Nvidia and LG Partner on Humanoid Robotics and Next-Gen Data Centers

Collaboration Aims to Expand AI Infrastructure and Industrial Applications

Over 20,000 Instagram Accounts Compromised in Meta AI Support System Flaw

Attackers Bypass 2FA Using Password Reset Exploit in Instagram Recovery Tool

Trump Revokes Security Clearance of Senior Microsoft Executive Lisa Monaco

Former U.S. Official Referred to DOJ Over Alleged Concealment of Cybersecurity Issues

Hackers Impersonate IT Support via Phone Calls to Breach U.S. Firms

“Silent Ransom Group” Targets Legal and Service Companies with Social Engineering Attacks

China-linked spies hid where security tools often don’t look.

They used BRICKSTORM, PLENET, and AGENTPSD on Linux appliances, including Egnyte Storage Sync, pfSense, and Synology NAS.

The access lasted at least 18 months.

Dozens of U.S. firms were targeted with a simple playbook:

Fake invoice email
Fake IT support call
Screen share
Remote access tool
Data theft
Extortion demand within 30 mins

UNC3753 hit legal, finance, and professional services firms in Jan–May 2026.

A critical security vulnerability in Gogs has been fixed

Gogs developers announced the resolution of a significant security vulnerability that could have allowed attackers to access the server and view or modify stored code.

Urgent Notice from the Handala Cybersecurity Command Regarding the Prohibition of Using Basic Phones such as Nokia

Based on definitive evidence of the tracking of certain military members, the following notice is issued:
Since most basic and non-smartphones, such as Nokia, Alcatel, and similar devices, use the insecure 2G network for their communications, this network can be easily monitored and tracked by security services or even commercial companies. Therefore, it is strongly recommended that these phones not be used under any circumstances.

If the use of a non-smartphone is unavoidable, users must ensure that the device supports 4G networks. Otherwise, a “chip-off” smartphone (i.e., a smartphone with its communication chip removed) should be used.

Meta trains workforce to build AI data centers

Meta has announced the launch of a new program called "American Workforce Academy"; an educational initiative aimed at training specialists to build and develop the data centers needed for artificial intelligence

The US Cybersecurity and Infrastructure Security Agency (CISA) has given government entities only 3 days to fix a critical vulnerability in Check Point VPN products.

This security flaw, previously exploited by attackers in real-world attacks, could allow hackers to access target networks without authentication.

Fully patched Windows 10 and 11 are still at risk from a new Microsoft Defender zero-day.

The exploit, "RoguePlanet," can hand attackers full SYSTEM control when it works.

It's the latest public drop from a researcher feuding with Microsoft.

Microsoft is bringing some GitHub repos back online. Others are still down.

The Miasma worm hit 73 of its open-source projects and planted an info stealer. Now it's warning affected customers.

A single domain user could run code on your Veeam Backup Server.

Veeam has patched a critical RCE flaw (CVE-2026-44963, CVSS 9.4) in Backup & Replication.

All v12 builds up to 12.3.2.4465 are affected. Fixed in 12.3.2.4854. v13.x is safe.

A WinRAR bug patched in July 2025 is still being exploited to hit Ukrainian organizations.

Hackers are abusing it to drop stealers, keep access, and cover their tracks.

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE.

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities.

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance.

Free Spotify Premium hacks on social media are spreading infostealers.

Compromise OpenClaw with Prompt Injections in Message Objects.

Microsoft patches Exchange Server zero-day exploited in attacks.

Google Chrome is killing all uBlock Origin bypasses, Microsoft Edge, Opera to follow.