This fluid pump was inspired by the way squids propel themselves through the water. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. This…
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
The tech giant said a group called “Outsider Enterprise” used AI to scam hundreds of thousands of victims, sending 2.5 million text messages over a span of two weeks. This article has been indexed from Security News | TechCrunch Read…
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest…
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact. The post New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight appeared first on TechRepublic. This article has been indexed from…
Hackers Abuse Legitimate NinjaOne RMM Software to Bypass Traditional Malware Detection
A newly documented phishing campaign is using a legitimate remote management tool to silently take over victims’ computers, without deploying a single line of traditional malware. Researchers have uncovered an active operation targeting Brazilian organizations, where attackers trick employees into…
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as Fancy Bear, formally tracked as APT28 and attributed to Russia’s military intelligence unit GRU Unit 26165, has…
U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Sentry flaw, tracked as CVE-2026-10520 (CVSS score of 10.0), to its Known Exploited Vulnerabilities…
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM…
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and…
400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest…
Nvidia Introduces AI-Focused PC Chip as Industry Pushes Toward Local AI Processing
Nvidia has announced a new processor designed to run artificial intelligence applications directly on personal computers, signaling the company’s latest effort to expand beyond the data center market and into everyday computing devices. The announcement was made by Nvidia Chief…
IT Security News Hourly Summary 2026-06-12 21h : 3 posts
3 posts were published in the last hour 18:34 : Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware 18:34 : Fired IT worker jailed for 21 months after sabotaging old school district 18:9 : CISA Adds One…
Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware
Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Atomic…
Fired IT worker jailed for 21 months after sabotaging old school district
Iowan’s scheme undone after misplacing trust in former coworker This article has been indexed from www.theregister.com – Articles Read the original article: Fired IT worker jailed for 21 months after sabotaging old school district
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability This type of vulnerability is a frequent attack vector for…
The AI Your Security Team Can’t See Is the One You Should Worry About
Shadow AI is no longer a theoretical risk. Employees are adopting AI tools faster than security teams can track them, often without IT’s knowledge, and frequently on devices and surfaces that traditional security tools simply can’t see. If you asked your security team right now…
Google sues alleged Chinese cybercrime operation that used AI to send scam texts
The tech giant said a group called “Outsider Enterprise” used AI to scam hundreds of thousands of victims, sending 2.5 million text messages over a span of two weeks. This article has been indexed from Security News | TechCrunch Read…
Malicious npm Campaign Steals SSH Keys, API Tokens, Cloud Credentials, and Wallet Secrets
A fresh wave of supply chain attacks is putting blockchain developers, Web3 teams, and cloud engineers at serious risk. Researchers have uncovered a coordinated campaign involving multiple malicious packages on the npm registry, each designed to quietly steal sensitive secrets…
Cyberabad Police Busts eSIM Banking Fraud Gang in Hyderabad
Cyberabad police have exposed an inter-state cyber fraud racket that used eSIM manipulation, SIM swapping tactics, and OTP diversion to steal money from bank customers. The case underlines how criminals are mixing telecom fraud with banking deception to bypass…
Hackers Attack Sugar Mill, Force Operations and Harvesting Shutdown
Australia’s second-biggest sugar producer, Mackay Sugar, is looking into a cyberattack that impacted parts of its operations and temporarily stopped sugarcane harvesting. The incident caused the stoppage of milling activities at two of the firm’s facilities while authorities and experts…
6 Open-Source Vulnerability Scanners That Actually Work in 2026
Compare top open-source vulnerability scanners and their key features in 2026. The post 6 Open-Source Vulnerability Scanners That Actually Work in 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: 6…
John the Ripper: Beginner’s Tutorial and Review for 2026
Learn how to install and use John the Ripper in 2026 with step-by-step examples and more tips. Beginner-friendly tutorial plus review. The post John the Ripper: Beginner’s Tutorial and Review for 2026 appeared first on eSecurity Planet. This article has…
Top 25 Cybersecurity Companies in 2026
Learn about the top 25 cybersecurity companies in 2026 and what each does best. The post Top 25 Cybersecurity Companies in 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Top…
Your Next Insider Threat May Be an AI Coworker
Heimdal sysadmin Alex Panait spent weeks testing Claude Cowork inside the company. His verdict was blunt. It felt like onboarding a junior employee with no manager, no scoped access, and no clear accountability when something goes wrong. Except this one…