WhatsApp has introduced a new proactive security feature that warns users before they start conversations with unknown phone numbers. This update, currently being rolled out to both Android and iOS users, adds a trust verification layer at the very beginning…
KuinaExtractor Stealer Targets Browser Data, Crypto Wallets, Roblox, Steam, and Discord
A previously undocumented Rust-based infostealer they call KuinaExtractor, a family that has evolved from a capable early prototype into a hardened, stealth-focused threat now rebranded as “k0to.” Analysis of dozens of samples and function-level code comparisons reveals a clear single-operator…
New Enterprise-Ready MCP Specification Brings New Security Challenges
A major overhaul of the Model Context Protocol shifts critical security responsibilities from the protocol itself to developers and platform operators. The post New Enterprise-Ready MCP Specification Brings New Security Challenges appeared first on SecurityWeek. This article has been indexed…
ZeroTier Quantum RC2 brings post-quantum security closer to general availability
ZeroTier has announced the release candidate 2 (RC2) for ZeroTier Quantum, its end-to-end quantum-secure networking platform. This milestone marks the final testing phase, positioning the platform one step away from general availability (GA). ZeroTier Quantum addresses the looming threat quantum…
CMC Releases Analysis and Guidance for Education Sector After Canvas Data Breach
The UK Cyber Monitoring Centre reviews the Canvas breach affecting 160 UK universities, highlighting data theft risks and financial impacts of cyber incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: CMC Releases Analysis and Guidance for…
ISA VDA 6.0.3 (part 3) — Information Security Sheet: Human Resources, Physical Security, Identity and Access Management
This is the part 3 of the series about the TISAX label: TISAX getting started: A Deep Dive into the ISA Assessment Workbook (part 1). ISA VDA 6.0.3 (part 3) — Information Security Sheet: Human Resources, Physical Security, Identity…
How AI-powered cyberthreats are changing home security
Artificial intelligence is changing cybercrime fast, and the impact is no longer limited to large companies or banks. As attackers use AI to uncover weaknesses,… The post How AI-powered cyberthreats are changing home security appeared first on Panda Security Mediacenter.…
ThreatModeler introduces Nexus to automate threat modeling with AI governance
ThreatModeler has announced the general availability of ThreatModeler Nexus, an agentic threat modeling platform that brings governed, architecture-aware security to the way modern software is actually built. As AI writes a growing share of production code, the question is no…
ShinyHunters hits MSG, Cal Water confirms no damage, CISA SASE guide
ShinyHunters hits Madison Square Garden Cal Water finds no evidence of OT activity New CISA guide helps agencies adopt SASE for Zero Trust Get the show notes here: https://cisoseries.com/cybersecurity-news-shinyhunters-hits-msg-cal-water-confirms-no-damage-cisa-sase-guide/ Huge thanks to our episode sponsor, Guardsquare Attackers are treating your…
IBM Unveils 3D-Stacked .7nm Chip Design
IBM says ‘nanostack’ approach could fit nearly 100 billion transistors into fingernail-sized area, amid soaring demand for processing power This article has been indexed from Silicon UK Read the original article: IBM Unveils 3D-Stacked .7nm Chip Design
Zhipu’s GLM-5.2 Now World’s Third Most Widely Used AI Model
Chinese start-up’s latest tech soars in worldwide usage after jump in benchmark scores, suspension of latest Anthropic models This article has been indexed from Silicon UK Read the original article: Zhipu’s GLM-5.2 Now World’s Third Most Widely Used AI Model
ChatGPT 5.6 Release Reportedly Delayed Following Trump Administration Security Request
OpenAI has reportedly delayed the full public release of its next-generation AI model, GPT-5.6, following a formal request from the Trump administration to limit early access to a select group of government-approved entities. This raises new concerns about the intersection…
Chinese-Speaking Hackers Deploy TinyRCT Backdoor Against Critical Energy Infrastructure
A Chinese-speaking threat cluster tracked as CL-STA-1062 has deployed a newly discovered .NET backdoor, TinyRCT, in targeted campaigns against government and critical energy infrastructure across Southeast Asia during 2025. The recent campaign combines common open-source tooling with bespoke malware. Operators…
Microsoft gives Windows 10 users an unexpected extra year of free security updates
Microsoft has given Windows 10 users another year of free security updates, extending its consumer Extended Security Updates (ESU) program until October 12, 2027. “Windows 10 support has ended. You can enroll in ESU any time until the program ends…
IT Security News Hourly Summary 2026-06-26 09h : 9 posts
9 posts were published in the last hour 6:35 : CISA Adds Actively Exploited Cisco Unified CM Flaws to KEV Catalog 6:34 : Windows Secure Boot Certificate Expiry Exposes Billions of PCs to Bootkit and Firmware Security Risks 6:34 :…
CISA Adds Actively Exploited Cisco Unified CM Flaws to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Cisco Unified Communications Manager (Unified CM) to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation risks in enterprise communication environments. The newly listed flaw, tracked…
Windows Secure Boot Certificate Expiry Exposes Billions of PCs to Bootkit and Firmware Security Risks
Microsoft’s long-planned Secure Boot certificate rollover has reached a critical milestone, impacting more than just routine updates. The Microsoft Corporation KEK CA 2011 expired on June 24, 2026, the Microsoft UEFI CA 2011 expires on June 27, 2026, and the…
Security boss thought MFA would be too much security
One rule for the workers, another for execs This article has been indexed from www.theregister.com – Articles Read the original article: Security boss thought MFA would be too much security
A privacy-first take on local malware analysis
Submitting a suspicious file to VirusTotal or MalwareBazaar places a copy of that file on a platform other people can search. Analysts across the industry rely on these services to get a quick verdict on whether a binary is dangerous.…
Bitcoin Sinks Below $60,000 Amid AI Focus
Bitcoin trades at lowest value since early 2024, as investors bet on high-profile IPOs, AI-related stocks This article has been indexed from Silicon UK Read the original article: Bitcoin Sinks Below $60,000 Amid AI Focus
Hackers Use Malicious Minecraft Fabric Mods to Deploy LoaderClient and WeedHack Stealer
Hackers are weaponizing malicious Minecraft Fabric mods to deliver LoaderClient. This stage-one malware loader steals session data and hands it off to the WeedHack stealer through a fileless, blockchain-backed execution chain. The campaign stands out for its use of EtherHiding,…
Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets
A fresh supply-chain wave tied to the Mini Shai-Hulud, Miasma, and Hades malware families is actively poisoning npm packages in the LeoPlatform and RStreams ecosystems and expanding into source-repository compromises. The intrusion blends registry poisoning, install-time execution via binding.gyp, Bun-staged…
Microsoft Extends Windows 10 Security Updates for Users Up to October 2027
Microsoft has quietly expanded its Windows 10 Extended Security Updates (ESU) program, allowing consumers to receive critical security patches through October 12, 2027, an additional year beyond the program’s originally planned expiration date of October 12, 2026. Windows 10 officially…
Two CEOs on why security and AI readiness belong together
SuperOps and Guardz are bundling PSA, RMM, MDM, and agentic SecOps into one offering for MSPs. In this Help Net Security Q&A, SuperOps CEO Arvind Parthiban and Guardz CEO Dor Eisner explain how a connected stack cuts the time and…