Facebook parent Meta says NSO Group violates court order barring it from targeting WhatsApp users with commercial Pegasus spyware This article has been indexed from Silicon UK Read the original article: Meta Says NSO Still Targeting WhatsApp Users
Tag: EN
Windows Defender Zero-Day “RoguePlanet” Lets Attackers Gain SYSTEM Privileges
A newly disclosed zero-day vulnerability dubbed “RoguePlanet” is affecting Microsoft Defender, allowing attackers to escalate privileges and obtain full SYSTEM-level access on vulnerable Windows machines. A security researcher recently published the issue under the alias “MSNightmare,” who released a proof-of-concept…
Windows BitLocker 0-Day Flaw Enables Security Feature Bypass Attacks
Microsoft has disclosed a newly identified zero-day vulnerability in Windows BitLocker that could allow attackers to bypass one of the operating system’s core disk encryption protections. The flaw, tracked as CVE-2026-50507, has been classified as an “Important” severity issue and…
ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact
In addition, Rockwell Automation announced some enhancements to its SecureOT cybersecurity solution for OT. The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Microsoft Fixes 200 CVEs in June Patch Tuesday
Microsoft has patched 200 vulnerabilities including three zero-days This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes 200 CVEs in June Patch Tuesday
OpenClaw AI Agent Leaks Credentials in Phishing Simulation
Autonomous email agents can become high‑impact phishing victims, leaking cloud credentials and sensitive business data even when wrapped in explicit safety instructions. In a controlled lab deployment on the OpenClaw agent platform, an AI agent dubbed “Pinchy” failed multiple classic…
ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances
ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. “On June 5, 2026, ServiceNow applied a security update to hosted customer instances,” the company revealed in…
Fable 5, Tchap hacked, CISA priorities
Anthropic releases Claude Fable 5 French government messaging service breached CISA rethinking risk evaluations Get the show notes here: https://cisoseries.com/cybersecurity-news-claude-fable-5-tchap-hacked-cisa-priorities/ Thanks to our episode sponsor, Doppel Social engineering attacks look trustworthy — a routine request, an internal email, a familiar…
Windows BitLocker 0-Day Vulnerability Allows Attackers to Bypass Security Feature
Microsoft disclosed a new Windows BitLocker Security Feature Bypass vulnerability, tracked as CVE-2026-50507, on June 9, 2026, as part of its June Patch Tuesday security release. The flaw, rooted in a protection mechanism failure, allows an unauthorized attacker with physical access…
No Patch Planned for Exploited Arista EOS Vulnerability
Organizations are advised to apply vendor-supplied mitigations or discontinue the vulnerable devices. The post No Patch Planned for Exploited Arista EOS Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: No Patch Planned…
Microsoft Patch Tuesday June 2026 Fixes 198 Vulnerabilities, Including 3 Zero-Days
Microsoft’s June 2026 Patch Tuesday fixes 198 vulnerabilities across Windows, Office, Azure and other Microsoft products, including three zero‑day flaws that were exploited or publicly disclosed before patches were available. Security teams should fast‑track deployment of BitLocker and HTTP.sys, Remote…
The security in smartphones is helping send them to landfills
Billions of working smartphones reach the end of their service lives each year and move into drawers, recycling streams, and waste piles. The WEEE Forum estimated that 5.3 billion mobile phones became electronic waste in 2022. Many of these devices…
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet. “The exploit is a race condition, so it’s a hit or miss,” the researcher,…
Hackers Use ClickFix Chain to Deploy MLTBackdoor Malware
A sophisticated new backdoor family, tracked as MLTBackdoor, that operators are deploying through a multi-stage ClickFix infection chain to establish footholds for ransomware and follow-on activity. The campaign begins with an automotive-themed ClickFix lure: when a victim copies, pastes, and…
Anthropic Released Claude Fable 5, the First Model in Mythos Class
Anthropic has released Claude Fable 5, the first publicly available model in its new Mythos capability tier, a class powerful enough that the company says it ships with cybersecurity safeguards baked in from day one. Fable 5 sits above the…
NOVA microhypervisor brings AMD DMA isolation to shared AI infrastructure
BlueRock has issued the latest open-source release of its NOVA Microhypervisor with DMA remapping support for AMD platforms that have IOMMU hardware virtualization. The capability is enabled by default and extends hardware-level isolation across virtual machines, devices, and memory in…
Fortinet FortiSandbox Vulnerability Lets Attackers Execute Unauthorized Commands
Fortinet has disclosed a critical vulnerability in its FortiSandbox product that could allow attackers to execute unauthorized commands without authentication, raising significant concerns for enterprises that rely on sandboxing for malware analysis. Tracked as CVE-2026-25089, the flaw is classified as…
Hackers Use TikTok and Instagram Reels to Push Fake Software Malware
An emerging phishing vector that weaponizes short-form social videos on TikTok and Instagram Reels to distribute malware and funnel victims to malicious download sites. Attackers publish polished “how-to” tutorials and casual user-style clips promising free premium software Spotify Premium, CapCut…
Critical Veeam Flaw Could Let Attackers Execute Code on Backup Servers
A critical remote code execution vulnerability in Veeam Backup & Replication could allow attackers to compromise backup infrastructure, posing significant risks to enterprise environments that depend on the platform for data protection and recovery. Veeam has disclosed the vulnerability as…
Product showcase: Staying ahead of the threat horizon with Aunoo
Aunoo is an open strategic intelligence platform that uses AI agents to monitor intelligence sources, including for cybersecurity, to compile a daily briefing and alert on defined criteria. Each source is checked for credibility and quality before it is included.…