2026 - Security Ticks

Everest Forms Vulnerability Exploited to Hack WordPress Sites

exploited, Vulnerabilities, vulnerability, WordPress / SecurityTicks

Everest Forms Vulnerability Exploited to Hack WordPress Sites 2026-06-08 at 16:16 By Ionut Arghire The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months. The post Everest Forms Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Everest Forms Vulnerability Exploited to Hack WordPress Sites Read More »

AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload

Uncategorized / SecurityTicks

AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload 2026-06-08 at 16:15 By Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier

AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload Read More »

The Hardest Fork

Uncategorized / SecurityTicks

The Hardest Fork 2026-06-08 at 16:15 By Mythos is real. I know a big chunk of the industry thinks it’s a marketing stunt, and I get why. I get it. But I’ve seen the findings, and they’re bad. These aren’t “whoops, this line right here is wrong, and that’s RCE.” They’re novel combinations of a

The Hardest Fork Read More »

ConnectSecure’s Patch 360 gives MSPs control over patch testing and deployment

ConnectSecure, Industry news / SecurityTicks

ConnectSecure’s Patch 360 gives MSPs control over patch testing and deployment 2026-06-08 at 14:30 By Industry News ConnectSecure has announced the launch of Patch 360, a patch management solution built for managed service providers (MSPs) to reduce deployment risk while accelerating vulnerability remediation. Patch management has long followed a “deploy-and-hope” model, with teams addressing critical

ConnectSecure’s Patch 360 gives MSPs control over patch testing and deployment Read More »

174,000 Impacted by Lansing Community College Data Breach

college, data breach, Data Breaches, Lansing Community College / SecurityTicks

174,000 Impacted by Lansing Community College Data Breach 2026-06-08 at 14:30 By Ionut Arghire Hackers accessed personal information stored on certain Lansing Community College systems in February 2025. The post 174,000 Impacted by Lansing Community College Data Breach appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

174,000 Impacted by Lansing Community College Data Breach Read More »

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

CISA, Don't miss, enterprise, file transfer, Government, Hot stuff, News, SolarWinds, vulnerability / SecurityTicks

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) 2026-06-08 at 14:07 By Zeljka Zorz A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has ordered US federal civilian

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) Read More »

Silent Ransom Group Uses DNS Fast Flux in Attacks

DNS, fast flux, Ransomware, Silent Ransom Group / SecurityTicks

Silent Ransom Group Uses DNS Fast Flux in Attacks 2026-06-08 at 14:07 By Ionut Arghire Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure. The post Silent Ransom Group Uses DNS Fast Flux in Attacks appeared first on SecurityWeek. This article is an excerpt

Silent Ransom Group Uses DNS Fast Flux in Attacks Read More »

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

Uncategorized / SecurityTicks

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances 2026-06-08 at 14:07 By A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances Read More »

Arthur Hayes dumps WLD days after Maelstrom’s AI IPO pitch

Galaxy drops CLARITY Act odds to 60% as time is running out

OpenAI is locking down parts of ChatGPT to reduce data theft risks

AI, ChatGPT, cybersecurity, News, OpenAI, system hardening / SecurityTicks

OpenAI is locking down parts of ChatGPT to reduce data theft risks 2026-06-08 at 13:09 By Anamarija Pogorelec OpenAI has started rolling out Lockdown Mode for ChatGPT, an optional security setting that restricts access to external resources and several product capabilities. It is available for personal accounts, including Free, Go, Plus, and Pro plans, as

OpenAI is locking down parts of ChatGPT to reduce data theft risks Read More »

DockSec: Open-source AI-powered Docker security scanner

containers, Docker, Don't miss, GitHub, Hot stuff, News, open source, OWASP, scanner, software / SecurityTicks

DockSec: Open-source AI-powered Docker security scanner 2026-06-08 at 13:09 By Mirko Zorz DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates the findings, returns

DockSec: Open-source AI-powered Docker security scanner Read More »

When attacks spread too far: Lessons from real cyber attack case studies

attack, cybersecurity, Illumio, News, strategy, threats, tips, Video / SecurityTicks

When attacks spread too far: Lessons from real cyber attack case studies 2026-06-08 at 13:09 By Help Net Security In this Help Net Security video, Michael Adjei, Director, Systems Engineering at Illumio, explains three real world cyber attacks and what went wrong during detection. Adjei walks through a collaboration tool scam that copied Microsoft Teams,

When attacks spread too far: Lessons from real cyber attack case studies Read More »

SolarWinds Serv-U Vulnerability Exploited in the Wild

exploited, SolarWinds, Vulnerabilities, vulnerability / SecurityTicks

SolarWinds Serv-U Vulnerability Exploited in the Wild 2026-06-08 at 13:09 By Ionut Arghire Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service. The post SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SolarWinds Serv-U Vulnerability Exploited in the Wild Read More »

Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse

Account Takeover, AI, data breach, Data Breaches, exploited, Featured, Instagra, Meta, Vulnerabilities, vulnerability / SecurityTicks

Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse 2026-06-08 at 13:09 By Eduard Kovacs The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool. The post Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse appeared first on SecurityWeek. This article is

Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse Read More »

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Uncategorized / SecurityTicks

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign 2026-06-08 at 13:09 By Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign Read More »

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Uncategorized / SecurityTicks

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks 2026-06-08 at 13:09 By Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer version in an attempt to tackle software supply chain threats. “When

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks Read More »

Zcash teams propose Ironwood pool to restore supply verification after Orchard flaw

Microsoft launches incubator for Chinese tech startups — reigniting fears about cozy Beijing ties: ‘Makes no sense’

Uncategorized / SecurityTicks

Microsoft launches incubator for Chinese tech startups — reigniting fears about cozy Beijing ties: ‘Makes no sense’ 2026-06-08 at 13:00 By Thomas Barrabi Local Chinese Communist Party officials stood side-by-side with Microsoft executives when the “Shenzhen Global Expansion Center” was unveiled on May 8th. This article is an excerpt from Latest Technology News | New

Microsoft launches incubator for Chinese tech startups — reigniting fears about cozy Beijing ties: ‘Makes no sense’ Read More »

Samsung just made Galaxy phones more secure in One UI 9 beta

Android, cybersecurity, mobile security, News, Samsung / SecurityTicks

Samsung just made Galaxy phones more secure in One UI 9 beta 2026-06-08 at 12:13 By Anamarija Pogorelec Samsung’s One UI 9 beta integrates Lockdown mode into the power menu. This is the screen that contains Power off, Restart, and emergency options. Opening it initiates Lockdown mode, disabling biometric authentication. “We tried it out on

Samsung just made Galaxy phones more secure in One UI 9 beta Read More »