June, 2026 - Security Ticks

What OMB M-26-14 Means for Your Agency and Where to Focus Now 2026-06-09 at 18:19 By Rachael Clay OMB M-26-14 introduces a significant change in how federal agencies approach logging, monitoring, and incident response. Rather than emphasizing volume and retention of log data, the memo centers on how effectively agencies can use telemetry to support detection,

What OMB M-26-14 Means for Your Agency and Where to Focus Now Read More »

French government messaging platform breached through account hijacking

account hijacking, breach, EU, France, Government, News / SecurityTicks

French government messaging platform breached through account hijacking 2026-06-09 at 18:19 By Sinisa Markovic French authorities are investigating a compromise of Tchap, the government’s secure messaging platform, after hackers hijacked a user account and gained access to public chat rooms. Tchap is the French government’s messaging platform for civil servants, ministries, and public agencies. Built

French government messaging platform breached through account hijacking Read More »

Elastic brings AI-driven incident investigation to Kubernetes and observability tools

Elastic, Industry news / SecurityTicks

Elastic brings AI-driven incident investigation to Kubernetes and observability tools 2026-06-09 at 18:19 By Industry News Elastic has introduced an agentic Kubernetes investigation workflow and MCP-based observability skills that diagnose incidents the moment an alert fires. By the time an SRE opens the alert, the root cause has already been identified, evidence has been assembled,

Elastic brings AI-driven incident investigation to Kubernetes and observability tools Read More »

Filigran launches XTM One to automate CTEM with AI agents

Filigran, Industry news / SecurityTicks

Filigran launches XTM One to automate CTEM with AI agents 2026-06-09 at 18:19 By Industry News Filigran has announced XTM One, an AI-native agentic layer that automates Continuous Threat Exposure Management (CTEM) workflows across the Filigran XTM Platform. XTM One introduces a dedicated AI orchestration layer that connects OpenCTI and OpenAEV into a single, continuous

Filigran launches XTM One to automate CTEM with AI agents Read More »

Rockwell Automation adds AI-powered security tools to SecureOT Suite

Industry news, Rockwell Automation / SecurityTicks

Rockwell Automation adds AI-powered security tools to SecureOT Suite 2026-06-09 at 18:19 By Industry News Rockwell Automation has announced the launch of three enhanced offerings within the SecureOT solution suite: OT Cybersecurity Assessment Suite, SecureOT Platform Managed Services and Managed Secure Remote Access (MSRA). Facing an increasing volume of alerts and limited visibility into operational

Rockwell Automation adds AI-powered security tools to SecureOT Suite Read More »

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation

AI, Artificial Intelligence, exploit, Mythos, Vulnerabilities, vulnerability / SecurityTicks

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation 2026-06-09 at 18:18 By Ionut Arghire Public LLM models with safeguards turned off can also build working exploits, increasing patch gap risks. The post Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation Read More »

New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications

AI, Application Security, appsec, Artificial Intelligence, vibe coding / SecurityTicks

New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications 2026-06-09 at 18:18 By Kevin Townsend Atsign’s AI Architect applies cryptographic protections to agentic software development, aiming to prevent attackers from exploiting vulnerabilities by making application identities effectively invisible. The post New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications appeared first on SecurityWeek. This article

New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications Read More »

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Uncategorized / SecurityTicks

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine 2026-06-09 at 18:18 By Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu (aka

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine Read More »

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

Uncategorized / SecurityTicks

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models 2026-06-09 at 18:18 By University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models Read More »

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now

Uncategorized / SecurityTicks

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now 2026-06-09 at 18:18 By Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome’s

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now Read More »

OKX expands X-Perps in Europe with Magnificent 7, gold and oil futures

SBI Shinsei links bank deposits to crypto rewards in Japan: Nikkei

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

AI, CISA, Don't miss, Horizon3.ai, Hot stuff, LLMs, News, open source, Proxy, vulnerability / SecurityTicks

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) 2026-06-09 at 15:21 By Zeljka Zorz A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. About CVE-2026-42271 LiteLLM is

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) Read More »

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)

0-day, Chrome, Google, News, security update / SecurityTicks

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645) 2026-06-09 at 15:21 By Sinisa Markovic Google has fixed 74 vulnerabilities in Chrome, including a high-severity zero-day (CVE-2026-11645) that has been exploited in the wild. “Google is aware that an exploit for CVE-2026-11645 exists in the wild,” the company said in a Monday security advisory. The

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645) Read More »

Apple Intelligence can now replace weak passwords without user intervention

agentic AI, apple, authentication, cybersecurity, iOS, iPad, iPhone, macOS, News, password management, Privacy / SecurityTicks

Apple Intelligence can now replace weak passwords without user intervention 2026-06-09 at 15:21 By Anamarija Pogorelec Apple’s next generation of Apple Intelligence, the company’s personal intelligence system, expands its capabilities and introduces new security features in Passwords. Automatically Fix Passwords (Source: Apple) Introduced as a standalone app in 2024, Passwords gives users a central place

Apple Intelligence can now replace weak passwords without user intervention Read More »

SAP Patches Critical NetWeaver, Commerce Vulnerabilities

patches, SAP, Vulnerabilities, vulnerability / SecurityTicks

SAP Patches Critical NetWeaver, Commerce Vulnerabilities 2026-06-09 at 15:21 By Ionut Arghire The flaws could lead to the disclosure of sensitive information, memory corruption, and disruption of normal system usage. The post SAP Patches Critical NetWeaver, Commerce Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SAP Patches Critical NetWeaver, Commerce Vulnerabilities Read More »

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Malware & Threats, NPM, PyPI, Shai-Hulud, supply chain attack, Supply Chain Security / SecurityTicks

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks 2026-06-09 at 15:21 By Ionut Arghire The most recent variants of the self-propagating attacks are named Miasma and Hades. The post Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt from

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks Read More »

The Hidden Security Risk in Modern Networks: The Work Between Tools

Uncategorized / SecurityTicks

The Hidden Security Risk in Modern Networks: The Work Between Tools 2026-06-09 at 15:21 By Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours,

The Hidden Security Risk in Modern Networks: The Work Between Tools Read More »

Will AI Kill the Bug Bounty Industry?

AI, Artificial Intelligence, bug bounty, bug bounty program, Featured, Vulnerabilities / SecurityTicks

Will AI Kill the Bug Bounty Industry? 2026-06-09 at 14:00 By Kevin Townsend Anthropic’s Mythos is accelerating vulnerability discovery to machine speed, forcing the bug bounty industry and offensive security teams to adapt to a future where finding flaws is no longer the hard part. The post Will AI Kill the Bug Bounty Industry? appeared

Will AI Kill the Bug Bounty Industry? Read More »

June 2026

Privacy push as StarkWare and Sui move toward compliance-ready confidential transfers

What OMB M-26-14 Means for Your Agency and Where to Focus Now

French government messaging platform breached through account hijacking

Elastic brings AI-driven incident investigation to Kubernetes and observability tools

Filigran launches XTM One to automate CTEM with AI agents

Rockwell Automation adds AI-powered security tools to SecureOT Suite

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation

New Platform Uses Cryptographic Invisibility to Protect AI-Built Applications

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now

OKX expands X-Perps in Europe with Magnificent 7, gold and oil futures

SBI Shinsei links bank deposits to crypto rewards in Japan: Nikkei

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)

Apple Intelligence can now replace weak passwords without user intervention

SAP Patches Critical NetWeaver, Commerce Vulnerabilities

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

The Hidden Security Risk in Modern Networks: The Work Between Tools

Will AI Kill the Bug Bounty Industry?