Ministry of Defence plans hybrid approach for naval development, with crewed vessels directing range of drone platforms This article has been indexed from Silicon UK Read the original article: Royal Navy To Build Drone Warships
LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts
A large-scale password spray campaign linked to the infrastructure provider LSHIY LLC has targeted Microsoft 365 environments, resulting in over 81 million login attempts. This campaign has led to at least 78 confirmed account compromises across 64 organizations between June…
Attackers Downgrade WDigest Protection to Dump Plaintext Credentials With Mimikatz
An incident that began with innocuous enumeration commands but quickly escalated into a focused, multi-stage effort to impair detection and extract credentials. The intruder uploaded a steganographic webshell to an IIS server, used the process w3wp.exe to run OS reconnaissance…
Review: CTRL+ALT+PWN
Hacking gear that once sat in well-funded labs now ships to anyone with a credit card and a video tutorial. Frank Riccardi builds his consumer guide, CTRL+ALT+PWN: The Hacker’s Playbook (And How to Beat It), on that one condition. He…
Critical Cursor IDE Flaws Let Attackers Execute Code via Zero-Click Prompt Injection
Two significant remote code execution (RCE) vulnerabilities in the widely used Cursor ID expose developers to zero-click attacks driven by prompt injection. These vulnerabilities, tracked as CVE-2026-50548 and CVE-2026-50549, collectively known as “DuneSlide,” carry a CVSS score of 9.8. They…
Browser-Only Ransomware Uses File System Access API to Encrypt Files Without Malware Installation
A novel, practical ransomware technique that runs entirely inside the browser by abusing the File System Access API, demonstrating how AI can turn high-level malicious ideas into operational attack chains without any native payload. The proof-of-concept leverages a social engineering…
Catching ransomware on the wire before it locks the file server
Corporate networks keep sensitive files off individual workstations and store them on shared servers that staff reach through mapped network drives. That arrangement hands ransomware operators a target worth chasing. A single compromised laptop can begin encrypting files that live…
Scattered Spider Hacker Arrested in Finland and Extradited to U.S. Over Cyber Intrusion Charges
U.S. authorities have announced federal charges against an alleged member of the notorious cybercriminal group Scattered Spider, following his arrest in Finland and extradition to the United States. The defendant, identified as 19-year-old Peter Stokes, a dual national of the…
FortiBleed Campaign Linked to INC and Lynx Ransomware Operations
A direct operational link between the large-scale FortiBleed credential-harvesting campaign and two active ransomware-as-a-service (RaaS) groups: INC Ransom and Lynx. This finding provides the first confirmed evidence that mass theft of FortiGate credentials is being integrated into ransomware deployment processes,…
What the AI patch gap means for enterprise security
Open-source maintainers are receiving more vulnerability reports than they can act on, and a rising share now comes from an AI system working at machine speed. Over roughly two months this spring, Anthropic’s Claude Mythos Preview combed through more than…
CISA Warns of SimpleHelp Authentication Bypass Vulnerability Exploited in Attacks
CISA has issued a warning about a critical authentication bypass vulnerability in SimpleHelp that is actively being exploited in the wild, raising concerns among organizations relying on the remote support software. The vulnerability, tracked as CVE-2026-48558, affects SimpleHelp deployments configured…
WhatsApp Username Reservations Go Live – What Are the Security Concerns for 2 Billion Users
WhatsApp has begun allowing users to reserve usernames ahead of a broader feature launch planned for later this year, prompting a wave of questions about security, impersonation risk, and account linkage that security researchers should be tracking closely. According to…
Alleged Scattered Spider Member Extradited to the US for His Role in Hacking 100+ Networks
A dual U.S.-Estonian citizen accused of belonging to the notorious Scattered Spider hacking collective has been extradited from Finland to face federal charges in the Northern District of Illinois, the Department of Justice announced Tuesday. Peter Stokes, 19, was arrested…
FortiBleed Password Stealing Attack Linked to INC and Lynx Ransomware Operations
FortiBleed credential-harvesting campaign, which has compromised more than 430,000 FortiGate firewalls worldwide, is directly feeding two active ransomware-as-a-service operations, INC Ransom and Lynx. SOCRadar’s Threat Research Unit identified an operator with access to FortiBleed infrastructure actively logged into negotiation panels…
GitHub’s new tool helps prevent costly open-source license violations
GitHub’s Open Source Program Office (OSPO) uses the new GitHub License Compliance feature, now in public preview, to manage thousands of open-source dependencies and identify dependencies whose licenses require review. The feature is available to GitHub Advanced Security customers and…
ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, July 2nd, 2026…
Healthcare Cybersecurity Threats Persist in 2026
SonicWall found healthcare remains the top cybersecurity target, with rising malware, ransomware, and medical IoT threats. The post Healthcare Cybersecurity Threats Persist in 2026 appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Code Injection in Perforce Helix Core (CVE-2026-6902)
Executive Summary In this article, we disclose our latest findings we made on Perforce protocol P4 (Helix Core) between command line client and server, and reveal how a threat actor could leverage it to conduct attacks. This security issue affects P4 (Helix Core) before P4 (Helix Core) 2025.2 Patch 2, was patched and was attributed a…
Claude Sonnet 5.0 heads straight down the middle of the road to dodge controversy
Safer, cheaper, and nothing to do with cybersecurity This article has been indexed from www.theregister.com – Articles Read the original article: Claude Sonnet 5.0 heads straight down the middle of the road to dodge controversy
EvilTokens device-code phishing kit totally more evil than we all thought
It’s a ‘complete BEC operations environment,’ Talos researcher says This article has been indexed from www.theregister.com – Articles Read the original article: EvilTokens device-code phishing kit totally more evil than we all thought
IT Security News Hourly Summary 2026-07-02 00h : 3 posts
3 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-07-01 21:6 : The Cost of Non-Compliance: Why AI Governance Is the New Enterprise Imperative 21:6 : TLS certificate lifetime changes: What CISOs must do…
IT Security News Daily Summary 2026-07-01
157 posts were published in the last hour 21:6 : The Cost of Non-Compliance: Why AI Governance Is the New Enterprise Imperative 21:6 : TLS certificate lifetime changes: What CISOs must do now 20:34 : Oracle E-Business Suite Flaw Under…
The Cost of Non-Compliance: Why AI Governance Is the New Enterprise Imperative
AI governance helps enterprises control tool use, reduce compliance risk, protect customer data, and avoid fines as teams adopt AI faster than policy. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
TLS certificate lifetime changes: What CISOs must do now
<p>Organizations that rely on manual TLS certificate lifecycle management are racing against the clock. The 200-day certificate timeline, which took effect in March 2026, means the first wave of certificate renewals will arrive within a matter of months.</p> <p>”People will…