Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and…
GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
Miasma worm shapeshifts, but cloud secret-scouting remains the goal This article has been indexed from www.theregister.com – Articles Read the original article: GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
Vulnerability Summary for the Week of June 1, 2026
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 10Web–Photo Gallery by 10Web Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection. This issue…
Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts
Meta has revealed that attackers hijacked 20,225 Instagram accounts by exploiting a flaw in the company’s AI-assisted account recovery system. According to the company, a vulnerability in High Touch Support (HTS) allowed unauthorized parties to perform password resets on Instagram…
OpenAI Unveils ChatGPT Account Security Controls
OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenAI Unveils ChatGPT Account Security Controls
Pink Hacking Group Targets Enterprises to Steal Cloud Passwords
A newly observed extortion brand called Pink (CL-CRI-1147) that is actively targeting enterprise users to harvest cloud storage credentials and bypass multi-factor authentication. The group’s leak site went live on May 31, 2026, and its operations combine social engineering with…
Massachusetts votes to pass new privacy rights bill that bans sale of precise location data
The bill is expected to blanket ban companies and startups from selling people’s precise location data across the state. This article has been indexed from Security News | TechCrunch Read the original article: Massachusetts votes to pass new privacy rights…
WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order
The Meta-owned communications app is filing a federal court contempt order against NSO. The post WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: WhatsApp…
New Relic expands observability into AI-assisted software development
New Relic has announced AI Coding Observability, an open-source tool for monitoring AI-assisted software development workflows. As organizations adopt AI coding assistants, these tools often operate outside existing observability systems, limiting visibility into their use. AI Coding Observability extends monitoring…
The Hardest Fork
Mythos is real. I know a big chunk of the industry thinks it’s a marketing stunt, and I get why. I get it. But I’ve seen the findings, and they’re bad. These aren’t “whoops, this line right here is wrong,…
AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload
Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review,…
Cybersecurity M&A Roundup: 26 Deals Announced in May 2026
Significant cybersecurity M&A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler. The post Cybersecurity M&A Roundup: 26 Deals Announced in May 2026 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
AI Security Funding Surge; SentinelOne Layoffs
Five cybersecurity companies raised a combined $116 million in Series A funding this week, with AI security platforms capturing the largest share despite persistent technical challenges in the field. This article has been indexed from CyberMaterial Read the original article:…
IT Security News Hourly Summary 2026-06-08 15h : 10 posts
10 posts were published in the last hour 12:35 : Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts 12:35 : OWASP Releases AI Security Report to Empower Security Professionals with New Tools 12:34 : NSO Group back…
Multiple VMware Stored XSS Flaw Enable Attackers to Inject Malicious Scripts
VMware has disclosed multiple high-severity stored cross-site scripting (XSS) vulnerabilities affecting VMware Cloud Foundation (VCF) Operations, potentially allowing attackers to inject malicious scripts and compromise administrative environments. The issues, tracked as CVE-2026-41722, CVE-2026-41723, and CVE-2026-41724, were published under advisory VMSA-2026-0004…
OWASP Releases AI Security Report to Empower Security Professionals with New Tools
OWASP has released the “State of Agentic AI Security and Governance v2.01” report, a technical blueprint aimed at security teams racing to secure rapidly proliferating autonomous AI agents in production. The report, part of the OWASP GenAI Security Project’s Agentic…
NSO Group back in Meta’s crosshairs after alleged WhatsApp targeting
Zuckercorp says surveillance-for-hire vendor was still running phishing operations after federal court told it to knock it off This article has been indexed from www.theregister.com – Articles Read the original article: NSO Group back in Meta’s crosshairs after alleged WhatsApp…
Everest Forms Vulnerability Exploited to Hack WordPress Sites
The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months. The post Everest Forms Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)
A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the company announced on Monday. About CVE-2026-50751 Check Point Remote Access VPN enables and secures connections between…
Prompt Injection Remains Unsolved Architectural Problem
Prompt injection continues to pose a fundamental security challenge for AI systems that researchers have yet to solve at the architectural level, according to Ariel Fogel, an AI security researcher at Pillar Security who presented at Infosecurity Europe 2026. This…
VerdantBamboo Deploys BSD BRICKSTORM on Linux
Cybersecurity researchers at Volexity have identified a new campaign by the China-nexus threat group VerdantBamboo, which has adapted its toolset to target Linux and BSD systems with multiple malware families. This article has been indexed from CyberMaterial Read the original…
Meta AI Tool Flaw Exposed 20K+ Instagram Accounts
Meta disclosed that a critical flaw in its AI-assisted Instagram account recovery tool exposed more than 20,000 user accounts to takeover attacks over a seven-week period in 2026. This article has been indexed from CyberMaterial Read the original article: Meta…
Samsung One UI 9 Adds Lockdown Mode to Power Menu
Samsung has introduced a new security feature in the One UI 9 beta that places Lockdown mode directly in the power menu, making it more accessible to Galaxy phone users. This article has been indexed from CyberMaterial Read the original…
Open Source Community Unprepared for EU CRA Deadline
The open source community faces widespread unpreparedness for the European Union’s Cyber Resilience Act (CRA) deadline in December 2027, according to a new report from the Open Source Security Foundation (OpenSSF). This article has been indexed from CyberMaterial Read the…