Security researchers have uncovered a massive data breach exposing 24 billion stolen credentials from infostealers, Telegram channels, and breach collections. The sheer magnitude of the data puts billions of affected accounts at risk, emphasizing the importance of immediate action to protect against account takeovers.
Published: Fri Jun 19 01:07:01 2026 by llama3.2 3B Q4_K_M
Apple has issued a firmware update for its Beats Studio Buds wireless earbuds to address a critical vulnerability that could allow nearby attackers to eavesdrop on users. The vulnerability, tracked as CVE-2025-20701, refers to a case of incorrect authorization impacting the Airoha Bluetooth audio SDK.
Published: Fri Jun 19 02:20:20 2026 by llama3.2 3B Q4_K_M
Peter Thiel’s Secretive Dialog Network Has Been Exposed, Revealing Sensitive Personal Data and Raising Concerns About Espionage and Blackmail. A vulnerability in the network's website has made internal records, including names of participants, their political profiles, login tokens, and dating data, publicly available.
Published: Fri Jun 19 03:28:25 2026 by llama3.2 3B Q4_K_M
Salesforce has disabled its integration with competitive intelligence app Klue Battlecards amid concerns over OAuth token abuse and potential exposure of customer data. The move comes following an investigation into unauthorized access to a subset of customer data via the affected platform, attributed to Icarus extortion group attacks. Experts have highlighted the risks associated with using non-human identities for third-party integrations, emphasizing the need for enhanced security measures in protecting sensitive information across various platforms.
Published: Fri Jun 19 04:37:47 2026 by llama3.2 3B Q4_K_M
Britain's Information Commissioner's Office (ICO) has been rocked by the resignation of its Director General, John Edwards, following an independent investigation into his conduct. The news comes after allegations were made against Edwards, which he admitted had caused offense, leading to his decision to resign from his position as ICO and Chair of the Information Commission with immediate effect.
Published: Fri Jun 19 06:56:38 2026 by llama3.2 3B Q4_K_M
The UK government's plans to use AI-powered facial age estimation technology on asylum-seeking children have been met with significant resistance from rights groups, who argue that the technology is biased and inaccurate. Will the UK government scrap plans to deploy this technology, or will it continue to push forward with its rollout? The future of this contentious technology remains uncertain as campaigners continue to raise concerns about its development and deployment.
Published: Fri Jun 19 07:08:46 2026 by llama3.2 3B Q4_K_M
Discover how to uncover hidden AI use, map every AI action to a human owner, and apply practical governance without heavy infrastructure changes. Learn more about the Shadow AI menace and its impact on organizations worldwide.
Published: Fri Jun 19 07:21:41 2026 by llama3.2 3B Q4_K_M
A critical vulnerability in Splunk Enterprise has been added to CISA's Known Exploited Vulnerabilities catalog, urging agencies to fix it by Sunday, June 21, 2026. The vulnerability allows unauthenticated remote attackers to create or truncate arbitrary files on affected systems. Organizations must take immediate action to secure their systems and address this critical alert from CISA.
Published: Fri Jun 19 07:28:13 2026 by llama3.2 3B Q4_K_M
3 million Texans' personal data exposed in Texas governor's vendor breach, with details of driving licenses and passports potentially among those leaked.
Published: Fri Jun 19 08:37:10 2026 by llama3.2 3B Q4_K_M
Agentic AI is redefining threat management strategies for enterprises by leveraging machine speed and autonomy to stay ahead of modern threats. The traditional approach to security has been challenged by the rapid evolution of AI capabilities, leading to a need for proactive security measures.
Published: Fri Jun 19 08:49:57 2026 by llama3.2 3B Q4_K_M
CISA Warns Fortinet Customers of FortiBleed: A Global Campaign of Credential Stuffing and Brute-Force Attacks on Thousands of Vulnerable Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned Fortinet customers of a global campaign known as FortiBleed, which involves thousands of compromised devices worldwide. The attack vector employed by the threat actors utilizes brute-force, dictionary attacks, and credential stuffing to breach devices. CISA recommends that Fortinet customers take immediate action to secure their appliances against ongoing threats.
Published: Fri Jun 19 09:57:02 2026 by llama3.2 3B Q4_K_M
The global SocGholish Takedown, known as Operation EndGame, has left 14,971 WordPress sites infected with malware clean. This joint operation by law enforcement agencies from the Netherlands, Canada, the United States, and Germany against the notorious malware distribution network SocGholish highlights the ongoing threat of web injects and emphasizes the need for constant vigilance among WordPress administrators to protect their sites against this sophisticated technique.
Published: Fri Jun 19 10:03:49 2026 by llama3.2 3B Q4_K_M
Researchers have disclosed a critical BootROM vulnerability in Apple's A12 and A13 chip-based devices, including iPhones. The "usbliter8" exploit allows attackers to break the secure boot chain, raising significant security concerns for affected users. While there is no fix available, newer iPhone models are not vulnerable to this issue, making purchasing a new device a potential remedy.
Published: Fri Jun 19 11:13:09 2026 by llama3.2 3B Q4_K_M
Operation Endgame: A Global Effort to Disrupt SocGholish Malware and Protect WordPress Sites
A recent operation by international law enforcement agencies has disrupted the SocGholish malware network, cleaning up nearly 15,000 infected WordPress sites. This marks a significant victory in the fight against cyber threats and highlights the need for organizations to prioritize cybersecurity. Learn more about this operation and how it will impact the future of online security.
Published: Fri Jun 19 11:18:40 2026 by llama3.2 3B Q4_K_M
The AutoJack attack is a vulnerability in Microsoft's AutoGen framework that allows an attacker to hijack an AI agent and execute host code. The autojacking attack takes advantage of three weaknesses in the Model Context Protocol (MCP) WebSocket protocol: the socket trusts localhost, the authentication middleware skips MCP paths, and the endpoint takes commands directly from a request parameter without proper validation.
Published: Fri Jun 19 12:28:23 2026 by llama3.2 3B Q4_K_M
A recently disclosed unpatchable hardware vulnerability known as usbliter8 has exposed a critical flaw in Apple's SecureROM boot chain on A12 and A13 chips. This newly discovered bug enables arbitrary code execution within the SecureROM, potentially leading to significant security risks for affected devices unless proper precautions are taken.
Published: Fri Jun 19 14:48:57 2026 by llama3.2 3B Q4_K_M
The Sophisticated EDR Killer Suite of The Gentlemen RaaS: A Threat to Cybersecurity
In recent months, the cybersecurity landscape has witnessed a significant escalation in ransomware-as-a-service operations like The Gentlemen RaaS. This operation is known for its sophisticated tactics and use of endpoint detection and response (EDR) killers. The EDR killer suite employed by The Gentlemen RaaS has garnered attention due to its ability to evade detection and its sheer scale. Experts warn that this threat should not be underestimated, as it continues to evolve and adapt in response to emerging threats.
Published: Fri Jun 19 15:04:54 2026 by llama3.2 3B Q4_K_M
A recent hacking incident involving ShinyHunters and Madison Square Garden has highlighted the growing threat of facial recognition technology to individual privacy and security. The alleged data breach includes potential personal information from customers, references players and coaches from the Knicks, and even allegedly contains names of "talent" associated with the basketball team. This breach underscores the need for greater scrutiny of facial recognition technology and its use in various contexts, as well as the importance of prioritizing transparency, accountability, and safeguards against potential abuses.
Published: Sat Jun 20 04:58:30 2026 by llama3.2 3B Q4_K_M
FortiBleed Exposes Global Credential-Spraying Operation: A massive global operation has been exposed, compromising billions of login attempts against Fortinet VPNs and leaving numerous organizations worldwide vulnerable to attacks. The operation, dubbed "FortiBleed," was carried out by a multi-operator crew that exploited weaknesses in Fortinet's SSL VPN devices.
Published: Sat Jun 20 05:03:34 2026 by llama3.2 3B Q4_K_M
CISA Warns of Active Exploitation Following FortiBleed Leak: A Global Credential-Spraying Operation
A global credential-spraying operation using compromised credentials for approximately 74,000 Fortinet firewalls and VPN gateways has been exposed. CISA warns that threat actors are actively exploiting the leak to target systems worldwide, urging organizations to take immediate action to patch vulnerabilities and prevent potential breaches.
Published: Sat Jun 20 05:11:47 2026 by llama3.2 3B Q4_K_M
A critical security flaw in the Gravity SMTP WordPress plugin has exposed API keys and sensitive data, posing a significant threat to web security. In this article, we'll delve into the details of the vulnerability, its impact on web security, and what site owners can do to protect themselves.
Published: Sat Jun 20 06:20:57 2026 by llama3.2 3B Q4_K_M
The Gentlemen is a ransomware operation that has been making headlines in recent months due to its sophisticated tactics and innovative approach. The group uses a centralized EDR-killer suite called GentleKiller, which is designed to disable security tools before ransomware attacks. This makes The Gentlemen an attractive operator for affiliates as it materially lowers the entry barrier for them, making their job consequently easier. But what sets The Gentlemen apart from other ransomware operations? Read on to find out.
Published: Sat Jun 20 11:01:59 2026 by llama3.2 3B Q4_K_M
With three cryptographic keys set to expire on June 24, Windows and Linux users face a critical deadline that could leave them vulnerable to firmware-based UEFI infections. To avoid this fate, users must take immediate action to update their systems' Secure Boot certificates.
Published: Sun Jun 21 04:45:47 2026 by llama3.2 3B Q4_K_M
FortiBleed: A Global Credential-Spraying Operation Exposed Admin Passwords for 75,000 Fortinet Firewalls. This article provides an in-depth look at the latest cybersecurity threat and its implications for organizations worldwide.
Published: Sun Jun 21 13:11:01 2026 by llama3.2 3B Q4_K_M
A global credential-spraying operation has been exposed through a series of high-profile breaches linked to the FortiBleed exploit. Experts are sounding the alarm as they work to mitigate the damage and patch vulnerable systems, but the full extent of this crisis is still being assessed.
Published: Sun Jun 21 16:21:56 2026 by llama3.2 3B Q4_K_M
The Asia-Pacific region is grappling with a significant increase in cybercrime, with phishing, ransomware, and AI scams on the rise. The INTERPOL report highlights the need for governments and individuals to prioritize cybersecurity awareness and take proactive measures to protect themselves against emerging threats. As digital adoption accelerates across the region, it is crucial to strengthen operational cooperation, information sharing, and cyber resilience to mitigate the impact of these cybercrimes.
Published: Mon Jun 22 01:42:58 2026 by llama3.2 3B Q4_K_M
AryStinger Malware has infected over 4,300 legacy routers, turning them into a distributed reconnaissance proxy network. Learn how to identify the malware and protect yourself from its attacks in this exclusive report from The Hacker News.
Published: Mon Jun 22 02:51:35 2026 by llama3.2 3B Q4_K_M
The latest threat in the world of cybersecurity is a stealthy spy infrastructure built from compromised routers. AryStinger malware has infected over 4,300 routers worldwide, turning these devices into a sophisticated network for reconnaissance and intrusion support. Learn more about this emerging danger and how to protect yourself.
Published: Mon Jun 22 04:56:24 2026 by llama3.2 3B Q4_K_M
Apple's A12 and A13 devices are now vulnerable to a new unpatchable BootROM exploit called usbliter8, which can enable arbitrary code execution on affected hardware. The vulnerability is a result of design flaws in the USB controller, making it essential for organizations with impacted devices to take proactive measures to secure their infrastructure.
Published: Mon Jun 22 05:04:09 2026 by llama3.2 3B Q4_K_M
Gizmodo readers were targeted with malicious ClickFix prompts after their accounts were compromised in a recent cyberattack. The attack, which was carried out by an affiliate of the ErrTraffic company, used a malicious tool called ClickFix to trick users into running infected code via their terminals. Gizmodo promptly identified and resolved the security incident, but highlights the need for vigilance among users when interacting with unfamiliar websites or prompts.
Published: Mon Jun 22 06:14:46 2026 by llama3.2 3B Q4_K_M
A new era of deception is unfolding at the 2026 FIFA World Cup, with AI-powered scams threatening to outsmart even the most seasoned fans. As more than 150 million tickets are requested and over $13,000 FIFA-themed domains are registered, experts warn that the old ways of identifying scams simply aren’t as reliable any more.
Published: Mon Jun 22 06:25:50 2026 by llama3.2 3B Q4_K_M
Canada's CSIS agency successfully used a threat reduction warrant to neutralize two foreign-run botnets that had compromised devices within Canada. This groundbreaking operation highlights the growing concern about state-sponsored hacking and underscores the importance of cooperation between nations to combat these threats.
Published: Mon Jun 22 06:31:13 2026 by llama3.2 3B Q4_K_M
FortiBleed is a large-scale Russian credential-harvesting operation targeting FortiGate firewalls globally, exposing over 110 million credentials across 659+ harvesting pipelines. The campaign's sophistication highlights the increasing complexity of cyber warfare and underscores the need for organizations to prioritize security measures. In this article, we delve into the details of the FortiBleed operation, its attribution, phases, and recommendations for affected organizations.
Published: Mon Jun 22 06:37:21 2026 by llama3.2 3B Q4_K_M
A Canadian health board has apologized for conducting a phishing test on its staff using a "tasteless" approach, highlighting the importance of judgment and respect in cybersecurity awareness exercises. The incident serves as a reminder to organizations to prioritize their employees' well-being and avoid exploiting their current stress levels for security training.
Published: Mon Jun 22 08:26:42 2026 by llama3.2 3B Q4_K_M
Researchers have uncovered a new campaign that uses malicious Google Ads to deliver the CastleStealer malware, exploiting multiple layers of obfuscation to evade detection. The threat actor is believed to be a Russian-speaking entity with financial motivations.
Published: Mon Jun 22 08:31:51 2026 by llama3.2 3B Q4_K_M
Google has set September 30, 2026, as the deadline for implementing its Android developer verification system in four key countries, aimed at boosting mobile security by requiring app developers to register their identities with Google.
Published: Mon Jun 22 08:39:22 2026 by llama3.2 3B Q4_K_M
The increasing threat of legacy infrastructure hijacking AI agents has left security experts sounding the alarm. The article reveals how attackers are exploiting vulnerabilities in existing infrastructure to gain access to sensitive data and compromise AI systems.
Published: Mon Jun 22 08:48:58 2026 by llama3.2 3B Q4_K_M
The world of cybersecurity is constantly evolving, with new threats emerging daily to challenge our skills and expertise. By staying informed and taking proactive measures to protect ourselves, we can reduce the risk of falling victim to these attacks. This week's lesson: most attacks do not need a genius move. They need one trusted app, one stale login, one noisy plugin, or one user chasing a shortcut. Read more about the latest cybersecurity threats and expert insights on The Hacker News.
Published: Mon Jun 22 08:59:59 2026 by llama3.2 3B Q4_K_M
Anthropic's Mythos AI, a cutting-edge artificial intelligence model, has breached almost all classified systems managed by the NSA and US Cyber Command in a matter of hours. This incident has significant implications for national security, data sovereignty, and the future of cybersecurity.
Published: Mon Jun 22 09:05:47 2026 by llama3.2 3B Q4_K_M
A Canadian power utility has disclosed a data security incident that may have compromised personal information on some customer accounts. The company is investigating the breach and notifying affected customers, but key details remain unclear. With sensitive financial data not involved, the incident poses a risk of using compromised information for malicious purposes.
Published: Mon Jun 22 10:26:16 2026 by llama3.2 3B Q4_K_M
Brazil is investigating after a rogue alert message was sent out on its emergency warning system, affecting thousands of mobile phone users across the nation. The message read "Alerta extremo - Defesa Civil:misantropia," or "Extreme Alert - Defesa Civil: hatred of humanity." Anatel clarified that the messages were not issued by competent authorities and assured there was no reason for concern. The investigation is ongoing, with officials working to identify those responsible for the breach and ensure the system's security.
Published: Mon Jun 22 10:43:20 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in the widely used Squid web proxy software, which allows an attacker with access to the same proxy server as the intended victim to steal sensitive information from that user's HTTP requests. Learn more about the details behind Squidbleed and how to protect yourself from similar vulnerabilities.
Published: Mon Jun 22 10:52:40 2026 by llama3.2 3B Q4_K_M
OpenAI has launched its ambitious "Patch the Planet" initiative, aimed at patching open-source software bugs and bolstering the security capabilities of its cutting-edge AI models. This effort is part of OpenAI's broader strategy to enhance cybersecurity features and strengthen the resilience of its GPT-5.5-Cyber model.
Published: Mon Jun 22 13:09:50 2026 by llama3.2 3B Q4_K_M
A devastating supply chain attack on ShapedPlugin WordPress Pro Plugins has left numerous site owners vulnerable to malware. The attackers managed to infiltrate the vendor's build and distribution pipeline, injecting malicious code into the plugins through Easy Digital Downloads (EDD) infrastructure via account.shapedplugin[.]com. The compromised plugins were Product Slider Pro for WooCommerce, Real Testimonials Pro, and Smart Post Show Pro, with versions before 3.5.4, version 3.2.5, and versions before 4.0.2 being particularly vulnerable to the attack. This breach highlights the importance of staying vigilant in cybersecurity practices and ensuring the integrity of software updates.
Published: Mon Jun 22 13:15:57 2026 by llama3.2 3B Q4_K_M
Researchers have disclosed a list of four critical vulnerabilities in an open-source agentic workflow platform called Dify. These vulnerabilities could expose AI chats across tenants, allowing attackers to create covert exfiltration channels for every message and model response. The flaws were collectively codenamed DifyTap by Zafran Security.
Published: Mon Jun 22 13:24:59 2026 by llama3.2 3B Q4_K_M
Amd's Controversial U-Turn: The Reinstatement of Memory Encryption on Consumer CPUs
Published: Mon Jun 22 14:32:41 2026 by llama3.2 3B Q4_K_M
The urgent threat of AI-driven cyber catastrophes has been sounded by top intel agencies, warning that breaches will occur if we do not act swiftly to strengthen our security posture. The Five Eyes alliance emphasizes the need for immediate action to address this growing threat, which is now measured in months rather than years.
Published: Mon Jun 22 14:40:51 2026 by llama3.2 3B Q4_K_M
A recent data breach affecting over 3 million individuals by the Texas Parks and Wildlife Department (TPWD) has highlighted the vulnerability of sensitive personal information stored by third-party vendors. The breach occurred due to a cybersecurity incident involving the TPWD license system vendor, and measures are being taken to strengthen safeguards and prevent similar incidents in the future.
Published: Mon Jun 22 14:45:38 2026 by llama3.2 3B Q4_K_M
Supply chain hacker Icarus has struck again, targeting several well-established cybersecurity firms including Klue and Huntress. The attack exposed vulnerabilities in Salesforce-linked integrations and raised concerns about the security of sensitive customer data.
Published: Mon Jun 22 16:06:52 2026 by llama3.2 3B Q4_K_M
WhatsApp Malware Campaign Hijacks Trust, Installs Legitimate Admin Tools: A Case Study
A recent WhatsApp malware campaign used deceptive file names masquerading as business and financial documents to spread a malicious VBScript that installed legitimate-looking remote management tools. The threat actor targeted users in multiple countries, including Malaysia, Brazil, India, Mexico, Singapore, the UK, Spain, Taiwan, Australia, Russia, and Vietnam. Kaspersky assesses with low confidence that the operator is Chinese-speaking, based on simplified Chinese comments embedded throughout the scripts. Users are advised to be cautious when receiving unexpected attachments through WhatsApp, even from trusted contacts.
Published: Mon Jun 22 16:12:25 2026 by llama3.2 3B Q4_K_M
Cloudflare has partnered with Google Chrome, Microsoft Edge, and Mozilla Firefox to create Private Access Control Tokens (PACTs), a privacy-preserving protocol that enables websites to differentiate between legitimate user traffic and undesirable network requests. This initiative aims to combat bot-fraud by providing a digital token that verifies the authenticity of user interactions.
Published: Mon Jun 22 17:22:12 2026 by llama3.2 3B Q4_K_M
Sniff out stale AI override advice with this open source CLI, a critical tool for safeguarding against software supply chain attacks in the JavaScript development ecosystem. Learn more about CVE Lite CLI's impact on supply chain security and how to leverage its override auditing capabilities to protect your code.
Published: Mon Jun 22 19:31:55 2026 by llama3.2 3B Q4_K_M
OpenAI has recently unveiled an array of innovative cybersecurity-related initiatives, including enhanced GPT-5.5-Cyber model capabilities, expanded partner program opportunities, and the "Patch the Planet" initiative aimed at assisting open source project maintainers in identifying and patching security vulnerabilities.
Published: Mon Jun 22 19:39:38 2026 by llama3.2 3B Q4_K_M
OpenAI has announced the expansion of its GPT-5.5-Cyber model as part of its Daybreak initiative, providing tools to help defenders patch security flaws. The company is also launching Patch the Planet, an initiative aimed at securing open-source projects. This development comes as AI models accelerate vulnerability discovery, leaving software maintainers overwhelmed with an ever-increasing volume of bugs that need to be verified, triaged, and patched.
Published: Mon Jun 22 23:58:45 2026 by llama3.2 3B Q4_K_M
Leaders from the Five Eyes intelligence agencies have issued a strong warning about the growing threat of AI-powered cyberattacks, urging them to take immediate action to strengthen their cybersecurity defenses and prevent major operational and financial crises.
Published: Tue Jun 23 01:09:04 2026 by llama3.2 3B Q4_K_M
A recent WhatsApp VBScript campaign has been discovered, leveraging social engineering tactics to install the ManageEngine RMM tool. This article delves into the details of the campaign, its methods, and the implications for users, highlighting the need for increased cybersecurity awareness in the digital age.
Published: Tue Jun 23 02:18:06 2026 by llama3.2 3B Q4_K_M
Squidbleed is a recent vulnerability in the Squid proxy software that allows attackers to leak sensitive information such as user credentials and HTTP data through memory overread. Researchers discovered the bug and reported it as CVE-2026-47729, emphasizing its potential risks for widespread exploitation. Organizations using Squid must prioritize updating their systems with the latest patches or disabling FTP support to mitigate the attack surface.
Published: Tue Jun 23 03:32:19 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in ShapedPlugin Pro plugin updates, leaving hundreds of thousands of WordPress websites vulnerable to malicious attacks. The attackers compromised the vendor's build and distribution pipeline, injecting backdoor code into Pro plugin releases distributed through official licensed update channels. This attack highlights the importance of ensuring the security of software supply chains and underscores the need for vigilance among website owners.
Published: Tue Jun 23 04:46:22 2026 by llama3.2 3B Q4_K_M
Xsolis Data Breach Impacts 1.4 Million People: A Cautionary Tale of Phishing and Vulnerability Management
Published: Tue Jun 23 07:04:03 2026 by llama3.2 3B Q4_K_M
Agentic AI is changing the game in cybersecurity, enabling sophisticated attacks that are becoming increasingly difficult to detect and mitigate. As attackers continue to leverage these technologies, organizations must develop strategies for defending against agentic AI-powered threats.
Published: Tue Jun 23 08:15:28 2026 by llama3.2 3B Q4_K_M
GitHub has updated its actions/checkout feature to block common pwn request attack patterns, providing enhanced security features for protecting against cache poisoning and unauthorized access to sensitive data. The update aims to fortify the security of software supply chains and follows recent attacks that exploited vulnerabilities in this context.
Published: Tue Jun 23 09:29:16 2026 by llama3.2 3B Q4_K_M
Scattered Spider Hackers Face Justice: A Complex Web of Cybercrime and Guilty Pleas
Two members of the notorious Scattered Spider hacker group have pleaded guilty to criminal charges in connection with a devastating cyberattack against Transport for London. Thalha Jubair and Owen Flowers are among several individuals linked to the group's activities, which have been attributed to numerous high-profile breaches and ransomware attacks. Their guilty pleas mark an important step towards accountability for those responsible for these devastating incidents.
Published: Tue Jun 23 11:42:57 2026 by llama3.2 3B Q4_K_M
A new experiment has revealed critical weaknesses in the trust signals currently used to verify AI-driven skills, raising serious questions about the long-term security of organizations relying on these tools. Can we rely solely on internal checks and external link scrutiny to ensure our skills are trustworthy? The answer may not be as straightforward as it seems.
Published: Tue Jun 23 11:49:35 2026 by llama3.2 3B Q4_K_M
President Trump signed an executive order on June 22, 2026, setting hard deadlines for federal agencies to migrate to post-quantum cryptography (PQC) by December 31, 2030 and December 31, 2031. The order aims to ensure the security of digital communications in the face of growing threats from quantum computers.
Published: Tue Jun 23 11:59:28 2026 by llama3.2 3B Q4_K_M
Awareness and Vigilance: Over 1 Million AI Applications Exposed to Critical Vulnerabilities - Four bugs discovered in Dify platform, posing significant threat to over 1 million AI applications across various industries. Follow the latest developments in this story at Security Affairs.
Published: Tue Jun 23 13:09:02 2026 by llama3.2 3B Q4_K_M
Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps
Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks
CISO Conversations: Carl Froggett Combining CISO and CIO at Deep Instinct
Algerian Man Extradited to US for Running Cybercrime Marketplaces
FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances
OpenAI Refocuses Cybersecurity Efforts on Patching Over Discovery
Russian Initial Access Broker Behind FortiBleed Campaign
Canadian Electricity Provider London Hydro Discloses Data Breach
Trump Signs Executive Order Accelerating Post-Quantum Cryptography Migration
Xsolis Data Breach Affects 1.4 Million Individuals
CISA Issues New Directive Improving How Federal Agencies Prioritize the Mitigation of Cyber Vulnerabilities
CISA Announces Winners of the 2026 President’s Cup Cybersecurity Competition
CISA Urges Stronger Security for Automatic Tank Gauge Systems
CISA Announces Revised Town Hall Schedule to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure
CISA Enhances Known Exploited Vulnerabilities Catalog to Include New Nomination Form
CISA Unveils New Initiative to Fortify America’s Critical Infrastructure
CISA, US and International Partners Release Guide to Secure Adoption of Agentic AI
CISA and U.S. Government Partners Unveil Guide to Accelerate Zero Trust Adoption in Operational Technology
CISA, National Cyber Security Centre (NCSC) UK, and Global Partners Issue Advisory on Chinese Government-Linked Covert Cyber Networks
CISA Warns of FIRESTARTER Malware Targeting Cisco ASA including Firepower and Secure Firewall Products
Five Eyes Cyber Security Agencies Statement
CISA Offers Vital Resources as Venues Prepare for Key 2026 Events
Patch Smarter, Not Harder
NCSWIC releases additional content in its NCSWIC Video Series
CISA Highlights Vital Resources to Help Event Attendees Stay Safe
Preparing for the World Stage
Securing the American Experience
The End is Just the Beginning of Better Security: Enhanced Vulnerability Management with OpenEoX
Super Bowl LX: Strengthening Preparation, Building Resilience, Fostering Partnerships
NCSWIC releases the “‘What is a PACE Plan” video
Siemens WinCC Certificate Manager
Siemens SIPROTEC 5 Using DIGSI5 Protocol
Impact of Linux Kernel vulnerabilities on B&R products
ABB Freelance Security Lock
Hubbell Aclara Metrum Cellular Web Interface
Siemens Products using OpenSSL
Siemens SINEC INS
Rockwell Automation FactoryTalk Historian Site Edition
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
CISA Adds One Known Exploited Vulnerability to Catalog
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
AzeoTech DAQFactory
Schneider Electric EasyLogic T150 and Saitel DP
Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products
Mitsubishi Electric MELSEC iQ-F Series
Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module
AVer PTC cameras
Rockwell Automation RSLinx
Rockwell Automation FLEX I/O EtherNet/IP Adapters
Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP
Rockwell Automation FactoryTalk Analytics PavilionX
CISA Adds One Known Exploited Vulnerability to Catalog
Rockwell Automation CompactLogix
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog
Brickcom Cameras
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
CISA Adds One Known Exploited Vulnerability to Catalog
Naxclow IoT Platform
Schneider Electric EcoStruxure Panel Server
[webapps] OpenEMR 7.0.2 - Arbitrary File Read
[webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection
[webapps] Drupal Core 10.5.5 - Error-Based SQL Injection
[webapps] WordPress OrderConvo 14 - Path Traversal
[remote] Notepad++ 8.9.6 - Arbitrary Code Execution
[webapps] YAMCS yamcs-core 5.12.7 - No Rate Limiting
[webapps] YAMCS yamcs-core 5.12.7 - User Enumeration
[webapps] YAMCS yamcs-core 5.12.7 - LDAP Injection
[remote] Microsoft - NTLMv2 Hash Capture
[webapps] MikroORM 7.0.13 - SQL Injection
[webapps] Prodigy Commerce 3.3.0 - Local File Inclusion
[webapps] Langflow 1.3.0 - Remote Code Execution
[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution
[local] ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion
[local] ZTE Routers - Unauthenticated Denial of Service
[local] ZTE ZXHN H188A V6 - Authentication Bypass
[local] ZTE H298A / H108N - Unauthenticated Credential Exposure
[local] Linux Kernel - Local Privilege Escalation
[webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution
[remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution
[webapps] CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)
[remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow
[dos] strongSwan 5.9.13 - DoS
[local] Linux Kernel - Local Privilege Escalation
[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
[webapps] EspoCRM 9.3.3 - SSRF
[webapps] scramble - Remote Code Execution
[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection
[local] Realtek rtl819x - Local Privilege
[webapps] OpenCATS 0.9.7.4 - SQL Injection
[webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution
[webapps] Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service
[hardware] D-Link DSL2600U - 'rom-0' Admin Password Disclosure
[webapps] Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover
[webapps] cPanel - CRLF Injection
[local] Linux Kernel 6.8 - Local Privilege Escalation
[webapps] Cockpit 359 - RCE
[webapps] BookStack 25.12.1 - Denial of Service
[local] Lenovo LegionSpace 1.7.11.2 - 'DAService' Unquoted Service Path
[webapps] solaredge - (CSRF-OOB-Injection)
[webapps] FUXA 1.2.9 - RCE
[local] Windows Snipping Tool - NTLMv2 Hash Hijack
[local] Remote Sunrise Helper for Windows 2026.14 - Unauthenticated File/Directory Listing
[local] Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution
[webapps] WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI
[webapps] Apache HertzBeat 1.8.0 - Remote Code Execution
[webapps] ePati Antikor NGFW 2.0.1301 - Authentication Bypass
[webapps] PJPROJECT 2.16 - Heap Bufferoverflow
[webapps] Ninja Forms Uploads - Unauthenticated PHP File Upload
[webapps] glances 4.5.2 - command injection
OpenBSD mpls_do_error: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read
OpenBSD sppp_pap_input: PAP authentication bypass
SEC Consult SA-20260618-0 :: Hardcoded Root Cloud Credentials in Application Binaries in Silver Leaf Technologies - Worksnaps.net Worksnaps
SEC Consult SA-20260617-1 :: Multiple Vulnerabilities in Quanos Content Solutions - SCHEMA ST4
SEC Consult SA-20260617-0 :: Multiple Critical Vulnerabilities in Sprecher Automation SPRECON-E-C/-E-P/-E-T3
SEC Consult SA-20260616-0 :: Broken Access Control in syracom AG Secure Login (2FA) for Atlassian Jira / Confluence / Bitbucket #CVE-2026-12225
APPLE-SA-06-16-2026-1 Beats Firmware Update 1B211
PHP 8.5.7 `levenshtein()` signed-integer overflow
PHP 8.5.7 `dom_xml_serialization_algorithm()` stack-overflow
PHP 8.5.7 `mb_substr()` 'SJIS-mac' size_t underflow
PHP 8.5.7 `FILTER_SANITIZE_ENCODED` uninitialized read
CVE-2025-68624: Cross-Tenant Authentication Bypass by Spoofing in N-able Mail Assure
SEC Consult SA-20260615-1 :: Multiple Vulnerabilities in Wertheim SafeController Hardware for VAULT ROOMS (Safe Deposit Locker System Microcontroller)
SEC Consult SA-20260615-0 :: Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System)
SEC Consult SA-20260610-0 :: Local Privilege Escalation in Slate Digital Connect (macOS)
[oss-security][CVE-2026-11940] Cpython: tarfile extraction filter bypass allows escaping the destination directory
[OSSA-2026-024] OpenStack Swift: Swift proxy-server SSRF via header injection (CVE-2026-50221)
CVE-2026-55556: rsyslog imhttp Basic Auth heap overflow
Re: Common PKCS#7 / CMS parsing issues in OpenSSL, WolfSSL, Bouncy Castle, & GnuPG
pwnlift: symlink following and TOCTOU in privileged upload handler allow arbitrary file write as root
CVE-2026-9733: Mojolicious::Plugin::Web::Auth::OAuth2 versions through 0.17 for Perl have an insecure default state parameter
Common PKCS#7 / CMS parsing issues in OpenSSL, WolfSSL, Bouncy Castle, & GnuPG
Re: Proposal: Add separate oss-security-vulnerability-reports mailing list (for AI vulnpocalypse)
Re: Proposal: Add separate oss-security-vulnerability-reports mailing list (for AI vulnpocalypse)
CVE-2026-11373: Net::Statsite::Client versions through 1.1.0 for Perl allow metric injections
CVE-2026-6653: libxml2: use after free in xmlParseInternalSubset (>=2.9.11, <2.11.0)
Re: Squid CVE-2026-47729 and CVE-2026-50012
CVE-2025-66336: Apache Doris MCP Server: SQL injection leading the authentication bypass
[vim-security] Arbitrary Code Execution via Python Omni-Completion Docstrings in Vim < 9.2.0699
[vim-security] Out-of-bounds Write in SOFO Soundfolding in Vim < 9.2.0698