🖋️ Meta to Use Off-Site Business Data for Feed and AI Personalization 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence AI chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to make ads more relevant," Meta said in a statement. "We already use this data like games you play.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The Hacker News
Meta to Use Off-Site Business Data for Feed and AI Personalization
Meta will use off-site business data for Feed and AI personalization next month, expanding ad data use across 10 countries.
🖋️ Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Veeam has released security patches to address a critical flaw in its Backup Replication software that could result in remote code execution. Tracked as CVE202644963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user," Veeam said in a Tuesday advisory. It.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Microsoft on Monday confirmed that it temporarily removed some GitHub repositories in response to a recent security incident that led to 73 of its opensource projects being compromised to inject an information stealer into the code. "Our priority is to protect customers and the broader ecosystem," a Microsoft spokesperson told The Hacker News via email. "We temporarily removed some.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Two Russiaaligned cyber attack campaigns have continued to exploit a security flaw in WinRAR to target Ukrainian organisations, almost a year after patches for the vulnerability were released. The activity has been attributed by Trend Micro to Earth Dahu aka Gamaredon and SHADOWEARTH066 aka UAC0226. It involves the exploitation of CVE20258088, a path traversal flaw that allows an.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
University of Toronto researchers have built and tested a proofofconcept AIdriven computer worm that uses a locally hosted openweight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service. The preprint, posted to arXiv on.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The highseverity vulnerability, tracked as CVE202611645 CVSS score 8.8, has been described as an outofbounds memory access in V8, Chrome's JavaScript and WebAssembly engine. "Outofbounds read and write in V8 in Google Chrome prior to 149.0.7827.103.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ The Hidden Security Risk in Modern Networks: The Work Between Tools 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort. But the same challenges persist. Outages still last hours, causing significant financial losses, operational disruption, and reputational impact. Threat response and mean time to.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the drive for contention in the background. Researchers at Graz University of Technology built it and.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index PyPI registry, as the Mini ShaiHuludstyle attacks continue to be refined and splintered to target specific ecosystems. "The compromised releases shipped a setup.pth file that attempts to execute automatically.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a highseverity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE202642271 CVSS score 8.7, is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🚀 SMB cyber-readiness: What makes or breaks it 🚀
📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
A company that's expecting a cyberattack but hasnt actively prepared for it risks making the hardest decisions at the worst possible moment.📖 Read more.
🔗 Via "ESET - WeLiveSecurity"
----------
👁️ Seen on @cibsecurity
Welivesecurity
SMB cyber-readiness: What makes or breaks it
A company that expects an attack but hasn’t actively prepared for one risks making the hardest decisions at the worst possible moment.
📔 Fake Software Tutorials on TikTok Spread Vidar Stealer 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Threat actors push fake freesoftware tutorials on TikTok and Instagram to spread Vidar stealer.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 New SilabRAT Trojan Hijacks Sessions to Steal Crypto 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
New SilabRAT Trojan Hijacks Sessions to Steal Crypto
MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto
📔 Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyber threats.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks
Research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyber threats
📔 New Fable 5 Is a "Mythos-Class" LLM Available to All, Anthropic Announces 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Anthropic unveils Claude Mythos 5 and Fable 5, a restrictedaccess frontier AI model and guardrailed version for everyone to use.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
New Anthropic Fable 5 Is a
Anthropic unveils Claude Mythos 5 and Fable 5, a restricted-access frontier AI model and guardrailed version for everyone to use
📔 Over a Quarter of Identity Crime Victims Hit by Multiple Incidents, ITRC Data Shows 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Nearly 26 of identity crime victims faced multiple incidents in the past year, as ITRC warns of a growing "multilayered crisis".📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Over a Quarter of Identity Crime Victims Hit by Multiple Incidents
Nearly 26% of identity crime victims faced multiple incidents in the past year, as ITRC warns of a growing
📔 Microsoft Fixes 200 CVEs in June Patch Tuesday 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Microsoft has patched 200 vulnerabilities including three zerodays.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip
📔 AI Coding Adoption Hits 97% but Governance Lags Behind 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Most dev teams use AI coding assistants but only 30 have full governance in place.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
AI Coding Adoption Hits 97% but Governance Lags Behind
Most dev teams use AI coding assistants but only 30% have full governance in place
📔 Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Critical phpBB authentication bypass lets attackers hijack any account with one request.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request
Critical phpBB authentication bypass lets attackers hijack any account with one request
📔 Google Releases Patch for Chrome Vulnerability Exploited in the Wild 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
The flaw, CVE202611645, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Google Releases Patch for Chrome Vulnerability Exploited in the Wild
The flaw, CVE-2026-11645, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page