Securing the Future of Japan’s AI Landscape The shift from static LLMs to autonomous agents has fundamentally changed the global threat surface. Frontier models like Anthropic’s Mythos can now autonomously discover hundreds … The post Expanding Our Footprint: Local Cloud…
Hackers Use Weaponized Windows Shortcuts to Spread Crypto Clipper Across USB Drives
A newly discovered cryptocurrency clipper malware has been quietly stealing digital assets from victims since February 2026, spreading through a trick that most users would never suspect: weaponized Windows shortcut files on USB drives. The malware is not just a…
Node.js Fixes 12 Vulnerabilities, Including 2 High-Severity Authentication Bypasses
Node.js has released a new round of security updates addressing 12 vulnerabilities across its supported release lines, including two high-severity flaws that could lead to authentication bypass and denial-of-service (DoS) attacks. The updates impact Node.js versions 22.x, 24.x, and 26.x,…
CISA Warns of Splunk Enterprise Critical Function Vulnerability Actively Exploited in Attacks
CISA has issued a high-priority alert warning organizations about a critical vulnerability in Splunk Enterprise that is actively being exploited in the wild. The flaw, tracked as CVE-2026-20253, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling immediate…
Frontier Airlines API Exposes Passport, Credit Card, and Personal Data via Boarding Pass Information
A security researcher known as BobDaHacker has revealed significant vulnerabilities in Frontier Airlines’ booking system. Thank you for being a Ghacks reader. The post Frontier Airlines API Exposes Passport, Credit Card, and Personal Data via Boarding Pass Information appeared first…
Did Iranian hackers cause operational disruptions to water and wastewater systems in the USA?
No, they did not. Handala, a hacker organization with alleged ties to the Islamic Republic of Iran, recently claimed it had gained the ability to… The post Did Iranian hackers cause operational disruptions to water and wastewater systems in the…
INC Ransomware Uses Double Extortion and Printer Ransom Notes to Pressure Victims
INC has matured from an emerging RaaS operation into one of 2026’s most active ransomware families, claiming more than 800 victims since 2023 and capitalizing on disruption among competitors to expand its affiliate base. The group’s recent campaigns demonstrate both…
ISA VDA 6.0.3 (part 2) — Information Security Sheet: IS Policies and Organization
This is the part 2 of the series about the TISAX label: TISAX getting started: A Deep Dive into the ISA Assessment Workbook (part 1). ISA VDA 6.0.3 (part 2) — Information Security Sheet: IS Policies and Organization …
Peter Thiel ‘s Secret Society Leak Creates a Perfect Target List for Espionage, Influence Operations, and Blackmail
A simple website flaw exposed members, political profiles, login tokens, and dating data from Peter Thiel ‘s secretive Dialog network. Dialog, a private invitation-only organization cofounded in 2006 by billionaire tech investor Peter Thiel, has spent two decades refusing to…
eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th)
I detected an interesting phishing email this morning. It targets a major Belgian bank: This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th)
AI-Powered Public Surveillance and Biometric Data Collection Expand Government Monitoring
Governments are expanding their digital reach in ways unimaginable just a decade ago. A growing wave of AI-powered surveillance, biometric data collection, and commercial spyware is reshaping how states monitor citizens and visitors. The scale of this shift is drawing…
Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC
WideField will accelerate Agentic SOC capabilities by expanding the lens on threat investigation to include identity, credentials, sessions, and blast radius. The post Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC appeared first on SecurityWeek. This article has…
BlackFog brings shadow AI visibility to macOS endpoints with ADX Vision
BlackFog has announced the general availability of ADX Vision for macOS, extending its shadow AI detection, governance, and prevention platform to Apple endpoints. With this release, enterprises can now apply a single, consistent AI data-loss policy across Windows and macOS…
Police clean WordPress sites, Klue OAuth breach, Warner’s CISA warnings
Police clean ups SocGholish-infected sites tied to Evil Corp Klue OAuth breach linked to Icarus Salesforce data theft attacks Warner warns of CISA cuts, staffing gaps in letter to acting chief Get the show notes here: https://cisoseries.com/cybersecurity-news-police-clean-wordpress-sites-klue-oauth-breach-warners-cisa-warnings/ Huge thanks to…
The ASLR Caveat on NGINX’s Critical HTTP/3 Flaw Changes Nothing About Urgency
CVE-2026-42530, the NGINX HTTP/3 vulnerability rated CVSS 9.2, is collecting dismissals because exploitation requires ASLR to be disabled or bypassed. Here is why that framing is wrong and why patching cannot wait. The ASLR Caveat on NGINX’s Critical HTTP/3 Flaw…
EU Set To Place Azure, AWS In DMA Crosshairs
European Commission reportedly find Microsoft’s Azure, Amazon Web Services probably meet DMA gatekeeper threshold This article has been indexed from Silicon UK Read the original article: EU Set To Place Azure, AWS In DMA Crosshairs
Early Manus Backers Funding Re-Acquisition From Meta
Early backers of start-up including HSG, ZhenFund, Tencent, reportedly preparing buyback for same $2bn originally paid This article has been indexed from Silicon UK Read the original article: Early Manus Backers Funding Re-Acquisition From Meta
Showboat Malware Uses Pastebin-Hosted C Code to Enable Linux Process Hiding
A previously undocumented, modular Linux post‑exploitation framework that demonstrates sophisticated stealth techniques most notably fetching and compiling C code hosted on Pastebin to hide processes at runtime. Active since mid‑2022 and aimed at AMD x86‑64 Linux hosts, Showboat remained undetected…
15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown
Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame. The post 15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization…
The OpenSSL Library AI Policy
The OpenSSL Library has adopted an AI policy. To summarize: Anyone who uses AI to provide a non-trivial portion of their contributions to the OpenSSL Library must: Sign an updated Contributor License Agreement (CLA) that includes the AI clauses. Declare…
IT Security News Hourly Summary 2026-06-19 09h : 4 posts
4 posts were published in the last hour 6:6 : DeepSeek Hits $59bn Valuation In First Funding Round 6:6 : New Crypto Clipper Uses Windows Script Host and ActiveXObject for Remote Code Execution 6:6 : 24 Billion Stolen Credentials Exposed…
DeepSeek Hits $59bn Valuation In First Funding Round
Chinese AI start-up reportedly concludes first funding round, raising more than $7bn in deal that gives founder high degree of control This article has been indexed from Silicon UK Read the original article: DeepSeek Hits $59bn Valuation In First Funding…
New Crypto Clipper Uses Windows Script Host and ActiveXObject for Remote Code Execution
A novel Windows-based cryptocurrency clipper that has been active since February 2026 and leverages Windows Script Host (WScript) and ActiveXObject calls to achieve remote code execution and persistent, high-frequency data theft. The campaign stands out because it avoids traditional installers…