Google parent to sell tens of billions in shares over time, including $10bn stake to Berkshire Hathaway, as it sees ‘growth opportunity ahead’ This article has been indexed from Silicon UK Read the original article: Alphabet Plans $80bn Equity Raise…
Palo Alto warns of active exploitation of GlobalProtect authentication bypass flaw
Palo Alto Networks has alerted customers about the ongoing exploitation of the authentication bypass vulnerability in PAN-OS GlobalProtect. The vulnerability, tracked as CVE-2026-0257, lets unauthenticated actors bypass security measures and set up unsanctioned connections to vulnerable GlobalProtect portals and gateways.…
Supply Chain Attack Hits 32 Red Hat NPM Packages
Hackers published 96 malicious package versions, injected with a credential-stealing worm similar to Mini Shai-Hulud. The post Supply Chain Attack Hits 32 Red Hat NPM Packages appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Red Hat npm packages compromised in new Mini Shai-Hulud malware wave
Unknown attackers have compromised 30+ Red Hat Cloud Services npm packages with malware that goes after credentials stored in developers’ build environment. What the malware stole and how it can spread further The compromised packages were published in two different…
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan’s Ministry of Finance with an open-source remote access trojan called Xeno RAT. “The campaign opens with a spear phishing delivery – a…
Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
Attackers backdoored 32 packages in Red Hat’s official npm scope to steal cloud and CI secrets This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve
UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense This article has been indexed from www.infosecurity-magazine.com Read the original article: Infosecurity Europe: UK Firms Prioritize AI Threat…
Motorola Solutions Buys Israeli Anti-Drone Tech Maker
Motorola pays $1.5bn for start-up D-Fend Solutions for tech that takes over and safely lands rogue drones, at a time of increasing disruption This article has been indexed from Silicon UK Read the original article: Motorola Solutions Buys Israeli Anti-Drone…
ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short
ENISA NIS360 2026 shows cybersecurity improving across EU critical sectors, but health, water, rail, and space remain in the risk zone. ENISA has published its third annual NIS360 report, assessing the cybersecurity maturity and criticality of all sectors covered by…
Fake virus alerts are invading mobile games
“Your device is infected!” Fake account warnings and virus alerts are turning some in-game ads into malware traps. This article has been indexed from Malwarebytes Read the original article: Fake virus alerts are invading mobile games
EU Cloud Procurement Plan Could Shut Out US Giants
European Commission reportedly planning rules for critical state contracts that could preference EU cloud providers over US tech giants This article has been indexed from Silicon UK Read the original article: EU Cloud Procurement Plan Could Shut Out US Giants
Gamaredon APT Hides Malware in Windows Features and Abuses Cloud Platforms for C2
Gamaredon, a Russian state-backed espionage group, is deploying a new VBScript worm that hides inside native Windows features while using popular cloud services as covert command-and-control (C2) channels in an ongoing campaign against Ukrainian targets. The operation showcases a modular…
Dashlane Password Manager User Accounts Locked Following Brute-Force Attacks
Dashlane has disclosed a security incident involving a large-scale brute-force attack targeting user accounts, beginning on May 31, 2026. According to the company, an external threat actor attempted to bypass two-factor authentication (2FA) protections by repeatedly guessing authentication codes to…
Critical StrongDM Vulnerability Allows Attackers to Steal and Reuse Authentication
A critical authentication flaw in StrongDM’s desktop application has been identified that allows attackers to hijack user sessions by reusing locally stored authentication material, potentially exposing sensitive enterprise infrastructure. The issue, tracked as CVE-2026-4387, was discovered by SpecterOps during a…
Android 0-Day Vulnerability Exploited in Attacks to Gain Complete Device Control
A critical Android zero-day vulnerability is being actively exploited in targeted attacks, allowing threat actors to gain near-complete control over affected devices without any user interaction. The flaw, tracked as CVE-2025-48595, was highlighted in the June 2026 Android Security Bulletin,…
Nimbus Manticore APT Abuses Fake Recruitment Portal to Deliver Custom Malware
A state-linked hacking group has been caught running a carefully crafted fake recruitment operation to push custom malware onto unsuspecting victims. The group, known as Nimbus Manticore and also tracked as UNC1549 and Smoke Sandstorm, has a long history of…
OpenAI brings frontier AI to existing AWS environments
OpenAI frontier models and Codex are now available on AWS, giving customers access to OpenAI capabilities within AWS environments and the controls needed to move more quickly from evaluation to deployment. OpenAI capabilities on Amazon Bedrock These capabilities are available…
Cybanetix unveils Managed AI Service to secure users, models, and agents
Cybanetix has announced the launch of its Managed AI Service to address all three aspects of AI use within the enterprise. Covering employee AI usage, AI governance, and embedded AI, the Managed AI Service combines technology from NOMA, SentinelOne, Microsoft,…
KDE Linux security audit cuts kernel modules and unused packages
KDE Linux, the in-progress operating system from the KDE community, removed several kernel modules and software packages after a security audit of the components shipped with the system. The work followed the discovery of multiple security issues in the upstream…
SoftBank Promises €45bn For French AI Hub
Japan’s SoftBank to lead €45bn investment in network of data centres in northern France, after meeting with Macron This article has been indexed from Silicon UK Read the original article: SoftBank Promises €45bn For French AI Hub
34 Malicious Packages Steal Cloud Keys, Wallets, and SSH Credentials
Hackers are actively abusing open-source ecosystems to steal sensitive developer data through a large-scale supply chain attack dubbed “TrapDoor,”. The campaign spans npm, PyPI, and Crates.io, leveraging 34 malicious packages and 384 versions to target developers working in cryptocurrency, DeFi,…
Android Zero-Day Vulnerability Actively Exploited in Device Takeover Attacks
Google has disclosed a critical Android zero-day vulnerability that is reportedly being actively exploited in targeted attacks, raising serious concerns about the risk of large-scale device compromise. The issue, tracked as CVE-2025-48595, was highlighted in the Android Security Bulletin for…
CISA Issues Alert on Oracle WebLogic Server Flaw Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Oracle WebLogic Server vulnerability, tracked as CVE-2024-21182, to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is actively exploited in the wild. The alert, published on…
Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads
Dashlane’s security systems automatically locked accounts to protect them against the hacking attempts. The post Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Dashlane…