Samsung dethroned as South Korea’s most valuable listed company for first time since 2000, as sustained AI spending rewrites rules This article has been indexed from Silicon UK Read the original article: SK Hynix Tops Samsung Market Value Amid Memory…
Critical libssh2 Vulnerability Lets Remote Attackers Execute Code via Crafted SSH Packets
A critical security vulnerability has been identified in libssh2, a widely used client-side SSH library. This flaw allows remote attackers to execute code by sending specially crafted SSH packets. The vulnerability, tracked as CVE-2026-55200, has a CVSS score of 9.2…
ShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates
Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a ShapedPlugin Pro plugin between April and June 2026 and kept it updated, your site may be compromised. Not because…
Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration
Federal agencies are required to transition high-value assets and high-impact systems to use PQC by the end of 2030 and 2031. The post Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration appeared first on SecurityWeek. This article has been indexed…
F5 launches AI Security Platform to uncover and secure shadow AI
F5 has introduced the F5 AI Security Platform to give CISOs continuous visibility, governance, and protection across enterprise AI applications, models, agents, and the APIs connecting them. F5 also announced the acquisition of SurePath AI, as a key component in…
OpenAI wants AI to fix vulnerabilities, not just find them
OpenAI expanded Daybreak, its cybersecurity initiative that combines AI models, Codex Security, security researchers, maintainers, industry partners, and access controls to support vulnerability discovery and remediation. Organizations can use the initiative to identify, validate, and fix software vulnerabilities, while developers,…
Five Eyes Group Issues Urgent Call to Tackle Frontier AI Threats
The Five Eyes Alliance has published a rare call to action for organizations facing AI threats This article has been indexed from www.infosecurity-magazine.com Read the original article: Five Eyes Group Issues Urgent Call to Tackle Frontier AI Threats
Critical FFmpeg Vulnerability Lets Hackers Execute Remote Code via Malicious Media Files
A critical memory corruption vulnerability in FFmpeg has been disclosed, allowing for remote code execution through specially crafted media files. This flaw, tracked as CVE-2026-8461 and named “PixelSmash,” affects the MagicYUV decoder within FFmpeg’s libavcodec library and has a CVSS…
Cybercriminals Abuse TDS Infrastructure to Bypass Firewalls and Hide Malicious Destinations
Cybercriminals are increasingly abusing traffic distribution systems (TDSs) to evade defenses, conceal malicious destinations, and funnel victims into phishing, fraud, and malware campaigns. Once considered a legitimate marketing tool to route visitors to different content or offers, TDS infrastructure is…
ISA VDA 6.0.3 (part 3) — Information Security Sheet: Human Resources, Physical Security, Identity and Access Management
This is the part 3 of the series about the TISAX label: TISAX getting started: A Deep Dive into the ISA Assessment Workbook (part 1). ISA VDA 6.0.3 (part 3) — Information Security Sheet: Human Resources, Physical Security, Identity…
Phishing hides in routine Microsoft 365 workflows
Attackers are abusing Outlook Groups and Microsoft 365 collaboration features to make phishing campaigns appear routine, according to Fortra. “The technique shifts malicious intent away from a single phishing email into a trusted productivity workflow. A user may see what…
Meta Pauses Employee Mouse-Tracking AI Training Program After Internal Data Exposure
Meta has paused its Model Capability Initiative (MCI), an internal program that tracks employee mouse movements, clicks, and keystrokes to train AI models. Thank you for being a Ghacks reader. The post Meta Pauses Employee Mouse-Tracking AI Training Program After…
UK Information Commissioner Resigns After Workplace Probe
Information commissioner John Edwards resigns from role after four years, following independent workplace investigation This article has been indexed from Silicon UK Read the original article: UK Information Commissioner Resigns After Workplace Probe
Apple Supplier Plans HK Listing To Fund Robotics Expansion
Apple iPhone component supplier Lingyi iTech plans second listing as it expands into humanoid robotics, AI servers This article has been indexed from Silicon UK Read the original article: Apple Supplier Plans HK Listing To Fund Robotics Expansion
Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials
Squidbleed is a 29-year-old Squid Proxy flaw that can leak credentials, tokens, and other users’ HTTP data through a memory overread. Researchers at Calif.io have disclosed CVE-2026-47729, a memory leak vulnerability in Squid Proxy that was introduced in 1997 and…
Plans Filed For Second Major Northumberland Data Centre
New application seeks to build campus less than two miles from site of QTS data centre complex at former Blyth Power Station This article has been indexed from Silicon UK Read the original article: Plans Filed For Second Major Northumberland…
FlutterShell Malware Uses C2-Delivered JavaScript Payloads to Evade Sandbox Detection
Targeted macOS endpoint monitoring, the CL-CRI-1089 cluster tied to Operation FlutterBridge repurposes the Flutter framework to deliver a novel macOS malware family dubbed FlutterShell. Rather than rehashing prior campaign reporting, this piece treats recovered artifacts as a technical detection case…
OpenAI takes on Mythos, Klue hits security shops, Five Eyes has eyes on AI
OpenAI takes on Anthropic’s Mythos Klue hack hits security shops Five Eyes has eyes on AI models Get the show notes here: https://cisoseries.com/cybersecurity-news-openai-takes-on-mythos-klue-hits-security-shops-five-eyes-has-eyes-on-ai/ Huge thanks to our episode sponsor, Guardsquare Your backend is only as secure as your frontend. Research…
IT Security News Hourly Summary 2026-06-23 09h : 5 posts
5 posts were published in the last hour 7:2 : WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool 6:32 : Two Men Plead Guilty To TfL Hack 6:32 : WhatsApp Boss To Step Down After Seven Years…
WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate Remote Monitoring and Management (RMM) software. Per findings from Kaspersky, the active campaign is targeting users of…
Two Men Plead Guilty To TfL Hack
Two men admit to hacking Transport for London in summer 2024 incident that caused months of chaos, following arrests last year This article has been indexed from Silicon UK Read the original article: Two Men Plead Guilty To TfL Hack
WhatsApp Boss To Step Down After Seven Years
Will Cathcart to move to another role at Meta, with WhatsApp top spot to be taken over by Indian start-up founder Kunal Shah This article has been indexed from Silicon UK Read the original article: WhatsApp Boss To Step Down…
CodeStorm Phishing Campaign Targets M365 Tenants With Token Reuse and Replay Attacks
A multi-organization phishing campaign attributed to the CodeStorm family is actively targeting Microsoft 365 tenants with a tenant-aware AiTM (adversary-in-the-middle) phishing kit that combines rotating frontends and backend replay behavior under a stable controller path, /google.php. The human recipient rarely…
Xsolis Data Breach Affects 1.4 Million Individuals
Threat actors gained access to personal and protected health information that Xsolis received from its clients. The post Xsolis Data Breach Affects 1.4 Million Individuals appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…