-2026-50656), a privilege escalation flaw, and is developing a security patch. Microsoft has acknowledged the RoguePlanet zero-day affecting Microsoft Defender, tracked as CVE-2026-50656 (CVSS score of 7.8). The vulnerability allows privilege escalation through the…
Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
The photography giant confirmed a data breach after ShinyHunters claimed it stole 2.2 million records and threatened to leak them. This article has been indexed from Malwarebytes Read the original article: Kodak confirms breach as ShinyHunters’ leak threat reaches deadline
F5 Patches Critical, High-Severity NGINX Vulnerabilities
Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code. The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
IT Security News Hourly Summary 2026-06-18 12h : 6 posts
6 posts were published in the last hour 9:34 : Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads 9:34 : GentleKiller targets more than 400 security processes across 48 products 9:34 : Hostile States Behind 75% of…
Financially Motivated Hackers Turn Legitimate IT Tools Into Remote Access Payloads
A novel evolution of LLMjacking: a threat actor leveraging a publicly exposed Ollama model server as the reasoning engine for an automated, multi-stage offensive framework. Rather than using the model for chat or resale, the attacker integrated unauthenticated model inference…
GentleKiller targets more than 400 security processes across 48 products
Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR) products,…
Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Richard Horne, the NCSC CEO, said three-quarters of cyber-attacks targeting UK critical infrastructure came from nation-state actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns
Google to Use IP Addresses for Ad Personalization in UK and EU Starting August 3
Google has informed advertisers that starting on or shortly after August 3, 2026, it will begin using IP addresses for ad measurement and personalization in the Thank you for being a Ghacks reader. The post Google to Use IP Addresses…
UK Orders Google To Increase Search Transparency
CMA tells Google that search rankings must be fairer and more transparent, after businesses complain of unexpected changes This article has been indexed from Silicon UK Read the original article: UK Orders Google To Increase Search Transparency
SailPoint to Acquire Entro in Reported $200 Million Deal
Israel-based Entro specializes in non-human identity and credential security solutions, and it will enable SailPoint to enhance its products. The post SailPoint to Acquire Entro in Reported $200 Million Deal appeared first on SecurityWeek. This article has been indexed from…
Key Meta Internal AI Exec To Leave Company
Emily Dalton Smith, in charge of key part of Meta’s unpopular internal AI strategy, to exit as $2bn Manus deal unravels This article has been indexed from Silicon UK Read the original article: Key Meta Internal AI Exec To Leave…
Hackers Crack Corporate, Government VPNs In Major Incident
Researcher accidentally uncovers trove of credentials for 75,000 Fortinet firewalls including US government agencies, major companies This article has been indexed from Silicon UK Read the original article: Hackers Crack Corporate, Government VPNs In Major Incident
Cybercrime Surges in APAC as Digitalization Takes Hold
Interpol claims cybercrime accounts for third of crime in over half of Asia and South Pacific countries This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercrime Surges in APAC as Digitalization Takes Hold
AI-Generated ClickFix Campaign Delivers SmartRAT Banking Trojan via Fake Brazilian Bank Website
Multiple instances of typosquatting domains hosting malicious content generated with AI-powered website creation tools. One striking campaign combined an AI-created fake Brazilian bank site with a ClickFix social-engineering lure to deliver a PowerShell-based remote access trojan Zscaler named SmartRAT. The…
FortiBleed Exposes Admin Passwords for 75,000 Fortinet Firewalls
FortiBleed: Admin Passwords for 75,000 Fortinet Firewalls Are Out in the Wild. Half the Internet-Facing Fortinets on the Planet. Security researcher Bob Diachenko found a server sitting open on the internet containing what appeared to be valid Fortinet VPN credentials,…
Blue Planet helps service providers reduce risk with unified network change governance
Blue Planet is closing the governance gap in network operations by unveiling Blue Planet Configuration and Change Management (CCM), unifying device configuration, change, and lifecycle management across multi-vendor networks. Backed by Blue Planet’s deep Operations Support System (OSS) expertise, CCM…
New 42Crunch plugin helps developers find and fix API vulnerabilities in GitHub Copilot
42Crunch has announced the availability of the 42Crunch API Security Testing Plugin for GitHub Copilot. This latest advance enables developers to continuously audit, test, remediate and validate API security vulnerabilities directly within AI-assisted development workflows. Organizations are struggling to secure…
Barracuda introduces AI-powered email security with automated threat response
Barracuda Networks has unveiled Barracuda Integrated Email Protection, an Integrated Cloud Email Security (ICES) solution delivering protection against evolving AI-driven threats. Powered by AI, the solution continuously and autonomously detects and remediates threats across the attack lifecycle, explains Microsoft 365…
Former Shoe Maker Changes Name, CEO In AI Push
Allbirds, once a maker of trendy wool shoes, changes name to Smartbird, hires former Amazon exec as chief, sees stock surge This article has been indexed from Silicon UK Read the original article: Former Shoe Maker Changes Name, CEO In…
French Spy Agency To Cut Ties With Palantir
French internal intelligence agency DGSI to switch to domestic alternative, amid calls to reduce dependence on US This article has been indexed from Silicon UK Read the original article: French Spy Agency To Cut Ties With Palantir
Kodak Admits Data Breach After ShinyHunters Hack Claims
Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident. The post Kodak Admits Data Breach After ShinyHunters Hack Claims appeared first on SecurityWeek. This article has been indexed…
Anthropic tells G7 to cooperate, Fortinet VPN leak exposes credentials, Crypto Clipper abuses reviews
Anthropic tells G7 to cooperate Fortinet VPN leak exposes credentials Crypto Clipper abuses reviews, narrators, and comments Get the show notes here: https://cisoseries.com/cybersecurity-news-anthropic-tells-g7-to-cooperate-fortinet-vpn-leak-exposes-credentials-crypto-clipper-abuses-reviews/ Huge thanks to our sponsor, ThreatLocker Every security leader is being asked the same question right now:…