Geek-Guy.com

Category: Risk Management

Master cybersecurity risk management with expert analysis on threat mitigation, compliance, and governance. Geek-Guy tracks the evolving landscape of digital risk.

CyberCorps is adapting to AI. The budget isn’t keeping up.

The digital battlefield is expanding and changing faster than ever before. Washington must confront mounting threats to critical networks and systems. But there’s one challenge that stands out above the rest: artificial intelligence. The nation’s cyber experts need to be ready to face this new reality. The CyberCorps: Scholarship for Service program is a federal…

Prompt injection breaks today’s AI agents, study warns

Today’s AI web agents have no dependable defenses against prompt injection, according to new research showing that not a single attack scenario was consistently blocked across leading systems powered by GPT‑5 and Gemini. The findings come from StakeBench, a stakeholder-centric benchmark developed by researchers from Nanyang Technological University, ST Engineering, IBM Research, and the University of Illinois…

AI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!

For 30 years, cybersecurity has operated like an emergency room. Reactive. Crisis-driven. Always triaging. We are extraordinarily good at it — our detection is faster, our response playbooks are sharper, our incident teams are more capable than they have ever been. When something goes wrong, the modern security organization runs toward the fire with real…

Reinvent Launches Managed Security for MSP Partners

Reinvent Telecom has launched MyCloud Managed Security, a fully managed cybersecurity offering built to help MSPs, VARs, and resellers expand into security services without building their own infrastructure. The new service combines Guided Vulnerability Management and Managed XDR to provide continuous monitoring, threat detection and response, asset discovery, endpoint detection and response, SIEM, SOAR, dark…

21,786 Home Cameras, No Password, No Warning

21,786 live cameras stream with zero authentication. Cheap gear is the real risk, webcamXP open 46% of the time. Your home router is the broadcast tower. In May 2026, Mysterium VPN queried a public internet-wide device index to count every camera and recorder that answers the open internet. They found more than three million reachable…

Zebra Repco Rollout Signals ANZ Channel Services Shift

Back in April, Zebra Technologies Corporation, a company specializing in digitizing and automating workflows to deliver intelligent operations, announced that Repco, the largest reseller and supplier in the automotive aftermarket parts sector across Australia and New Zealand (ANZ), had digitized its last-mile delivery operations with Zebra’s TC5 series mobile computers. The deployment highlights a broader…

Pax8 Beyond 2026 Vendors Target MSP AI and Security

At this year’s Pax8 Beyond 2026 conference, vendors across the channel unveiled new products, partnerships, and investments focused on helping managed service providers improve operations and scale more efficiently. Several announcements centered on security, documentation, and service delivery, reflecting the challenges MSPs continue to face as customer expectations rise and operational demands increase.  Read our…

MSP Compliance Services Shift to Continuous Monitoring

As enterprises accelerate AI adoption and face an increasingly complex web of cybersecurity and data protection requirements, managed service providers are finding new opportunities to expand beyond traditional IT support and into continuous compliance services. Brian Harmison, CEO of Corsica Technologies, says customers are no longer looking for occasional audit preparation or checkbox exercises.  Instead,…

‘Harvest now, decipher later’: The quantum threat few are preparing for

Quantum technology may feel far off but certain risks are already with us in the form of “harvest now, decrypt later” — an attack vector in which malicious actors steal data now for a future in which they have access to quantum computational tools capable of breaking encryption deployed by most companies today to protect their data.…

How to use NIST and ISO frameworks to govern AI agents

Security leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously across enterprise environments. AI agents already read sensitive documents, invoke internal APIs, trigger workflows, and make decisions that still require human judgment. From a security perspective, the most…

Ticket Scams to Infrastructure Attacks: FIFA World Cup Cyber Risks

One of fútbol’s premier events is about to hit North America this summer with the FIFA World Cup 2026 stretching across the U.S., Canada, and Mexico. The tournament will feature 48 national teams competing to become champions – up from 32 in previous tournaments – across 16 host cities. It will be the first time…

Russian national charged in connection with Void Blizzard espionage campaign

Federal prosecutors have charged a Russian national with conspiracy to commit unauthorized computer access in connection with a sprawling cyber-espionage campaign linked to the Russia-aligned threat group Void Blizzard, according to a criminal complaint filed in federal court this week. Denis Nikolayevich Obrezko, a Russian citizen, is accused of breaking into systems owned by companies…

CISA orders federal agencies to “patch smarter”

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches vulnerability management. The directive arrives as the patching problem has become nearly unmanageable, driven by a surge in newly published vulnerabilities and by AI tools that are accelerating both security research and…

Team Cymru Expands APJ Operations With New Sydney Hub

External threat intelligence provider Team Cymru has announced the expansion of its Asia-Pacific and Japan (APJ) operations, with Sydney serving as the company’s regional operational hub.  The announcement follows RISEx Sydney, where Team Cymru leadership met with customers, partners, and public-sector stakeholders from across the region.  Expansion responds to regional cyber visibility demand According to…

ServiceNow fixes API issue after reports of suspicious tenant activity

ServiceNow is notifying customers after discovering and remediating a vulnerability that could have exposed data via an unauthenticated API endpoint on affected instances. The issue emerged publicly after customers began discussing security notifications from ServiceNow and reports of suspicious activity linked to their environments. According to the company’s advisory, the vulnerability was initially reported through…

AI vendor FDEs: Key considerations and concerns

When it comes to AI deployments, IT leaders are often caught in an awkward middle space, trying to reconcile conflicting directives from senior management with constantly changing AI models, capabilities, and costs; data governance and security needs; and the limitations of their own team. “Very few real benefits can be attained by simply purchasing an…

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

GreatXML bypasses BitLocker via Defender offline scan artifacts, giving SYSTEM shell in Recovery Mode. No patch exists. Any machine that ran an offline scan is vulnerable. On June 10, security researcher Chaotic Eclipse (aka Nightmare Eclipse) published a new working exploit dubbed GreatXML that bypasses BitLocker and opens a command shell with full SYSTEM privileges…

China-linked recon botnet outpaces enterprise defenses

A botnet made up of compromised small office and Internet of Things devices has grown into a larger reconnaissance network capable of rapidly identifying vulnerable internet-facing systems after public vulnerability disclosures, researchers said. The botnet, tracked by Lumen’s Black Lotus Labs as JDY, now comprises more than 1,500 compromised small office and home office, or…

Frontier AI models offer sneak peak of seismic cyber shifts ahead

The advent of Claude Mythos combined with the release of OpenAI’s GPT-5.5 have changed the threat model for CISOs. The arrival of those frontier AI models — and the ones soon to follow — makes it much easier to discover and chain vulnerabilities at a speed and scale that will require most cyber departments to…

Aged-domain acquisition: The tradecraft phishing operators are using to bypass your mail filter’s reputation score

I’ve spent the past two years working on incident response and threat intelligence, and the pattern I’m about to describe is one I keep seeing show up in cases that should have been caught at the email gateway. The kit families change. The lure templates change. The constant is that phishing-as-a-service operators are buying aged…

From Infosecurity Europe to CONFidence and C1b3rWall: What Security Teams Are Prioritizing in 2026

Three cities, three cybersecurity conferences, and plenty of conversations with security professionals across Europe.  Over the past few weeks, the ANY.RUN team joined Infosecurity Europe in London, CONFidence Conference in Kraków, and C1b3rWall Congress in Ávila. While every event had its own focus, the discussions pointed in the same direction: security teams need faster investigations,…

Organizations can’t see much of their mobile AI activity

Organizations have limited visibility into AI activity on mobile devices despite security leaders expressing confidence in their AI governance, according to Lookout’s “Solving for the Mobile AI Blind Spot: Executive Confidence Meets Technical Reality” report. Mobile AI visibility gaps Enterprises lack visibility into a large share of mobile AI activity taking place on both corporate-owned…

GitHub finally pulls the plug on automatic install script execution for npm

The ability for attackers to leverage automatic install script execution in npm will finally come to an end when expected changes arrive from GitHub in July. Coders will still be able to enable the function, but the default setting will block it.  In V12, default settings are changing, GitHub said in its changelog, noting, “it…

CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice

Security teams’ patching practices have come under intense pressure over the past year, as active exploitation is up, time-to-exploit windows are accelerating, and vulnerabilities have become attackers’ top initial access vector of choice. Last year, organizations fully remediated only 26% of the vulnerabilities that attackers were actively exploiting in the wild — down from 38%…

News alert: Cloud security report finds fragmented tools widening the cloud complexity gap

WASHINGTON, Jun. 10, 2026, CyberNewswire–The 2026 Cloud Security Report from Cybersecurity Insiders, produced in collaboration with Fortinet, finds that 69% of organizations cite tool sprawl and visibility gaps as the top factor limiting cloud security effectiveness. Based on a survey of 1,163 IT and cybersecurity professionals, the report shows the strain: 66% lack strong confidence…

ConnectWise Platform Brings Predictive IT to MSPs

ConnectWise is making a substantial change to the way it wants customers to interact with its software stack. This week, the company unveiled the ConnectWise Platform, a new environment that pulls together PSA, RMM, cybersecurity, automation, orchestration, agentic AI, and third-party integrations.  ConnectWise introduces its Predictive IT platform The launch sits within a larger Predictive…

CISA directive orders agencies to prioritize vulnerability patching in a new way

The Cybersecurity and Infrastructure Security Agency on Wednesday ordered federal agencies to prioritize vulnerabilities based on four criteria, as part of push to “patch smarter, not harder.” Federal agencies should emphasize patches for vulnerabilities that affect a publicly exposed asset, allow an attacker to fully automate exploitation, give attackers the ability to take over control…

June Patch Tuesday marks a ‘new normal’ with over 200 CVEs, 32 rated ‘critical’

June’s Patch Tuesday security updates have arrived, with SAP fixing four critical vulnerabilities and Microsoft addressing over 200 CVEs. Microsoft’s to-do list includes fixes for three zero days, 32 patches rated as ‘critical’, and a batch of other high-risk vulnerabilities that need urgent assessment. There’s also one older flaw under exploit, and some patches affecting…

Intelligence-Driven Threat Hunting: How SOCs Find What Alerts Miss

Talk to any threat hunter long enough, and beneath the polished case studies and conference talks, the same frustrations surface. Hunting is supposed to be proactive. In practice, it often feels reactive. You are chasing whispers of activity through log noise, querying SIEM fields that barely reflect real attacker behavior and writing detections against technique descriptions that…

U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to…

Autonomous AI agents duped into leaking sensitive data in phishing test

AI agents given access to corporate email and business applications could become a new phishing target for attackers, according to cybersecurity researchers, after a test agent built on OpenClaw was tricked into sharing cloud credentials and customer data with an external attacker. Varonis Threat Labs said it built an OpenClaw AI agent called Pinchy to…

Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows

The researcher Chaotic Eclipse released a PoC for the RoguePlanet Microsoft Defender zero-day, which can grant SYSTEM privileges on fully patched Windows systems. Security researcher Chaotic Eclipse, also known as Nightmare-Eclipse, has published a new proof-of-concept exploit for a RoguePlanet Microsoft Defender zero-day. The flaw relies on a race condition that can provide attackers with…

Anthropic’s Claude Fable 5 is out for public use, with safeguards for high-risk requests

Days after publishing research on how advanced AI systems could amplify cyber operations in the wrong hands, Anthropic released Claude Fable 5, a Mythos-class model for general use. “Releasing a model this capable comes with risks. Without safeguards, Fable 5’s capabilities in areas like cybersecurity could be misused to cause serious damage,” Anthropic wrote. The…

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT devices. A group of researchers from the University of Toronto has demonstrated how open-source artificial intelligence models can be used to create a new category of computer worms capable of autonomously…

UK move to filter photos and messages triggers encryption worries for CISOs

UK Prime Minister Keir Starmer’s speech on Monday insisting that tech companies create device controls to somehow block children from viewing or creating sexually explicit imagery has raised alarms among CISOs, who worry that the same technology could undermine enterprise security. Starmer gave tech firms three months to create and implement such restrictions voluntarily, at…

UK move to filter photos and messages triggers encryption worries for CISOs

UK Prime Minister Keir Starmer’s speech on Monday insisting that tech companies create device controls to somehow block children from viewing or creating sexually explicit imagery has raised alarms among CISOs, who worry that the same technology could undermine enterprise security. Starmer gave tech firms three months to create and implement such restrictions voluntarily, at…

Enterprises know AI-generated code is vulnerable; they’re shipping it anyway

AI-generated code is riddled with security flaws, yet enterprises are shipping more of it than ever before. Why? Perhaps they’re over-confident, lack true visibility into security risks, or are simply choosing to ignore the problem and hope it goes away. It’s a dangerous game to play at the dawn of the agentic AI era, as…

Working group formed to develop standard for AI-native docs

LF AI & Data Foundation, a division of the Linux Foundation, launched a working group on Tuesday that will focus on the development of DocLang, a specification intended to support interoperable document processing across AI and agentic workflows. The working group, founded by premier members IBM, Nvidia and Red Hat, is tasked with the creation…

Anthropic releases Mythos-class Fable 5 model with safeguards for cyber risks

Anthropic unveiled two new powerful AI models built on its previously restricted Mythos architecture: Claude Fable 5, which is being made broadly available, and Claude Mythos 5, which remains limited to a small group of cybersecurity and infrastructure partners. Anthropic describes Fable 5 as the most capable model it has ever released to the public,…

CVE-2026-11645: Chrome Zero-Day Vulnerability Exploited in the Wild

Google has released emergency Chrome updates to address a Chrome zero-day vulnerability, a high-severity out-of-bounds read/write issue in the V8 JavaScript engine. Google says an exploit exists in the wild, and the patched Stable builds are rolling out as 149.0.7827.102.103 for Windows and Mac and 149.0.7827.102 for Linux. Public reporting says the flaw can be…

CVE-2026-50751: Check Point VPN Authentication Bypass Exploited in Targeted Attacks

Organizations continue to face elevated risk from edge-device flaws that can hand attackers an initial foothold without valid credentials. CVE-2026-50751 is a critical authentication bypass issue in Check Point VPN Remote Access and Mobile Access that allows a remote, unauthenticated attacker to establish a VPN session without a valid user password. According to public reporting,…

Rubrik Brings Claude-Focused Tooling, Partner Program to Market

Rubrik, a security and AI operations company, has announced a new partner program and enhancements to bolster AI resilience and recovery. Rubrik Agent Cloud for Anthropic’s Claude Code and Claude Cowork will enable organizations to deploy Claude-powered agents at scale with observability, control, and agent rewind. Rubrik’s new cross-platform Rubrik AI automates and accelerates response…

Anthropic’s new model is Mythos on a leash

Earlier this year, Anthropic executives said that their new AI model, Claude Mythos, had such powerful capabilities for harm that they would not release it publicly. On Tuesday, the company said it was making an altered version of Mythos available to the public, promising “new guardrails” that thwart the model’s best-in-class performance in hacking and…

CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector

The Cybersecurity and Infrastructure Agency wants to fundamentally reevaluate how it prioritizes risks and vulnerabilities, both for privately-owned critical infrastructure and within the federal government, acting director Nick Andersen said Tuesday. The plans include a binding operational directive for federal agencies set to be published Wednesday and getting more specific with critical infrastructure owners and…

Check Point warns of ransomware-linked attacks exploiting outdated VPN protocol

Check Point has issued emergency hotfixes for a pair of vulnerabilities affecting VPN deployments that still use the deprecated Internet Key Exchange version 1 (IKEv1) protocol, warning that one of the flaws is already being exploited in the wild. The more serious issue allows attackers to establish VPN sessions without a valid password, potentially giving…

Protecting 50,000 Users: How ANY.RUN Drives Incident Prevention at UMass Boston

Securing a university means defending a highly open environment, where thousands of users, devices, and external connections create constant exposure to risk. We had a unique opportunity to get an inside look at how these operations are run at a powerhouse R1 institution, the University of Massachusetts Boston.    We sat down with Daniel Mayer, Endpoint…

NetRise Builds New Partner Program for MSSPs, VARs, More

Security company NetRise is abandoning the go-it-alone strategy in its war against hidden software vulnerabilities. The Austin, Texas-based software supply chain security specialist announced the rollout of its new Discovery Partner Program today.  NetRise bets on the channel to scale software risk management The initiative is a deliberate shift toward a partner-first business model, aiming…

U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: CVE-2026-42271 (CVSS score…

Trump’s new AI order — hallucinations aren’t just for LLMs

Years ago, right-wingers coined the phrase “Trump Derangement Syndrome” (TDS) to describe people who hate US President Donald J. Trump. (I think it better describes the president’s outlandish, truth-challenged statements and the followers who think he can do no wrong.) What’s really deranged is his recent AI executive order. First, a little history. As you…

Treating AI agents like service accounts for federated query security

In this interview with Help Net Security, Paras Malhotra, CISO at Starburst, explains how the company handles data governance across federated query environments. Topics include layering Starburst’s access controls above native source permissions, tiering vendor risk across more than 200 partners and connectors, and building audit trails for autonomous agents. The conversation covers how AIDA…

The security questions around Chinese AI coding models in U.S. software

Software developers across the United States are using AI models built in China to write, debug, and review code, drawn by prices below those of American alternatives. These models carry risks for the security of American software, according to a report from Booz Allen Hamilton, which tested how the models respond when the user appears…

OpenAI’s Lockdown Mode is trying to solve the problem that it created

OpenAI’s move to implement a Lockdown Mode that tries to limit data exfiltration by shutting down external capabilities is being seen as making the best out of a bad situation. But Lockdown Mode doesn’t block exfiltration as much as it slightly reduces it, and the reality of enterprises using multiple AI vendors for their agentic…

ICYMI: May 2026 @AWS Security

Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, new service capabilities, code samples, and workshops. AWS Security Blog posts This month’s AWS Security Blog posts covered AI security, network protection, identity management, compliance frameworks, and supply chain security. Read…

Meta Accuses NSO of Violating WhatsApp Court Injunction

Meta says NSO violated a court injunction by targeting WhatsApp users again through phishing campaigns and test accounts. Last year, WhatsApp won a landmark case against NSO Group, the Israeli spyware vendor behind Pegasus, and secured a permanent court injunction barring the company from ever targeting WhatsApp or its users again. The court was unambiguous:…

Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint

Meta said Monday that it caught a spearphishing campaign linked to spyware maker NSO Group despite a court injunction, prompting the tech giant to file a contempt-of-court complaint. The company won a civil case last year against NSO Group barring it from targeting WhatsApp users and securing $168 million in damages, although NSO Group has…

TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)

This diary continues the Internet Storm Center’s tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the Security Scanner Became the Weapon and most recently in the handler diary Activity Through 2026-05-24. Since that update, the story moved into two new places: the United States government, which formally caught up to the…

Minimus Unveils New Supply Chain Protection Proxy and Command-Line Interface for Container Management

Cloud software security firm Minimus today expanded its product portfolio with the general availability of Minimus Supply Chain Protection and minicli. The tools introduce a unified approach to managing third-party software risks and container image configurations. The release of Supply Chain Protection directly targets vulnerabilities found within the application package universe, where interwoven dependencies are…

Operationalizing AWS security: A maturity roadmap

Enabling security tooling is the starting point. Making it operational—where findings drive decisions, response times are measurable, and your security posture improves week over week—is where most organizations struggle. This blog post provides a phased maturity roadmap for organizations that have already enabled AWS Security Hub and Amazon GuardDuty. These two services form the foundation…

Guardz Launches AI Reporting Tool for MSP Security Teams

Managed service providers may finally have an easier way to explain exactly what their security work is accomplishing. Guardz today unveils a new agentic reporting capability designed to simplify how managed service providers (MSPs) create, customize, and deliver security reports to customers.  Security operations get automation boost The launch marks the company’s latest step toward…

Silverfort Securing AI Agents With Copilot Studio Integration

Identity security organization Silverfort has announced it will integrate its Identity Security control for AI agents into Microsoft Copilot Studio. Runtime security addresses Copilot actions before execution The integration will enable Silverfort to deliver inline identity security at runtime, enforcing intelligent access control policies the moment a Copilot agent attempts to act, blocking unauthorized access…

Anthropic Calls for AI Pause as Industry Races Ahead

Anthropic picked an interesting week to warn the world about the dangers of advanced AI. Anthropic warns of self-improving AI risks Just days after filing confidentially for an IPO, the company published a rather lengthy proposal arguing that AI companies may eventually need a way to hit pause.  The company worries that AI could reach…

Google Protocol Buffers flaw turns schemas into shells

A widely used JavaScript implementation of Google’s Protocol Buffers format is placing too much trust in untrusted data, exposing affected applications to remote code execution and other attacks. Researchers at Cyera have disclosed six vulnerabilities affecting “protobuf.js,” all stemming from the library’s handling of schema and metadata. Attackers could exploit an input validation oversight to…

EU’s cloud sovereignty push leaves room for US hyperscalers

The European Commission published its tech sovereignty package last week, including the clearest signal yet of its intention to strengthen European cloud sovereignty and reduce its dependence on US hyperscalers. It’s a response to growing concerns among European organizations and regulators about the reliance on US tech firms and legislation such as the US CLOUD…

RidgeBot 7.0 automates Active Directory attack simulations for security validation

Ridge Security has announced the release of RidgeBot 7.0, an update to its automated security validation platform that introduces automated Windows Active Directory penetration testing capabilities. The new version enables organizations to conduct end-to-end domain compromise simulations, helping security teams identify attack paths and prioritize exploitable risks. RidgeBot 7.0 delivers automated Active Directory penetration testing…

ConnectSecure’s Patch 360 gives MSPs control over patch testing and deployment

ConnectSecure has announced the launch of Patch 360, a patch management solution built for managed service providers (MSPs) to reduce deployment risk while accelerating vulnerability remediation. Patch management has long followed a “deploy-and-hope” model, with teams addressing critical issues only after users are impacted. Patch 360 replaces that approach with a rigorous test-and-trust framework that…

UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms

UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB drives. Google Mandiant and the Google Threat Intelligence Group published a detailed report documenting an active extortion campaign carried out by the cybercrime group UNC3753 (aka Luna Moth, Chatty Spider, and…

N-able CEO: AI is Becoming an MSP Competitive Risk

As artificial intelligence becomes more deeply embedded in managed services, N-able CEO John Pagliuca says MSPs are entering a new phase of opportunity and risk. Pagliuca told Channel Insider that most MSPs are no longer simply experimenting with AI for personal productivity. Instead, many are beginning to use AI to streamline technician workflows, support customer…

The AI security race needs accountability, not overregulation

AI models such as Anthropic’s Claude Mythos and OpenAI’s Daybreak represent a fundamental inflection point in security. These advances are not only reshaping technology but also redefining trust, risk, and the relationship between humans and intelligent systems. As innovation accelerates, AI governance and responsible deployment are becoming strategic priorities for every organization. Historically, governments have…

Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts

A flaw in Meta’s AI-powered Instagram recovery tool exposed over 20,000 accounts, letting attackers reset passwords and take over profiles. Meta’s High Touch Support tool, known as HTS, was designed to help Instagram users recover locked accounts: you provide an email address, you get a password reset link. The flaw was equally simple: the tool…

Why most enterprise security teams would fail a military readiness test

Have you ever watched a military cyber ops team go to work responding to a cyberattack simulation? It’s like that scene from Die Hard 4.0 when all the screens start flashing red and systems start shutting down; however, unlike the movies, where bumbling government IT workers are caught out and panicking, our military actually moves…

15 tough cybersecurity questions every CISO must answer

As CISOs know, an effective security program cannot be static. Rather, it must adapt to the evolving threat landscape and an ever-changing business environment. To adapt and improve, CISOs must continuously evaluate their existing program. That starts with asking tough questions about their performance, investments, and strategies. Here, security leaders share 15 questions every CISO…

OpenAI is locking down parts of ChatGPT to reduce data theft risks

OpenAI has started rolling out Lockdown Mode for ChatGPT, an optional security setting that restricts access to external resources and several product capabilities. It is available for personal accounts, including Free, Go, Plus, and Pro plans, as well as self-serve ChatGPT Business accounts. “Lockdown Mode is not intended for everyone. It is designed for people…

Security Affairs newsletter Round 580 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog Report: Anthropic Deploys Engineers…

Automated Reconnaissance Is Reshaping Cyber Risk

A single email address may now be all cybercriminals need to build a surprisingly detailed profile of a target.  Flare researchers identified an automated bot that can generate detailed dossiers from a single email address by aggregating data from multiple breached databases.  “Tools like this Telegram bot show how little effort it now takes to…

U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Serv-U flaw, tracked as CVE-2026-28318 (CVSS ver 3.1 score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. SolarWinds Serv-U is a managed file transfer (MFT) and secure file…

Report: Anthropic Deploys Engineers to Support NSA Use of Mythos

Reports claim Anthropic engineers are helping the NSA use its restricted AI model Mythos, known for advanced cybersecurity capabilities. This week, the Financial Times reported that Anthropic has placed approximately six “forward-deployed” engineers inside the National Security Agency to help the intelligence agency use Mythos, its most capable cyber model, for offensive operations. Two people…

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees. Lockdown Mode is available to logged-in users across Free, Go,…

Anthropic Says We Must Stop Authoritarian AI. But What About Its Authoritarian Investors?

Anthropic’s high-profile spat with the Pentagon gave it a killer marketing advantage, burnishing its public image as a principled AI company that puts values over profits — unlike more mercenary rivals such as OpenAI or Google. But Anthropic’s double standard on authoritarianism suggests the nearly trillion-dollar firm is as calculating and ethically flexible as any…

Six protobuf.js Vulnerabilities Expose RCE and DoS Risks 

Six vulnerabilities discovered in protobuf.js could allow attackers to execute arbitrary code, crash services, and compromise software supply chains across cloud, AI, messaging, and development environments.  According to Cyera researchers, the flaws affect the widely used JavaScript implementation of Google’s Protocol Buffers, a data serialization framework that underpins communication across countless distributed systems.  The library…

AI Threats, Zero-Days, and Data Breaches Define This Week of June 2026 in Cybersecurity

Major Threats & Vulnerabilities Zero-Day Exploits and Critical Vulnerabilities A newly discovered Comodo zero-day vulnerability can crash Windows systems through a malformed IPv6 packet. Researcher Marcus Hutchins identified the flaw, but Comodo has yet to issue a patch. Users are advised to filter suspicious IPv6 headers and test incident response plans. Google patched an Android…

CVE-2026-20245: Cisco SD-WAN Manager Zero-Day Enables Root Command Execution

Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of Cisco Catalyst SD-WAN Manager and can allow an authenticated remote attacker with netadmin privileges to execute arbitrary commands as root by uploading a crafted file. Cisco says exploitation has already been observed in limited cases,…

Understanding LLM Coding Personalities Is Now Key to Developer Improvement

Secure code development goes beyond tools and software – it is a complex activity grounded in risk management and involves an understanding of a developer’s strengths and weaknesses.  Recognizing your developers’ level of expertise goes a long way, and helps determine where security issues are most likely to occur, and which developer is best suited…