News

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned 2026-06-18 at 17:21 By Zeljka Zorz SocGholish, an operation that’s been delivering malware to users via fake software updates, has suffered a major blow: the international law enforcement coalition behind Operation Endgame has taken down 106 of its servers and domains, and cleaned up nearly […]

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned Read More »

Malware attacks strip Roblox developers of entire games

Malware attacks strip Roblox developers of entire games 2026-06-18 at 15:41 By Sinisa Markovic Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games on it. Successful games can generate substantial revenue through in-game purchases. Some developers

Malware attacks strip Roblox developers of entire games Read More »

74,000 Fortinet firewall credentials exposed in FortiBleed data leak

74,000 Fortinet firewall credentials exposed in FortiBleed data leak 2026-06-18 at 15:10 By Zeljka Zorz A Russian-speaking cybercriminal group has stolen credentials contained in the configuration files of nearly 74,000 Fortinet firewalls and VPN gateways around the world. The data was accidentally exposed by the group on a server, along with other artifacts and tools,

74,000 Fortinet firewall credentials exposed in FortiBleed data leak Read More »

GentleKiller targets more than 400 security processes across 48 products

GentleKiller targets more than 400 security processes across 48 products 2026-06-18 at 12:00 By Anamarija Pogorelec Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR)

GentleKiller targets more than 400 security processes across 48 products Read More »

Securing digital keys when your phone unlocks the car

Securing digital keys when your phone unlocks the car 2026-06-18 at 09:00 By Mirko Zorz In this interview with Help Net Security, Alysia Johnson, President of the Car Connectivity Consortium (CCC), explains how the CCC Digital Key has grown from a single-brand feature into a standard meant to work across phones, automakers, and suppliers. She

Securing digital keys when your phone unlocks the car Read More »

How security teams are getting credential visibility into developer endpoints

How security teams are getting credential visibility into developer endpoints 2026-06-18 at 08:30 By Help Net Security As we noted in our earlier analysis, attackers already know secrets are on your developers’ machines, the only question is whether security teams do. The supply chain attack calendar of 2026 has been relentless. Megalodon backdoored 5,500 GitHub

How security teams are getting credential visibility into developer endpoints Read More »

What happens to oversight when AI agents write a lab’s own code

What happens to oversight when AI agents write a lab’s own code 2026-06-18 at 08:00 By Mirko Zorz Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between steps, and they reach into production infrastructure,

What happens to oversight when AI agents write a lab’s own code Read More »

AWS Continuum brings AI models to code vulnerability management

AWS Continuum brings AI models to code vulnerability management 2026-06-18 at 07:33 By Sinisa Markovic AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It reasons over a customer’s environment, confirms which findings are real, and works

AWS Continuum brings AI models to code vulnerability management Read More »

Homebrew tightens tap security, begins work on its interface

Homebrew tightens tap security, begins work on its interface 2026-06-18 at 07:30 By Anamarija Pogorelec Anyone who installs software through a third-party Homebrew tap runs Ruby code written by people outside the project, and that code runs without a sandbox. That risk sits at the center of Homebrew 6.0.0. Tap trust Homebrew now requires a

Homebrew tightens tap security, begins work on its interface Read More »

Most agentic AI projects in production have stalled over data problems

Most agentic AI projects in production have stalled over data problems 2026-06-18 at 07:00 By Anamarija Pogorelec Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The number doing this in production reached 32 percent in 2026,

Most agentic AI projects in production have stalled over data problems Read More »

Low-skilled attacker used Claude, Codex to breach 14 companies

Low-skilled attacker used Claude, Codex to breach 14 companies 2026-06-17 at 18:43 By Zeljka Zorz Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that out. After recovering and analyzing over 1,000 agent sessions from a compromised server

Low-skilled attacker used Claude, Codex to breach 14 companies Read More »

Another healthcare firm attacked days after Novo Nordisk breach

Another healthcare firm attacked days after Novo Nordisk breach 2026-06-17 at 17:51 By Sinisa Markovic Medical technology company iRhythm Holdings disclosed a cyberattack involving certain third-party-hosted business applications that resulted in the theft of patient protected health information, proprietary data, and other personal data. The company discovered unauthorized activity on June 8, 2026, and launched

Another healthcare firm attacked days after Novo Nordisk breach Read More »

Rokarolla Android trojan targets banking and crypto users, enables device takeover

Rokarolla Android trojan targets banking and crypto users, enables device takeover 2026-06-17 at 16:23 By Sinisa Markovic A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to researchers at Zimperium. Named after its command-and-control (C2) infrastructure, Rokarolla is primarily distributed through

Rokarolla Android trojan targets banking and crypto users, enables device takeover Read More »

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656) 2026-06-17 at 14:26 By Zeljka Zorz Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the “RoguePlanet” exploit, and is “working to provide a high quality security update that addresses this vulnerability.” The vulnerability, which has been assigned

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656) Read More »

What’s new in Android 17? Anti-theft tools, scam detection, and parental controls

What’s new in Android 17? Anti-theft tools, scam detection, and parental controls 2026-06-17 at 13:40 By Anamarija Pogorelec The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year. Security and privacy updates Google has improved location privacy features so users can

What’s new in Android 17? Anti-theft tools, scam detection, and parental controls Read More »

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects 2026-06-17 at 12:42 By Mirko Zorz Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY, Chainguard,

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects Read More »

Ukraine can now tap EU cyber support during major attacks

Ukraine can now tap EU cyber support during major attacks 2026-06-17 at 11:47 By Anamarija Pogorelec Ukraine can now call on emergency cyber support from the European Union during large-scale cybersecurity incidents. The move follows a decision by the Council of the European Union to add the country to the EU Cybersecurity Reserve. The Reserve

Ukraine can now tap EU cyber support during major attacks Read More »

Apple is bringing Hide My Email and Sign in with Apple under one domain

Apple is bringing Hide My Email and Sign in with Apple under one domain 2026-06-17 at 11:29 By Sinisa Markovic Apple will unify the email domains used by Sign in with Apple and iCloud+ Hide My Email under a shared domain, private.icloud.com, later this summer. Hide My Email is a service included with iCloud+, Apple’s

Apple is bringing Hide My Email and Sign in with Apple under one domain Read More »

The SOC’s visibility gap comes down to staffing

The SOC’s visibility gap comes down to staffing 2026-06-17 at 09:00 By Mirko Zorz AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools in their daily work. The catch shows up one layer down. Roughly a third

The SOC’s visibility gap comes down to staffing Read More »

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure 2026-06-17 at 07:30 By Help Net Security In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident. He opens with a 3.47 a.m. call: the team cannot confirm

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure Read More »

Scroll to Top