Cybersecurity and other IT news aggregator

LATEST FEEDS

  • Majority of Internet-Accessible REDCap Servers Outdated

    Majority of Internet-Accessible REDCap Servers Outdated 2026-06-18 at 20:07 By Ionut Arghire These servers are regularly targeted by China-linked UNC6508 for initial access and backdoor deployment. The post Majority of Internet-Accessible REDCap Servers Outdated appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • Bitcoin miners need billions to fund AI ambitions, led by IREN’s $21B gap

    Bitcoin miners need billions to fund AI ambitions, led by IREN’s $21B gap 2026-06-18 at 19:56 By Sam Bourgi IREN leads public Bitcoin miners with a projected $21.1 billion AI infrastructure funding gap, underscoring the capital-intensive nature of converting mining sites into data centers. This article is an excerpt from Cointelegraph.com News View Original Source

  • Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

    Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network 2026-06-18 at 19:42 By If an autonomous AI agent interacts with your company’s core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is a simple no. The rush to adopt internal AI…

  • ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

    ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories 2026-06-18 at 19:42 By The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS attacks ran in memory and…

  • Chinese Hackers Targeting AI, Cyber and National Defense Research

    Chinese Hackers Targeting AI, Cyber and National Defense Research 2026-06-18 at 19:20 By The campaign was undetected for more than one year.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

  • Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2

    Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 2026-06-18 at 18:06 By Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026. “The clipper in this campaign relies on Windows Script Host and ActiveX-driven logic to launch a bundled Tor proxy and poll…

  • INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023

    INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023 2026-06-18 at 18:06 By Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime groups in 2026, claiming no less than 830 victims since August 2023. “The disruption of LockBit…

  • The Scripts on Your Checkout Page Are Now a PCI DSS Problem

    The Scripts on Your Checkout Page Are Now a PCI DSS Problem 2026-06-18 at 18:06 By An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout, their browser is running far more…

  • Bitcoin to $145K by October? Why this ‘crazy accurate’ 4chan prediction is sketchy

    Bitcoin to $145K by October? Why this ‘crazy accurate’ 4chan prediction is sketchy 2026-06-18 at 17:46 By Yashu Gola A viral 4chan Bitcoin prediction appears to have nailed past BTC prices, but edited targets and impossible supply claims weaken its $145,000 call. This article is an excerpt from Cointelegraph.com News View Original Source

  • What happens when ChatGPT becomes the front door to crypto

    What happens when ChatGPT becomes the front door to crypto 2026-06-18 at 17:30 By Dilip Kumar Patairya ChatGPT could become crypto’s new onboarding gateway, making Bitcoin and wallets easier to use while creating new trust risks. This article is an excerpt from Cointelegraph.com News View Original Source

  • Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned

    Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned 2026-06-18 at 17:21 By Zeljka Zorz SocGholish, an operation that’s been delivering malware to users via fake software updates, has suffered a major blow: the international law enforcement coalition behind Operation Endgame has taken down 106 of its servers and domains, and cleaned up nearly…

  • Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem

    Operation FanTrap: Inside the FIFA 2026 Fraud Ecosystem 2026-06-18 at 17:05 By Ashish Khaitan Executive Summary  The FIFA World Cup 2026 has become more than a global sporting event. It has evolved into a large-scale cybercrime opportunity exploited by threat actors through a coordinated ecosystem of fraudulent domains, social media channels, messaging platforms, pirated streaming…

  • Ledn adds Tether Gold as loan collateral, expanding Bitcoin-backed lending model

    Ledn adds Tether Gold as loan collateral, expanding Bitcoin-backed lending model 2026-06-18 at 17:00 By Sam Bourgi Ledn’s addition of Tether Gold lending comes as tokenized commodities expand, with the sector accounting for nearly 17% of the $43 billion RWA market. This article is an excerpt from Cointelegraph.com News View Original Source

  • Operation FlutterBridge: The FlutterShell macOS Backdoor

    Operation FlutterBridge: The FlutterShell macOS Backdoor 2026-06-18 at 17:00 By Maor Gabay Identified through macOS endpoint monitoring, the CL-CRI-1089 cluster, delivered under the publicly reported Operation FlutterBridge campaign, demonstrates a deliberate misuse of the Flutter framework for macOS malware delivery. Rather than re-documenting the campaign itself, this report treats the recovered FlutterShell artifacts as a…

  • DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic

    DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic 2026-06-18 at 16:30 By Threat actors associated with the DragonForce ransomware have been observed using a custom Go-based remote access trojan (RAT) called Backdoor.Turn to conceal command-and-control (C2) traffic inside Microsoft Teams relay infrastructure. According to findings from Broadcom-owned Symantec and Carbon Black, the…

  • Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push

    Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push 2026-06-18 at 16:08 By Eduard Kovacs The deal values industrial cybersecurity giant Dragos at $3.25 billion, and runZero and NetRise will operate under Dragos. The post Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in…

  • Malware attacks strip Roblox developers of entire games

    Malware attacks strip Roblox developers of entire games 2026-06-18 at 15:41 By Sinisa Markovic Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games on it. Successful games can generate substantial revenue through in-game purchases. Some developers…

  • eSentire links AI-led penetration testing with MDR through Atlas Preempt

    eSentire links AI-led penetration testing with MDR through Atlas Preempt 2026-06-18 at 15:39 By Industry News eSentire has announced the launch of Atlas Preempt, a component of the company’s Atlas Platform. Atlas Preempt performs continuous, AI-driven offensive testing against customer environments to identify which exposures attackers can reach and feeds that data into eSentire’s 24/7…

  • No Exploits Required

    No Exploits Required 2026-06-18 at 15:30 By Tod Beardsley Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. The post No Exploits Required appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • 74,000 Fortinet firewall credentials exposed in FortiBleed data leak

    74,000 Fortinet firewall credentials exposed in FortiBleed data leak 2026-06-18 at 15:10 By Zeljka Zorz A Russian-speaking cybercriminal group has stolen credentials contained in the configuration files of nearly 74,000 Fortinet firewalls and VPN gateways around the world. The data was accidentally exposed by the group on a server, along with other artifacts and tools,…

  • Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network

    Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network 2026-06-18 at 14:58 By If an autonomous AI agent interacts with your company’s core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is a simple no. The rush to adopt internal AI…

  • Dream Raises $260 Million at $3 Billion Valuation

    Dream Raises $260 Million at $3 Billion Valuation 2026-06-18 at 14:55 By Ionut Arghire The Israeli startup provides sovereign AI and cyber defenses for governments and critical infrastructure. The post Dream Raises $260 Million at $3 Billion Valuation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • The Scripts on Your Checkout Page Are Now a PCI DSS Problem

    The Scripts on Your Checkout Page Are Now a PCI DSS Problem 2026-06-18 at 14:00 By An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout, their browser is running far more…

  • Atlassian, Splunk Patch Critical Vulnerabilities

    Atlassian, Splunk Patch Critical Vulnerabilities 2026-06-18 at 13:59 By Ionut Arghire Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies. The post Atlassian, Splunk Patch Critical Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • Rokarolla Banking Trojan Targets 200 Applications

    Rokarolla Banking Trojan Targets 200 Applications 2026-06-18 at 13:42 By Eduard Kovacs The Android malware allows its operators to take control of infected devices and harvest sensitive information. The post Rokarolla Banking Trojan Targets 200 Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • Critical Command Execution Vulnerability Patched in Cisco ISE

    Critical Command Execution Vulnerability Patched in Cisco ISE 2026-06-18 at 13:27 By Ionut Arghire Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root. The post Critical Command Execution Vulnerability Patched in Cisco ISE appeared first on SecurityWeek. This article is an excerpt from…

  • Grayscale applies traditional finance models to AAVE, sees $175 value

    Grayscale applies traditional finance models to AAVE, sees $175 value 2026-06-18 at 12:45 By Ezra Reguerra Grayscale and CoinShares are applying traditional valuation techniques to crypto assets as institutions explore revenue-generating DeFi protocols. This article is an excerpt from Cointelegraph.com News View Original Source

  • F5 Patches Critical, High-Severity NGINX Vulnerabilities

    F5 Patches Critical, High-Severity NGINX Vulnerabilities 2026-06-18 at 12:39 By Ionut Arghire Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code. The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

  • GentleKiller targets more than 400 security processes across 48 products

    GentleKiller targets more than 400 security processes across 48 products 2026-06-18 at 12:00 By Anamarija Pogorelec Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR)…

  • SailPoint to Acquire Entro in Reported $200 Million Deal

    SailPoint to Acquire Entro in Reported $200 Million Deal 2026-06-18 at 11:36 By Eduard Kovacs Israel-based Entro specializes in non-human identity and credential security solutions, and it will enable SailPoint to enhance its products. The post SailPoint to Acquire Entro in Reported $200 Million Deal appeared first on SecurityWeek. This article is an excerpt from…

  • Barracuda introduces AI-powered email security with automated threat response

    Barracuda introduces AI-powered email security with automated threat response 2026-06-18 at 10:54 By Industry News Barracuda Networks has unveiled Barracuda Integrated Email Protection, an Integrated Cloud Email Security (ICES) solution delivering protection against evolving AI-driven threats. Powered by AI, the solution continuously and autonomously detects and remediates threats across the attack lifecycle, explains Microsoft 365…

  • New 42Crunch plugin helps developers find and fix API vulnerabilities in GitHub Copilot

    New 42Crunch plugin helps developers find and fix API vulnerabilities in GitHub Copilot 2026-06-18 at 10:44 By Industry News 42Crunch has announced the availability of the 42Crunch API Security Testing Plugin for GitHub Copilot. This latest advance enables developers to continuously audit, test, remediate and validate API security vulnerabilities directly within AI-assisted development workflows. Organizations…

  • Blue Planet helps service providers reduce risk with unified network change governance

    Blue Planet helps service providers reduce risk with unified network change governance 2026-06-18 at 10:37 By Industry News Blue Planet is closing the governance gap in network operations by unveiling Blue Planet Configuration and Change Management (CCM), unifying device configuration, change, and lifecycle management across multi-vendor networks. Backed by Blue Planet’s deep Operations Support System…

  • Kodak Admits Data Breach After ShinyHunters Hack Claims

    Kodak Admits Data Breach After ShinyHunters Hack Claims 2026-06-18 at 10:18 By Eduard Kovacs Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident. The post Kodak Admits Data Breach After ShinyHunters Hack Claims appeared first on SecurityWeek. This article is an excerpt from…

  • Ryan Salame’s wife to face charges over FTX-funded congressional run

    Ryan Salame’s wife to face charges over FTX-funded congressional run 2026-06-18 at 09:17 By Jesse Coghlan A federal judge has denied a bid from Michelle Bond, the wife of former FTX executive Ryan Salame, to have campaign finance charges against her dismissed. This article is an excerpt from Cointelegraph.com News View Original Source

  • Florida man pleads guilty for promoting $1.8B ‘HyperFund’ crypto fraud

    Florida man pleads guilty for promoting $1.8B ‘HyperFund’ crypto fraud 2026-06-18 at 09:06 By Martin Young Rodney “Bitcoin Rodney” Burton faces a maximum sentence of five years in federal prison for conspiracy to operate an unlicensed money transmitting business. This article is an excerpt from Cointelegraph.com News View Original Source

  • Securing digital keys when your phone unlocks the car

    Securing digital keys when your phone unlocks the car 2026-06-18 at 09:00 By Mirko Zorz In this interview with Help Net Security, Alysia Johnson, President of the Car Connectivity Consortium (CCC), explains how the CCC Digital Key has grown from a single-brand feature into a standard meant to work across phones, automakers, and suppliers. She…

  • How security teams are getting credential visibility into developer endpoints

    How security teams are getting credential visibility into developer endpoints 2026-06-18 at 08:30 By Help Net Security As we noted in our earlier analysis, attackers already know secrets are on your developers’ machines, the only question is whether security teams do. The supply chain attack calendar of 2026 has been relentless. Megalodon backdoored 5,500 GitHub…

  • What happens to oversight when AI agents write a lab’s own code

    What happens to oversight when AI agents write a lab’s own code 2026-06-18 at 08:00 By Mirko Zorz Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between steps, and they reach into production infrastructure,…

  • AWS Continuum brings AI models to code vulnerability management

    AWS Continuum brings AI models to code vulnerability management 2026-06-18 at 07:33 By Sinisa Markovic AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It reasons over a customer’s environment, confirms which findings are real, and works…

  • Homebrew tightens tap security, begins work on its interface

    Homebrew tightens tap security, begins work on its interface 2026-06-18 at 07:30 By Anamarija Pogorelec Anyone who installs software through a third-party Homebrew tap runs Ruby code written by people outside the project, and that code runs without a sandbox. That risk sits at the center of Homebrew 6.0.0. Tap trust Homebrew now requires a…

  • France to stop certifying products lacking quantum-resistant encryption

    France to stop certifying products lacking quantum-resistant encryption 2026-06-18 at 07:06 By Felix Ng France’s cybersecurity agency plans to block certification of products without quantum-resistant encryption starting in 2027, with full adoption targeted for 2030. This article is an excerpt from Cointelegraph.com News View Original Source

  • Most agentic AI projects in production have stalled over data problems

    Most agentic AI projects in production have stalled over data problems 2026-06-18 at 07:00 By Anamarija Pogorelec Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The number doing this in production reached 32 percent in 2026,…

  • Kentucky sues Kalshi, Polymarket, joining prediction market legal battle

    Kentucky sues Kalshi, Polymarket, joining prediction market legal battle 2026-06-18 at 06:35 By Jesse Coghlan Kentucky has sued Polymarket, Kalshi and Kalshi’s partners Coinbase, Robinhood and Webull, over offering sports event contracts in the state. This article is an excerpt from Cointelegraph.com News View Original Source

  • Tether winds down gold-backed derivative stablecoin aUSDT

    Tether winds down gold-backed derivative stablecoin aUSDT 2026-06-18 at 06:26 By Martin Young Tether is focusing on stronger user demand, deeper liquidity, and broader long-term market opportunity for its leading products. This article is an excerpt from Cointelegraph.com News View Original Source

  • Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign

    Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign 2026-06-18 at 05:51 By Cybercriminals hijacked Google Ads searches for popular AI developer tools to funnel over 2,000 victims toward malicious download pages before quietly moving their operation onto claude.ai’s own platform, turning the trusted domain into a delivery mechanism for credential-stealing malware. This article…

  • Crypto market treads thin ice following Warsh FOMC, Trump Iran comments

    Crypto market treads thin ice following Warsh FOMC, Trump Iran comments 2026-06-18 at 02:45 By Marcel Pechman Markets wobbled after mixed comments from President Trump on the Iran peace deal and Fed Chair Kevin Warsh signaling a new direction from the Federal Reserve. This article is an excerpt from Cointelegraph.com News View Original Source

  • Crypto-backed GOP candidate wins Alabama Senate runoff with June primaries looming

    Crypto-backed GOP candidate wins Alabama Senate runoff with June primaries looming 2026-06-17 at 23:51 By Turner Wright Several more US states are scheduled to hold primaries next week after one Republican candidate won in Alabama on Tuesday after a crypto company-backed PAC used what it called its “biggest spend of the cycle.” This article is…

  • Bitcoin capitulation ‘twice as weak’ after spot liquidity turns supportive: Glassnode

    Bitcoin capitulation ‘twice as weak’ after spot liquidity turns supportive: Glassnode 2026-06-17 at 23:26 By Biraajmaan Tamuly Bitcoin’s realized losses fell by 46% as increasing bid-side liquidity points to easing sell pressure. Can bulls push BTC price back above $70,000? This article is an excerpt from Cointelegraph.com News View Original Source

  • RoguePlanet and GreatXML: Detecting Local Privilege Escalation and BitLocker Security Boundary Abuse

    RoguePlanet and GreatXML: Detecting Local Privilege Escalation and BitLocker Security Boundary Abuse 2026-06-17 at 21:58 By Serhii Melnyk Following our previous research, LevelBlue SpiderLabs continued monitoring a series of Windows security component disclosures published under multiple online aliases, including Nightmare-Eclipse, Chaotic Eclipse, Dead Eclipse, and most recently MSNightmare. This article is an excerpt from LevelBlue SpiderLabs…

Browse older archives

Scroll to Top