ThreatIntel
(278) Critical Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed
Critical NCSC CEO: Hostile states linked to three-quarters of cyber attacks affecting UK's critical systems
Critical Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development
Critical The checklist problem behind critical infrastructure cyber safety
Critical CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation
Critical Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack
Critical Teleport adds LLM Proxy and Delegated Identity to secure AI agent actions and access
Critical SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)
Critical Critical Fortinet FortiSandbox flaws now exploited in attacks
Critical CISA warns of another cPanel plugin flaw exploited in attacks
Critical Rockwell Automation CompactLogix
Critical Rockwell Automation FactoryTalk Analytics PavilionX
Critical Rockwell Automation FLEX I/O EtherNet/IP Adapters
Critical Rockwell Automation RSLinx
Critical Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP
Critical Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Critical Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
Critical EU Cybersecurity Act 2.0: When good regulation goes bad
Critical 1Password Credential Broker reduces secret sprawl through identity-based credential delivery
Critical Delinea and Cyera integrate for data-aware identity security
Critical Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
High The Behavior of Coordinated SSH Brute Force Attacks over the last three months [Guest Diary], (Wed, Jun 17th)
High Most agentic AI projects in production have stalled over data problems
High Google’s open standard for AI agents to discover and verify tools
High Crypto Clipper uses Tor and worm-like propagation for persistence and control
High From package to postinstall payload: Inside the Mastra npm supply chain compromise
High INC Ransomware Thrives by Mastering the Basics
High Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments
High State Digital Surveillance Risk Landscape
High Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
High Microsoft AntiSSRF open-source library helps block server-side request forgery
High CISA Adds One Known Exploited Vulnerability to Catalog
High Hidden in Teams: DragonForce Attackers Weaponize Microsoft Teams Relays to Stay Hidden
High 'Lorem Ipsum' Malware Pivots to ClickFix Delivery
High The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Engine
High Software supply chains are heading for a transparency test
High Cybercriminals mask malicious communications through Microsoft Teams relays
High Attackers are exploiting FortiSandbox vulnerabilities
High iRhythm discloses data breach, says hackers stole patient info
High Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
High Chainguard's new Athena coalition uses AI to fix open-source flaws - before attackers exploit them
High Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE
High Nintendo Alleged Data Breach: Threat Actor Demands $2M Ransom
High The rise of machine identities and agentic AI: Securing trust in the next era of digital autonomy
High Reachability makes AI threat modeling worth the trust
High Maine closes data breach portal to the public after fake reports
High CISA Adds Two Known Exploited Vulnerabilities to Catalog
High Maine forced to take down data breach portal after fake notices filed with authorities
High LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
High Ukrainian national pleads guilty in connection with Conti ransomware
High Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores
Medium AWS Continuum brings AI models to code vulnerability management
Medium A Vulnerability in SimpleHelp Could Allow for Authentication Bypass
Medium HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
Medium Steam Workshop abused to spread malware via Wallpaper Engine app
Medium New Rokarolla Android malware targets 217 banking, crypto apps
Medium New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds
Medium ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures
Medium U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog
Medium Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
Medium Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk
Medium Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Medium Radware AI Xploit Shield delivers virtual patching for newly identified application and API flaws
Medium Windows version of SprySOCKS Linux malware used to attack govt orgs
Medium GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
Medium India temporarily blocks Telegram over medical exam cheating fears
Medium CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
Medium Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware
Medium Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Medium Inside a malicious infrastructure delivering EtherRAT, phishing pages, and malicious software
Medium Chinese hackers breached North American research institutions via REDCap servers
Medium Cybersecurity jobs available right now: June 16, 2026
Medium SimpleHelp bug lets hackers create rogue remote support accounts
Medium ⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Medium North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
Medium Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Informational FIFA World Cup 2026: Hackers Target Football Fans With Fake Tickets Sites
Informational eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address, (Fri, Jun 19th)
Informational Google Adds New Android Controls for WhatsApp Backups, Password Transfers
Informational Ozempic Maker Novo Nordisk Confirms Security Incident After $25M Hacker Demand
Informational 105K Chrome Installs Linked to Adware and Fake Google Traffic
Informational ISC Stormcast For Thursday, June 18th, 2026 https://isc.sans.edu/podcastdetail/9978, (Thu, Jun 18th)
Informational Homebrew tightens tap security, begins work on its interface
Informational What happens to oversight when AI agents write a lab’s own code
Informational Securing digital keys when your phone unlocks the car
Informational Google to use UK and EU user IP addresses for ad personalization
Informational Leak confirms OpenAI is testing a ChatGPT for Science subscription
Informational SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies
Informational FortiBleed Attack Exposes Fortinet Firewall Credentials in 194 Countries
Informational A Unified Theory of AI and Jobs
Informational UK Social Media Ban for Minors Has Privacy Experts Worried
Informational Sweeping Credential-Harvesting Heist Compromises 30K+ Fortinet Devices
Informational I put the new Siri AI through a 10-round test on my Mac - here's how it did
Informational Google's big Android sideloading crackdown has a 24-hour catch - how the new limits work
Informational How I block ads with a $7 Raspberry Pi alternative - it's easy
Informational This HP Omen deal knocks $700 off a serious gaming laptop before Prime Day
Informational 5 best Prime Day Anker deals: Chargers, power stations, and more we recommend to avoid low battery
Informational Does your phone charge as fast as advertised? I measured the latest iPhone, Samsung, OnePlus
Informational The Firefox browser for Android just got 3 useful features - including an ad block tracker
Informational Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline
Informational Corelight enhances Open NDR to detect AI-driven threats and unknown assets
Informational Flip expands platform with digital identity, no-code apps, and AI automation
Informational Microsoft confirms Office apps launch issues after June updates
Informational Why Account Takeovers Are Rising and How to Stop Them
Informational FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
Informational EU grants Ukraine access to cybersecurity reserve for major attacks
Informational Elon Musk, the IRS, and Your Bank Account: Anatomy of a Multi-Stage Financial Scam
Informational Making Workflow Runs Explain Themselves: AI-Powered Run Summaries in Cisco XDR Automate
Informational 15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys
Informational ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat
Informational Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It
Informational 152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Fake Search Clicks
Informational Malicious apps got into the Arch User Repository - how to protect yourself
Informational These useful Amazon gadgets are up to 68% off - here's why I recommend them
Informational We tested 10 power banks in our lab - and this one had the fastest charge
Informational Here's a portable power bank that's actually worth its high price - especially if you travel
Informational The best power banks of 2026: Expert and lab tested
Informational Security Community Slams US Ban on Exporting Mythos, Fable
Informational Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure
Informational Product showcase: From phishing texts to risky Wi-Fi, Norton 360 Deluxe watches the gaps
Informational The SOC’s visibility gap comes down to staffing
Informational Malicious JetBrains Marketplace plugins steal AI API keys from developers
Informational Phishing No Longer Looks Wrong: What Security Leaders Should Do Next
Informational New Rokarolla Android Trojan Found Targeting 217 Crypto and Banking Apps
Informational AppViewX Launches Agent Identity Security to Govern Agents for the AI and Quantum Era
Informational Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio
Informational Amos Stealer Targets macOS Keychain Files and Browser Passwords
Informational Linux 7.1 is here to end the Intel 486 CPU era - and do some serious legacy clean up
Informational Your wall outlets are seriously underutilized: 7 plug-in gadgets that elevate any home
Informational I've been testing iOS 27, and these 5 overlooked features make even older iPhones better
Informational KDE Plasma 6.7 might be a point release - but it's packed with new features
Informational I tried AnduinOS 2.0, and it may be the easiest way to ditch Windows for Linux
Informational The DIY era of smartwatches has begun - Google and Apple already have me hooked
Informational How I'm using this $13 smart plug to automate my house with voice commands
Informational Your Android phone keyboard may be tracking your inputs - how to check (and 2 ways to stop it)
Informational This 55-inch Fire TV on Amazon costs just $280 - and I can actually recommend it
Informational Independent Testing Confirms Secure Email Threat Defense’s Email Security Strength
Informational ShinyHunters Claims Council of Europe HR Data, Threatens Leak
Informational Best Prime Day Tech Deals: Apple, Bose, Garmin, and More
Informational From a VHDX File to a Remcos RAT, (Tue, Jun 16th)
Informational SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection
Informational AppViewX extends machine identity security to AI agents and post-quantum environments
Informational TekStream launches Proactive Cyber Defense to counter AI-driven threats
Informational FTC warns of record $3.5 billion losses to imposter scams in 2025
Informational UK to require ID or face scan before you can make social media accounts
Informational Estonia to quarantine emails sent from Russian .ru domain before they reach government officials
Informational Best of Android Fax Apps: Top 5 Secure Picks for 2026
Informational Developer laptops are the credential store attackers are picking through in 2026, GitGuardian announces Endpoint Protection
Informational I modified my PC setup with a 15-in-1 docking station, and the benefits go beyond more ports
Informational Inside the Modern SOC: The 72-Minute Race
Informational Flock Cameras Are Being Used for Stalking
Informational China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth
Informational Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive
Informational Australian Sugar Producer Mackay Sugar Reports Cyber Incident
Informational A $2 trillion revenue shift hinges on AI data governance
Informational DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
Informational UK to ban social media access for children under 16
Informational Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women
Informational 7 ways AI can help with your Linux system management
Informational Container made it easy to run Linux on my MacBook - here's how I set it up
Informational RefreshOS is a top contender for new Linux users - here's why
Informational 5 best Prime Day Anker deals: Chargers, power stations, and more we recommend
Informational iOS 27 envy? 4 features you can already use on an Android phone (including Samsung models)
Informational One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes
Informational Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
Informational US Cracks Down on Anthropic AI Models Amid Abuse Concerns
Informational The Beginning of the End of Social Engineering
Informational China-Nexus Actor Spy on US Researchers Undetected for a Year
Informational Red Sift, GMO GlobalSign partnership simplifies email authentication and BIMI adoption
Informational Omada Agent Governance helps organizations manage AI agent access, risk, and compliance
Informational Trust3 AI’s AgentDOS monitors AI agent activity, data access, and token consumption
Informational China-linked spies backdoored authentication stack to stay hidden for years
Informational OptinMonster WordPress plugin hacked in CDN supply-chain attack
Informational Unveiling the Power of Integration: XDR, Splunk, Corelight, Arista and Palo Alto Networks in Action at Black Hat Asia
Informational Black Hat Asia 2026: Threat Hunters’ Corner
Informational Black Hat Asia 2026: A Decade in Singapore
Informational The Essence of Black Hat – Collaboration with Partners
Informational Cisco Secure Access with MCP Infrastructure at Black Hat Asia 2026
Informational Defenseclaw for On-Prem AI SOC Workflow at Black Hat Asia
Informational Handala Hacking Group Claims Breach of California Water Service
Informational ISC Stormcast For Monday, June 15th, 2026 https://isc.sans.edu/podcastdetail/9972, (Mon, Jun 15th)
Informational Evil MSI Background: BASE64 Statistical Analysis, (Mon, Jun 15th)
Informational I found popular student discounts that can save you up to $25 per month
Informational How I used Airtable to audit and fix my food habits for $12/month - and it paid off big time
Informational I've reviewed every PDF editor out there - then I had ChatGPT build me a better one
Informational Weekly Update 508
Informational Upcoming Speaking Engagements
Informational The FCC Wants to Eliminate Burner Phones
Informational Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts
Informational Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
Informational 152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
Informational The Onboarding Password Mistake That Creates Unnecessary Risk