In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during detection. Adjei walks through a collaboration tool scam that copied Microsoft Teams, an identity phishing case…
DockSec: Open-source AI-powered Docker security scanner
DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates…
Hackers Exploit 2026 FIFA World Cup With Phishing and Ticket Scams
Cybercriminals are already turning the 2026 FIFA World Cup into a fraud opportunity, using phishing pages, fake online stores, and ticket scams to steal money and personal data. The risk is rising because the tournament will attract huge global demand,…
Free Samsung and LG Smart TV Apps Reportedly Exploit Devices for AI Proxy Traffic
Free apps available on Samsung, LG, Roku, and other connected TV (CTV) platforms are quietly enrolling users’ smart televisions into a commercial residential proxy network operated by Bright Data, according to a technical investigation published June 5, 2026, by Include…
Google Colab CLI opens runtimes to Claude Code and Codex
Google released the Google Colab Command-Line Interface, a tool that connects local terminals to remote Colab runtimes. The CLI provides an execution platform for developers and AI agents, letting users provision compute, run local Python scripts on remote runtimes, and…
New ChatGPT Lockdown Mode Aims to Block Prompt Injection and Data Exfiltration Attacks
OpenAI this week introduced Lockdown Mode, a security-focused setting for ChatGPT designed to reduce the risk of data exfiltration from prompt-injection attacks. The feature is rolling out to eligible personal accounts (Free, Go, Plus, Pro) and self-serve ChatGPT Business workspaces,…
Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup
Fans looking for tickets, accommodation and match broadcasts are already encountering scams tied to the 2026 FIFA World Cup. The 2026 FIFA World Cup will bring millions of visitors and an estimated 6 billion spectators to a tournament spread across…
52% of direct-to-IP threats are missing from intelligence feeds
Security tools are good at inspecting websites, domains, URLs, and files, so attackers are moving lower in the stack and communicating directly with IP addresses, where visibility is limited. According to Palo Alto Networks’ report, this creates a visibility gap…
GitHub Copilot app launches as desktop home for AI coding agents
GitHub introduced the Copilot app, a desktop application built for working with AI coding agents, at Microsoft Build 2026. The release expands GitHub’s Copilot product line beyond editor integrations and command-line tools into a dedicated workspace for directing several agents…
Claude Outage Data Leak, Microsoft GitHub Worm, IBM Hack, M Instagram Takeovers, Canada’s Bill C-8
TClaude Outage Data Leak Fears, Microsoft GitHub Worm, IBM Hack Allegations, Meta AI Instagram Takeovers, and Canada’s Bill C-8 David Shipley reports that Anthropic’s Claude suffered a roughly two-hour outage affecting models including Opus, during which a user alleged receiving…
IT Security News Hourly Summary 2026-06-08 06h : 1 posts
1 posts were published in the last hour 3:34 : Signal and Other Firms Oppose Canada’s Proposed Surveillance Law
Signal and Other Firms Oppose Canada’s Proposed Surveillance Law
A developing number of technology companies are raising concerns over Canada’s proposed lawful access legislation, arguing that some provisions could force them to choose between complying with government requirements and maintaining the privacy standards promised to users. The debate…
Hackers Can Hijack Claude Code MCP Traffic to Steal OAuth Tokens
A five-step attack chain that silently redirects Claude Code’s Model Context Protocol (MCP) traffic through attacker-controlled infrastructure, intercepting OAuth bearer tokens that grant persistent, broadly scoped access to connected SaaS platforms like Jira, Confluence, and GitHub with no patch incoming…
ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, June 8th, 2026…
IT Security News Hourly Summary 2026-06-08 00h : 2 posts
2 posts were published in the last hour 21:58 : IT Security News Weekly Summary 23 21:55 : IT Security News Daily Summary 2026-06-07
IT Security News Weekly Summary 23
210 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-06-07 19:32 : DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People 19:5 : IT Security News Hourly Summary 2026-06-07 21h : 1 posts 18:32 :…
IT Security News Daily Summary 2026-06-07
26 posts were published in the last hour 19:32 : DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People 19:5 : IT Security News Hourly Summary 2026-06-07 21h : 1 posts 18:32 : Top 10 Best Software Composition Analysis (SCA) Tools…
DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People
ShinyHunters leaked 234 GB of data allegedly stolen from DentaQuest after failed negotiations, potentially impacting 2.6 million people. The ShinyHunters extortion group has published a 234 GB archive of data allegedly stolen from dental benefits administrator DentaQuest. The cybercrime gang…
IT Security News Hourly Summary 2026-06-07 21h : 1 posts
1 posts were published in the last hour 18:32 : Top 10 Best Software Composition Analysis (SCA) Tools for Security Teams in 2026
Top 10 Best Software Composition Analysis (SCA) Tools for Security Teams in 2026
The complexity of modern software development requires security to be deeply embedded within the engineering pipeline rather than treated as an afterthought. With modern applications consisting of over 80% open-source components, the attack surface has shifted drastically. Whether you are…
New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes
A newly released open-source red team tool called EDRChoker introduces a novel technique for silencing cloud-connected Endpoint Detection and Response (EDR) agents not by killing their processes or injecting code, but by quietly choking their network bandwidth to near-zero using Windows’ native…
Fraudsters Exploit Hotel Reservation Records to Deceive Travelers
For years, phishing campaigns have relied on urgency, deception, and impersonation to lure victims into surrendering sensitive information. A newly observed threat, however, demonstrates how cybercriminals are increasingly enhancing those tactics with stolen or exposed real-world data. Security researchers…
Deno Releases Open-Source Firewall to Limit AI Agent Access to Sensitive Data
Deno has introduced an open-source security framework called Claw Patrol, a tool designed to help organizations control how AI agents interact with databases, business applications, cloud services, and other external systems. The release comes as companies increasingly deploy AI agents…
School Buses Could Become Surveillance Vehicles for Government in The US
In the US, school buses may soon become surveillance vehicles, according to 404 media’s report. A review of leaked documents revealed plans to deploy buses with automatic license plate readers (ALPR). The data will be allegedly given to government agencies.…