Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium’s zLabs researchers have published a detailed analysis of Rokarolla, a new Android banking trojan named after its command-and-control infrastructure.…
AI Use by the US Government
On 14 April, the Trump administration quietly acknowledged the widespread use of AI to automate government processes. The office of management and budget (OMB) disclosed a staggering 3,611 active or planned use cases for AI across the federal government. The…
24 billion stolen records found in giant data dump. Check if you’re affected
Researchers found an exposed collection of 24 billion stolen records, including usernames, passwords, and other sensitive account data. This article has been indexed from Malwarebytes Read the original article: 24 billion stolen records found in giant data dump. Check if…
Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the “RoguePlanet” exploit, and is “working to provide a high quality security update that addresses this vulnerability.” The vulnerability, which has been assigned…
Anthropic Pushes Back Against US Order Restricting Claude Fable 5, Backed by Cybersecurity Experts
Anthropic is challenging the US government’s order that restricts foreign nationals from using Claude Fable 5, with backing from many cybersecurity professional Thank you for being a Ghacks reader. The post Anthropic Pushes Back Against US Order Restricting Claude Fable…
ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat
A detailed ESET MDR vs Sophos MDR comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
Attackers Exploit Cloud Logging Platforms to Hide Malicious Activity
Attackers are increasingly targeting cloud logging platforms to evade detection and maintain persistent visibility into compromised environments. The report highlights how critical services such as AWS CloudTrail and Google Cloud Logging, designed to provide comprehensive audit trails, are being actively…
Hackers Compromised 140+ Mastra npm Packages to Deploy Password-Stealing Malware
A sophisticated supply chain attack has targeted the Mastra-AI npm ecosystem, with researchers from Microsoft and Socket identifying over 141 compromised packages designed to silently deploy an infostealer payload on developer machines, CI/CD runners, and build environments. The campaign, detected…
U.S. Commerce Dept Imposes Export Controls on Anthropic’s Claude Mythos 5 and Fable 5
The Bureau of Industry and Security (BIS) has issued a landmark “Is Informed” letter to Anthropic CEO Dario Amodei, mandating that the company obtain an individually validated export license before sharing its Claude Mythos 5 and Claude Fable 5 AI…
Helpdesk scammers are making house calls to make their lies feel more real
15-year-old among six arrested after Dutch cops target suspected bank fraud call center This article has been indexed from www.theregister.com – Articles Read the original article: Helpdesk scammers are making house calls to make their lies feel more real
Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack
The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
What’s new in Android 17? Anti-theft tools, scam detection, and parental controls
The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year. Security and privacy updates Google has improved location privacy features so users can choose to share…
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session…
Malwarebytes earns AV-TEST Top Product award, aces other third-party tests
Malwarebytes got top marks in independent tests against malware, phishing, and other online threats. This article has been indexed from Malwarebytes Read the original article: Malwarebytes earns AV-TEST Top Product award, aces other third-party tests
How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door
CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise’s PostgreSQL sidecar service. An unauthenticated attacker can write files and chain the primitive to RCE. A public PoC exists; no workaround, patch only. How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into…
Nmap for Beginners: Understanding Scans Before You Run Them
Nmap measures port states, service versions, and OS fingerprints by analyzing how targets respond to crafted packets. This guide explains the concepts behind each scan type so the output makes sense from the first run. Nmap for Beginners: Understanding Scans…
Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day
The public PoC code exploits a race condition in Microsoft Defender to spawn a command prompt with System privileges. The post Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects
Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY, Chainguard, Cisco, Cloudflare, Corridor, DepthFirst,…
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. “Every plugin poses as an AI coding assistant built on DeepSeek…
EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks
Ukraine has been added to the EU Cybersecurity Reserve, which provides incident response services against large-scale incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks
IT Security News Hourly Summary 2026-06-17 12h : 6 posts
6 posts were published in the last hour 9:32 : Intel Brings New 18A-P Process Online 9:32 : SprySOCKS Windows Backdoor Uses Kernel Driver to Hide Processes, Files, and Network Traffic 9:32 : FulcrumSec Targets Novo Nordisk, Leaks Clinical and…
Intel Brings New 18A-P Process Online
Struggling chipmaker begins early-stage production with latest 18A-P process, as it pushes ahead with foundry plans This article has been indexed from Silicon UK Read the original article: Intel Brings New 18A-P Process Online
SprySOCKS Windows Backdoor Uses Kernel Driver to Hide Processes, Files, and Network Traffic
Windows variants of SprySOCKS, a backdoor long associated with FishMonger (aka Earth Lusca/TAG-22), expanding a toolset that was until now Linux-only. The two Windows builds internally labelled WIN_DRV and WIN_PLUS preserve the original SprySOCKS protocol and command set while adding…
FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data
FulcrumSec leaked data stolen from Novo Nordisk, claiming to have exfiltrated 1.3TB, including clinical records and AI research assets. On June 15, 2026, a data-theft extortion group calling itself FulcrumSec began leaking files from Novo Nordisk, the Danish maker of…