IT Security News

Cybersecurity news and articles about information security, vulnerabilities, exploits, hacks, laws, spam, viruses, malware, breaches.

Main menu

Skip to content
  • Advertising
  • Contact
  • Legal and Contact information
  • Opt-out preferences
  • Privacy Policy
  • Social Media
    • Telegram Channel
All CISA Advisories, EN

CISA Adds One Known Exploited Vulnerability to Catalog

2026-06-29 23:06

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-48558 SimpleHelp Authentication Bypass Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant…

Read more →

EN, www.theregister.com - Articles

Anonymous researcher drops 0-day ‘exploitarium’ repo

2026-06-29 22:06

At least two vulnerabilities are already under attack This article has been indexed from www.theregister.com – Articles Read the original article: Anonymous researcher drops 0-day ‘exploitarium’ repo

Read more →

AWS Security Blog, EN

What the June 2026 Threat Technique Catalog update means for your AWS environment

2026-06-29 22:06

The AWS Customer Incident Response Team (AWS CIRT) encounters patterns that repeat across engagements when helping customers respond to security incidents. We’re passionate about making sure that information is accessible so that everyone can improve their security posture and their…

Read more →

EN, Search Security Resources and Information from TechTarget

8 key aspects of a mobile device security audit program

2026-06-29 21:06

<p>To protect corporate data and prevent security incidents, IT must have a program in place to audit the mobile endpoints that access business systems and data.</p> <p>What falls under the category of “mobile device” for auditing has evolved over the…

Read more →

EN, The Hacker News

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

2026-06-29 21:06

Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting…

Read more →

hourly summary

IT Security News Hourly Summary 2026-06-29 21h : 1 posts

2026-06-29 21:06

1 posts were published in the last hour 18:31 : Why mobile security audits are important in the enterprise

Read more →

EN, Search Security Resources and Information from TechTarget

Why mobile security audits are important in the enterprise

2026-06-29 20:06

<p>Mobile devices in the enterprise are an increasingly large target for cyberattacks. Mobile security audits help IT identify device, app, network and user risks before those risks lead to data loss or unauthorized access.</p> <p>With the growing amount of both…

Read more →

Cyber Security News, EN

U.S. Seizes Hundreds Domains Used to Stream World Cup Matches Illegally

2026-06-29 20:06

The U.S. Department of Justice (DOJ) has announced the seizure of nearly 400 domains used to illegally stream FIFA World Cup 2026 matches, marking a significant crackdown on global digital piracy networks. The operation, conducted under “Operation Offsides,” targeted websites…

Read more →

Cyber Security News, EN

New Claude Code Attack Allows Attackers to Take Full Control of Developers’ Systems

2026-06-29 20:06

Researchers at Mozilla’s Zero Day Investigative Network (0DIN) have demonstrated a proof-of-concept attack that shows how a completely clean-looking GitHub repository can trick AI-powered coding agents like Claude Code into silently opening a reverse shell on a developer’s machine, without…

Read more →

Cyber Security News, EN

EvilTokens Phishing Breaches Finance Firms Using “Ghost” Code Across U.S. and European Businesses

2026-06-29 20:06

EvilTokens can keep serious account-takeover activity out of your SOC’s view by relying on “ghost” code that only surfaces after the browser decrypts it. Because of this, analysis that looks only at the static URL can overlook the part of the…

Read more →

Cyber Security News, EN

WhatsApp Launches New Username Feature to Communicate Without Exposing Phone Numbers

2026-06-29 20:06

WhatsApp introduces a new privacy update that lets users connect using unique handles, eliminating the need to share phone numbers with strangers or new group members. Earlier, we detailed that WhatsApp is preparing to roll out a long-anticipated username feature.…

Read more →

Cyber Security News, EN

Critical Gemini CLI Vulnerability Lets Attackers Execute Arbitrary Code

2026-06-29 19:06

A critical security vulnerability in Google’s Gemini CLI has been disclosed, allowing attackers to execute arbitrary code in certain CI/CD environments, particularly GitHub Actions workflows. The issue, tracked as CVE-2026-12537, impacts multiple versions of the Gemini CLI and its related…

Read more →

Cyber Security News, EN

Microsoft 365 Apps RCE Vulnerability Exploited Using a Malicious Excel File

2026-06-29 19:06

Microsoft has disclosed a critical remote code execution vulnerability in its Office ecosystem that can be exploited through a malicious Excel file. The vulnerability, tracked as CVE-2025-60727, affects multiple versions of Microsoft Office and underscores the continued risk posed by…

Read more →

Cyber Security News, EN

Critical Dell Wyse Vulnerabilities Enable Remote Code Execution Attacks

2026-06-29 19:06

Dell Technologies has released a critical security advisory addressing multiple vulnerabilities in its Wyse Management Suite (WMS), warning that attackers could exploit these flaws to execute arbitrary code on affected systems. The vulnerabilities affect Dell Wyse Management Suite versions before…

Read more →

Cyber Security News, EN

Hackers Exploiting Critical Oracle E-Business Suite Vulnerability Actively in Attacks

2026-06-29 19:06

Threat actors are actively exploiting CVE-2026-46817, a critical unauthenticated remote takeover vulnerability in Oracle E-Business Suite (EBS), with live attack activity captured across honeypot infrastructure over the weekend of June 27–28, 2026. CVE-2026-46817 is a critical-severity flaw residing in the…

Read more →

Cyber Security News, EN

Public PoC Released for Deserialization RCE Vulnerability in Splunk Secure Gateway

2026-06-29 19:06

A public proof-of-concept (PoC) exploit has been released for CVE-2026-20251, a high-severity remote code execution (RCE) vulnerability affecting Splunk Secure Gateway (SSG). The flaw, carrying a CVSS score of 8.8, allows a low-privileged authenticated attacker to execute arbitrary code on…

Read more →

CySecurity News - Latest Information Security and Hacking Incidents, EN

FCRF Launches India’s Largest Cybercrime Hackathon for 2026

2026-06-29 19:06

  The Future Crime Research Foundation (FCRF) has announced what is being positioned as India’s largest cybercrime hackathon, a move that reflects the growing urgency around digital threats in the country. With cyber fraud, phishing, ransomware, and AI-driven deception becoming…

Read more →

EN, Microsoft Security Blog

Chromium extension uses AI‑related branding to redirect browser search

2026-06-29 19:06

A malicious Chromium-based extension that spoofs the AI-powered answer engine Perplexity AI redirects browser search traffic using MV3 APIs and intermediary infrastructure. The post Chromium extension uses AI‑related branding to redirect browser search appeared first on Microsoft Security Blog. This…

Read more →

EN, Security News | TechCrunch

In major privacy win, Supreme Court rules geofence warrants are protected by privacy rights

2026-06-29 18:06

The Supreme Court’s decision to limit geofence warrants is a win for privacy advocates, who called their use unconstitutional but sought an outright ban. This article has been indexed from Security News | TechCrunch Read the original article: In major…

Read more →

EN, Schneier on Security

Factoring RSA Keys with Many Zeros

2026-06-29 18:06

Interesting research on a new class of weak RSA keys: keys with lots of zeros. It turns out that these keys are out in the wild. The badkeys project is an open-source service that checks public keys for known vulnerabilities.…

Read more →

EN, Help Net Security

JSP webshells being dropped on unpatched PTC Windchill instances

2026-06-29 18:06

The US Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability (CVE-2026-12569) in Windchill and FlexPLM, two product lifecycle management software platforms developed by PTC, to its Known Exploited Vulnerabilities (KEV) catalog. Entries in the KEV catalog don’t contain links…

Read more →

EN, The Hacker News

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

2026-06-29 18:06

The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware and turning a legitimate cloud service into its command channel. Acronis Threat Research Unit found active compromises inside Indian government networks, including machines…

Read more →

EN, The Hacker News

WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private

2026-06-29 18:06

WhatsApp on Monday officially announced the start of global reservations of usernames with an aim to protect the privacy of more than three billion users on the messaging platform. The optional feature is designed to help users connect with someone…

Read more →

hourly summary

IT Security News Hourly Summary 2026-06-29 18h : 16 posts

2026-06-29 18:06

16 posts were published in the last hour 16:2 : WhatsApp Rolling Out Username Feature to Bolster Phone Number Privacy 16:2 : Iran-Linked Cyberattacks Against Israel Triple as Critical Infrastructure Faces Rising Threats 16:2 : China’s New AI Model Challenges…

Read more →

Page 33 of 5660
« 1 … 31 32 33 34 35 … 5,660 »

Pages

  • Advertising
  • Contact
  • Legal and Contact information
  • Opt-out preferences
  • Privacy Policy
  • Social Media
    • Telegram Channel

Recent Posts

  • Prompt Injection Attacks: What They Are and How to Test for Them (2026) July 7, 2026
  • Apple Container: Open-source tool for Linux containers on the Mac July 7, 2026
  • Cavern Manticore Malware Uses Low-Detection .NET Modules for Reconnaissance and Lateral Movement July 7, 2026
  • Power shortages could slow AI data center expansion July 7, 2026
  • Microsoft wants to keep your AI agents from going rogue July 7, 2026
  • Cybersecurity jobs available right now: July 7, 2026 July 7, 2026
  • Microsoft Edge High-Severity Vulnerability Allows Remote Code Execution July 7, 2026
  • IT Security News Hourly Summary 2026-07-07 06h : 1 posts July 7, 2026
  • Fast-mcp-telegram Vulnerability Allow Attackers to Access Sensitive Files July 7, 2026
  • ISC Stormcast For Tuesday, July 7th, 2026 https://isc.sans.edu/podcastdetail/9996, (Tue, Jul 7th) July 7, 2026
  • The Defender’s Dilemma: AI, MDR, and the Future of Security July 7, 2026
  • The ‘first’ AI-run ransomware attack still needed a human July 7, 2026
  • FBI and Spanish Police Arrest Alleged Cyber Army of Russia Reborn Member July 7, 2026
  • IT Security News Hourly Summary 2026-07-07 00h : 1 posts July 7, 2026
  • IT Security News Daily Summary 2026-07-06 July 6, 2026
  • The Hidden Latency Tax in Retail Personalization July 6, 2026
  • DHS Confirms Breach of Homeland Security Information Network July 6, 2026
  • Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild July 6, 2026
  • Top 10 Best Next-Generation Firewall (NGFW) Solutions in 2026 July 6, 2026
  • Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations July 6, 2026

Copyright © 2026 IT Security News. All Rights Reserved. The Magazine Basic Theme by bavotasan.com.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}