Cybersecurity

e2e-assure introduces Cumulo, the U.K.’s only sovereign, AI-driven, zero-day SOC platform to secure IT and OT environments

*Built around digital twin technology and customer-dedicated AI models, Cumulo answers the recent announcement by GCHQ for AI Cyber Shield, enabling early identification of threats and vulnerabilities...

Rob Demain·~6 min

SAP and Google Cloud deploy agentic commerce architecture

[SAP]($1) and [Google Cloud]($1) are deploying agentic commerce architecture to automate multi-agent marketing and retail operations at enterprise scale. SAP research indicates 78 percent of business...

Ryan Daws·~5 min

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

- **Swati Khandelwal**Jun 17, 2026Malware / Cyber Attack [*]($1) A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credenti...

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

- **Ravie Lakshmanan**Jun 17, 2026Endpoint Security / Vulnerability [*]($1) Microsoft has formally disclosed that it's working to release a patch to address a Defender zero-day codenamed [RoguePla...

The Hacker News·~2 min

Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments

- **Ravie Lakshmanan**Jun 17, 2026Malware / Social Engineering [*]($1) An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for t...

DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic

- **Ravie Lakshmanan**Jun 18, 2026Remote Access Trojan / Ransomware [*]($1) Threat actors associated with the [DragonForce]($1) ransomware have been observed using a custom Go-based remote access ...

The Hacker News·~4 min

The Scripts on Your Checkout Page Are Now a PCI DSS Problem

- **The Hacker News**Jun 18, 2026Payment Security / Compliance [*]($1) An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: **[See the full QSA assessme...

INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023

- **Ravie Lakshmanan**Jun 18, 2026Vulnerability / Enterprise Security [*]($1) Cybersecurity researchers have charted the evolution of [INC]($1) from an nascent ransomware-as-a-service (RaaS) opera...

Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2

- **Ravie Lakshmanan**Jun 18, 2026Malware / Cryptocurrency [*]($1) Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign codenamed **CryptoBandits** that has targeted...

aiartificial intelligence

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

- **Ravie Lakshmanan**Jun 18, 2026Hacking News / Cybersecurity News [*]($1) The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through s...

The Hacker News·~20 min

Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

- **The Hacker News**Jun 18, 2026AI Security / Data Security [*]($1) If an autonomous AI agent interacts with your company's core intellectual property today, can your security team instantly name...

aiartificial intelligence

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

- **Ravie Lakshmanan**Jun 18, 2026Vulnerability / Cloud Security [*]($1) F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to ach...

googlesecurity

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

- **Ravie Lakshmanan**Jun 19, 2026Mobile Security / Vulnerability [*]($1) Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited b...

The Hacker News·~4 min

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

- **Ravie Lakshmanan**Jun 19, 2026Data Breach / Cloud Security [*]($1) Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security i...

The Hacker News·~7 min

Forget Data Leakage: Shadow AI's Real Threat Is Access Control

- **The Hacker News**Jun 19, 2026Agentic AI / SaaS Security [*]($1) The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools...

The Hacker News·~6 min

aiartificial intelligence

From Assistive to Agentic: The AI Shift That's Redefining Threat Management

- **The Hacker News**Jun 19, 2026Enterprise Security / Agentic AI [*]($1) ## **Introduction** The average enterprise security team has 40 or more security tools, giving a lot of visibility into i...

The Hacker News·~6 min

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

- **Ravie Lakshmanan**Jun 19, 2026Threat Intelligence / Firewall Security [*]($1) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday [urged]($1) Fortinet customers with F...

The Hacker News·~4 min

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

- **Ravie Lakshmanan**Jun 19, 2026Malware / Threat Intelligence [*]($1) Dutch law enforcement authorities, along with counterparts from [ Canada ]($1) , Germany, and the U.S., have disrupted malic...

The Hacker News·~6 min

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

- **Swati Khandelwal**Jun 19, 2026Vulnerability / Software Supply Chain [*]($1) Microsoft researchers have detailed an exploit chain, named [AutoJack]($1), that turns an AI browsing agent into a d...

aigpt

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

- **Ravie Lakshmanan**Jun 19, 2026Ransomware / Endpoint Security [*]($1) The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection...

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

- **Swati Khandelwal**Jun 19, 2026Hardware Security / Vulnerability [*]($1) Security researchers at Paradigm Shift have published a working exploit, dubbed **usbliter8**, that achieves arbitrary c...

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

- **Ravie Lakshmanan**Jun 20, 2026Vulnerability / Web Security [*]($1) Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on ...

Advertisement Advertisement For the p·~15 min

For the past four years, a sprawling Android-based botnet called **Popa** has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass da...

Bye bye Fable

Hey folks, Fable went from “new best model” to “not available” in about 3 days. Anthropic launched [Claude Fable 5]($1) on June 9. Fable was the Mythos-class model for general use but with guardrail...

Ben Tossell·~6 min

aigpt

Casey Crownhartarchive page·~21 min

Hacking the atmosphere: Geoengineering gets a reality check

Jim Franke pulls away the cover page of a presentation on the wraparound desk in his office, revealing an illustration of an odd-looking aircraft with massive wings stretching out from a stubby fusel...

Thomas Macaulayarchive page·~5 min

The Download: a new hunt for dark matter and Kenya’s case for going solar

*This is today's edition of *[*The Download*]($1),* our weekday newsletter that provides a daily dose of what's going on in the world of technology.* For decades, physicists have hunted for weakly int...

aimeta

Elizabeth Beararchive page·~15 min

The inevitable weakness of metrics

There are plenty of useful things a metric can reveal. There are even more it can obscure or corrupt. It took me well over a decade of tracking my own life in ever greater detail to fully appreciate t...

aimeta

Thomas Macaulayarchive page·~5 min

The Download: AI bottleneck debates, and BCI trials take off

*This is today's edition of *[*The Download*]($1),* our weekday newsletter that provides a daily dose of what's going on in the world of technology.* AI startup Subquadratic came out of stealth last m...