Page 1 of 10 · 336 stories from the last 30 days across 20 trusted sources.
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
1storyEPSS 81%CISA Adds Two Known Exploited Vulnerabilities to Catalog
1storyEPSS 54%CISA Adds Two Known Exploited Vulnerabilities to Catalog
1storyEPSS 41%AICritical unauthenticated RCE in Splunk Enterprise (CVE-2026-20253) exploited in wild; CISA added to KEV, federal agencies must patch by June 21.
5storiesEPSS 10%AIPalo Alto Networks warns of active exploitation of CVE-2026-0257, a PAN-OS GlobalProtect VPN flaw. Unknown threat actors are using it to gain unauthorized access to portals.
2storiesEPSS 19%ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
1storyEPSS 8%The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ESET published a detailed breakdown of The Gentlemen‘s technical infrastructure on June 18, the result of months of inci...
A new ransomware operation named 'Prinz Eugen' prioritizes recently modified files for encryption and leaves no ransom note on the system. [...]
Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. [...]
AIHackers exploit unauthenticated info disclosure bug (CVE-2026-4020) in Gravity SMTP WordPress plugin on 100k sites, exposing API keys.
Open narrative →French President Emmanuel Macron urged the world’s wealthy democracies to work together on regulating advanced AI systems. The post French President Urges US to Share Cutting-Edge AI and Democracies to Cooperate on Regulation appeared first on SecurityWeek.
FortiBleed exposed a massive campaign that made billions of login attempts against Fortinet VPNs, compromising organizations worldwide. FortiBleed wasn’t a targeted hack. It was a factory. A multi-operator crew ran an industrial-scale attack against Fortinet FortiGate SSL VPN ...
AICISA urged Fortinet customers to secure devices after the "FortiBleed" data leak exposed credentials from tens of thousands of firewalls and VPN gateways.
Open narrative →We provide guidance for preparing for and mitigating large-scale credential attacks, focusing on recent campaigns targeting security vendors' devices. The post Threat Brief: Mitigating Large-Scale Credential Attacks appeared first on Unit 42.
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to customers' Salesforce environments, as the new "Icarus" extortion group publicly claims the attack. [...]
Dolphins, sharks, turtles, and human workers are all victims of unregulated squid fishing fleets. Another news article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected d...
AIGentlemen RaaS uses GentleKiller EDR framework targeting over 400 security processes to disable defenses before deploying ransomware.
Open narrative →The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three million individuals. [...]
Apple has long marketed itself as the privacy-first tech giant. So why is it making a change to Hide My Email that will make it easier for websites to block anonymous sign-ups - and harder for you to stay private online? Read more in my article on the Hot for Security blog.
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an attacker's web page, and that page's JavaScript can reach a privileged local service on the same ...
Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched GCP Config Connector flaw enables takeover. The post In Other News: Apple Patches Beats Eavesdropping Flaw, DOT...
AICritical unauthenticated RCE in Splunk Enterprise (CVE-2026-20253) exploited in wild; CISA added to KEV, federal agencies must patch by June 21.
Open narrative →AIOperation Endgame disrupted SocGholish botnet infrastructure linked to Russia's Evil Corp, taking down 106 servers and cleaning nearly 15,000 infected WordPress sites.
Open narrative →Someone is pretending to be your bank, your government, or your local planning office. And according to the FTC, they're making billions doing it. Read more in my article on the Fortra blog.
AI agents can access data, trigger workflows, deploy code, and interact with critical business systems, often with little oversight. Token Security breaks down why AI agents are becoming a new identity and governance challenge. [...]