Cybersecurity and other IT news aggregator

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards 2026-06-27 at 15:19 By OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model…

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys 2026-06-26 at 22:38 By The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can restore…

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks 2026-06-26 at 21:17 By A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the moniker StrikeShark, said the…

Mom gets groundbreaking mastectomy from a $2M robot named Carol — and went to the beach with a tiny scar weeks later 2026-06-26 at 20:26 By Allie Yang The robot was cleared by the FDA a few months ago to perform the delicate surgery that avoids skin and preserves the nipple. This article is an…

Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign 2026-06-26 at 19:21 By A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. The activity, particularly aimed at state-owned enterprises in the…

Security Leaders Discuss Texas Hunting, Fishing License Data Breach 2026-06-26 at 18:30 By The Texas Parks and Wildlife Department reported that the personal information of more than three million Texas hunting and fishing license customers may have been affected by a recent data breech. This article is an excerpt from Subscribe to Security Magazine’s RSS…

🎙️SECURITY.COM The Podcast: The Parasite in the Machine: Unmasking the Speagle Infostealer 2026-06-26 at 17:30 By Enterprise Security Group Innocuous error reports, hypersonic targets, and a mystery with no fingerprints This article is an excerpt from SECURITY.COM View Original Source

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries 2026-06-26 at 16:57 By A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working…

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs 2026-06-26 at 16:53 By A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon…

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue 2026-06-26 at 15:31 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its…

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets 2026-06-26 at 14:51 By DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it lets a local…

Guardian Agents: The Next Layer of Identity Governance 2026-06-26 at 14:30 By AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn’t designed for autonomous actors, and the gap between what enterprises are deploying and what…

Google Details Turla’s New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks 2026-06-26 at 13:42 By The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy.…

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant 2026-06-26 at 12:27 By An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP files to drop a Node.js implant and dig into front-desk machines, Microsoft says. The company has not attributed the…

Identifying Government Leaders Who Will Succeed in Corporate Security 2026-06-26 at 12:00 By A candidate’s background and career level by themselves do not forecast results. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Russia Used Cellebrite on Jailed Activist’s iPhone Months After Sales Cutoff 2026-06-26 at 11:49 By Russian authorities used Cellebrite’s UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021, three months after Cellebrite said it would stop selling its tools and services to Russia and Belarus. The finding,…

AI Is Outpacing Cyber Defense: Security Must Shift from Reaction to Readiness 2026-06-26 at 10:00 By Cybersecurity is entering a phase in which the pace of artificial intelligence advancement is outpacing traditional defense models. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source