Jersey Telecom switches on first two 5G sites with coverage across island set to roll out in phases over next four months This article has been indexed from Silicon UK Read the original article: Guernsey 5G Roll-Out Begins As First…
A week in security (June 15 – June 21)
A list of topics we covered in the week of June 15 to June 21 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (June 15 – June 21)
AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network
A new malware family is turning forgotten home routers into a distributed reconnaissance and proxy network, not the DDoS botnet these devices usually end up in. QiAnXin’s XLab calls it AryStinger and counts at least 4,300 infected routers, a total it says…
Brazil phone alert hack, Prinz Eugen ransomware, Congress deepfake bill
Hackers suspected in Brazil cell phone alert Prinz Eugen ransomware prioritizes recent files for encryption Congress presents bill to protect people from AI-generated deepfakes Get the show notes here: https://cisoseries.com/cybersecurity-news-brazil-phone-alert-hack-prinz-eugen-ransomware-congress-deepfake-bill/ Huge thanks to our episode sponsor, Guardsquare Mobile app security…
IT Security News Hourly Summary 2026-06-22 09h : 12 posts
12 posts were published in the last hour 7:2 : pgAdmin 4 Released with Patches for Seven Vulnerabilities and Feature Enhancements 7:2 : Sapphire Sleet Hijacks npm Maintainer Account to Publish Poisoned Mastra Packages 7:2 : GitHub Actions Checkout Adds…
pgAdmin 4 Released with Patches for Seven Vulnerabilities and Feature Enhancements
pgAdmin 4 version 9.16 has been released by the pgAdmin Development Team, introducing significant security improvements along with feature enhancements and bug fixes. This update addresses seven vulnerabilities, tracked as CVE-2026-12044 through CVE-2026-12050, and includes 64 bug fixes and various…
Sapphire Sleet Hijacks npm Maintainer Account to Publish Poisoned Mastra Packages
A widespread npm supply‑chain compromise to Sapphire Sleet, a North Korean state actor, after the takeover of an npm maintainer account enabled the mass publication of poisoned Mastra packages that silently delivered a multi‑stage implant. The campaign, disclosed June 19,…
GitHub Actions Checkout Adds Protection Against Malicious pull_request_target Workflows
GitHub has implemented a major security enhancement in its Actions ecosystem with the release of actions/checkout v7, which aims to address a long-standing class of vulnerabilities known as “pwn requests.” This update was announced on June 18, 2026, and introduces…
Anthropic’s Mythos AI Model Reportedly Breached NSA Classified Systems in Hours
Anthropic’s flagship Mythos AI model reportedly infiltrated nearly all of the National Security Agency (NSA) ‘s classified systems within a few hours during an authorized red-team evaluation on June 11. This incident now seems to be the main reason for…
Cook Says Apple Plans Price Hikes
Outgoing Apple chief executive Tim Cook says price increases ‘unavoidable’ due to ‘unsustainable’ surge in memory costs This article has been indexed from Silicon UK Read the original article: Cook Says Apple Plans Price Hikes
Norfolk Parish Council Probes Adult-Themed Hack
Old Catton Parish Council investigates how portions of its website were replaced with Indonesian-language gambling adverts This article has been indexed from Silicon UK Read the original article: Norfolk Parish Council Probes Adult-Themed Hack
OXLOADER Uses MBA Obfuscation and Control-Flow Flattening to Bypass Static Detection
A previously undocumented Windows loader, tracked as OXLOADER, that combines sophisticated obfuscation and unconventional staging to evade static detection and sandbox analysis while delivering the new CASTLESTEALER infostealer via malvertising. The campaign leveraged malicious Google Ads impersonating Node.js and API…
Who pays when you gate cyber-capable AI models?
In this interview with Help Net Security, Jaya Baloo, COO & CISO at Aisle, examines the debate over restricting access to cyber-capable AI models. She lays out the strongest argument for gating these tools, then explains where it breaks down…
INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific
A new report from INTERPOL has revealed a “dramatic increase” in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, new technologies, organized criminal networks, and a disparity in cybersecurity maturity. According to INTERPOL’s 2025/2026 Asia…
Massive GitHub Attack Injects Malware into 10,000 Compromised Repositories
A large-scale malware distribution campaign utilizing GitHub repositories has been uncovered. This coordinated effort weaponized over 10,000 repositories to deliver Trojanized payloads. The activity was first identified on June 18, 2026, and highlights significant gaps in automated detection and monitoring…
Texas Parks & Wildlife Data Breach Affects 3 Million Individuals
Hackers stole personal information after breaching the systems of a third-party license vendor serving TPWD. The post Texas Parks & Wildlife Data Breach Affects 3 Million Individuals appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Agent Beacon: Open-source telemetry layer for AI agents
AI coding agents such as Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, cloud environments, where they edit files, run commands, and call outside tools. Beacon, an open-source project from Asymptote Labs, configures telemetry…
GlassWorm Uses Blockchain-Based C2 and Invisible Unicode to Steal Developer Secrets
A trio of coordinated campaigns a JetBrains fake AI assistant campaign, the GlassWorm self‑propagating worm, and the compromised Nx Console Visual Studio Code extension made clear that IDE plugin ecosystems are now a primary attack surface for AI credential theft.…
Encrypted DNS still tells an eavesdropper where to look
Encrypted DNS runs across much of the Internet. DNS over TLS, HTTPS, and QUIC keep the contents of a query away from anyone watching a network link. The encryption covers the message inside each packet. The packet still carries plaintext…
Fortinet Warns of Active FortiBleed Credential Theft Attacks on FortiGate Devices
Fortinet has issued a security warning about ongoing credential-harvesting attacks targeting FortiGate devices in a campaign known as “FortiBleed.” Threat actors are exploiting weak authentication practices rather than any newly disclosed vulnerabilities. A PSIRT advisory released on June 19, 2026,…
Product showcase: Avira Security for iOS blends security, privacy, and device optimization
Avira Mobile Security for iOS combines security, privacy, and device optimization tools in a single application. The app is also available for Android, macOS, and Windows devices. After downloading the application from the App Store users are guided through a…
Anthropic’s Claude AI Back Online After 90-Minute Global Outage
Anthropic’s Claude AI platform suffered a significant service disruption on June 22, 2026, affecting multiple flagship models and leaving developers worldwide scrambling for nearly 90 minutes before engineers restored full functionality. The incident began at 00:37 UTC on June 22,…
Hundreds of AI-powered iOS apps found exposing credentials
Mobile app developers are packing AI features into everything from writing assistants to productivity tools and lifestyle apps. New research shows that securing access to those services remains a challenge. LLM API credential leakage via network traffic interception (Source: Research…
IT Security News Hourly Summary 2026-06-22 06h : 1 posts
1 posts were published in the last hour 3:33 : FortiBleed – Fortinet Warns of Active Credential Harvesting Campaign Targeting FortiGate Devices