Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains. The post Trust No Skill: Integrity Verification for AI Agent Supply Chains appeared first on Unit 42. This article has been…
BLUERABBIT Backdoor Encrypts Files, Wipes Windows Systems
A new Golang-based backdoor dubbed BLUERABBIT has been observed performing combined data theft, file encryption and destructive disk wiping against Windows hosts. First seen in mid-to-late March 2026 and suspected to target Israeli entities, BLUERABBIT implements a full-spectrum intrusion framework:…
Fortinet patched a new critical FortiSandbox flaw
Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address several vulnerabilities affecting FortiSandbox, FortiOS, FortiProxy, and FortiPortal. The most severe issue, tracked as CVE-2026-25089 (CVSS…
OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a prolonged cyber espionage operation aimed at a Vietnamese infrastructure…
Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed This article has been indexed from www.infosecurity-magazine.com Read the original article: Extortion-Only Attacks Increase, With Data Theft Dominating…
IT Security News Hourly Summary 2026-06-11 12h : 8 posts
8 posts were published in the last hour 10:2 : Canada Proposes Social Media Ban For Under 16s 10:2 : Judge Denies New Trial For Meta, Google After California Decision 10:2 : Hackers Use Residential Proxies Networks to Evade Detection…
Canada Proposes Social Media Ban For Under 16s
Proposed legislation would create digital regulator, allow platforms to apply for exemptions if they meet safety rules This article has been indexed from Silicon UK Read the original article: Canada Proposes Social Media Ban For Under 16s
Judge Denies New Trial For Meta, Google After California Decision
Judge denies argument by Meta, Google that Instagram, YouTube exempt from prosecution due to free speech laws This article has been indexed from Silicon UK Read the original article: Judge Denies New Trial For Meta, Google After California Decision
Hackers Use Residential Proxies Networks to Evade Detection
The impact of residential proxies across our customer base by compiling billions of DNS resolutions and the associated network telemetry. The Kimwolf Botnet inside our enterprise customer networks. Follow‑up analysis of billions of DNS resolutions across Infoblox Threat Defense Cloud customers reveals a…
‘GreatXML’ Zero-Day Exploit Bypasses BitLocker
The PoC exploits Microsoft Defender’s offline scan to spawn a SYSTEM shell when rebooting in Recovery Mode. The post ‘GreatXML’ Zero-Day Exploit Bypasses BitLocker appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ‘GreatXML’…
Microsoft Exchange Server 0-Day Vulnerability Exploited in Attacks Using Weaponized Email
Microsoft has confirmed active exploitation of a new zero‑day spoofing flaw in on‑premises Exchange Server, tracked as CVE‑2026‑42897. The flaw allows attackers to execute arbitrary JavaScript in Outlook Web Access (OWA) simply by sending a weaponized email that a victim…
China-Linked JDY Botnet Uses 1,500+ SOHO and IoT Devices for Rapid Vulnerability Exploitation
A China-linked network of compromised routers and smart devices has grown into one of the most capable reconnaissance tools tied to a nation-state threat group. Researchers have identified a major resurgence of a botnet known as JDY, which now controls…
9 out of 10 people can no longer distinguish real from AI-generated content
Online fraud is becoming harder to distinguish from legitimate activity as AI-generated messages, voices, photos, reviews, and identities become more convincing. Nearly nine in ten adults say they can no longer tell what is real from AI-generated content, according to…
New “Agentjacking” Attacks Could Hijack AI Coding Agents
Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code This article has been indexed from www.infosecurity-magazine.com Read the original article: New “Agentjacking” Attacks Could Hijack AI Coding Agents
China Warns Of Malicious AI Agent Extensions
Hackers deploying extensions that trick AI agents into downloading, deploying crypto-mining tools on users’ systems This article has been indexed from Silicon UK Read the original article: China Warns Of Malicious AI Agent Extensions
Researchers Uncover BTMOB Malware Capable of Taking Over Android Phones
In the Android threat landscape, a new malware operation has been rapidly expanding, reducing the barriers to entry for cybercriminals while simultaneously enhancing their offensive capabilities significantly. Security researchers have identified BTMOB, an Android remote access trojan (RAT) derived…
Check Point expands MSP platform with with AI governance and unified security bundles
Check Point has announced a major expansion of its Managed Service Provider (MSP) platform, designed to help MSPs secure AI adoption, streamline operations and simplify managed security delivery. The announcement brings together three strategic innovations under a single MSP vision:…
Met Police Warns Of Cuts After Mayor Blocks £50m Palantir Deal
Metropolitan Police Commissioner says force may have to cut front-line services after Mayor of London bars Palantir contract This article has been indexed from Silicon UK Read the original article: Met Police Warns Of Cuts After Mayor Blocks £50m Palantir…
Kainos To Hire Hundreds In Northern Ireland
Northern Ireland’s largest software company expects to create 341 roles over next three years amid rising demand for AI services This article has been indexed from Silicon UK Read the original article: Kainos To Hire Hundreds In Northern Ireland
Amazon Opening Pair Of Warehouses In Northamptonshire
Seattle e-commerce giant opens warehouse in Northampton, plans another for Kettering this autumn, amid broader investment This article has been indexed from Silicon UK Read the original article: Amazon Opening Pair Of Warehouses In Northamptonshire
JDY Botnet Evolves After KV Takedown, Targets Military Networks
JDY botnet scans SOHO/IoT devices globally to map services and targets, especially US military networks. Lumen’s Black Lotus Labs reported the resurgence of the JDY botnet, a covert reconnaissance network tied to Chinese state-sponsored hacking groups including Volt Typhoon. The…
University of Nottingham Confirms Breach After Hackers Leak Data
The ShinyHunters hacker group has taken credit for the attack, leaking more than 450,000 email addresses and other information. The post University of Nottingham Confirms Breach After Hackers Leak Data appeared first on SecurityWeek. This article has been indexed from…
IDnow launches Trust Platform to help regulated firms move from KYC to continuous trust
IDnow has announced the launch of the IDnow Trust Platform, designed to help regulated organisations orchestrate identity verification, fraud prevention, biometric authentication, and qualified digital trust services throughout the customer lifecycle. “The identity industry is entering its biggest transformation since…
APT28, an evolution of tradecraft
Context Sekoia’s Threat Detection & Research (TDR) team has been tracking APT28 for several years. The intrusion set, also known as Fancy Bear, Forest Blizzard, Sofacy, Pawn Storm or Sednit and publicly attributed to the GRU’s Unit 26165, is one…