Cybersecurity and other IT news aggregator

LATEST FEEDS

  • Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

    Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks 2026-06-24 at 19:02 By Cybersecurity researchers have flagged a new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains. The “critical exploitable pattern” has been codenamed Cordyceps by Novee Security. The issue can allow full attacker control of…

  • Credit unions managing $25B in assets join stablecoin infrastructure program

    Credit unions managing $25B in assets join stablecoin infrastructure program 2026-06-24 at 18:49 By Sam Bourgi A new pilot from Stablecore, Circuit and Curql gives participating US credit unions access to test stablecoin payments and other digital asset services. This article is an excerpt from Cointelegraph.com News View Original Source

  • Binance withdraws Greece-filed MiCA application

    Binance withdraws Greece-filed MiCA application 2026-06-24 at 18:47 By Ezra Reguerra Binance said it plans to seek authorization in another EU jurisdiction just days ahead of the July 1 MiCA deadline, as unlicensed crypto firms are expected to wind down activities in the bloc. This article is an excerpt from Cointelegraph.com News View Original Source

  • Trump cancels signing of housing bill with CBDC ban

    Trump cancels signing of housing bill with CBDC ban 2026-06-24 at 18:18 By Turner Wright The 21st Century ROAD to Housing Act included a provision that the US Federal Reserve was barred from issuing or creating a CBDC until 2030, but exempted certain stablecoins. This article is an excerpt from Cointelegraph.com News View Original Source

  • Law enforcement hits StealC and Amadey malware networks

    Law enforcement hits StealC and Amadey malware networks 2026-06-24 at 18:05 By Zeljka Zorz Operation Endgame, the largest international law enforcement operation aimed at disrupting ransomware and cybercrime infrastructure across the world, has claimed its latest targets: StealC and Amadey. The notice on disrupted websites (Source: Microsoft) While developed by separate criminal groups, those two…

  • Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware

    Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware 2026-06-24 at 18:02 By Eduard Kovacs Hundreds of C&C servers were disrupted in an operation involving law enforcement and several cybersecurity companies. The post Microsoft and Allies Smash Shared Infrastructure of Amadey and StealC Malware appeared first on SecurityWeek. This article is an excerpt…

  • Exclusive: Meet AIVEX, a New Triage Model Built to Reduce Supply Chain Threat and Risk

    Exclusive: Meet AIVEX, a New Triage Model Built to Reduce Supply Chain Threat and Risk 2026-06-24 at 17:30 By Kevin Townsend The new framework seeks to help security teams identify which software supply chain vulnerabilities pose the greatest operational, safety, and business risks in AI-driven environments. The post Exclusive: Meet AIVEX, a New Triage Model…

  • Algerian national accused of running cybercrime marketplaces extradited to US

    Algerian national accused of running cybercrime marketplaces extradited to US 2026-06-24 at 17:09 By Sinisa Markovic An Algerian national accused of running online marketplaces that sold phishing kits and fraud tools has been extradited from Spain to the United States to face bank fraud conspiracy charges. The post Algerian national accused of running cybercrime marketplaces…

  • Anthropic’s Claude Tag gives AI agents independent identities

    Anthropic’s Claude Tag gives AI agents independent identities 2026-06-24 at 16:56 By Anamarija Pogorelec Anthropic introduced an agent identity model for Claude Tag, its AI assistant designed for team collaboration in shared workspaces. The model gives Claude its own identity, permissions, and tool access, configured by administrators and tied to a workspace or channel. Because…

  • macOS Weaknesses Chained to Silently Disable Endpoint Security Agents

    macOS Weaknesses Chained to Silently Disable Endpoint Security Agents 2026-06-24 at 16:50 By Eduard Kovacs A standard non-admin account is sufficient to conduct an attack that exploits legitimate OS behavior rather than software vulnerabilities. The post macOS Weaknesses Chained to Silently Disable Endpoint Security Agents appeared first on SecurityWeek. This article is an excerpt from…

  • LokiBot After a Decade: An Analysis of a Recent LokiBot Campaign

    LokiBot After a Decade: An Analysis of a Recent LokiBot Campaign 2026-06-24 at 16:43 By Dawid Nesterowicz In Norse mythology, Loki, the god of mischief, has powerful and deceptive transformation abilities. True to its namesake, the malware LokiBot has appeared in numerous variants and payload formats since its discovery more than a decade ago. In…

  • Disney agrees to $50M settlement for YouTube TV and DirecTV users — find out if you’re eligible for a payout

    Disney agrees to $50M settlement for YouTube TV and DirecTV users — find out if you’re eligible for a payout 2026-06-24 at 16:39 By Reda Wigle The Walt Disney Co. has agreed to resolve a class action lawsuit with a staggering $50 million settlement. This article is an excerpt from Latest Technology News | New…

  • Third DraftKings Hacker Sentenced to 18 Months in Prison

    Third DraftKings Hacker Sentenced to 18 Months in Prison 2026-06-24 at 15:52 By Eduard Kovacs Nathan Austad has been ordered to pay roughly $1.8 million in forfeiture and restitution, and the sentence also includes 3 years of supervised release.  The post Third DraftKings Hacker Sentenced to 18 Months in Prison appeared first on SecurityWeek. This…

  • Dawn of the Apex Agentic Adversary

    Dawn of the Apex Agentic Adversary 2026-06-24 at 15:50 By We are standing at the end of an era we never thought to mourn: the era of human-speed threats. For years, cybersecurity moved to a rhythm organizations could follow. A researcher found a bug, a CVE was cataloged, a vendor navigated a patch cycle, and…

  • SecondFi traces Cardano wallet exploit to address-level issue

    SecondFi traces Cardano wallet exploit to address-level issue 2026-06-24 at 15:38 By Helen Partz Cardano wallet SecondFi traced the incident to an address-level issue and secured 129 million ADA after attackers drained funds from 374 addresses. This article is an excerpt from Cointelegraph.com News View Original Source

  • Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs

    Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs 2026-06-24 at 15:32 By Ionut Arghire The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands. The post Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • CBOE debuts prediction market with S&P 500 contracts

    CBOE debuts prediction market with S&P 500 contracts 2026-06-24 at 15:01 By Zoltan Vardai Cboe launched its first prediction market product tied to the S&P 500 index, citing a growing investor demand for binary options contracts. This article is an excerpt from Cointelegraph.com News View Original Source

  • Phishing attack on healthcare firm Xsolis impacts 1.4 million people

    Phishing attack on healthcare firm Xsolis impacts 1.4 million people 2026-06-24 at 15:00 By Sinisa Markovic Healthcare technology company Xsolis confirmed that a phishing attack resulted in unauthorized access to its network. The company develops AI-powered software for hospitals, health systems, and health plans and serves more than 600 hospitals and health insurers. “On January…

  • SuperOps and Guardz bundle IT operations and security into one product for MSPs

    SuperOps and Guardz bundle IT operations and security into one product for MSPs 2026-06-24 at 15:00 By Industry News SuperOps and Guardz announced a strategic partnership, combining their platforms into a single bundled offering for managed service providers (MSPs). The package brings professional services automation (PSA), remote monitoring and management (RMM), mobile device management (MDM),…

  • Agentic AI Security: Wrong Context, Wrong Decisions at Machine Speed

    Agentic AI Security: Wrong Context, Wrong Decisions at Machine Speed 2026-06-24 at 15:00 By Kevin Townsend Context is the central plank of AI in general, and agentic AI in particular. If an AI system doesn’t have the correct context, it cannot make the correct decisions. The post Agentic AI Security: Wrong Context, Wrong Decisions at…

  • New ‘Mistic’ RAT Opens Door to Several Ransomware Families

    New ‘Mistic’ RAT Opens Door to Several Ransomware Families 2026-06-24 at 14:42 By Ionut Arghire Mistic is used by Woodgnat, an initial access broker working with Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta. The post New ‘Mistic’ RAT Opens Door to Several Ransomware Families appeared first on SecurityWeek. This article is an excerpt from…

  • Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)

    Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230) 2026-06-24 at 14:36 By Zeljka Zorz CVE-2026-20230, a server-side request forgery (SSRF) vulnerability affecting Cisco’s Unified Communications Manager (Unified CM), is being exploited to drop webshells and achieve remote code execution capability on the underlying server. “Our honeypots are seeing automated sweeps dropping webshells, all…

  • CryptoQuant warns on Strategy’s dividend coverage as cash reserve falls 38%

    CryptoQuant warns on Strategy’s dividend coverage as cash reserve falls 38% 2026-06-24 at 14:34 By Zoltan Vardai Strategy’s cash reserves are now enough to pay only 14 months of dividends from the previous seven-year level. CryptoQuant said the company should pause Bitcoin purchases and rebuild its reserves. This article is an excerpt from Cointelegraph.com News…

  • Aave positioned to capture tokenized asset growth in DeFi: Standard Chartered

    Aave positioned to capture tokenized asset growth in DeFi: Standard Chartered 2026-06-24 at 14:21 By Ezra Reguerra Standard Chartered said tokenized assets moving into DeFi could drive deposits into Aave and help the protocol rebuild its position as a dominant onchain lending platform. This article is an excerpt from Cointelegraph.com News View Original Source

  • Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

    Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking 2026-06-24 at 13:55 By Ionut Arghire The security defects allow unauthenticated users to take control of the open source software supply chain. The post Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original…

  • BeyondTrust, LastPass Impacted by Klue-Salesforce Incident

    BeyondTrust, LastPass Impacted by Klue-Salesforce Incident 2026-06-24 at 13:03 By Ionut Arghire Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances. The post BeyondTrust, LastPass Impacted by Klue-Salesforce Incident appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker

    Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker 2026-06-24 at 13:00 By Threat Hunter Team Stealthy new backdoor used in cybercrime intrusions since April 2026 may be associated with Woodgnat (aka KongTuke), an initial access broker whose ModeloRAT toolkit has fed Qilin and other ransomware operations. This article is an excerpt from SECURITY.COM…

  • LastPass customer data exposed through Klue supply chain attack

    LastPass customer data exposed through Klue supply chain attack 2026-06-24 at 12:59 By Sinisa Markovic LastPass disclosed that attackers used OAuth tokens compromised in a supply chain attack on Klue, a market intelligence platform that integrates with CRM and sales tools across organizations, to access customer data stored in its Salesforce environment. “On June 12th…

  • BTC price four-year trend calls for $76K as analysis says Bitcoin ‘not broken’

    BTC price four-year trend calls for $76K as analysis says Bitcoin ‘not broken’ 2026-06-24 at 12:40 By William Suberg Bitcoin research said that BTC price action remained in tune with previous cycles as the bear market produces a 20% discount to its four-year “adoption structure” trend line. This article is an excerpt from Cointelegraph.com News…

  • Google Workspace expands password reset alerts to all admins

    Google Workspace expands password reset alerts to all admins 2026-06-24 at 12:07 By Anamarija Pogorelec Google’s Alert Center, a dashboard in the Google Admin console that displays security and administrative alerts and helps administrators identify, investigate, and respond to issues affecting their organization, is expanding the “Super Admin password reset” alert into the “Admin password…

  • Can Thought Leadership Erode Leadership Credibility?

    Can Thought Leadership Erode Leadership Credibility? 2026-06-24 at 12:00 By A discussion on how much thought leadership contribution is too much. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

  • South Korea adds token securities to capital market overhaul

    South Korea adds token securities to capital market overhaul 2026-06-24 at 11:56 By Ezra Reguerra South Korea’s Financial Services Commission has placed token securities infrastructure within a wider capital-market modernization plan covering faster settlement, longer trading hours and digital transformation. This article is an excerpt from Cointelegraph.com News View Original Source

  • DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering

    DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering 2026-06-24 at 11:55 By The U.S. Department of Justice (DoJ) on Tuesday announced the seizure of a cloud computing account put to use by subsidiaries of Cambodia-based corporate conglomerate HuiOne Group, as the Treasury unveiled fresh sanctions against nine individuals and 26 entities linked…

  • Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

    Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root 2026-06-24 at 11:27 By Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME). The vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a…

  • Webinar Today: Modern Exposure Validation in the AI Era

    Webinar Today: Modern Exposure Validation in the AI Era 2026-06-24 at 11:04 By SecurityWeek News The exploit timeline collapsed. Make sure your validation didn’t. The post Webinar Today: Modern Exposure Validation in the AI Era appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • Qodo expands platform to help teams govern AI-generated code and engineering standards

    Qodo expands platform to help teams govern AI-generated code and engineering standards 2026-06-24 at 10:46 By Industry News Qodo has announced three new platform capabilities: Cross-Repo Code Review, Custom Rules Miner, and Skill Review Standards. These new capabilities address a set of governance gaps that have emerged as AI-generated code reaches enterprise scale. AI agents…

  • Brinqa BYOAI lets organizations use any AI platform with trusted risk data

    Brinqa BYOAI lets organizations use any AI platform with trusted risk data 2026-06-24 at 10:31 By Industry News Brinqa BYOAI (Bring Your Own AI), a capability that enables organizations to connect any AI agent, large language model (LLM), or automation platform to Brinqa’s exposure intelligence layer. As enterprises adopt AI, they need to ensure that…

  • Cequence introduces behavioral bot detection and biometric verification without CAPTCHAs

    Cequence introduces behavioral bot detection and biometric verification without CAPTCHAs 2026-06-24 at 10:22 By Industry News Cequence Security has announced the launch of Intent Graph and Biometric Check, two new capabilities that extend the behavioral architecture Cequence has built since its inception. They provide enterprises with bot defense that works across web, mobile, API, and…

  • OpenPayd secures MiCA license as stablecoin adoption grows in Europe

    OpenPayd secures MiCA license as stablecoin adoption grows in Europe 2026-06-24 at 10:17 By Helen Partz OpenPayd, which provides infrastructure to companies including Kraken crypto exchange, can now offer regulated crypto services across Europe under MiCA. This article is an excerpt from Cointelegraph.com News View Original Source

  • New Secure Code Warrior framework helps CISOs govern AI-driven software development

    New Secure Code Warrior framework helps CISOs govern AI-driven software development 2026-06-24 at 10:12 By Industry News Secure Code Warrior has introduced its new SCW AI Adoption Model, a practical framework that maps the progression of AI use in software development, from minimal AI assistance to fully autonomous agentic orchestration. The framework helps CISOs assess…

  • DigiCert brings independent trust validation to confidential computing environments

    DigiCert brings independent trust validation to confidential computing environments 2026-06-24 at 10:03 By Industry News DigiCert has announced it is bringing independent trust validation to confidential computing environments, in collaboration with Google Cloud. By applying the proven principles of Public Key Infrastructure (PKI) to cloud infrastructure, DigiCert will provide cryptographic verification that cloud-hosted systems and…

  • US nears ban on CBDCs until 2030 as housing bill goes to Trump

    US nears ban on CBDCs until 2030 as housing bill goes to Trump 2026-06-24 at 09:06 By Jesse Coghlan The House passed a housing bill with a central bank digital currency ban until 2030, meaning it now just needs US President Donald Trump’s sign-off. This article is an excerpt from Cointelegraph.com News View Original Source

  • Catholic leaders, US authorities challenge CLARITY Act over illicit activity

    Catholic leaders, US authorities challenge CLARITY Act over illicit activity 2026-06-24 at 09:06 By Martin Young “Regulatory certainty should not come at the expense of accountability, transparency, victim protection, or public safety,” the law enforcement associations said. This article is an excerpt from Cointelegraph.com News View Original Source

  • Hackers Exploiting Cisco Unified CM Vulnerability

    Hackers Exploiting Cisco Unified CM Vulnerability 2026-06-24 at 08:44 By Eduard Kovacs Cisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June. The post Hackers Exploiting Cisco Unified CM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • How School Security Looks During Summer Months

    How School Security Looks During Summer Months 2026-06-24 at 08:00 By Here, Security magazine discusses these changes with Guy Grace, ASSA ABLOY’s K-12 National Security Program Manager.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

  • Senate Dems urge probe into $500M crypto deal between Trumps, UAE

    Senate Dems urge probe into $500M crypto deal between Trumps, UAE 2026-06-24 at 07:12 By Jesse Coghlan Democrats want the Senate to hold hearings on the dealings between the Trump administration, World Liberty Financial and Abu Dhabi royalty. This article is an excerpt from Cointelegraph.com News View Original Source

  • Cybersecurity jobs available right now: June 24, 2026

    Cybersecurity jobs available right now: June 24, 2026 2026-06-24 at 07:00 By Anamarija Pogorelec Application Security Leader DriveNets | Israel | Hybrid – View job details As an Application Security Leader, you will define security requirements, drive secure coding practices, oversee vulnerability management, and integrate security testing and automation into development pipelines. You will establish…

  • Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says

    Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says 2026-06-24 at 06:29 By Associated Press Come vulnerabilities were found within hours, but that does not mean the model was able to exploit them within that time, the official said. The post Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official…

  • StarkWare introduces ‘Private KYC’ to address personal data breaches

    StarkWare introduces ‘Private KYC’ to address personal data breaches 2026-06-24 at 06:14 By Martin Young “Identity checks today ask for your whole document when they only need one fact,” Starknet said. This article is an excerpt from Cointelegraph.com News View Original Source

  • CFTC sues Kentucky after state’s prediction market lawsuits

    CFTC sues Kentucky after state’s prediction market lawsuits 2026-06-24 at 05:40 By Felix Ng The Commodity Futures Trading Commission has sued Kentucky, now the ninth state the regulator is battling in its fight over prediction markets. This article is an excerpt from Cointelegraph.com News View Original Source

Browse older archives

Scroll to Top