A sophisticated malware campaign that combined a phishing lure, an obfuscated Windows JavaScript dropper, a malicious Google Chrome extension and a Native Messaging Host to effectively break the browser sandbox and execute arbitrary PowerShell commands on infected Windows machines. The…
Microsoft WinRE Vulnerability Allows Hackers to Bypass UEFI/BIOS Password Enforcement
A newly disclosed vulnerability in the Microsoft Windows Recovery Environment (WinRE) could allow attackers to bypass UEFI and BIOS password protections, exposing systems to unauthorized access even when firmware-level security controls are active. This issue, tracked under CERT/CC VU#226679 and…
UK school’s network left wide open for invasion, student found
And the admin password was right in the Active Directory description field This article has been indexed from www.theregister.com – Articles Read the original article: UK school’s network left wide open for invasion, student found
The uptime questions every engineering leader should ask this week
In this interview with Help Net Security, Mattias Geniar, CTO at Oh Dear, explains why most outages start quietly, as creeping latency or a slow rise in errors. He argues teams alert on the wrong things: absolute numbers instead of…
IT Security News Hourly Summary 2026-06-25 09h : 8 posts
8 posts were published in the last hour 6:34 : Alibaba Accused of Illicitly Accessing Claude AI Models Using 25,000 Fraudulent Accounts 6:34 : Cisco SD-WAN Zero-Day Exploited Months Before Patching 6:33 : LLM security advice looks solid until you…
Alibaba Accused of Illicitly Accessing Claude AI Models Using 25,000 Fraudulent Accounts
Anthropic has accused the Chinese technology conglomerate Alibaba of orchestrating a large-scale, coordinated operation to extract capabilities from its Claude AI models illegally. The company describes this incident as the largest adversarial distillation attack recorded to date. The allegations, outlined…
Cisco SD-WAN Zero-Day Exploited Months Before Patching
CVE-2026-20245, the 7th Cisco SD-WAN vulnerability exploited in 2026, was used for months prior to its disclosure and patching. The post Cisco SD-WAN Zero-Day Exploited Months Before Patching appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
LLM security advice looks solid until you check the hard cases
Plenty of people now type their security worries straight into a chatbot. A hacked account, a suspicious email, a stalker who might be tracking a phone, all of it lands in the same window someone would use to ask about…
Met Police To Deploy Drones Across London
Metropolitan Police commissioner lays out plans to use drones across all London boroughs to respond to incidents, amid broader tech drive This article has been indexed from Silicon UK Read the original article: Met Police To Deploy Drones Across London
OpenClaw Supply Chain Risk Lets Attackers Abuse AI Agent Authority for Unauthorized Actions
OpenClaw’s agentic marketplace, ClawHub, was designed to accelerate AI-driven workflows by letting third-party “skills” extend an AI agent’s capabilities. Those skills are markdown-driven packages with broad local access, and that design choice made ClawHub a critical and sensitive link in…
Cisco Catalyst SD-WAN Manager Zero-Day Exploited to Gain Root Access via Malicious CSV Upload
Cisco Catalyst SD-WAN Manager instances are currently being targeted in a zero-day exploitation campaign that allows attackers to escalate their privileges to root through a malicious CSV upload mechanism. Mandiant reported this information on June 24, 2026. The vulnerability, identified…
Scoring AI hackers when there is no answer key
AI models are solving more and more of the offensive-cyber tests built to measure them. Once a model solves most of a benchmark, that benchmark runs out of room and says little about the best systems anymore. Many of those…
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
An unknown threat actor exploited a recently disclosed high-severity security flaw impacting Cisco Catalyst SD-WAN as a zero-day at least two months before it was publicly disclosed, according to new findings from Google-owned Mandiant. The vulnerability, tracked as CVE-2026-20245 (CVSS…
Europol Disrupts Cybercrime-as-a-Service Networks Used for Ransomware and Financial Fraud
Europol, in collaboration with global law enforcement agencies and private sector partners, has successfully disrupted a significant cybercrime-as-a-service (CaaS) infrastructure used for ransomware deployment and financial fraud. This effort, part of Operation Endgame, was announced on June 24, 2026, and…
StrikeShark Campaign Uses New SharkLoader Malware to Deploy Cobalt Strike Beacon
During a recent investigation into activity affecting a diplomatic mission in Indonesia, researchers uncovered a previously undocumented loader family they named SharkLoader. What began as an isolated incident rapidly expanded into a multi-country campaign tracked as StrikeShark where SharkLoader consistently…
Best practices for AI in open-source work
Free and open source software developers us AI coding assistants such as Claude Code, Copilot CLI, Antigravity, and OpenCode in their daily work. The Software Freedom Conservancy responded to that trend with a set of recommendations for contributors who use…
Agentic Red-Team Tools Flaws Let Hackers Steal API Keys, Escape Sandboxes, and Compromise Hosts
Agentic red-team tools designed for autonomous offensive security operations are themselves vulnerable, allowing attackers to steal API keys, weaponize the agents, escape sandboxes, and fully compromise the hosts that run them. A new academic study by Arxiv presents the first…
Nation-state actors cracked critical Australian infrastructure to ‘cripple it at a time of their choosing’
To defuse another attack, Oz spies called foreign counterparts to tell them an op was a bust This article has been indexed from www.theregister.com – Articles Read the original article: Nation-state actors cracked critical Australian infrastructure to ‘cripple it at…
Ubiquiti UniFi OS Flaw Under Active Exploitation CISA Alerts Users
A new focus on network infrastructure devices has been drawn after the U.S. Cybersecurity and Infrastructure Security Agency (CISA) flagged several security vulnerabilities in Ubiquiti’s UniFi OS platform. Following evidence of active exploitation, the KEV catalog was updated to…
Most teams will ship AI-written infrastructure code with little review
AI-assisted development has settled into everyday practice across software organizations, and developers using it move from idea to working code in hours. That code does not stay with the developers who prompt it. It flows downstream to the DevOps and…
What your next cyber insurance renewal will demand
In this Help Net Security video, Michael Loewy, co-founder, Tide Foundation, explains how cyber insurance is rewriting security programs at renewal time. Insurers want more questionnaires, more evidence, and more attestations, because the market is moving from trusting your answers…
IT Security News Hourly Summary 2026-06-25 06h : 2 posts
2 posts were published in the last hour 4:4 : Chrome 149 Security Update — Patch for Critical Flaws that Enable Code Execution Attacks 3:33 : Cyber Briefing: 2026.06.24
Chrome 149 Security Update — Patch for Critical Flaws that Enable Code Execution Attacks
Google has released a critical security update for its Chrome browser, pushing the Stable channel to version 149.0.7827.196/197 for Windows and Mac, and 149.0.7827.196 for Linux. The update addresses 18 security vulnerabilities, including four rated Critical and fourteen rated High…
Cyber Briefing: 2026.06.24
A £39 million hit to London’s transit network: inside the Scattered Spider trial, a massive utility breach, and the rise of weaponized AI marketplace skills. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.06.24