A notable operational pivot by the GRU-linked intrusion set APT28 (aka Fancy Bear, Sofacy, Forest Blizzard, Pawn Storm) that combines the MooBot botnet and compromised EdgeRouters to enable resilient cyber operations. This shift amplifies APT28’s long-standing focus on NATO, Ukrainian…
It’s time to update incident response for the AI era
<p>In the age of AI, incident response is becoming a wholly different activity for security teams. Just a few years ago, a cybersecurity incident was almost always an attack or insider threat with a human behind it. At the Gartner…
Google sues China-based scammers over Gemini AI abuse
Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam infrastructure. The company said the operation has affected “hundreds of thousands of victims,” with losses estimated…
GitHub to Update npm to Thwart Software Supply Chain Attacks
NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts This article has been indexed from www.infosecurity-magazine.com Read the original article: GitHub to Update npm to Thwart Software Supply…
IT Security News Hourly Summary 2026-06-12 15h : 11 posts
11 posts were published in the last hour 12:32 : ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th) 12:32 : Google fires sueball at alleged Chinese phishers over AI-powered fraud ops 12:32 : Industry Reactions to Claude…
ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, June 12th, 2026…
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Telegram-based ‘Outsider Enterprise’ accused of sending millions of scam texts and impersonating trusted brands This article has been indexed from www.theregister.com – Articles Read the original article: Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Industry Reactions to Claude Fable 5: Feedback Friday
Industry professionals comment on various aspects of Fable 5, including dual-use capabilities, safeguards, and tiered access. The post Industry Reactions to Claude Fable 5: Feedback Friday appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attacks were limited, but…
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Security, the attack can be triggered by means…
Fake FACEIT pages steal Steam accounts
A sophisticated phishing campaign is targeting competitive gamers through fake FACEIT verification pages designed to steal Steam accounts containing valuable games, in-game items, and payment information. This article has been indexed from CyberMaterial Read the original article: Fake FACEIT pages…
Novo Nordisk discloses clinical trials data breach
Novo Nordisk, the Danish pharmaceutical giant and leading global insulin manufacturer, has disclosed a data breach affecting patient information from clinical trials. This article has been indexed from CyberMaterial Read the original article: Novo Nordisk discloses clinical trials data breach
Rubrik Acquires Strata to Advance Identity Resilience
Cybersecurity firm Rubrik has acquired Strata.io, an identity orchestration company, and introduced two new identity resilience capabilities designed to help organizations maintain operations during identity provider compromises. This article has been indexed from CyberMaterial Read the original article: Rubrik Acquires…
Feds Seize AudiA6 Crypto Laundering Service
Federal authorities have dismantled AudiA6, a major cryptocurrency laundering operation that processed approximately 10,333 Bitcoin (valued at roughly $389 million) since launching in 2021. This article has been indexed from CyberMaterial Read the original article: Feds Seize AudiA6 Crypto Laundering…
NIST and ISO frameworks for AI agent governance
AI agents are moving beyond pilot projects into production environments where they autonomously access sensitive documents, invoke internal APIs, trigger workflows, and make decisions traditionally requiring human judgment. This article has been indexed from CyberMaterial Read the original article: NIST…
US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
The spy law known as Section 702, which authorizes the NSA and FBI’s warrantless surveillance, will all but certainly expire on Friday for the first time. This article has been indexed from Security News | TechCrunch Read the original article:…
Hackers Abuse NinjaOne RMM Agent to Gain Remote Access to Brazilian Organizations
An active phishing campaign that weaponizes a legitimate NinjaOne Remote Monitoring and Management (RMM) agent to gain persistent remote access to Brazilian organizations. Rather than relying on bespoke malware, the operators exploit familiar business workflows and Portuguese-language social engineering to…
Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle…
Bernie Sanders’ AI Sovereign Wealth Fund Plan
Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful of billionaires who have promoted and developed AI,…
Iranian Cyber Group Handala Claims Cal Water Hack
The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform. The post Iranian Cyber Group Handala Claims Cal Water Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Rethinking MDR as Attackers and Defenders Embrace AI
For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn’t staff around the clock, couldn’t hire enough analysts, and needed someone else to handle the alert queue. MDR stepped in.…
Attackers Can Exploit Microsoft Outlook and Word Flaws to Run Malicious Code
Microsoft has disclosed a set of critical remote code execution (RCE) vulnerabilities affecting Outlook and Word that could allow attackers to execute arbitrary code on targeted systems. The flaws, tracked as CVE-2026-45456, CVE-2026-45458, and CVE-2026-47635, were released on June 9,…
Hackers Use Typosquatted npm Packages to Target Web3 Projects and Crypto Wallet Operators
Hackers have been using typosquatting npm packages to weaponize the trust Web3 teams place in open-source dependencies, turning routine installs into a path for wallet theft, secret harvesting, and staged malware delivery. The campaign is especially dangerous because it blends…
Solana FakeFix Campaign Uses 25 Malicious npm and PyPI Packages to Steal Developer Secrets
A newly discovered supply chain campaign is putting Solana developers at serious risk, with attackers hiding malicious code inside fake developer packages on npm and PyPI. The operation, tracked as “Solana FakeFix,” deployed 25 malicious packages designed to steal wallet…