Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, that could allow attackers to stealthily read artificial intelligence (AI) conversions from other customers’ applications without requiring authentication. The…
INTERPOL, Europol renew agreement to combat hackers and other criminals
Experts say international partnerships are key to taking down sprawling cybercriminal operations. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: INTERPOL, Europol renew agreement to combat hackers and other criminals
Attacker enables RDP, creates admin, erases evidence in ten seconds
At 06:34am on 2 June 2026, an attacker logged on to a customer’s network. In a single automated burst, they switched on remote desktop and created a rogue administrator account. And deleted the evidence behind them. The intrusion reached 34…
One intrusion, two cyberattackers: Uncovering parallel threat activity
Ransomware case reveals two parallel threat actors, blending tactics and evasion—showing why isolated signals can often miss modern, overlapping cyberattacks. The post One intrusion, two cyberattackers: Uncovering parallel threat activity appeared first on Microsoft Security Blog. This article has been…
Interpol, Europol renew agreement to combat hackers and other criminals
Experts say international partnerships are key to taking down sprawling cybercriminal operations. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Interpol, Europol renew agreement to combat hackers and other criminals
IT Security News Hourly Summary 2026-06-22 18h : 6 posts
6 posts were published in the last hour 16:4 : Microsoft’s New Option Allows Organizations to Block Copilot Access to Office Files 16:4 : 29-Year-Old ‘Squidbleed’ Vulnerability Discovered With the Aid of Claude Mythos Preview 16:4 : Thousands of D-Link…
Microsoft’s New Option Allows Organizations to Block Copilot Access to Office Files
Microsoft has announced a significant update to its Microsoft 365 security and compliance features, introducing enhanced controls that allow organizations to block Copilot and other connected experiences from analyzing content in Office files. The update is tied to Microsoft Purview…
29-Year-Old ‘Squidbleed’ Vulnerability Discovered With the Aid of Claude Mythos Preview
A Heartbleed-style heap buffer overread lurking in Squid Proxy since 1997 can silently leak HTTP headers, including passwords and API keys, from other users on the same proxy. Security researchers at Calif.io have disclosed a critical memory disclosure vulnerability in…
Thousands of D-Link routers under control of AryStinger botnet
Thousands of outdated D-Link routers have been absorbed into the AryStinger botnet, with no future security updates available to protect them. This article has been indexed from Malwarebytes Read the original article: Thousands of D-Link routers under control of AryStinger…
Prevent data exfiltration: AWS egress controls for cloud workloads
When securing an Amazon Web Services (AWS) environment, teams naturally prioritize inbound controls, firewalls, WAFs, and access policies, because that’s where the most visible threats originate. Outbound traffic, on the other hand, tends to get less attention. It’s often left…
CISA urges device hardening after thousands of Fortinet credentials compromised
Security researchers warn of a months-long FortiBleed campaign targeting western organizations. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: CISA urges device hardening after thousands of Fortinet credentials compromised
Texas Parks and Wildlife Data Breach Affects Over 3M License Customers
Around 3 million Texas licence holders face a data breach after hackers targeted a third-party vendor, exposing driver’s licences and passport numbers. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original…
Five Eyes Cyber Security Agencies Statement
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from CISA Blog Read the original article: Five Eyes Cyber Security Agencies Statement
AryStinger Malware Botnet Hijacks Over 4,000 Outdated Routers for Cyberattacks
AryStinger, a fresh malware botnet, has breached over four thousand aging routers across the globe. Devices caught in its grip now serve as launchpads for online attacks, quietly repurposed without user knowledge. Detected by analysts at Qianxin’s XLab division,…
29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests
A heap over-read in the Squid web proxy can leak another user’s cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy. The bug traces to a 1997…
GentleKiller Framework Disables Victims’ Security Software
ESET details GentleKiller, the EDR-killer framework the Gentlemen ransomware gang gives affiliates This article has been indexed from www.infosecurity-magazine.com Read the original article: GentleKiller Framework Disables Victims’ Security Software
Webshells Remain Popular, (Mon, Jun 22nd)
Webshells have been popular for a long time. We already covered this topic across multiple diaries[1][2]. I spent some time to track them[3] and slighly paid less attention to them but today I found another one. It seems to be…
Threat Hunting Beyond Alerts: Finding the Activity Detection Misses
Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Threat Hunting…
Canadian utility fesses up to data breach, but key details remain off-grid
London Hydro says names, addresses, account details may have been exposed, but much about the intrusion is unknown This article has been indexed from www.theregister.com – Articles Read the original article: Canadian utility fesses up to data breach, but key…
Nintendo Confirms TinyPulse Data Exposure
Nintendo of America has disclosed that employee survey data was exposed in a cyberattack targeting TinyPulse, a third-party employee engagement platform used for internal surveys. This article has been indexed from CyberMaterial Read the original article: Nintendo Confirms TinyPulse Data…
CryptoBandits Malware Doubles as Backdoor
Security researchers have identified a new malware variant called CryptoBandits that serves dual purposes as both a cryptocurrency stealer and a persistent backdoor. This article has been indexed from CyberMaterial Read the original article: CryptoBandits Malware Doubles as Backdoor
AWS Launches Continuum AI Vulnerability Management
Amazon Web Services introduced AWS Continuum on June 17 at AWS Summit New York, offering security teams a comprehensive platform for managing code vulnerabilities throughout their entire lifecycle. This article has been indexed from CyberMaterial Read the original article: AWS…
RIPE abandons cloud-first strategy over geopolitical risk
RIPE NCC, the regional internet registry serving Europe, the Middle East, and parts of Asia, has abandoned its cloud-first strategy over concerns about geopolitical risk from dependence on US-based cloud providers. This article has been indexed from CyberMaterial Read the…
Operation Endgame Disrupts SocGholish Malware Network
Law enforcement agencies from the Netherlands, Canada, the United States, and Germany have executed a coordinated operation against the SocGholish malware distribution network, resulting in the remediation of nearly 15,000 infected websites and the seizure of 106 servers and domains.…