Microsoft has given Windows 10 users another year of free security updates, extending its consumer Extended Security Updates (ESU) program until October 12, 2027. “Windows 10 support has ended. You can enroll in ESU any time until the program ends…
IT Security News Hourly Summary 2026-06-26 09h : 9 posts
9 posts were published in the last hour 6:35 : CISA Adds Actively Exploited Cisco Unified CM Flaws to KEV Catalog 6:34 : Windows Secure Boot Certificate Expiry Exposes Billions of PCs to Bootkit and Firmware Security Risks 6:34 :…
CISA Adds Actively Exploited Cisco Unified CM Flaws to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Cisco Unified Communications Manager (Unified CM) to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation risks in enterprise communication environments. The newly listed flaw, tracked…
Windows Secure Boot Certificate Expiry Exposes Billions of PCs to Bootkit and Firmware Security Risks
Microsoft’s long-planned Secure Boot certificate rollover has reached a critical milestone, impacting more than just routine updates. The Microsoft Corporation KEK CA 2011 expired on June 24, 2026, the Microsoft UEFI CA 2011 expires on June 27, 2026, and the…
Security boss thought MFA would be too much security
One rule for the workers, another for execs This article has been indexed from www.theregister.com – Articles Read the original article: Security boss thought MFA would be too much security
A privacy-first take on local malware analysis
Submitting a suspicious file to VirusTotal or MalwareBazaar places a copy of that file on a platform other people can search. Analysts across the industry rely on these services to get a quick verdict on whether a binary is dangerous.…
Bitcoin Sinks Below $60,000 Amid AI Focus
Bitcoin trades at lowest value since early 2024, as investors bet on high-profile IPOs, AI-related stocks This article has been indexed from Silicon UK Read the original article: Bitcoin Sinks Below $60,000 Amid AI Focus
Hackers Use Malicious Minecraft Fabric Mods to Deploy LoaderClient and WeedHack Stealer
Hackers are weaponizing malicious Minecraft Fabric mods to deliver LoaderClient. This stage-one malware loader steals session data and hands it off to the WeedHack stealer through a fileless, blockchain-backed execution chain. The campaign stands out for its use of EtherHiding,…
Mini Shai-Hulud Worm Poisons LeoPlatform npm Packages to Steal Developer and CI/CD Secrets
A fresh supply-chain wave tied to the Mini Shai-Hulud, Miasma, and Hades malware families is actively poisoning npm packages in the LeoPlatform and RStreams ecosystems and expanding into source-repository compromises. The intrusion blends registry poisoning, install-time execution via binding.gyp, Bun-staged…
Microsoft Extends Windows 10 Security Updates for Users Up to October 2027
Microsoft has quietly expanded its Windows 10 Extended Security Updates (ESU) program, allowing consumers to receive critical security patches through October 12, 2027, an additional year beyond the program’s originally planned expiration date of October 12, 2026. Windows 10 officially…
Two CEOs on why security and AI readiness belong together
SuperOps and Guardz are bundling PSA, RMM, MDM, and agentic SecOps into one offering for MSPs. In this Help Net Security Q&A, SuperOps CEO Arvind Parthiban and Guardz CEO Dor Eisner explain how a connected stack cuts the time and…
Philip Martin Joins Uber as Chief Information Security Officer
Martin brings experience from Coinbase, Palantir, Amazon, and the U.S. Army to lead Uber’s cybersecurity and enterprise security organization. The post Philip Martin Joins Uber as Chief Information Security Officer appeared first on SecurityWeek. This article has been indexed from…
Agentic AI Pentesting Platforms Comparison
Agentic AI transforms Penetration Testing from a periodic consulting practice to a continuous validation discipline. While traditional pentests remain relevant, particularly for complex business logic or regulated environments, the rapid evolution of cloud-native systems necessitates more frequent evaluations. Between formal…
Top 20 Kali Linux Commands Every Hacker Must Know (2026)
Top 20 Kali Linux Commands Every Hacker Must Know (2026) Whether you just installed Kali Linux for the… The post Top 20 Kali Linux Commands Every Hacker Must Know (2026) appeared first on Hackers Online Club. This article has been…
Modelplane: Open-source control plane for AI inference
Organizations that run open-weight models on hardware they own operate GPU fleets spread across clouds, neoclouds, and on-premise data centers. Each fleet handles model placement, replica scaling, infrastructure provisioning, weight distribution, and traffic routing. Teams have built this coordination layer…
Healthcare leaders see a fatal cyber incident as inevitable
Healthcare practices run on a chain of outside vendors. An EMR system holds clinical records, a billing platform processes claims, a telehealth tool supports remote visits, and a cloud provider stores data. Every one of those connections gives an outside…
New infosec products of the month: June 2026
Here’s a look at the most interesting products from the past month, featuring releases from AISLE, Asimily, Blue Planet, depthfirst, Diligent, Drata, Elastic, Filigran, Flip, Hyland, IDnow, Legit Security, MazeBolt, Noma, Qodo, Ridge Security, Tigera, and WitnessAI. Asimily turns device…
IT Security News Hourly Summary 2026-06-26 06h : 1 posts
1 posts were published in the last hour 3:6 : OpenAI Reportedly Delays ChatGPT 5.6 Release Following Trump Administration Request
OpenAI Reportedly Delays ChatGPT 5.6 Release Following Trump Administration Request
OpenAI has agreed to stagger the public release of its latest AI model, GPT-5.6, after the Trump administration formally requested the company limit initial access to a select group of government-approved partners, citing the model’s advanced capabilities and national security…
Chinese cybersecurity company claims it’s built a better-than-Mythos bug finder
Qihoo 360, which the US has banned, says it’s needed as a deterrent to weaponized Anthropic models This article has been indexed from www.theregister.com – Articles Read the original article: Chinese cybersecurity company claims it’s built a better-than-Mythos bug finder
Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances
ESET Research analyzes Gamaredon’s new toolset and the group’s growing reliance on legitimate online services to hide its C&C infrastructure and exfiltrate stolen data This article has been indexed from WeLiveSecurity Read the original article: Gamaredon in 2025: Leveraging tunnels,…
IT Security News Hourly Summary 2026-06-26 03h : 1 posts
1 posts were published in the last hour 0:37 : Malware gaslights AI
Malware gaslights AI
Mac Malware Gaslights AI, Major Info-Stealer Takedown, OpenAI’s Patch the Planet, and FortiBleed Fallout Mac malware called “Gaslight,” attributed to North Korea-aligned actors, plants fake system messages designed to derail AI-based analysis while stealing data and exfiltrating it via a…
Kitana Shows How AI Is Reshaping Adversary-in-the-Middle Fraud
Kitana combines AI-assisted development with adversary-in-the-middle attacks to steal credentials and payment information in real time. The post Kitana Shows How AI Is Reshaping Adversary-in-the-Middle Fraud appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…