4 posts were published in the last hour 6:6 : DeepSeek Hits $59bn Valuation In First Funding Round 6:6 : New Crypto Clipper Uses Windows Script Host and ActiveXObject for Remote Code Execution 6:6 : 24 Billion Stolen Credentials Exposed…
DeepSeek Hits $59bn Valuation In First Funding Round
Chinese AI start-up reportedly concludes first funding round, raising more than $7bn in deal that gives founder high degree of control This article has been indexed from Silicon UK Read the original article: DeepSeek Hits $59bn Valuation In First Funding…
New Crypto Clipper Uses Windows Script Host and ActiveXObject for Remote Code Execution
A novel Windows-based cryptocurrency clipper that has been active since February 2026 and leverages Windows Script Host (WScript) and ActiveXObject calls to achieve remote code execution and persistent, high-frequency data theft. The campaign stands out because it avoids traditional installers…
24 Billion Stolen Credentials Exposed in Massive Data Leak
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infostealers, Telegram channels, and breach collections, risking account takeovers. Cybernews researchers found an exposed Elasticsearch cluster on June 12th…
Your browser tab could become encrypted storage for someone else’s files
Decentralized storage networks already hand pieces of people’s data to strangers’ machines. The lasting question across these networks is whether the machine holding the data can read it. A research paper by Gregory Magarshak, a professor at IENYC, describes a…
iPhone BootROM Vulnerability Opens Door to Full Apple SoC Trust Chain Compromise
A recently disclosed iPhone BootROM vulnerability, dubbed “usbliter8,” highlights a significant flaw in Apple’s SecureROM implementation. This vulnerability allows attackers to compromise the entire trust chain of the Application Processor (AP) on affected devices. Research published by Paradigm Shift on…
Hackers Exploit Klue Integration to Steal Salesforce CRM Data Using OAuth Tokens
Hackers are actively exploiting a compromised Klue Battlecards integration to extract sensitive Salesforce CRM data by abusing OAuth tokens, according to new research published by ReliaQuest on June 17, 2026. This campaign highlights a growing trend in which attackers use…
Companies are discarding the logs they need to catch a breach
Many large enterprises discard most of the log data their systems generate, and they do it on purpose to keep costs down. A Dynatrace survey of 450 senior IT leaders at large enterprises found that half of organizations drop or…
Authorities Seize 106 Servers and 101 Domains in Major SocGholish Malware Takedown
International law enforcement agencies have successfully seized 106 servers and 101 domains as part of a coordinated global effort against the SocGholish malware infrastructure, marking a major milestone in Operation Endgame. Announced on June 18, 2026, from The Hague, this…
State Digital Surveillance Puts Foreign Travelers and Businesses at Risk Across 31 Countries
A new state-surveillance assessment finds that foreign travelers and business staff face high or very high digital risk in 31 countries, where governments increasingly use telecom interception, spyware, AI-enabled monitoring, and data aggregation with little meaningful oversight. The concern is…
SpaceX wants to build AI data centers in space. Will it work?
The race to build data centers in space is gaining momentum as AI drives unprecedented demand for computing power. Orbital facilities could tap into abundant solar energy and avoid many of the environmental challenges faced on Earth. Yet space remains…
Asia-Pacific scam networks generate nearly $40 billion a year
Cybercrime is taking a larger share of criminal activity in Asia and the Pacific. More than half of surveyed jurisdictions reported that cybercrime accounts for over 30% of all crimes recorded nationally, according to INTERPOL’s 2025/2026 Asia and South Pacific…
Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure
CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek. This article has been indexed…
FortiBleed Emergency: 74,000 Fortinet Logins Exposed
A special crossover episode of Cybersecurity Today and Hashtag Trending for June 19, 2026. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning after security researchers uncovered the FortiBleed dataset, exposing credentials tied to approximately 74,000…
New infosec products of the week: June 19, 2026
Here’s a look at the most interesting products from the past week, featuring releases from ArmorCode, Barracuda Networks, Blue Planet, Flip, Fortinet, Legit Security, Tigera, and WitnessAI. Fortinet FortiSOC unifies SIEM, SOAR, threat intelligence, and AI in one platform Fortinet…
IT Security News Hourly Summary 2026-06-19 06h : 1 posts
1 posts were published in the last hour 3:33 : Killing me gently: Inside Gentlemen’s EDR killer framework
Killing me gently: Inside Gentlemen’s EDR killer framework
ESET Research shares the results of a months-long investigation into the suite of EDR killers maintained by the RaaS gang Gentlemen This article has been indexed from WeLiveSecurity Read the original article: Killing me gently: Inside Gentlemen’s EDR killer framework
Microsoft Exposes Malware Operation Combining USB LNK Worms and Tor-Based C2 Servers
A threat actor will benefit from combining cryptocurrency theft, covert communications, and remote access into a single malware framework in order to increase stealth and persistence. Microsoft has revealed the existence of a Windows-based clipper campaign active since February…
Alibaba Cloud Bets on France as Europe Seeks More Control Over AI
Alibaba Cloud opened two Paris availability zones as European enterprises weigh data sovereignty, resilience, and AI infrastructure needs. The post Alibaba Cloud Bets on France as Europe Seeks More Control Over AI appeared first on TechRepublic. This article has been…
AI Crackdowns, Mega Mergers, and Security Chaos Define This Week in Tech
See what you missed in Daily Tech Insider from June 15–18. The post AI Crackdowns, Mega Mergers, and Security Chaos Define This Week in Tech appeared first on TechRepublic. This article has been indexed from Security Archives – TechRepublic Read…
AutoJack: How a single page can RCE the host running your AI agent
AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter handling, attackers…
PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM
A pre-authentication remote code execution (RCE) chain in Oracle PeopleSoft PeopleTools abuses the Integration Broker’s PSIGW gateway to execute code inside the application server’s Java virtual machine (JVM), evading behavioral and network sensors. This article has been indexed from Trend…
Ralph Lauren – 139,903 breached accounts
In June 2026, fashion retailer Ralph Lauren was targeted in a ShinyHunters “pay or leak” extortion campaign. The group subsequently published hundreds of gigabytes of data they claimed was obtained from the organisation’s Salesforce instance, including 140k unique email addresses…
Authorities Dismantle SocGholish Malware Network — 106 Servers and 101 Domains Seized
Authorities have dismantled the criminal infrastructure behind SocGholish, one of the most persistent malware frameworks active since 2017, seizing 106 servers and 101 domains while remediating nearly 15,000 infected websites worldwide. The coordinated takedown was executed as part of Operation…