🖋️ China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have warned of a "resurgence and expansion" of JDY, a covert network associated with Chinanexus statesponsored threat actors. "The JDY botnet comprises over 1,500 SOHO small office and home office and IoT devices and operates as a centrally controlled, highperformance scanner used to discover, fingerprint, and continuously map exposed services at scale," Lumen's.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. It's tracked as CVE202625089 CVSS score 9.1. "An.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A highseverity unpatched security flaw in Langflow, an opensource lowcode platform to build artificial intelligence AI applications, has come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability in question is CVE20265027 CVSS score 8.8, a case of path traversal that could allow an attacker to write files to arbitrary locations. "The 'POST .📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation. The list of vulnerabilities is as follows CVE202620245 CVSS score 7.8 An improper encoding or escaping of output vulnerability in Cisco Catalyst SDWAN Manager that could allow an.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads "stable" as "secure." It usually isn't. The work slows down. The risk does not. That gap is what a The Hacker News webinar with Picus Security sets out to close. Autumn.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63 privilege escalation, 56 remote code execution, 30 information disclosure, 27 spoofing, 20 security.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual it shipped one model as two products, split not by capability but by a layer of safety classifiers. Fable 5 goes to the public. Its twin, Claude Mythos 5, the same underlying model with the cyber safeguards lifted, stays locked to a vetted group of cyber.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
ServiceNow has warned about a security incident in which unknown threat actors exploited a flaw to obtain deeper unauthorized access to susceptible instances. "On June 5, 2026, ServiceNow applied a security update to hosted customer instances," the company revealed in an advisory that requires customer access. "The update concerned a security issue that could allow an unauthenticated user, in.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The anonymous security researcher going by the name Chaotic Eclipse aka NightmareEclipse has released a proofofconcept PoC exploit for yet another Microsoft Defender zeroday named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit under a new GitHub account "MSNightmare" said. "I have managed to get a 100 success rate on.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers Protobuf, that, if successfully exploited, could result in remote code execution RCE and denialofservice DoS attacks. "In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Meta to Use Off-Site Business Data for Feed and AI Personalization 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence AI chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to make ads more relevant," Meta said in a statement. "We already use this data like games you play.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The Hacker News
Meta to Use Off-Site Business Data for Feed and AI Personalization
Meta will use off-site business data for Feed and AI personalization next month, expanding ad data use across 10 countries.
🖋️ Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Veeam has released security patches to address a critical flaw in its Backup Replication software that could result in remote code execution. Tracked as CVE202644963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user," Veeam said in a Tuesday advisory. It.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its opensource projects being compromised to inject an information stealer into the code. "Our priority is to protect customers and the broader ecosystem," a Microsoft spokesperson told The Hacker News via email. "We temporarily removed some.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Two Russiaaligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu aka Gamaredon and SHADOWEARTH066 aka UAC0226. It involves the exploitation of CVE20258088, a path traversal flaw that allows an.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
University of Toronto researchers have built and tested a proofofconcept AIdriven computer worm that uses a locally hosted openweight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service. The preprint, posted to arXiv on.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The highseverity vulnerability, tracked as CVE202611645 CVSS score 8.8, has been described as an outofbounds memory access in V8, Chrome's JavaScript and WebAssembly engine. "Outofbounds read and write in V8 in Google Chrome prior to 149.0.7827.103.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ The Hidden Security Risk in Modern Networks: The Work Between Tools 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the drive for contention in the background. Researchers at Graz University of Technology built it and.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index PyPI registry, as the Mini ShaiHuludstyle attacks continue to be refined and splintered to target specific ecosystems. "The compromised releases shipped a setup.pth file that attempts to execute automatically.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a highseverity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE202642271 CVSS score 8.7, is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🚀 SMB cyber-readiness: What makes or breaks it 🚀
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
A company that's expecting a cyberattack but hasnt actively prepared for it risks making the hardest decisions at the worst possible moment.📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Welivesecurity
SMB cyber-readiness: What makes or breaks it
A company that expects an attack but hasn’t actively prepared for one risks making the hardest decisions at the worst possible moment.