-
SAP fixes critical flaws in NetWeaver and Commerce Cloud
SAP has released fixes for 15 vulnerabilities as part of its June 2026 Security Patch package, including four critical-severity flaws affecting SAP NetWeaver and SAP Commerce Cl...
-
Microsoft releases Windows 10 KB5094127 extended security update
Microsoft has released the Windows 10 KB5094127 extended security update, which fixes the June 2026 Patch Tuesday vulnerabilities and adds new functionality to monitor the rollo...
-
Microsoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flaws
Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day vulnerabilities and one actively exploited in attac...
-
Microsoft June 2026 Patch Tuesday fixes 5 zero-days, 200 flaws
Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including four publicly disclosed zero-day vulnerabilities and one actively exploited in attac...
-
Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws and five publicly disclosed zero-day vulnerabilities. [...]
-
Windows 11 KB5094126 & KB5093998 cumulative updates released
Microsoft has released Windows 11 KB5094126 and KB5093998 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
-
Meta to Use Off-Site Business Data for Feed and AI Personalization
Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence (AI) chatbot, expandi...
-
Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963, the vu...
-
Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues
Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its open-source projects being com...
-
XBOW tests Anthropic's Mythos Preview for offensive security
Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code. XBOW explores how the model performed across exploit ...
-
GitHub disables Microsoft repos pushing password-stealing malware
Microsoft removed 73 repositories across its Azure, microsoft, Azure-Samples, and MicrosoftDocs organizations on GitHub, disrupting continuous integration pipelines. [...]
-
FCC Wants to Kill Burner Phones By Forcing Telecoms to Get All Customers’ IDs
The FCC wants to legally force telecoms to collect new and renewing customers’ government issued identity number and physical address, impacting everyone from the privacy-consci...
-
Judge Learns Lawyers on Both Sides of Case Used AI, Cancels Trial, Kicks Everyone Off the Case
When two AIs argue against each other, the legal system loses.
-
New Veeam vulnerability exposes backup servers to RCE attacks
Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on domain-joined backup serv...
-
Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257. The post Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 appeared first on Unit 42.
-
Meta’s face-recognition code raises new concerns about smart glasses
As smart glasses become more capable, concerns about face recognition, covert recording, and biometric surveillance are growing.
-
'Sloppenheimer:' Amazon Employees Mock the Company’s AI on Slack
Amazon employees have a Slack channel for memes where the mock and commiserate about the company’s faulty AI coding product.
-
Rapid7 Gains Access To Anthropic’s Project Glasswing To Explore Frontier AI For Cybersecurity
Wade Woolwine is Senior Director, Product Security at Rapid7.Rapid7 is excited to join Anthropic’s Project Glasswing, which includes access to Claude Mythos Preview, giving our ...
-
Scammers love Meta, according to Lloyds Bank
Facebook, Instagram, and WhatsApp account for more than two thirds of fraud reports made by Lloyds customers.
-
Intellyx Names NETSCOUT to Prestigious 2026 Digital Innovator Award List
Earning industrywide recognition two years in a row is very rewarding. Achieving that same honor six consecutive times makes a statement. Being selected by Intellyx for its 2026...
-
WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerabilit...
-
Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way ...
-
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked a...
-
The Hidden Security Risk in Modern Networks: The Work Between Tools
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with r...
-
Update Chrome: Google patches actively exploited vulnerability and 73 others
Google's latest Chrome update fixes 74 security vulnerabilities, including one under active attack.
-
Protecting 50,000 Users: How ANY.RUN Drives Incident Prevention at UMass Boston
Securing a university means defending a highly open environment, where thousands of users, devices, and external connections create constant exposure to risk. We had a unique op...
-
New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no nativ...
-
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (P...
-
Gartner Security Summit 2026: Huntress 5 Key Takeaways
Resilience, identity, and practical AI led the conversation at Gartner Security & Risk Management Summit 2026. Here are five key takeaways security leaders should act on.
-
When “Hi, This Is IT” Comes Through Microsoft Teams
Attackers are increasingly targeting collaboration platforms like Microsoft Teams. Learn the risks and key steps to strengthen your organization's security. The post When “Hi, T...
-
This Company Will Add Phone, AirPod, and Smartwatch Trackers to License Plate Readers
SignalTrace “links devices that regularly travel together, correlating them to license plate.” It is a surveillance product that will sweep up and add all sorts of Bluetooth and...
-
Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)
OverviewOn June 8, 2026, Check Point published a security advisory for CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN, Mo...
-
Microsoft Hacked to Deliver Malware to Claude and Gemini Users
Microsoft took the highly unusual step of shutting down more than 70 of its own GitHub repositories after hackers pushed malware that would steal credentials from AI coding agent users.
-
Americans lost nearly $900 million to AI-powered scams, FBI says
Deepfakes, voice cloning, and other AI-powered scams cost Americans nearly $900 million in 2025, says the 2025 FBI Internet Crime Report.
-
It’s So Not Over for Hollywood (with Devindra Hardawar)
Emanuel talks to Devindra Hardawar about AI in Hollywood and the state of the movie industry.
-
A Farmer Donated Land to Turn into a Park. The City Is Building a Massive Data Center Instead
In 1999, a farmer gave away 87 acres of land to a small Texas city to use as a park. The city sold to a data center developer for $10 million.
-
Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification
COPENHAGEN, Denmark, June 8, 2026 – Heimdal has achieved ISAE 3000 SOC 2 Type II certification for the sixth consecutive year, reflecting the company’s continued focus on operat...
-
Pirated PC games are delivering password-stealing malware
Cybercriminals are hiding malware in cracked and repacked games, infecting more than 400,000 devices worldwide.
-
A week in security (June 1 – June 7)
A list of topics we covered in the week of June 1 to June 7 of 2026
-
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
TrendAI™ integrates Anthropic's Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: on...
-
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, showing how unmanage...
-
Baker Distributing - 102,935 breached accounts
In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site. In early June, the group public...
-
Scientists Discover Hidden Symmetry on Earth That Nobody Can Explain
The north-south albedo symmetry may be fading as both hemispheres get darker.
