OpenAI has started rolling out Lockdown Mode for ChatGPT, an optional security setting that restricts access to external resources and several product capabilities. It is available for personal accounts, including Free, Go, Plus, and Pro plans, as well as self-serve…
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google…
Meta AI Bug Exposes Over 20,000 Instagram Accounts
Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta AI Bug Exposes Over 20,000 Instagram…
Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities
The Department of Science, Innovation and Technology details how a combination of hands-on human advice and technology systems keeps government agencies safe This article has been indexed from www.infosecurity-magazine.com Read the original article: Infosecurity Europe: How DSIT Protects Thousands of…
Six social media features UK police want banned for under-16s
The UK is moving closer to major changes in how children use social media. Ministers are reportedly considering an outright ban on social media for… The post Six social media features UK police want banned for under-16s appeared first on…
Unitree Humanoid Robots Perform On US Television
Team of eight humanoid robots performs with human dancer from Sichuan on America’s Got Talent, even as lawmakers seek ban This article has been indexed from Silicon UK Read the original article: Unitree Humanoid Robots Perform On US Television
Tencent To Open WeChat To Outside AI Agents
Tencent reportedly working with major Chinese phone makers to allow their AI voice agents access to some WeChat functions, in significant shift This article has been indexed from Silicon UK Read the original article: Tencent To Open WeChat To Outside…
Massive Utah Data Centre Halved After Outcry
Developers agree to reduce size of planned 40,000-acre data centre, in latest sign of growing public resistance This article has been indexed from Silicon UK Read the original article: Massive Utah Data Centre Halved After Outcry
SolarWinds Serv-U Vulnerability Exploited in the Wild
Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service. The post SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
IoT Botnet C0XMO Adds Competitor-Killing Capability
C0XMO is a new Gafgyt botnet variant exploiting old router flaws, spreading across IoT devices, killing rivals, and enabling large-scale DDoS attacks. In March 2026, FortiGuard Labs discovered a new variant of the Gafgyt botnet, dubbed C0XMO, which is noticeably…
A week in security (June 1 – June 7)
A list of topics we covered in the week of June 1 to June 7 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (June 1 – June 7)
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats. “When automatic…
CISA Palantir Director, EU tech sovereignty, SolarWinds Serv-U flaw
Palantir executive considered for CISA leadership EU unveils tech sovereignty package to cut reliance on U.S., Chinese suppliers Hackers now exploit SolarWinds Serv-U flaw to crash servers Get the show notes here: https://cisoseries.com/cybersecurity-news-cisa-palantir-director-eu-tech-sovereignty-solarwinds-serv-u-flaw/ Thanks to our episode sponsor, Doppel Social…
IT Security News Hourly Summary 2026-06-08 09h : 4 posts
4 posts were published in the last hour 7:4 : Critical UniFi OS RCE Chain Grants Root Access Without Credentials 7:4 : Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse 6:34 : All the Ways Europe Is Ditching…
Critical UniFi OS RCE Chain Grants Root Access Without Credentials
Security Advisory Bulletin 064 describing a critical chain of vulnerabilities in UniFi OS Server that allows unauthenticated remote code execution and full root takeover. The issue combines an authentication-gateway bypass, a path-traversal mismatch, and a command-injection sink in the package-update…
Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse
The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool. The post Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse appeared first on SecurityWeek. This article has been…
All the Ways Europe Is Ditching American Technology
A WIRED timeline shows how dozens of governments, companies, and other organizations across Europe are moving, or planning to shift, away from US Big Tech. This article has been indexed from Security Latest Read the original article: All the Ways…
Microsoft Warns Claude Code GitHub Action Could Leak CI/CD Workflow Secrets
AI-powered coding tools are rapidly changing how developers build and ship software. But as these tools enter everyday development pipelines, they are also opening new doors for attackers. A recently uncovered vulnerability in a widely used AI coding assistant shows…
Hackers Exploit Claude Code MCP Traffic to Hijack OAuth Authentication Tokens
Threat researchers have uncovered a novel man-in-the-middle (MitM) attack chain targeting Anthropic’s Claude Code ecosystem, where adversaries hijack Model Context Protocol (MCP) traffic to steal OAuth authentication tokens and persist access to enterprise SaaS platforms. The technique, detailed by Mitiga,…
Microsoft Warns Claude Code GitHub Action May Expose CI/CD Secrets
Anthropic’s Claude Code GitHub Action could unintentionally expose CI/CD workflow secrets when AI agents process untrusted GitHub content. The risk arises because certain tools the agent uses to read files were not sandboxed like subprocess execution paths such as Bash.…
EDRChoker Tool Abuses Windows QoS Policies to Disrupt Endpoint Security Tools
A newly disclosed red-team tool dubbed “EDRChoker” is drawing attention across the cybersecurity community for its novel approach to disrupting Endpoint Detection and Response (EDR) visibility by abusing Windows Policy-based Quality of Service (quality of service). Unlike traditional EDR evasion…
When attacks spread too far: Lessons from real cyber attack case studies
In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during detection. Adjei walks through a collaboration tool scam that copied Microsoft Teams, an identity phishing case…
DockSec: Open-source AI-powered Docker security scanner
DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates…
Hackers Exploit 2026 FIFA World Cup With Phishing and Ticket Scams
Cybercriminals are already turning the 2026 FIFA World Cup into a fraud opportunity, using phishing pages, fake online stores, and ticket scams to steal money and personal data. The risk is rising because the tournament will attract huge global demand,…