10 posts were published in the last hour 9:32 : Fake verification pages are stealing Steam accounts from players 9:32 : 21,786 Home Cameras, No Password, No Warning 9:32 : Google Patches 28 Chrome Vulnerabilities that Allow Attackers to Execute…
Fake verification pages are stealing Steam accounts from players
A convincing fake FACEIT verification page is stealing Steam accounts by using a fake login window that looks completely legitimate. This article has been indexed from Malwarebytes Read the original article: Fake verification pages are stealing Steam accounts from players
21,786 Home Cameras, No Password, No Warning
21,786 live cameras stream with zero authentication. Cheap gear is the real risk, webcamXP open 46% of the time. Your home router is the broadcast tower. In May 2026, Mysterium VPN queried a public internet-wide device index to count every…
Google Patches 28 Chrome Vulnerabilities that Allow Attackers to Execute Malicious Code
Google has released a new Chrome security update addressing 28 vulnerabilities, including several critical flaws that could allow attackers to execute malicious code on affected systems. The latest Stable channel update upgrades Chrome to version 149.0.7827.114/.115 on Windows and macOS,…
Palo Alto PAN-OS Vulnerability Allows Attackers to Execute Arbitrary Commands as Root User
Palo Alto Networks fixed a new command injection vulnerability in PAN‑OS (CVE-2026-0273) that allows authenticated administrators to execute arbitrary commands as root via the CLI or web management interface. Two related medium‑severity issues in the same advisory window cover CLI…
Microsoft Outlook and Word Vulnerabilities Allow Attackers to Execute Malicious Code
Microsoft released critical fixes for three closely related remote code execution (RCE) vulnerabilities in Microsoft Outlook and Word that stem from low‑level memory‑safety flaws in the Word rendering engine and its integration with Outlook Classic. These bugs, tracked as CVE‑2026‑45456,…
BOFH: For one ambitious security type, chaos is a ladder
Mission Control sends its regards This article has been indexed from www.theregister.com – Articles Read the original article: BOFH: For one ambitious security type, chaos is a ladder
Chrome 149 Update Patches 28 Vulnerabilities
The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs. The post Chrome 149 Update Patches 28 Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chrome 149 Update…
Tchap Messenger Hack Exposes Data of Over 73,000 French Government Employees
A suspected cyberattack targeting Tchap, the secure messaging platform used by French government agencies, has reportedly exposed sensitive data belonging to more than 73,000 government employees. According to threat intelligence reports shared by the ThreatMon monitoring account, a threat actor…
OnyxC2 Stealer Uses Cloudflare-Fronted C2 to Exfiltrate Browser Data and Credentials
A new commercial-grade information stealer, marketed as OnyxC2, surfaced on cybercrime forums in early 2026 and demonstrates how commodity malware is increasingly packaged as a full-service product. For $250 a month buyers receive a web-based control panel, a payload builder,…
Anthropic Disputes Fable 5 AI Jailbreak
An AI hacker claims to have achieved a prompt-based jailbreak shortly after Fable 5’s launch, but Anthropic says it’s not a real jailbreak. The post Anthropic Disputes Fable 5 AI Jailbreak appeared first on SecurityWeek. This article has been indexed…
Hackers Use UAE-India Diplomatic Lure to Deliver SHEETCREEP RAT via Google Sheets
An active espionage campaign tracked as SHEETCREEP that leverages a UAE‑India diplomatic-themed ISO lure to deliver a compact C# remote access trojan (RAT) and uses Google Sheets as its command-and-control (C2) channel. The ISO, named UAE-India_Strategic_Partnership_Week.iso, contains a deceptively iconized…
Authorities dismantle crypto laundering service that moved €336 million for cybercriminals
An international law enforcement operation has dismantled a cryptocurrency laundering service linked to ransomware groups and other cybercriminals that processed more than €336 million in illicit funds. The domain seizure notice (Source: Europol) Europol said the service, known as AudiA6,…
Is publishing deepfake porn illegal in the USA?
Yes, publishing and distributing deepfake porn without consent is a crime in the USA. The TAKE IT DOWN Act prohibits the publication and sharing of… The post Is publishing deepfake porn illegal in the USA? appeared first on Panda Security…
Microsoft Teams Android Flaw Could Let Attackers Disclose Sensitive Information
Microsoft has disclosed a high-severity information disclosure vulnerability affecting its Teams application for Android, tracked as CVE-2026-42835. The flaw, publicly released on June 9, 2026, has been assigned a CVSS v3.1 base score of 8.1, categorizing it as an “Important”…
Authorities Seize AudiA6 Crypto Laundering Service Used by Cybercriminal Gangs
Authorities have dismantled a major cryptocurrency laundering infrastructure known as “AudiA6,” disrupting a critical financial backbone used by ransomware gangs and cybercriminal networks to legitimize illicit proceeds. The coordinated international operation, supported by Europol and Eurojust, targeted a service believed…
Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
Authorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a “key financial pipeline used to wash hundreds of millions…
Fortinet patches FortiSandbox, GitHub disables npm scripts, Nottingham University breach
Fortinet patches a new critical FortiSandbox flaw GitHub to disable npm install scripts by default to stop supply chain attacks Nottingham University announces data breach Get the show notes here: https://cisoseries.com/cybersecurity-news-fortinet-patches-fortisandbox-github-disables-npm-scripts-nottingham-university-breach/ Thanks to our episode sponsor, Doppel Social engineering attacks…
Check Point VPN Authentication Bypass (CVE-2026-50751): Client-Controlled IKEv1 Auth Flipped by Ransomware Affiliate
A CVSS 9.3 flaw in Check Point Remote Access VPN let unauthenticated attackers bypass certificate validation by supplying a crafted IKEv1 VendorID payload — exploited for 32 days before a patch, with one confirmed Qilin ransomware post-compromise chain. Check Point…
France Says Israeli Firm Interfered In Scottish Elections
Israel’s BlackCore carried out digital interference operations in Scotland, New York City, France, says disinformation detection agency This article has been indexed from Silicon UK Read the original article: France Says Israeli Firm Interfered In Scottish Elections
Researcher Uses AI to Hack Google, Earns $500,000 Bug Bounty
Researcher Arvin Shivram has earned $500,000 in bug bounties from Google’s Vulnerability Reward Program (VRP) by deploying an AI-powered fuzzing framework against Google’s internal API infrastructure, uncovering critical access-control flaws across multiple high-impact services in under 3 months. The research began after Shivram was…
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. The post Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
IT Security News Hourly Summary 2026-06-12 09h : 8 posts
8 posts were published in the last hour 6:32 : BYD Plans Flash-Charger Roll-Out Across Europe 6:32 : How to use NIST and ISO frameworks to govern AI agents 6:32 : Comcast Business SecurityEdge Preferred strengthens security for small businesses…
BYD Plans Flash-Charger Roll-Out Across Europe
BYD investing nearly €2bn to build network of charging stations across Europe that can charge car in 5 minutes, including 600 in UK This article has been indexed from Silicon UK Read the original article: BYD Plans Flash-Charger Roll-Out Across…