There is a moment every security analyst knows well. It’s 2am, an alert fires, and you’re staring at a console trying to make sense of what just happened—fast. You need context, scope, and impact: What’s being targeted? Where is it coming from?…
NewCore Emerges From Stealth Mode With $66 Million in Funding
The startup has built a security-first identity platform to protect humans, machines, and AI agents. The post NewCore Emerges From Stealth Mode With $66 Million in Funding appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Ukrainian national pleads guilty in connection with Conti ransomware
A Ukrainian national pleaded guilty to conspiracy to commit wire fraud in connection with the deployment of Conti ransomware, which targeted more than 1,000 victims worldwide. According to the U.S. Department of Justice, 44-year-old Oleksii Oleksiyovych Lytvynenko joined the Conti…
Omada Agent Governance helps organizations manage AI agent access, risk, and compliance
Omada has announced Omada Agent Governance, a new solution designed to help organizations bring the same governance discipline to AI agents and non-human identities that they already apply to people. AI agents are rapidly becoming a new class of digital…
IT Security News Hourly Summary 2026-06-15 15h : 10 posts
10 posts were published in the last hour 12:35 : Handala Hacking Group Claims Breach of California Water Service 12:35 : Windows 11 Update Causes System Freezes, Triggers BitLocker Recovery, and Breaks OneDrive 12:35 : Jenkins RCE Flaw Exploited by…
Handala Hacking Group Claims Breach of California Water Service
The Handala hacking group claims it has targeted California Water Service, leaking 5GB of customer database and GPS network files in its latest infrastructure attack. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More…
Windows 11 Update Causes System Freezes, Triggers BitLocker Recovery, and Breaks OneDrive
Windows 11 cumulative update KB5094126, released on June 9, 2026, for builds 26200.8655 and 26100.8655, is triggering a wave of user reports about system freezes, forced BitLocker recovery screens, and broken OneDrive integration in File Explorer on some devices. While…
Jenkins RCE Flaw Exploited by Attackers in the Wild
A remote code execution (RCE) vulnerability in Jenkins, tracked as CVE-2026-53435, is now actively exploited in the wild. The flaw, stemming from insecure deserialization during Jenkins’ config.xml processing, allows unauthenticated or low-privileged attackers to execute arbitrary code on vulnerable instances, posing a…
Hackers Abuse LNK Files, PowerShell, and Python Loader to Deploy NarwhalRAT
A sophisticated malware campaign is quietly targeting Korean users through a well-crafted chain of deception. Threat actors are using innocent-looking shortcut files, built-in Windows tools, and a compiled Python payload to plant a remote access trojan called NarwhalRAT on victim…
PromptSnatcher Ad Blocker Extensions Steal AI Chats From ChatGPT, Claude, and Gemini
Two browser extensions masquerading as ad blockers have been caught secretly recording private conversations from ChatGPT, Claude, Gemini, and five other major AI platforms. The extensions, named “Smart Adblocker” and “Adblock for Browser,” were installed by roughly 90,000 users before…
SearchJack Campaign Uses 23 Chrome Extensions to Hijack Searches of 758,000 Users
A coordinated campaign of 23 deceptive Chrome browser extensions has been quietly stealing users’ search queries and routing them through hidden revenue systems. The operation, now dubbed SearchJack, has affected roughly 758,000 Chrome users worldwide without any of them realizing…
AI vulnerability discovery is pushing 2026 CVEs toward 66,000
Vulnerability disclosures are piling up faster in 2026 than anyone expected at the start of the year. The running count for the first few months sits well above the original projection, and the Forum of Incident Response and Security Teams…
Red Sift, GMO GlobalSign partnership simplifies email authentication and BIMI adoption
Red Sift has announced a partnership with GMO GlobalSign to provide organizations with a direct path from email authentication to verified brand visibility in the inbox. Red Sift OnDMARC is now available through GMO GlobalSign, enabling secure outbound email protection…
The Onboarding Password Mistake That Creates Unnecessary Risk
Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means sharing a temporary “first-day” password so employees can access systems for the first…
MS-ISAC enters uncertain new era after losing federal funding and thousands of members
The information-sharing group, a vital resource for state and local governments, has cut staff and pinned its hopes on a membership surge. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: MS-ISAC enters uncertain…
Velvet Ant Hackers Backdoor OpenSSH and PAM to Spy on Critical Infrastructure Network
A long-running, highly disciplined intrusion attributed to the China-nexus actor known as Velvet Ant has been revealed as a near-decade campaign of silent access that culminated in the replacement of core authentication components OpenSSH binaries and PAM modules across a…
Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges
Oleksii Oleksiyovych Lytvynenko admitted to working on the development of a loader for the Conti gang. The post Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw
Palo Alto Networks warns that attackers are actively exploiting CVE-2026-0257, a PAN-OS flaw that lets unauthorized users bypass authentication and establish VPN connections. Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, a PAN-OS authentication bypass vulnerability affecting GlobalProtect portals…
The FCC Wants to Eliminate Burner Phones
A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person. The FCC plans to do this by legally forcing the country’s telecoms to store a wealth of personal information about essentially all…
French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker
French officials say roughly 73,000 government accounts were affected, while the threat actor claims to have stolen messages and user data from the sovereign Tchap platform. The post French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker appeared first on…
Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems
The pharmaceutical giant says the attackers gained access to personal data stored on the compromised systems. The post Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site administrator was logged in as the file loaded, the code…
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program (PUP) family. The cluster spans 38 separate Chrome Web Store publisher accounts and three brand…
FBI disrupts Russian APT28 router hijacking campaign
The FBI and Department of Justice announced in April they successfully disrupted a Russian military intelligence hacking operation that compromised home and small office routers across the United States. This article has been indexed from CyberMaterial Read the original article:…