A critical logic flaw in Instagram’s web-based account recovery workflow exposed unredacted user contact information, including full email addresses and phone numbers, before Meta rapidly patched it on June 6, 2026. The vulnerability, which affected the platform’s password reset interface,…
Tag: EN
Critical Redis Vulnerability Could Let Attackers Execute Code and Hijack Servers
A critical vulnerability in Redis, tracked as CVE-2026-23631 and dubbed “DarkReplica,” exposes authenticated deployments to remote code execution (RCE) through a complex use-after-free (UAF) condition in the replication subsystem. Discovered by security researcher Yoni Sherez during the ZeroDay. In the…
Cybercriminals Exploit 2026 FIFA World Cup With Phishing, Fake Stores, and Ticket Scams
The 2026 FIFA World Cup is not just a celebration of football. For cybercriminals, it is a business opportunity, and they have already gotten to work. Threat actors have been building fake FIFA stores, spinning up phishing pages, and launching…
OpenAI is locking down parts of ChatGPT to reduce data theft risks
OpenAI has started rolling out Lockdown Mode for ChatGPT, an optional security setting that restricts access to external resources and several product capabilities. It is available for personal accounts, including Free, Go, Plus, and Pro plans, as well as self-serve…
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google…
Meta AI Bug Exposes Over 20,000 Instagram Accounts
Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta AI Bug Exposes Over 20,000 Instagram…
Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities
The Department of Science, Innovation and Technology details how a combination of hands-on human advice and technology systems keeps government agencies safe This article has been indexed from www.infosecurity-magazine.com Read the original article: Infosecurity Europe: How DSIT Protects Thousands of…
Six social media features UK police want banned for under-16s
The UK is moving closer to major changes in how children use social media. Ministers are reportedly considering an outright ban on social media for… The post Six social media features UK police want banned for under-16s appeared first on…
Unitree Humanoid Robots Perform On US Television
Team of eight humanoid robots performs with human dancer from Sichuan on America’s Got Talent, even as lawmakers seek ban This article has been indexed from Silicon UK Read the original article: Unitree Humanoid Robots Perform On US Television
Tencent To Open WeChat To Outside AI Agents
Tencent reportedly working with major Chinese phone makers to allow their AI voice agents access to some WeChat functions, in significant shift This article has been indexed from Silicon UK Read the original article: Tencent To Open WeChat To Outside…
Massive Utah Data Centre Halved After Outcry
Developers agree to reduce size of planned 40,000-acre data centre, in latest sign of growing public resistance This article has been indexed from Silicon UK Read the original article: Massive Utah Data Centre Halved After Outcry
SolarWinds Serv-U Vulnerability Exploited in the Wild
Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service. The post SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
IoT Botnet C0XMO Adds Competitor-Killing Capability
C0XMO is a new Gafgyt botnet variant exploiting old router flaws, spreading across IoT devices, killing rivals, and enabling large-scale DDoS attacks. In March 2026, FortiGuard Labs discovered a new variant of the Gafgyt botnet, dubbed C0XMO, which is noticeably…
A week in security (June 1 – June 7)
A list of topics we covered in the week of June 1 to June 7 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (June 1 – June 7)
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats. “When automatic…
CISA Palantir Director, EU tech sovereignty, SolarWinds Serv-U flaw
Palantir executive considered for CISA leadership EU unveils tech sovereignty package to cut reliance on U.S., Chinese suppliers Hackers now exploit SolarWinds Serv-U flaw to crash servers Get the show notes here: https://cisoseries.com/cybersecurity-news-cisa-palantir-director-eu-tech-sovereignty-solarwinds-serv-u-flaw/ Thanks to our episode sponsor, Doppel Social…
Critical UniFi OS RCE Chain Grants Root Access Without Credentials
Security Advisory Bulletin 064 describing a critical chain of vulnerabilities in UniFi OS Server that allows unauthenticated remote code execution and full root takeover. The issue combines an authentication-gateway bypass, a path-traversal mismatch, and a command-injection sink in the package-update…
Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse
The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool. The post Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse appeared first on SecurityWeek. This article has been…
All the Ways Europe Is Ditching American Technology
A WIRED timeline shows how dozens of governments, companies, and other organizations across Europe are moving, or planning to shift, away from US Big Tech. This article has been indexed from Security Latest Read the original article: All the Ways…
Microsoft Warns Claude Code GitHub Action Could Leak CI/CD Workflow Secrets
AI-powered coding tools are rapidly changing how developers build and ship software. But as these tools enter everyday development pipelines, they are also opening new doors for attackers. A recently uncovered vulnerability in a widely used AI coding assistant shows…