News

Identity theft is turning into a chain reaction for victims

Identity theft is turning into a chain reaction for victims 2026-06-10 at 18:17 By Sinisa Markovic For a growing number of victims, identity theft no longer ends with a fraudulent charge or a compromised account. More than one in four people who contacted the Identity Theft Resource Center during the reporting period were dealing with […]

Identity theft is turning into a chain reaction for victims Read More »

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) 2026-06-10 at 17:24 By Zeljka Zorz Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not known to be actively exploited, security researchers have already released technical details

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) Read More »

New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials

New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials 2026-06-10 at 17:24 By Sinisa Markovic A new Browser-in-the-Browser (BitB) phishing campaign is targeting Microsoft 365 users with fake login popups designed to closely mimic legitimate browser authentication windows, according to Palo Alto Networks Unit 42. The attack relies on a fake browser

New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials Read More »

Record Microsoft Patch Tuesday, fresh zero-day

Record Microsoft Patch Tuesday, fresh zero-day 2026-06-10 at 14:23 By Zeljka Zorz Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher behind weeks of escalating Windows exploit releases, dropped a proof-of-concept exploit for a new zero-day: “RoguePlanet”, which abuses a race condition in

Record Microsoft Patch Tuesday, fresh zero-day Read More »

Apple extends Private Cloud Compute to third-party data centers

Apple extends Private Cloud Compute to third-party data centers 2026-06-10 at 14:22 By Anamarija Pogorelec Apple is bringing its Private Cloud Compute (PCC) platform to Google Cloud, expanding the infrastructure behind Apple Intelligence to third-party data centers. Introduced in 2024, PCC provides cloud-based processing for AI workloads that exceed the capabilities of on-device models while

Apple extends Private Cloud Compute to third-party data centers Read More »

Anthropic’s Claude Fable 5 is out for public use, with safeguards for high-risk requests

Anthropic’s Claude Fable 5 is out for public use, with safeguards for high-risk requests 2026-06-10 at 14:22 By Sinisa Markovic Days after publishing research on how advanced AI systems could amplify cyber operations in the wrong hands, Anthropic released Claude Fable 5, a Mythos-class model for general use. “Releasing a model this capable comes with

Anthropic’s Claude Fable 5 is out for public use, with safeguards for high-risk requests Read More »

Every set of AI guardrails can be broken by the right prompt

Every set of AI guardrails can be broken by the right prompt 2026-06-10 at 11:31 By Mirko Zorz Companies that build AI systems wrap them in guardrails meant to block harmful output, including deepfakes, malware, and instructions for making biological weapons or illicit drugs. When a user prompts the system for such content, the guardrails

Every set of AI guardrails can be broken by the right prompt Read More »

The security in smartphones is helping send them to landfills

The security in smartphones is helping send them to landfills 2026-06-10 at 09:55 By Mirko Zorz Billions of working smartphones reach the end of their service lives each year and move into drawers, recycling streams, and waste piles. The WEEE Forum estimated that 5.3 billion mobile phones became electronic waste in 2022. Many of these

The security in smartphones is helping send them to landfills Read More »

NOVA microhypervisor brings AMD DMA isolation to shared AI infrastructure

NOVA microhypervisor brings AMD DMA isolation to shared AI infrastructure 2026-06-10 at 09:55 By Mirko Zorz BlueRock has issued the latest open-source release of its NOVA Microhypervisor with DMA remapping support for AMD platforms that have IOMMU hardware virtualization. The capability is enabled by default and extends hardware-level isolation across virtual machines, devices, and memory

NOVA microhypervisor brings AMD DMA isolation to shared AI infrastructure Read More »

Cyber resilience metrics that drive action

Cyber resilience metrics that drive action 2026-06-10 at 09:55 By Help Net Security In this Help Net Security video, Pete Bowers, COO at NormCyber, explains how organizations can build a cyber resilience metrics program that supports better decisions. He questions common ways of measuring resilience, such as risk registers, tool scores, and annual tests, and

Cyber resilience metrics that drive action Read More »

Product showcase: Staying ahead of the threat horizon with Aunoo

Product showcase: Staying ahead of the threat horizon with Aunoo 2026-06-10 at 09:55 By Help Net Security Aunoo is an open strategic intelligence platform that uses AI agents to monitor intelligence sources, including for cybersecurity, to compile a daily briefing and alert on defined criteria. Each source is checked for credibility and quality before it

Product showcase: Staying ahead of the threat horizon with Aunoo Read More »

Scams now operate like real businesses with budgets and targets

Scams now operate like real businesses with budgets and targets 2026-06-10 at 07:23 By Anamarija Pogorelec Social media has overtaken email as a primary attack vector, showing changes in how people consume information and interact online, according to Bitdefender’s Global Scam Intelligence Report 2026. Fraud campaigns use advertisements, sponsored content, impersonation pages, and direct messages

Scams now operate like real businesses with budgets and targets Read More »

What OMB M-26-14 Means for Your Agency and Where to Focus Now

What OMB M-26-14 Means for Your Agency and Where to Focus Now 2026-06-09 at 18:19 By Rachael Clay OMB M-26-14 introduces a significant change in how federal agencies approach logging, monitoring, and incident response. Rather than emphasizing volume and retention of log data, the memo centers on how effectively agencies can use telemetry to support detection,

What OMB M-26-14 Means for Your Agency and Where to Focus Now Read More »

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) 2026-06-09 at 15:21 By Zeljka Zorz A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. About CVE-2026-42271 LiteLLM is

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) Read More »

Apple Intelligence can now replace weak passwords without user intervention

Apple Intelligence can now replace weak passwords without user intervention 2026-06-09 at 15:21 By Anamarija Pogorelec Apple’s next generation of Apple Intelligence, the company’s personal intelligence system, expands its capabilities and introduces new security features in Passwords. Automatically Fix Passwords (Source: Apple) Introduced as a standalone app in 2024, Passwords gives users a central place

Apple Intelligence can now replace weak passwords without user intervention Read More »

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645) 2026-06-09 at 15:21 By Sinisa Markovic Google has fixed 74 vulnerabilities in Chrome, including a high-severity zero-day (CVE-2026-11645) that has been exploited in the wild. “Google is aware that an exploit for CVE-2026-11645 exists in the wild,” the company said in a Monday security advisory. The

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645) Read More »

Mythos Preview can weaponize N-day vulnerabilities in hours

Mythos Preview can weaponize N-day vulnerabilities in hours 2026-06-09 at 13:39 By Sinisa Markovic Mythos Preview can develop working exploits from newly disclosed software vulnerabilities in hours, cutting down a process that has historically taken days or weeks, according to Anthropic. Anthropic’s recent cybersecurity research has largely focused on zero-days, vulnerabilities unknown to software vendors.

Mythos Preview can weaponize N-day vulnerabilities in hours Read More »

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic 2026-06-09 at 09:42 By Help Net Security The advent of AI-assisted vulnerability discovery and autonomous exploit development has brought about a new age in cybersecurity—one in which we can no longer rely on patching as a primary defense mechanism.

The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic Read More »

Scroll to Top