Latest Cybersecurity News and Articles
09 June 2026
The vulnerability is tracked as CVE-2026-11645 and it was reported in late April by an anonymous researcher.
The post Google Patches 5th Chrome Zero-Day Exploited in 2026 appeared first on SecurityWeek.
08 June 2026
Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container.
The flaw, CVE-2026-23111, sits in the kernel's nf_tables packet-filtering code and was patched upstream on February 5, 2026. Exodus Intelligence released its full technical walkthrough on June 8, and it is not even
08 June 2026
The company founded by Yossi Torati, Omer Gull, and Yuval Itzchakov has emerged from stealth mode.
The post A Security Raises $37 Million for Autonomous Offensive Security Platform appeared first on SecurityWeek.
08 June 2026
Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group.
In addition, the tech giant said it's filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users.
"They tried to trick people into clicking on malicious links to drive them to external websites
08 June 2026
AI-driven development is not something organizations can or should block. But it must be governed.
The post Everybody Is Vibe Coding But Nobody Told the Security Team appeared first on SecurityWeek.
08 June 2026
Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol.
The vulnerability, tracked as CVE-2026-50751 (CVSS score: 9.3), is a case of a logic flow weakness in certificate validation that allows an unauthenticated remote attacker to bypass user
08 June 2026
The Meta-owned communications app is filing a federal court contempt order against NSO.
The post WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order appeared first on SecurityWeek.
08 June 2026
Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked.
A chatbot got fooled. A bot token got leaked inside the malware. The same old mistakes showed up again. And while everyone chased the loud stuff, quieter attackers sat in inboxes for months, reading mail and
08 June 2026
Phishing has always been a numbers game. AI has turned it into a volume machine.
Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message adds another case for Tier 1 to review, another link to inspect, and another alert that cannot be dismissed at a glance.
As the queue grows, a credential theft attempt or malware delivery can easily
08 June 2026
Significant cybersecurity M&A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler.
The post Cybersecurity M&A Roundup: 26 Deals Announced in May 2026 appeared first on SecurityWeek.
08 June 2026
The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months.
The post Everest Forms Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek.
08 June 2026
Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this line right here is wrong, and that's RCE." They're novel combinations of a few dozen issues out of thousands of things every SAST scanner already finds, chained together into something much worse. It's real creativity,
08 June 2026
Hackers accessed personal information stored on certain Lansing Community College systems in February 2025.
The post 174,000 Impacted by Lansing Community College Data Breach appeared first on SecurityWeek.
08 June 2026
Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure.
The post Silent Ransom Group Uses DNS Fast Flux in Attacks appeared first on SecurityWeek.
08 June 2026
A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems.
The activity has been attributed by Volexity to a threat cluster it tracks as VerdantBamboo, which it said overlaps with hacking groups known as Clay Typhoon (Microsoft),
08 June 2026
The Active Sessions and Lockdown Mode features are being made more broadly available by the AI giant.
The post OpenAI Rolling Out ChatGPT Account Security Controls appeared first on SecurityWeek.
08 June 2026
The proposed coordination would let advanced AI labs verify that global rivals have actually stopped or slowed their work.
The post Anthropic Urges Industry Coordination to Allow for a ‘Pause’ in AI Development if Risks Grow appeared first on SecurityWeek.
08 June 2026
Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service.
The post SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek.
08 June 2026
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026.
The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is also known as
08 June 2026
The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool.
The post Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse appeared first on SecurityWeek.