The agreement gives SpaceX a new stream of revenue for its AI business ahead of its IPO.
GeekGuyBlog, Uncategorized
Top Selling Technology Products (June 2026)
EXECUTIVE SUMMARY June 2026 represents a pivotal month in the technology landscape, marked bythe continued dominance of AI-integrated devices, the resurgence of foldablesmartphones, and the maturation of smart home ecosystems. Despite globalheadwinds including memory cost pressures and economic uncertainty, consumertech spending reached $836 billion in 2026 (Gartner), with June showingstrong performance across wearable AI devices,…
Exploits, Global Security News
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
CISA warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. […]
AI, Global Security News, malware
Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account
32 Red Hat npm packages compromised by Miasma malware expose cloud tokens, CI/CD secrets and developer credentials in supply chain attack.
Data Breaches, Global Security News
Exposed Fuel Tank Gauges Under Attack in the US
Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption.
Exploits, Global Security News, Network Security
Another Cisco Catalyst SD-WAN Manager bug actively exploited
Cisco warns of an exploited SD-WAN flaw that can enable remote code execution and network compromise.
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Six protobuf.js Vulnerabilities Expose RCE and DoS Risks
Six vulnerabilities discovered in protobuf.js could allow attackers to execute arbitrary code, crash services, and compromise software supply chains across cloud, AI, messaging, and development environments. According to Cyera researchers, the flaws affect the widely used JavaScript implementation of Google’s Protocol Buffers, a data serialization framework that underpins communication across countless distributed systems. The library…
Global Security News, malware
Chinese APT deploys new malware to keep access to hacked networks
A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and previously undocumented malware named Plenet and AgentPSD. […]
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management
AI Threats, Zero-Days, and Data Breaches Define This Week of June 2026 in Cybersecurity
Major Threats & Vulnerabilities Zero-Day Exploits and Critical Vulnerabilities A newly discovered Comodo zero-day vulnerability can crash Windows systems through a malformed IPv6 packet. Researcher Marcus Hutchins identified the flaw, but Comodo has yet to issue a patch. Users are advised to filter suspicious IPv6 headers and test incident response plans. Google patched an Android…
AI, Global Security News
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively. According to JFrog, the information stealer “scrapes every secret it can find on a developer’s machine, hides behind an eBPF…
AI, Apps, Cybersecurity, Europe, Global Security News, malware, Network Security
Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure
Researchers exposed the Silent Ransom Group ‘s Fast Flux infrastructure as the FBI warns of ongoing attacks targeting U.S. law firms and businesses. Resecurity uncovered the Silent Ransom Group (SRG)’s Fast Flux network infrastructure and shares available intelligence with the cybersecurity community to disrupt their malicious activities and enable ISP/DNS providers to counter this threat.…
Global Security News
Dark web Nemesis Market vendor gets 26 years for selling drugs
A California man was sentenced to more than 26 years in federal prison for trafficking fentanyl and methamphetamine through Nemesis Market, one of the world’s largest dark web marketplaces. […]
AI, Global Security News
Microsoft identifies seven new ways AI agents can be hacked
Microsoft has identified seven new failure modes in agentic AI systems, in addition to those it identified last year in its first Taxonomy of Failure Modes in Agentic AI Systems. Four things contributed to the growing list of ways agentic AI can go wrong: the speed at which the technology went mainstream, the growing maturity…
AI, Data Breaches, Global Security News
Atlas Menu Data Breach Exposes 64,000 GTA V and CS2 Cheat Service Users
Atlas Menu Data Breach exposes 64,000 GTA V and CS2 cheat service users, leaking emails, IPs, support tickets and hashed passwords.
AI, Global Security News
Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5
If you’ve ever received an out-of-the-blue message via LinkedIn from a recruiter offering some well-paid consultancy work, intelligence agencies have a message for you: be very careful. Read more in my article on the Hot for Security blog.
AI, Apps, Cloud Security, Endpoint, Global Security News
Building secure B2C applications with fine-grained access control using Amazon Cognito and Amazon Verified Permissions
Modern web applications require robust security controls to protect user data and application resources. Authentication and authorization are two fundamental pillars of application security that answer critical questions: Who are you? and What are you allowed to do? Implementing these controls correctly can be challenging for developers, especially when building data-intensive applications with frameworks like…
AI, Global Security News
Patching fast and slow: Ruby devs delay to defend against supply chain attack
The team behind RubyGems, a package hosting site for Ruby developers, has added a new feature to bundler, a tool for managing Ruby packages (or ‘gems’) to protect developers against the recent wave of software supply chain attacks: A cooling-off period before recently updated packages are installed on their systems. Recent attacks on software repositories…
Global Security News
Why AI Agents Need an Identity Model, Not Just an API Key
AI, Global Security News, Network Security
Tech industry cut 38,242 jobs in May, worst since 2024
Technology companies announced 38,242 job cuts in the US in May 2026, the highest monthly total for the sector since August 2024, according to research by employment placement company Challenger, Gray & Christmas. So far this year the company has observed 123,653 US technology job cuts, a rise of 66 percent from the same period…
Global Security News
Estonia Is Fighting Brain Rot—With Free ChatGPT
Plus, the push to bypass Chinese rare earths and the scramble to ban personalized pricing.
AI, Exploits, Global Security News, malware, Network Security, Risk Management
CVE-2026-20245: Cisco SD-WAN Manager Zero-Day Enables Root Command Execution
Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of Cisco Catalyst SD-WAN Manager and can allow an authenticated remote attacker with netadmin privileges to execute arbitrary commands as root by uploading a crafted file. Cisco says exploitation has already been observed in limited cases,…
AI, Global Security News
Magecart campaign exploits Stripe API for credit card theft
The sophisticated attack utilizes Google Tag Manager (GTM) and Stripe domains, which are implicitly trusted by e-commerce sites, allowing the malicious code to bypass security measures.
AI, Apps, Global Security News, Risk Management
Understanding LLM Coding Personalities Is Now Key to Developer Improvement
Secure code development goes beyond tools and software – it is a complex activity grounded in risk management and involves an understanding of a developer’s strengths and weaknesses. Recognizing your developers’ level of expertise goes a long way, and helps determine where security issues are most likely to occur, and which developer is best suited…
AI, APAC, Exploits, Global Security News
CVE-2026-49975: HTTP/2 Bomb Attack Can Knock Web Servers Offline in Seconds
A newly disclosed denial-of-service vulnerability, tracked as CVE-2026-49975, shows how long-known HTTP/2 weaknesses can still be chained into a highly effective modern attack. SecurityWeek reports that researchers at Calif demonstrated an HTTP/2 Bomb exploit capable of knocking major web servers offline within seconds by combining a compression bomb with a Slowloris-style hold that prevents the…
AI, Cybersecurity, Global Security News
How to Use AI Video to Boost Your Email Marketing Open Rates and Conversions in 2026
Discover how adding AI-generated video to your campaigns can significantly increase open rates and click-throughs. Complete guide with strategies, tools, and benchmarks. Email marketing isn’t dead — but it’s drowning in sameness. The average professional receives 121 emails per day, according to Radicati Group’s 2026 Email Statistics Report. Open rates across industries hover around 21%,…
AI, Cybersecurity, Global Security News
How to Use AI Video to Boost Your Email Marketing Open Rates and Conversions in 2026
Discover how adding AI-generated video to your campaigns can significantly increase open rates and click-throughs. Complete guide with strategies, tools, and benchmarks. Email marketing isn’t dead — but it’s drowning in sameness. The average professional receives 121 emails per day, according to Radicati Group’s 2026 Email Statistics Report. Open rates across industries hover around 21%,…
Global Security News
Why writing software has become dangerous today
There’s just more code than ever and developers can’t verify everything – we need to make all that code understandable.
AI, Exploits, Global Security News, Risk Management
Commvault offers recommendations for resilience in the age of frontier AI
Frontier AI models, while powerful for identifying vulnerabilities, also present new risks from bad actors, accelerating exploitation timelines to mere minutes.
Cybersecurity, Global Security News
Hola browser supply chain attack delivers cryptocurrency miner
Cybersecurity researchers at Sophos and other companies discovered an undeclared executable, identified as a Monero cryptocurrency miner, being installed with the Hola Browser.
AI, Cybersecurity, Global Security News, Government & Policy, malware
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
Arabic-speaking users have emerged as the target of a new Android spyware codenamed Asin, according to findings from ESET. The Slovakian cybersecurity company said it first detected the malware spread via multiple campaigns in early 2025, with each attack wave making use of distinct websites mimicking utilities, war-related updates, and a government news source: govlens[.]net,…
Global Security News
Over 900 US gas station tank gauge systems exposed to attacks
Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online and are vulnerable to ongoing attacks. […]
AI, Exploits, Global Security News, Risk Management
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
Microsoft reopened some wounds and has reignited debate over the past couple weeks about vulnerability disclosure and the sometimes adversarial dynamic it creates between security researchers and vendors. The latest controversy ensued when Microsoft threatened criminal legal action against a security researcher who publicly disclosed a series of zero-day vulnerabilities with proof-of-concept exploits. Microsoft insisted…
AI, Apps, Funding, Global Security News, Risk Management
Ensono CTO: AI Success Starts with Data Discipline
Financial services firms racing to adopt AI may be overlooking the foundational work required to make those investments pay off, according to Syed Ali, CTO of Global Financial Services at Ensono. While many banks, insurers, and asset managers are experimenting with generative AI and agentic tools, Ali said the organizations seeing the strongest results are…
AI, Global Security News
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
AI worms, or “viruses with wings and brains,” adapt to new environments, seek out vulnerabilities, and will likely strike within a year, researchers say.
AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Hugging Face Vulnerability Allows Remote Code Execution
Organizations using vulnerable versions of the Hugging Face Transformers library could unknowingly execute attacker-controlled code simply by loading a malicious AI model. Researchers at Pluto disclosed a remote code execution (RCE) vulnerability that bypasses the library’s built-in trust_remote_code=False security control, potentially exposing cloud credentials, SSH keys, API tokens, and other sensitive assets. “One poisoned field…
AI, Global Security News
What 2026 DBIR Confirms: Attacks Are Living in the Browser
Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-layer security gaps and modern attacks. […]
AI, Cybersecurity, Exploits, Global Security News
Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet
Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco warns of a privilege escalation flaw, tracked as CVE-2026-20245 (CVSS base score of 7.8), in Cisco Catalyst SD-WAN Manager, the platform formerly known as SD-WAN vManage. An authenticated local…
AI, Global Security News, Government & Policy, privacy, Risk Management
Why Apple may be winning again
As we lean into WWDC, three strategically brilliant Apple moves have been exposed in the last couple of weeks, two of which will have immense consequences in the coming year, while one sets the scene for essential future growth. In each case, Apple’s leadership has found counter-intuitive gambits that actually secure the company’s future. Let’s start…
Exploits, Global Security News
Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords
Threat actors are deploying an updated SHub Stealer variant named Reaper that exploits the native macOS Script Editor to bypass OS-level protections and compromise cryptocurrency assets.
Global Security News, Government & Policy
Trump AI Order Seeks Voluntary Frontier Model Testing
The White House’s executive order establishes voluntary framework for early government access to frontier models while investing in federal security.
AI, Apps, Global Security News, Risk Management
Anthropic suggests slowing AI research until we can align it with human goals
AI could soon lead to systems capable of improving their own performance faster than humans can effectively supervise them, reviving concerns about the industry’s longstanding “alignment problem,” ensuring AI systems reliably pursue human goals, senior Anthropic researchers have warned in a new blog post titled “When AI builds itself.” Anthropic Institute lead Marina Favaro and…
china, Cybersecurity, Global Security News
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Cybersecurity researchers have discovered a previously unreported threat cluster dubbed OP-512 that has been observed targeting Microsoft Internet Information Services (IIS) servers to deploy a bespoke web shell framework. ReliaQuest has assessed with moderate to high confidence that the espionage-focused activity is linked to China. “OP-512 was highly likely conducting espionage through a
AI, Cybersecurity, Exploits, Global Security News, Risk Management
Malware could drain your fuel tank as well as your bank account
Ongoing cyber-attacks on automated tank gauges (ATGs) could result in fuel tanks being drained without businesses noticing, the US Cybersecurity & Infrastructure Security Agency has warned. Connected ATGs are widely deployed in gas stations, as well as on military bases, in hospitals, and in manufacturing plants. And it’s not just fuel stores at risk: ATGs…
AI, Global Security News
Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware
FlutterShell is linked to previous malvertising campaigns including TamperedChef.
AI, Global Security News
Attackers obtained encrypted password vaults from some Dashlane user accounts
Dashlane has disclosed new details about a brute-force attack that let a threat actor access some customer accounts and copy encrypted vaults. Dashlane said it found no evidence that the attackers compromised its internal systems. The company first acknowledged the incident on May 31 after users reported receiving account suspension emails and experiencing login problems.…
AI, Global Security News
Infosecurity Europe: Practical Lessons From Lloyds’ Agentic AI Security Playbook
Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance
Global Security News
Morgan Stanley Sees SpaceX’s Revenue Reaching $3.4 Trillion in 2040
Projections banks shared with top investors show how they are selling the rocket maker’s $1.77 trillion valuation.
AI, Global Security News
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Eighteen months ago, the AI SOC was a marketing line. Today it’s a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the security stack. The data shows SOCs are buying,…
Global Security News
Let’s Encrypt works toward post-quantum certificates at web scale
Let’s Encrypt plans to pursue a post-quantum-safe Web PKI through Merkle Tree Certificates (MTCs), a new approach that adds post-quantum authentication to the web without sacrificing the speed and reliability that have made TLS universal. The project is targeting late 2026 for a staging environment that issues MTCs, with a production-ready environment planned for 2027.…
AI, Global Security News
Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
AI, Cybersecurity, Data Breaches, Global Security News, malware, Network Security, privacy, Risk Management
Leader in Malware Analysis: ANY.RUN Named Top Vendor in G2 Summer 2026 Awards
We are proud to announce that ANY.RUN has earned the title of Momentum Leader and ranked #1 in the Relationship Index in the latest G2 Summer Reports. Reflecting real security teams’ actual experience, these rankings once again prove how critical ANY.RUN’s solutions are for daily SOC operations in modern enterprises. Why ANY.RUN’s Momentum Leader Title Matters for Your Team G2 awards…
AI, Europe, Exploits, Global Security News, malware, Network Security
PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network
Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor tracked as PCPJack compromised 230 cloud servers across Amazon Web Services, Google Cloud, and Microsoft Azure and turned them into a covert email relay network. Hunt.io researchers discovered the operation because PCPJack…
AI, Apps, Global Security News, malware, privacy
16 ways to speed up Windows 11
Windows 11 does a lot under the hood to speed up a PC’s performance, but PCs tend to slow down over time as they accumulate apps, files, drivers, and other detritus. Even zippy new Windows 11 devices can be sped up — and protected against future slowdowns — with a few minor system tweaks. It’s simple to…
Global Security News
There’s More to Space Stocks Than SpaceX
Rocket Lab gives investors another way to play the space race.
AI, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Claude Code has an MCP security problem — and your developers are already using it
Claude Code is Anthropic’s AI coding assistant — a command-line tool that developers are adopting fast. It connects to external services through Model Context Protocol, the standard that lets AI tools interact with Jira, Confluence, GitHub, databases and internal APIs. When a developer connects one of those services, Claude Code runs an OAuth flow, the…
AI, Global Security News, Risk Management
Infosecurity Europe: AI Coding Tools Need Built-In Security for Agentic Development Era
Ox Security field CTO, Boaz Barzel, makes the case for vibe security to tackle AI agent coding risks
AI, Exploits, Global Security News
Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)
A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To exploit this vulnerability, an attacker must have netadmin privileges on an affected system. This would require valid credentials or exploitation of CVE-2026-20182 or CVE-2026-20127. Cisco is not aware of successful…
Exploits, Global Security News
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including,…
AI, Global Security News
AI is helping low-skill hackers pull off advanced cyberattacks
Anthropic has published an analysis of cyber-related misuse of its AI systems, examining 832 accounts that were banned for malicious cyber activity between March 2025 and March 2026. The company mapped the observed behavior to the MITRE ATT&CK framework, which documents tactics and techniques used by attackers. “These 832 cases are just a subset of…
AI, Compliance, Cybersecurity, Data Security, Europe, Global Security News, malware, Network Security, Risk Management
May 2026 Leadership Recap: Channel Execs Move Toward AI
We’re barreling toward the midway point of the year, and May has seen a number of new executive leadership shuffles to guide organizations through the second half of the year and beyond. Organizations across the ecosystem have made shifts to their leadership teams, including new hires, promotions, and the addition of their first-ever AI executives.…
AI, Apps, Cloud Security, Cybersecurity, Global Security News, Network Security, Risk Management
May 2026 M&A Recap: Security and AI Remain Top Priorities
WatchGuard, Torq, and Asana are just a few organizations that have made strategic acquisitions in the IT ecosystem to expand their capabilities and provide more services to a greater number of customers. Before we reach the summer months, take stock of the mergers and acquisitions in the channel from May. Security consolidation continues as firms…
Global Security News
Infosecurity Europe: Reactive Security Is Failing Healthcare Organizations, Experts Warn
A perfect storm of legacy devices, hyper connectivity and human fatigue is bad news for the healthcare sector, warns Cyber Salus
AI, Apps, Compliance, Cybersecurity, Global Security News, Network Security
10 Free Managed Services Pricing Templates for MSPs in 2026
Many managed service providers (MSPs) know which services they want to offer but struggle to determine how to package, price, and present those services to clients. Managed services pricing templates provide a framework for organizing service offerings, comparing pricing models, and communicating value more clearly. Whether you’re building your first service packages or refining an…
AI, Data Breaches, Exploits, Global Security News, Risk Management
Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications
SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google’s defenses and control smart home devices. SafeBreach Labs researcher Or Yair spent months trying to break Google’s Gemini voice assistant after Google patched the vulnerabilities he found in his previous research. The new attack class he developed, named Fake…
AI, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management
Commvault Provides Resilience Approach for Frontier AI
Commvault, a data protection and cyber resilience organization, has made recommendations to help organizations stay resilient in the age of frontier AI. Frontier models create new security risks while helping address them As frontier models, hosted in the cloud, excel at identifying vulnerabilities at speed and compressing exploitation timelines, they also present exploitable threats to…
AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Russia
AI tools becoming hot commodities on ransomware marketplaces
Sales of AI-based tools is accelerating within underground ransomware marketplaces, lowering the barrier to entry for new actors in the process. An analysis of Telegram channels, 20 dark web forums, and five underground markets by anti-ransomware platform vendor Halcyon found that AI utility posts grew to 1,486 in February 2026, up from just 38 in…
AI, china, Global Security News, Risk Management
Why Waymo settled for the wrong car
Forget “Florida Man.” Want to hear a California Man story? Here goes. A California man rolled up to a yoga studio in San Francisco’s Marina District in a self-driving Waymo car, walked into the studio, grabbed an armful of yoga shorts, got back in the Waymo and took off. Six months later, police still haven’t…
AI, Global Security News, malware
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Security researchers and the FBI are warning that a wave of FIFA-themed fraud is already hitting World Cup 2026 fans, days before the June 11 kickoff. Recent reports describe thousands of lookalike FIFA domains, banking malware hidden inside pirate streaming apps, and at least one operation that copies FIFA’s login page well enough to take…
AI, Cybersecurity, Europe, Global Security News, Network Security
Photos: Infosecurity Europe 2026
Infosecurity Europe 2026 is a cybersecurity event that took place from June 2 to 4 in London. Help Net Security was on-site and here’s a closer look at the conference. The featured vendors are: Microsoft, JupiterOne, Menlo Security, Cato Networks, Falkin, Vivida, Pen Test Partners, Netskope, Qualys, Syteca, runZero, Vanta, OneTrust, Panaseer, Airia. The post…
AI, Compliance, Cybersecurity, Data Breaches, Global Security News, Risk Management
Compliance chaos: NY regulators see a data breach — then focus on IT errors
The age-old IT defense when compliance violations are investigated by regulators is to try and keep a low profile — and hope no one looks too closely. But with enhanced SEC interest in all data breaches encouraging regulators around the globe to take those closer looks at IT, data breach disclosure rules are becoming more…
AI, Apps, Global Security News
The Evil MSI Background is Back!, (Fri, Jun 5th)
A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1]. Yesterday, I spotted another one! It seems that the technic is getting more and more popular. This time, it started with a mail containing a WeTransfer link. Often, the WeTransfer brand is…
Global Security News
June 2026 Patch Tuesday forecast: Where are the CVEs?
My forecast from last month was only partly right. After the Anthropic Mythos announcements and the deluge of newly discovered vulnerabilities from vendors like Mozilla, Microsoft’s updates were standard fare, 65 CVEs reported in Windows 11 and 58 in Windows 10. The Microsoft Office releases were a bit higher with 19 CVEs or so reported…
Exploits, Global Security News
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. […]
AI, APAC, Global Security News
AgentGG: Open-source agentic SAST scanner
Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand. AgentGG approaches the same job with AI agents that read the code, follow imports, walk the call graph, and confirm a finding before they report it. The project is an open-source…
AI, Europe, Global Security News, Network Security
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. “Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer…
AI, Global Security News
Thieves can pull off keyless car theft in under a minute and here’s how to stop them
A keyless car can be stolen in under a minute. Two people, a pair of cheap radio amplifiers, and a fob sitting on a hallway table inside the house. That is enough. No broken glass. No alarm. No sound. Most keyless cars remain vulnerable The vulnerability runs across the global market. Germany’s largest auto club,…
GeekGuyBlog
Rust-Written IronWorm Hits NPM Supply Chain
A new malware named IronWorm targets the NPM supply chain, raising urgent concerns about developer security and software integrity.
AI, Global Security News, Risk Management
AI agent governance gets harder when agents outnumber your people
In this Help Net Security video, Amit Gautam, CTO at Abluva, explains the security risks that autonomous AI agents bring into enterprise environments. He opens with a real case: a reconciliation agent at a financial services firm had legitimate access to a customer database. A poison instruction from upstream changed its behavior, and it scanned…
AI, Global Security News, Risk Management
Most pros have seen AI hallucinations in IT operations
Autonomous AI is taking action inside enterprise IT environments. Software is restarting services, isolating risky devices, and applying patches without waiting for a human to approve the step. The capability is spreading at the same time IT professionals are reporting frequent encounters with AI output errors that can carry operational impact. Ivanti’s 2026 AI Maturity…
AI, Global Security News, Network Security, Risk Management
New infosec products of the week: June 5, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Asimily, depthfirst, Diligent, Hyland, MazeBolt, and Noma. Asimily turns device risk into automated network policy Asimily has launched Segmentation Orchestration, enabling connected-device risk intelligence to flow directly into enforceable network policy without manual translation. No other platform combines full asset…
Competitive Reports, GeekGuyBlog
2026 AI JOB LOSS REPORT
EXECUTIVE SUMMARY 2026 marks a critical inflection point in the AI employment landscape. After years of AI hype, the industry is now facing a severe labor contraction as companies reassess their AI investments. The data reveals a stark reality: AI is no longer just reshaping jobs—it’s actively eliminating entire categories of work. ───────────────────────────────────────────────────────────────── DATA SOURCES:…
AI, Global Security News
U.S. Officials Discuss Taking Financial Stakes in AI Industry
The talks have been with artificial-intelligence leaders, including OpenAI CEO Sam Altman who pitched the idea.
Global Security News
ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
AI, Global Security News, Russia
Real-Time Satellite Intel Is Making Ukraine’s Drone Strikes Deadlier Than Ever
Commercial satellite imagery, sent straight to soldiers’ phones, is speeding up the kill chain and causing new problems for Russian forces.
AI, Cybersecurity, Funding, Global Security News, Government & Policy
US government report slams NIST for NVD backlog
A report from the US Commerce department’s inspector general blames the National Institute of Standards and Technology (NIST) for the ever-growing backlog of vulnerabilities for inclusion in the National Vulnerability Database (NVD). But cybersecurity practitioners say that the backlog, although very real, has been building for years, and that the government is doing little to…
AI, Global Security News
Apple’s Plan for AI Dominance Rests on Fixing Its Much-Maligned Chatbot
The iPhone-maker has clear advantages to lead in consumer AI, but only if it can finally modernize Siri.
AI, Global Security News
China-linked actors using job sites to target government workers, Five Eyes warns
The intelligence agencies, comprising the UK, US, Canada, Australia, and New Zealand, detailed a sophisticated espionage campaign.
Data Breaches, Global Security News
Android Gemini prompt injection flaw patched by Google
SafeBreach researchers discovered that prompt injection attacks could be executed on Android phones if a user instructed Gemini to read their pending notifications.
AI, Data Breaches, Global Security News
iFood confirms data breach affecting 1.2 million users
The breach resulted in the exposure of names, phone numbers, addresses, and CPF numbers, which are crucial Brazilian taxpayer identification documents used for various daily transactions.
Cybersecurity, Exploits, Global Security News
Underground forum tutorial simplifies vulnerability exploitation for novice hackers
The tutorial, authored by a hacker known as “Hercules” and documented by cybersecurity company Flare, breaks down the process of scanning, detecting, exploiting, and monetizing vulnerabilities into actionable steps.
Global Security News
Critical Redis vulnerability CVE-2026-23479 allows remote code execution
The vulnerability, rated 8.8 by CVSS 3.1 and 7.7 by CVSS 4.0, resides in the unblockClientOnKey() function within src/blocked.c.
Global Security News
Offroad launches with $7 million to use AI agents for identity security
Offroad addresses the growing complexity of identity security, which has surpassed manual review capabilities.
AI, Global Security News
AI tools pose insider threat risks as integration accelerates
Researchers from DTEX have detailed how common workflows using AI agents, such as Anthropic’s Claude Cowork, can grant extensive access to sensitive corporate data.
Exploits, Global Security News
Critical vulnerability in Hugging Face Transformers library allowed arbitrary code execution
The vulnerability, tracked as CVE-2026-4372, was exploitable through a standard model-loading command, even when Hugging Face’s recommended security setting “trust_remote_code=False” was enabled.
AI, Global Security News
Fake document marketplace aiding migrant smuggling dismantled in Spain
The investigation, initiated by French authorities who identified the website, culminated in Spain with the arrest of a suspect in Alicante.
AI, Cybersecurity, Global Security News
Why Dubai Villas Are Quietly Becoming the World’s Largest Smart-Home Testbed
In the latest development, I will show you why Dubai villas are quietly becoming the world’s largest smart-home testbed. The average new-build villa in Arabian Ranches now ships with pre-wired conduit for 40-plus connected devices before the owner places a single purchase order. What started as a luxury differentiator has become a distributed IoT laboratory,…
AI, Global Security News
DentaQuest data breach exposes sensitive information of 2.6 million accounts
The incident came to light last month when the extortion group ShinyHunters claimed to have stolen over 234 GB of data from the company.
Apps, Data Breaches, Global Security News
World Food Programme reports data breach affecting Palestinian beneficiaries
The World Food Programme confirmed a breach of its self-registration application (SRA) for Palestine, which occurred on May 14.
AI, Global Security News
Rust-Written IronWorm Hits NPM Supply Chain
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
AI, Apps, Global Security News
Amazon Cognito unlocks advanced capabilities with next-generation infrastructure
Amazon Cognito recently introduced high-throughput performance for demanding workloads, customer-managed keys for full control over data encryption at rest, and multi- Region replication for business continuity improvement. These capabilities were made possible through a next-generation storage infrastructure designed for extensibility and scale. To deliver this, we migrated hundreds of millions of user profiles, and you…