Dragos has acquired Phosphorus, extending the Dragos Platform to protect billions of connected devices embedded across critical infrastructure and other operational networks. Operational environments have outgrown traditional OT boundaries. Power grids, pipelines, manufacturing facilities, and data centers now depend on…
IT Security News Hourly Summary 2026-06-01 12h : 11 posts
11 posts were published in the last hour 10:2 : Websites Can Now Spy on You Through Your Hard Drive 10:2 : Containers on fire: from container escapes to supply chain attacks 10:2 : Edmunds – 177,860 breached accounts 10:2…
Websites Can Now Spy on You Through Your Hard Drive
Thanks to the newly detailed FROST technique, telltale SSD activity can be measured in the browser using simple JavaScript. This article has been indexed from Security Latest Read the original article: Websites Can Now Spy on You Through Your Hard…
Containers on fire: from container escapes to supply chain attacks
We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, API compromise, and supply chain attacks. This article has been indexed from Securelist Read the original article: Containers on fire: from container escapes to supply chain…
Edmunds – 177,860 breached accounts
In January 2026, the automotive research and car-shopping platform Edmunds was listed by the ShinyHunters hacking group as having been breached. Data purportedly obtained in the incident was later published publicly and included 178k unique email addresses, usernames, passwords, IP…
Microsoft Tightens Entra ID Password Resets With New Authentication Change
Microsoft has announced a significant security update to its Entra ID Self-Service Password Reset (SSPR) feature, introducing stricter authentication requirements designed to reduce identity-based attacks. The update mandates the use of explicitly registered authentication methods, removing reliance on directory-stored contact…
Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)
Authentication bypass vulnerabilities (CVE-2026-0257) in Palo Alto Networks’ firewalls that the company disclosed on May 13 have been targeted in “limited exploit attempts”. “Across multiple customers, Rapid7 observed successful exploitation via authentication probes using forged cookies, but the appliance accepted…
G DATA Managed SOC in use by the town of Sundern: “We haven’t had any serious incidents so far”
Cybercrime happens around the clock – including at night, on public holidays and at weekends. Local authority IT teams struggle to ensure IT systems are monitored, particularly during off-peak hours. As a result, in the worst-case scenario, attacks remain undetected…
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2026-0257 (CVSS score of 7.8), to…
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susceptible sites. WP Maps Pro allows…
Attackers Abuse Shared Content for ChatGPT Phishing Campaign
Push Security says threat actors are delivering malware hosted on chatgpt.com/s/ domain This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Abuse Shared Content for ChatGPT Phishing Campaign
Top 4 data security best practices for the AI-enabled enterprise
To maximize AI’s value without increasing security risk, organizations must enforce best‑practice data protections across their environment. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Top 4 data security best practices for the…
How Canva scaled to 260+M users while elevating security and productivity
See how Canva uses 1Password to integrate new teams fast, empower developers and maintain high standards for customers. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: How Canva scaled to 260+M users while…
The Server Seizure That Affects Also Iran’s Cyber Operations
On May 22, 2026, Dutch financial-crime investigators walked into data centers in Dronten and Schiphol-Rijk and seized approximately 800 servers. The target was WorkTitans B.V., a hosting provider that, on the surface, looked like any other internet infrastructure company. What…
Your phone called. It needs a cleanup.
Introducing Android Junk Cleaner. It scans your phone for leftover files, temporary data, and outdated caches that build up and slow down your device. This article has been indexed from Malwarebytes Read the original article: Your phone called. It needs…
NVIDIA goes open source with a big batch of physical AI agent tools
NVIDIA just dropped a big batch of open-source “physical AI” skills and tools, and they’re designed to make a roboticist’s life a whole lot easier. The idea? Take the messy, complicated work behind robots, self-driving cars, vision AI, and industrial…
Iran-Linked Hackers Wipe IT and Recovery Systems in Middle East Cyberattack
Iran-linked hackers have launched a destructive cyber campaign that wipes IT, backup, and recovery systems at multiple organizations in the Middle East and beyond, severely undermining victims’ ability to restore operations after an attack. Evidence ties the operation to the…
The Pentagon Finally Admits That Location Data Is a Battlefield Problem
The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advocates, and intelligence analysts have been warning about the same thing: smartphone location data…
Microsoft Clarifies It Won’t Sue Security Researchers Amid Nightmare-Eclipse Controversy
Microsoft has clarified its stance, reducing perceived legal threats and reaffirming its commitment to coordinated vulnerability disclosure, following significant backlash from the security research community. In a carefully worded statement released in late May 2026, Microsoft’s Security Response Center (MSRC) moved to…
Hackers Attacking Signal Users to Steal Backups in New Wave of Attacks
A new wave of phishing attacks is targeting users of Signal, the encrypted messaging app trusted by journalists, activists, and privacy-conscious individuals worldwide. Hackers are impersonating Signal’s support team and tricking users into handing over their backup recovery keys, which…
Famous Chollima Hackers Target PHP Developers Using Compromised Packagist Package
A well-known North Korean threat actor has been caught hiding malware inside a legitimate PHP package available through Packagist, the main package repository for PHP projects. The attack takes direct aim at software developers, disguising a dangerous payload as a…
Palo Alto Warns High-Severity Bug Is Being Actively Exploited
A vulnerability in Palo Alto Networks’ PAN-OS software is being exploited in attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Palo Alto Warns High-Severity Bug Is Being Actively Exploited
Meta AI Vulnerability Allegedly Enables Instagram Password Resets
Instagram is facing scrutiny after a critical vulnerability in its Meta AI-powered support system allegedly allowed attackers to take over user accounts by abusing the password recovery process. The tool, designed to help users regain access to locked accounts, could…
Artificial intelligence and elections: When an election is annulled because of TikTok
On 6 December 2024, the Constitutional Court of Romania took an unprecedented step: it annulled the first round of the country’s presidential election. Not over ballot-box fraud, nor over irregularities in the count, but because one candidate, the previously unknown…