Smart TVs in living rooms run small apps that show fish tanks, clocks, solitaire games, and slideshows of puppies. A share of those apps can also send other people’s internet traffic out through the home connection. Spur Intelligence scanned 6,038…
29-Year-Old Squid Proxy Vulnerability Exposes Authorization Headers and API Keys
A recently disclosed vulnerability in Squid Proxy, tracked as CVE-2026-47729 and referred to as “Squidbleed,” is exposing sensitive user data, including HTTP authorization headers and API keys. This issue arises from a decades-old memory-handling flaw in Squid’s codebase, dating back…
OpenAI Releases GPT‑5.5‑Cyber With Full Automation for Vulnerability Detection and Patching
OpenAI has officially launched the full version of GPT‑5.5‑Cyber, a specialized AI model engineered for advanced vulnerability detection, patch generation, and automated remediation at machine speed. The release is part of OpenAI’s broader Daybreak initiative, which aims to democratize defensive…
Hackers Using FortigateSniffer Tool That Turns Compromised Firewalls Into Password Collectors
A financially motivated threat actor has deployed a custom Golang-based tool called FortigateSniffer across more than 430,000 FortiGate firewalls globally, silently harvesting over 110 million credentials since at least February 2026, including confirmed data exfiltration from a NATO-aligned defense contractor.…
Free, no-signup World Cup streams serve scams instead of football
Researchers at Malwarebytes identified dozens of websites claiming to offer free access to FIFA World Cup matches. Instead of streaming games, the sites directed visitors through a chain of advertising pages designed to generate revenue for their operators. Fake World…
Only 7% of companies are ready for the AI agents they deployed
Most organizations now run or pilot AI agents that operate on company data with limited human direction at each step, a share that reaches 88% in Veeam Software’s Data and AI Trust Gap report. The systems that are supposed to…
OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
OpenAI on Monday said it’s releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative, the artificial intelligence (AI) company announced last month. Calling GPT‑5.5‑Cyber its “strongest model yet for finding and helping…
IT Security News Hourly Summary 2026-06-23 06h : 1 posts
1 posts were published in the last hour 3:6 : CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)
CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)
The vulnerability This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)
ISC Stormcast For Tuesday, June 23rd, 2026 https://isc.sans.edu/podcastdetail/9982, (Tue, Jun 23rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, June 23rd, 2026…
IT Security News Hourly Summary 2026-06-23 03h : 2 posts
2 posts were published in the last hour 0:31 : Sniff out stale AI override advice with this open source CLI 0:6 : OpenAI: Yoo-hoo, look over here, we do that security stuff too!
Sniff out stale AI override advice with this open source CLI
Package dependencies can create vulnerabilities that are fiendishly hard to find and stamp out This article has been indexed from www.theregister.com – Articles Read the original article: Sniff out stale AI override advice with this open source CLI
OpenAI: Yoo-hoo, look over here, we do that security stuff too!
A plethora of pwn-prevention, including a ‘Patch The Planet’ pledge This article has been indexed from www.theregister.com – Articles Read the original article: OpenAI: Yoo-hoo, look over here, we do that security stuff too!
The Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration
Unit 42 research details how attackers could exploit global name uniqueness in bucket hijacking to redirect cloud data streams across major CSPs. The post The Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration appeared first on Unit…
Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors
Makers of Chrome, Edge, Firefox back bot-fraud defense called Private Access Control Tokens This article has been indexed from www.theregister.com – Articles Read the original article: Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors
IT Security News Hourly Summary 2026-06-23 00h : 9 posts
9 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-06-22 21:32 : Rootkit Removal: A Step-by-Step Guide 21:32 : New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available 21:32 : Builder…
IT Security News Daily Summary 2026-06-22
168 posts were published in the last hour 21:32 : Rootkit Removal: A Step-by-Step Guide 21:32 : New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available 21:32 : Builder Culture Is Driving New AI Security Challenges 21:32…
Rootkit Removal: A Step-by-Step Guide
Rootkits are sneaky malware that hide deep in your system. Learn how to detect and remove them, and find out how Panda Security keeps you protected. The post Rootkit Removal: A Step-by-Step Guide appeared first on Panda Security Mediacenter. This…
New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available
Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with physical access. The post New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available appeared first on TechRepublic. This article has been…
Builder Culture Is Driving New AI Security Challenges
Vanta finds that builder roles are driving AI adoption and introducing new security risks. The post Builder Culture Is Driving New AI Security Challenges appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Scope Squatting on ClawHub Exposes AI Supply Chain Risks
Scope squatting on ClawHub highlights AI supply chain risks. The post Scope Squatting on ClawHub Exposes AI Supply Chain Risks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Scope Squatting on…
AryStinger Botnet Hijacks 4,300+ Routers to Build Global Attack Proxy Network
A newly discovered botnet called AryStinger has quietly hijacked more than 4,300 routers across the globe, turning them into a silent army of attack proxies. The threat actors behind this campaign are exploiting decade-old vulnerabilities to build a covert reconnaissance…
Malicious GST Debit Note Attachment Deploys Remcos RAT Through Multi-Stage Loader
A sophisticated phishing campaign is actively targeting users in India by disguising malware as a routine GST debit note. The attack delivers a powerful remote access tool called Remcos RAT through a cleverly constructed multi-stage loader, giving attackers deep and…
Windows RAT Uses Encrypted HTTP C2 and Registry Persistence After npm Infection
A newly discovered malware campaign is targeting Windows systems through a deceptive package on the npm registry. Disguised as a legitimate CSS build tool, the malicious package quietly installs a full-featured Remote Access Trojan, or RAT, on developer machines. The…