# Geek-Guy.com > Everything is ideas, the rest is nature. Language: en URL: https://www.geek-guy.com/ All pages on this site are available as clean Markdown by adding the header `Accept: text/markdown` to any HTTP request. REST API: https://www.geek-guy.com/wp-json/mescio-for-agents/v1/markdown?url={page_url} ## Pages - [CyberSec Product Reviews](https://www.geek-guy.com/cybersecurity-product-reviews/): The ideal resource for cybersecurity professionals, Chief Information Security Officers and Security Operations professionals. -=-=-=- Coming Soon -=-=-=-= Cybersecurity Products by Category Cybersecurity Products (Alphabetically) Products by Category - [Tokenization](https://www.geek-guy.com/glossary-of-sec-and-it-terms/tokenization/): Tokenization. Replacing sensitive data with non-sensitive tokens that have no value if stolen, commonly used in PCI-DSS compliance. - [Shadow AI](https://www.geek-guy.com/glossary-of-sec-and-it-terms/shadow-ai/): Shadow AI. The use of unapproved AI tools by employees, which risks the leakage of proprietary code or PII into public LLM training sets. - [DLP](https://www.geek-guy.com/glossary-of-sec-and-it-terms/dlp/): Data Loss Prevention is a set of tools that inspects data in use, in transit, and at rest to prevent unauthorized transmission of sensitive info. - [DDR](https://www.geek-guy.com/glossary-of-sec-and-it-terms/ddr/): Data Detection and Response provides real-time monitoring of data access and movement to stop exfiltration across Cloud and SaaS apps. - [Data Sovereignty](https://www.geek-guy.com/glossary-of-sec-and-it-terms/data-sovereignty/): Data Sovereignty. The principle that data is subject to the laws of the country where it is physically stored (e.g., GDPR requirements for data residency). - [AI-BOM](https://www.geek-guy.com/glossary-of-sec-and-it-terms/ai-bom/): An AI Bill of Materials (AIBOM) is a comprehensive, machine-readable inventory of the components required to develop, train, and run an AI model. It is the AI-specific evolution of the traditional Software Bill of Materials (SBOM). - [SBOM](https://www.geek-guy.com/glossary-of-sec-and-it-terms/sbom/): Software Bill of Materials is a machine-readable ingredient list for software, used to track vulnerabilities in open-source dependencies. - [Supply Chain Risk Management](https://www.geek-guy.com/supply-chain-risk-management/): Supply Chain Risk Management focuses on the security of third-party vendors, from hardware manufacturing (silicon root of trust) to software libraries. - [CIA Triad](https://www.geek-guy.com/glossary-of-sec-and-it-terms/cia-triad/): The CIA Triad (Confidentiality, Integrity, Availability), expanded to include Authenticity and Non-repudiation. - [Exposure Management](https://www.geek-guy.com/glossary-of-sec-and-it-terms/exposure-management/): Exposure Management. Is a shift from finding CVEs to analyzing the exploitability of an entire attack surface, including misconfigurations and risky behaviors. - [AI-SPM](https://www.geek-guy.com/glossary-of-sec-and-it-terms/ai-spm/): AI Security Posture Management secures the AI stack, detecting Shadow AI and protecting models from prompt injection or data poisoning. - [Zero Trust](https://www.geek-guy.com/glossary-of-sec-and-it-terms/zero-trust/): Zero Trust. An architecture based on the principle of never trust, always verify, removing the concept of a trusted internal network. - [TEE](https://www.geek-guy.com/glossary-of-sec-and-it-terms/tee/): Trusted Execution Environment is a secure enclave in a processor that protects data and code even if the host OS is compromised. - [My account](https://www.geek-guy.com/my-account/) - [Checkout](https://www.geek-guy.com/checkout/) - [Cart](https://www.geek-guy.com/cart/): You may be interested in… Your cart is currently empty! New in store - [Shop](https://www.geek-guy.com/shop/) - [A Beginner’s Guide to Malware Detection](https://www.geek-guy.com/beginners-guide-to-malware-detection/): Discover essential insights on malware detection, learn to identify threats, and protect your devices with this beginner-friendly guide. - [Penetration Testing](https://www.geek-guy.com/glossary-of-sec-and-it-terms/penetration-testing/): Penetration Testing. A structured, authorized attempt to exploit vulnerabilities in a system to evaluate the security of that system. - [IAST](https://www.geek-guy.com/glossary-of-sec-and-it-terms/iast/): Interactive Application Security Testing uses agents inside the app to find vulnerabilities during runtime with high accuracy. - [Breach and Attack Simulation](https://www.geek-guy.com/glossary-of-sec-and-it-terms/breach-and-attack-simulation-2/): Breach and Attack Simulation tools that automate the execution of threat actor TTPs to continuously validate security controls. - [Breach and Attack Simulation](https://www.geek-guy.com/glossary-of-sec-and-it-terms/breach-and-attack-simulation/): Breach and Attack Simulation tools that automate the execution of threat actor TTPs to continuously validate security controls. - [Adversarial ML](https://www.geek-guy.com/glossary-of-sec-and-it-terms/adversarial-ml/): Adversarial ML. Testing AI models by attempting to trick them with adversarial inputs to bypass security filters or extract training data. - [Due Diligence](https://www.geek-guy.com/glossary-of-sec-and-it-terms/due-diligence/): The investigative process of verifying that the necessary Due Care is actually being implemented and remains effective over time. - [Due Care](https://www.geek-guy.com/glossary-of-sec-and-it-terms/due-care/): Due Care. The legal standard of reasonableness that an organization must meet to protect its assets and data; often described as what a prudent person would do. - [CTEM](https://www.geek-guy.com/glossary-of-sec-and-it-terms/ctem/): Continuous Threat Exposure Management is a 5-stage framework (Scoping, Discovery, Prioritization, Validation, Mobilization) that replaces static vulnerability scanning. - [Contact us](https://www.geek-guy.com/contact-us/): Contact the Geek Use this page to contact us. - [List of Top Regulations/Frameworks in Cybersecurity](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/list-of-top-regulations-frameworks-in-cybersecurity/) - [Managers Guide to Becoming Great – Graphics](https://www.geek-guy.com/about-geek-guy/managers-guide-to-becoming-great-graphics/): If you are interested in purchasing the book, it can be purchased on Amazon at "Managers Guide to becoming Great" If you are interested in purchasing the book, it can be purchased on Amazon at "Managers Guide to becoming Great" - [Malware Reversing](https://www.geek-guy.com/malware-reversing/): Here's a list of some of the best malware reversing tools from Geek-Guy.com: Based on the most complete archives of the Malware Reversing resource page from Geek-Guy.com, here are the extracted tools and their current, functional links organized by category: - [CISSP Domains and Guidance](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/): The ISC2 (International Information System Security Certification Consortium) has several certifications, each with its own domains of knowledge. To give you the most relevant information, I need to know which certification you're interested in. However, since the CISSP (Certified Information - [Glossary of Cybersecurity and Market Terms](https://www.geek-guy.com/glossary-of-sec-and-it-terms/): A comprehensive glossary explaining common cybersecurity and IT terms in simple language. Generative AI can easily compile and define such terms, making complex topics accessible to a wider audience. Glossary Traditional Security Concepts 2026 relevant terminology and structured strictly by - [Top ~100 Open Source Security Tools](https://www.geek-guy.com/top-100-open-source-security-tools/): 1. Network Discovery & Scanning Tool NameOfficial URLPurposeNmaphttps://nmap.org/Network exploration and security auditingZMaphttps://zmap.io/Fast internet-wide network scannerMasscanhttps://github.com/robertdavidgraham/masscanTCP port scanner, spews SYN packetsNetcat (ncat)https://nmap.org/ncat/The "Swiss-army knife" for TCP/IPScapyhttps://scapy.net/Packet manipulation and sniffing 2. Vulnerability Scanning & Management Tool NameOfficial URLPurposeOpenVAS (GVM)https://www.openvas.org/Full-featured vulnerability scannerNiktohttps://github.com/sullo/niktoWeb server - [Level Up Your Security Game with Geek-Guy Resources](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/): Dive into our comprehensive collection of cybersecurity resources, designed to empower both seasoned professionals and curious newcomers. Explore a vast library of tools, knowledge, and community-driven insights. Resource Pages at Geek-Guy.com - [Largest Threat Intelligence (OSINT) MEGA LIST in the World](https://www.geek-guy.com/largest-threat-intelligence-osint-mega-list-in-the-world/): Below is the extracted list of OSINT and Threat Intelligence resources from that page, organized into a table with their respective categories and URLs. OSINT & Threat Intelligence Mega List Resource NameURLCategoryAbuse.chhttps://abuse.ch/Malware & Ransomware TrackerAbuseIPDBhttps://www.abuseipdb.com/IP Reputation & ReportingAlienVault OTXhttps://otx.alienvault.com/Open Threat - [Privacy Policy](https://www.geek-guy.com/privacy-policy-2/): Who we are Our website address is: https://www.geek-guy.com. Comments When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. - [Private Search Engine](https://www.geek-guy.com/private-search-engine/): Bookmark this Geek-Guy Search Engine: Search multiple search engines with proxied results. Search You can also go directly to the search engine by going to https://search.geek-guy.com - [Our Dev Projects](https://www.geek-guy.com/our-projects/):   Our Github https://github.com/lpingree Popular repositories Loading Virustotal-Netstat-lookup-Tool-for-Linux Public Virustotal netstat output lookup tool Python amy---Active-Malware-Yield Public Automated script to lookup virustotal hashes from running processes on linux. Python traceroutemap Public A tool to trace to all the main webs - [Top Topics](https://www.geek-guy.com/top-topics/) - [BCS](https://www.geek-guy.com/glossary-of-sec-and-it-terms/bcs/): Business Continuity Steering is the leadership committee that oversees the strategic alignment of recovery efforts with business objectives. - [Cybersecurity Culture and Music](https://www.geek-guy.com/cybersecurity-culture-and-music/): Here is the updated table with direct links to the songs or the albums where they are hosted. Most of the tracks come from their specialized AI-generated album, Sounds of Security, which is a fantastic resource for awareness training. Cybersecurity - [Domain 8: Software Development Security](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-8-software-development-security/): Exam Weight: 10% Domain 8 focuses on integrating security into the Software Development Life Cycle (SDLC). As a security researcher and analyst, this domain likely resonates with your work in threat actor analysis and data security. The key takeaway for - [Domain 7: Security Operations](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-7-security-operations/): Exam Weight: 13% Domain 7 is where "the rubber meets the road." It focuses on the day-to-day practicalities of running a security program, responding to incidents, and ensuring the business stays afloat during a disaster. It is heavily focused on - [Domain 6: Security Assessment and Testing](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-6-security-assessment-and-testing/): Exam Weight: 12% Domain 6 is about verifying the truth. While other domains focus on building and operating security, this domain focuses on proving that those controls actually work. It bridges the gap between technical testing and management-level auditing. 1. - [Domain 5: Identity and Access Management (IAM)](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-5-identity-and-access-management-iam/): Exam Weight: 13% Domain 5 focuses on the "Who" and "How" of access. It covers the systems used to identify, authenticate, and authorize users and devices. In the modern era of Zero Trust and Agentic Identity, this domain has become - [Domain 4: Communication and Network Security](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-4-communication-and-network-security/): Exam Weight: 13% Domain 4 is the plumbing of the digital world. It focuses on the secure design and protection of network architectures, ensuring data remains confidential and available while moving across wires, airwaves, or fiber. 1. The OSI and - [Domain 3: Security Architecture and Engineering](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-3-security-architecture-and-engineering/): Exam Weight: 13% Domain 3 is the most technical and broad domain. It covers everything from hardware architecture and the "Ring Model" to cryptography and physical site security. To master this domain, you must understand how secure systems are built - [Domain 2: Asset Security](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-2-asset-security/): Exam Weight: 10% Domain 2 is often considered one of the easier domains, but its importance is massive because it defines what we are protecting. If you don't classify and inventory your assets correctly, your security controls in the other - [Domain 1: Security and Risk Management](https://www.geek-guy.com/level-up-your-security-game-with-geek-guy-resources/cissp-domains-and-guidance/domain-1-security-and-risk-management/): Exam Weight: 16% (Highest weighted domain) This domain serves as the brain of the CISSP. It focuses on how security supports the business through governance, risk analysis, and legal compliance. As a CISSP candidate, you must think like a manager: ## Blog Posts - [Onspring CISO on where automated GRC systems fall short](https://www.helpnetsecurity.com/2026/06/15/nichole-windholz-onspring-automated-grc-systems/) (2026-06-15): In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their - [Open-source CI/CD abuse detector guards against stolen credential attacks](https://www.helpnetsecurity.com/2026/06/15/ci-cd-abuse-detector-open-source/) (2026-06-15): CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure - [ARM Hub Opens Pathway To Matched Medtech Funding Through SMART CRC](https://itwire.com/it-industry-news/manufacturing-technology/arm-hub-opens-pathway-to-matched-medtech-funding-through-smart-crc) (2026-06-15): Brisbane-based ARM Hub is calling on Australian medtech companies to explore matched funding opportunities through the SMART CRC, with support available for businesses looking... - [A hardware neural network backdoor that hides in plain sight](https://www.helpnetsecurity.com/2026/06/15/hardware-neural-network-backdoor-research/) (2026-06-15): Deep learning systems on phones, cars, and other edge devices increasingly run on custom silicon. Specialized chips such as FPGAs and ASICs give these systems the speed and low power consumption that edge applications need. Many of these chips come - [Weekly Update 508](https://www.troyhunt.com/weekly-update-508/) (2026-06-14): Light switches. How on earth is it so hard to find decent light switches?! It sounds ridiculous until you actually spend enough time looking for ones that meet two simple criteria:Aren't stateful (switch is up or down, has to be - [Proving what a military AI model will do is the real problem](https://www.helpnetsecurity.com/2026/06/15/military-ai-verification-problem/) (2026-06-14): Defense contractors build AI systems that task drones automatically and propose kill-chains to support soldiers. Several of these contractors have partnered with frontier AI companies to put advanced models into military tools. Anduril works with OpenAI, Palantir works with Microsoft, - [Senior engineers are spending their week cleaning up AI-generated code](https://www.helpnetsecurity.com/2026/06/15/ai-generated-code-review-issues/) (2026-06-14): At most U.S. technology companies, machines now write the bulk of the code that ships each week. The engineer’s job has shifted toward reviewing what the AI produces, and that review gives the code high marks. Leaders rate AI-generated code - [AGL Telco acquisition complete, migration to follow; migration of More and Tangerine connections on track](https://itwire.com/it-industry-news/telecoms-and-nbn/agl-telco-acquisition-complete-migration-to-follow-migration-of-more-and-tangerine-connections-on-track) (2026-06-14): Aussie Broadband Limited is pleased to announce the successful completion of a series of strategic transactions and provides an update on trading performance. - [ISC Stormcast For Monday, June 15th, 2026 https://isc.sans.edu/podcastdetail/9972, (Mon, Jun 15th)](https://isc.sans.edu/diary/rss/33076) (2026-06-14): (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. - [Realistic Futureproofing: Key Investments for your Smart Home](https://itwire.com/your-it-news/home-it/realistic-futureproofing-key-investments-for-your-smart-home) (2026-06-14): Building a smart home is one of the best ways to make everyday life more convenient, comfortable and efficient. From automated lighting and security systems to connected... - [OMRON Robotics to Demonstrate Next-Generation Autonomous Mobile Robots at Automate 2026](https://itwire.com/business-it-news/business-technology/omron-robotics-to-demonstrate-next-generation-autonomous-mobile-robots-at-automate-2026) (2026-06-14): Advancing smarter material flow with the all-new LD-150 and LD-300 AMRs - [Rubrik Breaks Down the Last Barrier Between Unstructured Data and AI](https://itwire.com/business-it-news/data/rubrik-breaks-down-the-last-barrier-between-unstructured-data-and-ai) (2026-06-14): Fundamentally Changes the Economics and Time to Value for Enterprise AI - [Scaleup Mediafund Launches $25m Fourth Fund to Accelerate Australian Startups](https://itwire.com/it-industry-news/deals/scaleup-mediafund-launches-25m-fourth-fund-to-accelerate-australian-startups) (2026-06-14): Scaleup Mediafund Scaleup has announced the launch of its fourth media-for-equity fund, backed by a $25 million capacity to support high-growth Australian businesses. All... - [Managing and Scaling AI In An Agentic World](https://itwire.com/guest-articles/guest-opinion/managing-and-scaling-ai-in-an-agentic-world) (2026-06-14): Autonomous agents represent a new inflection point in AI. As global conversations increasingly revolve around trusted AI and responsible deployment, the real challenge for... - [GitLab Announces New Capabilities to Give Enterprises Speed and Control at Agentic Scale](https://itwire.com/business-it-news/data/gitlab-announces-new-capabilities-to-give-enterprises-speed-and-control-at-agentic-scale) (2026-06-14): - Next Generation Source Code Management, now in private beta, replaces repository clones with structured API access to project intelligence, delivering up to 50x faster task... - [Anthropic Dispatches Staff to D.C., Racing to Resolve AI Export Restrictions](https://www.wsj.com/tech/ai/anthropic-dispatches-staff-to-d-c-racing-to-resolve-ai-export-restrictions-71303d42?mod=rss_Technology) (2026-06-14): Startup is seeking a deal to end export restrictions that led to shutdown of its most powerful AI models. - [Hackers Hide New Argamal Malware Inside Working Hentai Games](https://hackread.com/hackers-hide-argamal-malware-hentai-games/) (2026-06-14): Kaspersky found Argamal malware hidden in hentai game installers, giving hackers remote access through working games shared on adult sites and torrents. - [Critical Cybersecurity Updates: 2026-06-14](https://www.geek-guy.com/critical-cybersecurity-updates-2026-06-14/uncategorized/) (2026-06-14): ## Critical Cybersecurity Developments: 2026-06-14 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources and real-time threat intelligence feeds. The following analysis integrates live search results with established security frameworks. --- ### Live Search Results Analysis - [IT Press Tour: Amazon just made S3 a file system, but JuiceFS has been doing it for nine years](https://itwire.com/business-it-news/storage/it-press-tour-amazon-just-made-s3-a-file-system-but-juicefs-has-been-doing-it-for-nine-years) (2026-06-14): Object storage has quietly become the default backend for half the data infrastructure being built today, and almost nobody outside the engineering teams notices. I sat through... - [FBI disrupts massive AI-powered phishing service using a million URLs](https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/) (2026-06-14): In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. - [Comprehensive Report: Latest Malware Threats – Technical Analysis, TTPs, Tools, and Procedures (June 2026)](https://www.geek-guy.com/comprehensive-report-latest-malware-threats-technical-analysis-ttps-tools-and-procedures/uncategorized/) (2026-06-14): Executive Summary This report provides a detailed technical analysis of the most significant malware threats observed in 2026, including ransomware operations, nation-state threat actors, and emerging attack methodologies. The analysis covers Tactics, Techniques, and Procedures (TTPs), attacker tools, operational procedures, - [When the Frontier Blinks: What the Mythos and Fable Controversy Reveals About AI Security](https://blog.itsecurityexpert.co.uk/2026/06/when-frontier-blinks-what-mythos-and.html) (2026-06-14): When Anthropic abruptly pulled Mythos 5 and Fable 5 from circulation, the move sent a jolt through the AI and cybersecurity communities. These were not minor point releases. They were widely regarded as among the most capable models the company - [2026 Internet, IT & Cybersecurity Adoption Survey Report](https://www.geek-guy.com/2026-internet-it-cybersecurity-adoption-survey-report/competitivereport/) (2026-06-14): Date: June 2026 Scope: Global cybersecurity adoption rates across all domains, stacks, and markets based on 2026 survey data from Gartner, Forrester, Ponemon, Cisco, Microsoft, Fortinet, World Economic Forum, and other leading research organizations. Executive Summary 2026 marks a pivotal year - [SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 101](https://securityaffairs.com/193609/breaking-news/security-affairs-malware-newsletter-round-101.html) (2026-06-14): Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter IronWorm: Shai-Hulud’s rustier cousin Trojanized ai-sdk-ollama Delivers Miasma, a Self-Replicating npm Worm via binding.gyp  Inside the Cross-Platform Propagation of - [Siri’s New Brain](https://www.wsj.com/tech/siris-new-brain-eb28fe50?mod=rss_Technology) (2026-06-14): Plus, Anthropic’s Fable woes, Meta’s big teacher bonuses and the terrifying rise of deepfake porn. - [Security Affairs newsletter Round 581 by Pierluigi Paganini – INTERNATIONAL EDITION](https://securityaffairs.com/193600/security/security-affairs-newsletter-round-581-by-pierluigi-paganini-international-edition.html) (2026-06-14): A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Washington - [Before you buy a smartwatch or smart ring, consider what you’re giving up](https://www.zdnet.com/article/before-buying-a-smartwatch-or-smart-ring-consider-these-risks/) (2026-06-14): Health wearables are constantly collecting your personal information, but who owns that data, and what does it mean for your privacy? - [3 telltale signs someone is stealing your Wi-Fi – and how to stop them](https://www.zdnet.com/article/signs-someone-is-using-your-wi-fi-how-to-kick-them-off/) (2026-06-14): If you suspect someone may be on your Wi-Fi network without your permission, here's what you can do to get to the bottom of it. - [After a month with a foldable phone, I can’t justify buying an ‘Ultra’ model anymore](https://www.zdnet.com/article/motorolas-razr-plus-is-heavily-underrated/) (2026-06-14): Motorola's Razr+ is not the awkward middle child of its series; it arguably offers the best balance of features, performance, and value. - [This is the most unique Bluetooth tracker I’ve tested by far – and it outlasts the AirTag](https://www.zdnet.com/article/ugreen-finetrack-2-tracker-tag-review/) (2026-06-14): The Ugreen FineTrack 2 has several unique features that make it stand out against Apple's AirTags. - [I found the most effortless way to clean your Android phone storage – and it’s free to use](https://www.zdnet.com/article/free-android-app-makes-deleting-photos-easy/) (2026-06-14): Clearing out your excess photos and videos is now just a swipe away with an easy-to-use app called Sponge. - [The Global State of Technology Risk in 2026](https://www.govtech.com/blogs/lohrmann-on-cybersecurity/the-global-state-of-technology-risk-in-2026) (2026-06-14): A leadership guide to trust, governance and workforce evolution in a rapidly shifting technology landscape. - [The Midea Inverter Quattro 45L 1200W microwave: Big capacity, quiet operation, and a defrost mode that actually works](https://itwire.com/your-it-news/home-it/the-midea-inverter-quattro-45l-1200w-microwave-big-capacity-quiet-operation-and-a-defrost-mode-that-actually-works) (2026-06-14): Microwaves are one of those appliances we often take for granted until we replace an ageing unit and suddenly realise just how much the technology has improved. - [Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack](https://www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/) (2026-06-14): Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: DockSec: Open-source AI-powered Docker security scanner DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and - [Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware Scheme](https://securityaffairs.com/193590/uncategorized/ukrainian-extradited-from-ireland-pleads-guilty-over-role-in-conti-ransomware-scheme.html) (2026-06-14): Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide. Oleksii Oleksiyovych Lytvynenko (44), a Ukrainian national extradited from Ireland to the U.S., has pleaded guilty to conspiracy to commit wire - [AI Supercharges Deepfake Nudes—Unleashing a New Form of Bullying Among Kids](https://www.wsj.com/tech/ai-deepfake-nudes-bullying-school-d242b8d4?mod=rss_Technology) (2026-06-13): As ‘nudify’ tools proliferate online, parents and schools are struggling to protect young victims. - [Ex-school district employee jailed for hacks on former employer](https://www.bleepingcomputer.com/news/security/ex-school-district-employee-jailed-for-hacks-on-former-employer/) (2026-06-13): A former  IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the former employer that disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages. - [Anthropic disables new models after government calls them a national security concern](https://cyberscoop.com/us-government-anthropic-fable-5-mythos-5-export-controls/) (2026-06-13): The U.S. government on Friday ordered Anthropic to immediately suspend foreign access to Fable 5 and Mythos 5, its two most advanced artificial intelligence models, citing national security concerns tied to a reported method of bypassing the models’ safety restrictions.  - [Inside the Room Where America’s Brightest Game Out How to Avoid an AI Apocalypse](https://www.wsj.com/tech/ai/inside-the-room-where-americas-brightest-game-out-how-to-avoid-an-ai-apocalypse-9e5e8526?mod=rss_Technology) (2026-06-13): What happened when 40 leading minds huddled to envision U.S. society in 2030 and how artificial intelligence will shake up the economy and jobs. - [Critical Cybersecurity Updates: 2026-06-13](https://www.geek-guy.com/critical-cybersecurity-updates-2026-06-13/uncategorized/) (2026-06-13): ## Critical Cybersecurity Developments: 2026-06-13 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources and real-time threat intelligence feeds. The following analysis integrates live search results with established security frameworks. --- ### Live Search Results Analysis - [Amazon CEO’s Talks With U.S. Officials Triggered Crackdown on Anthropic Models](https://www.wsj.com/tech/ai/amazon-ceos-talks-with-u-s-officials-triggered-crackdown-on-anthropic-models-dcc90578?mod=rss_Technology) (2026-06-13): Information Andy Jassy shared with the Trump administration sparked an abrupt, sweeping move to halt foreign access to the company’s powerful AI tools. - [IT Press Tour: Zero servers, 200 petabytes a month – the ex-Akamai founders selling a cure for the next Cloudflare outage](https://itwire.com/business-it-news/networking/it-press-tour-zero-servers-200-petabytes-a-month-the-ex-akamai-founders-selling-a-cure-for-the-next-cloudflare-outage) (2026-06-13): The 68th edition of The IT Press Tour spent a week in Boston, and on 10 June it handed the floor to a company that owns no servers, runs no CDN, and still moves more than 200... - [SpaceX’s Engineering Secret? A College Car-Racing Club](https://www.wsj.com/tech/spacex-engineering-cornell-racing-team-de13905b?mod=rss_Technology) (2026-06-13): Leaders at the space and AI company share ties to a Cornell University team where they honed their engineering skills. - [Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching.](https://securityaffairs.com/193579/ai/washington-pulled-the-plug-on-anthropic-fable-5-and-mythos-5-models.html) (2026-06-13): Anthropic disputes restrictions on Mythos 5 and Fable 5, arguing the decision lacks transparency and isn’t based on clear technical evidence. On Friday June 12 at 5:21pm ET, Anthropic received a letter from the US Commerce Department, signed by Commerce - [Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks](https://hackread.com/extradited-ukrainian-admits-conti-ransomware-attacks/) (2026-06-13): Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments. - [Chinese hackers hijack auth flow, spy on isolated network for a decade](https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/) (2026-06-13): Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. - [I read the fine print on at-home DNA and health tests – watch out for these risks](https://www.zdnet.com/article/what-are-biggest-risks-in-at-home-dna-tests/) (2026-06-13): What's really in that DNA kit? It turns out, it's not just a spit tube, but a whole lot of fine print. - [Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication](https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html) (2026-06-13): Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring - [The wearable health boom is creating a data overload for doctors – what happens next](https://www.zdnet.com/article/the-wearable-health-boom-is-creating-a-data-overload-for-doctors-what-happens-next/) (2026-06-13): Patients have never had more information about their health, but much of it is unusable. Here's why. - [I switched to Alpine Linux, and it’s a crazy-fast distro with only one caveat](https://www.zdnet.com/article/alpine-linux-crazy-fast-distro-for-your-desktop/) (2026-06-13): While known primarily for containers and servers, this lightweight distro could easily be your daily driver. Here's why. --- # Full Content --- title: "Onspring CISO on where automated GRC systems fall short" url: "https://www.helpnetsecurity.com/2026/06/15/nichole-windholz-onspring-automated-grc-systems/" lang: "en-US" type: "post" description: "In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their" last_modified: "2026-06-15T06:00:23+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.helpnetsecurity.com/feed/" wpe_sourcepermalink: "https://www.helpnetsecurity.com/2026/06/15/nichole-windholz-onspring-automated-grc-systems/" --- # Onspring CISO on where automated GRC systems fall short In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their tools, and which risks resist measurement, such as insider behavior and vendor concentration. Continuous control monitoring tools tend to produce a green-yellow-red mosaic that flattens nuance. When a CISO walks into a board meeting with … [More →](https://www.helpnetsecurity.com/2026/06/15/nichole-windholz-onspring-automated-grc-systems/) The post [Onspring CISO on where automated GRC systems fall short](https://www.helpnetsecurity.com/2026/06/15/nichole-windholz-onspring-automated-grc-systems/) appeared first on [Help Net Security](https://www.helpnetsecurity.com/). --- --- title: "Open-source CI/CD abuse detector guards against stolen credential attacks" url: "https://www.helpnetsecurity.com/2026/06/15/ci-cd-abuse-detector-open-source/" lang: "en-US" type: "post" description: "CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure" last_modified: "2026-06-15T05:30:53+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.helpnetsecurity.com/feed/" wpe_sourcepermalink: "https://www.helpnetsecurity.com/2026/06/15/ci-cd-abuse-detector-open-source/" --- # Open-source CI/CD abuse detector guards against stolen credential attacks CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure DevOps. The project targets a common attack chain in software supply chain compromises. Stolen developer credentials are used to push modifications to workflow files, which then harvest secrets stored in the CI environment. The detector … [More →](https://www.helpnetsecurity.com/2026/06/15/ci-cd-abuse-detector-open-source/) The post [Open-source CI/CD abuse detector guards against stolen credential attacks](https://www.helpnetsecurity.com/2026/06/15/ci-cd-abuse-detector-open-source/) appeared first on [Help Net Security](https://www.helpnetsecurity.com/). --- --- title: "ARM Hub Opens Pathway To Matched Medtech Funding Through SMART CRC" url: "https://itwire.com/it-industry-news/manufacturing-technology/arm-hub-opens-pathway-to-matched-medtech-funding-through-smart-crc" lang: "en-US" type: "post" description: "Brisbane-based ARM Hub is calling on Australian medtech companies to explore matched funding opportunities through the SMART CRC, with support available for businesses looking..." last_modified: "2026-06-15T05:23:02+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/it-industry-news/manufacturing-technology/arm-hub-opens-pathway-to-matched-medtech-funding-through-smart-crc" --- # ARM Hub Opens Pathway To Matched Medtech Funding Through SMART CRC Brisbane-based ARM Hub is calling on Australian medtech companies to explore matched funding opportunities through the SMART CRC, with support available for businesses looking… --- --- title: "A hardware neural network backdoor that hides in plain sight" url: "https://www.helpnetsecurity.com/2026/06/15/hardware-neural-network-backdoor-research/" lang: "en-US" type: "post" description: "Deep learning systems on phones, cars, and other edge devices increasingly run on custom silicon. Specialized chips such as FPGAs and ASICs give these systems the speed and low power consumption that edge applications need. Many of these chips come" last_modified: "2026-06-15T05:00:16+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.helpnetsecurity.com/feed/" wpe_sourcepermalink: "https://www.helpnetsecurity.com/2026/06/15/hardware-neural-network-backdoor-research/" --- # A hardware neural network backdoor that hides in plain sight Deep learning systems on phones, cars, and other edge devices increasingly run on custom silicon. Specialized chips such as FPGAs and ASICs give these systems the speed and low power consumption that edge applications need. Many of these chips come from third-party design houses and foundries, which adds steps to the supply chain where an outside party can alter a device. Researchers at the University of Tennessee and the University of Florida built an attack … [More →](https://www.helpnetsecurity.com/2026/06/15/hardware-neural-network-backdoor-research/) The post [A hardware neural network backdoor that hides in plain sight](https://www.helpnetsecurity.com/2026/06/15/hardware-neural-network-backdoor-research/) appeared first on [Help Net Security](https://www.helpnetsecurity.com/). --- --- title: "Weekly Update 508" url: "https://www.troyhunt.com/weekly-update-508/" lang: "en-US" type: "post" description: "Light switches. How on earth is it so hard to find decent light switches?! It sounds ridiculous until you actually spend enough time looking for ones that meet two simple criteria:Aren't stateful (switch is up or down, has to be" last_modified: "2026-06-15T04:55:47+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.troyhunt.com/rss/" wpe_sourcepermalink: "https://www.troyhunt.com/weekly-update-508/" --- # Weekly Update 508 ![Weekly Update 508](https://storage.ghost.io/c/fb/33/fb3391dc-723d-4e74-b95a-d641b5feb38e/content/images/2026/06/Splash-Template@1x_1-1.jpg) Light switches. How on earth is it so hard to find decent light switches?! It sounds ridiculous until you actually spend enough time looking for ones that meet two simple criteria: - Aren’t stateful (switch is up or down, has to be push-button) - Looks good Now, I’m conscious that this is also very likely an Australian problem, more so than a European or North American one. We’re pretty limited by what we get down here, and because it involves electricity, the switches here have to pass all sorts of local Aussie tests and standards. I can’t just jump onto eBay or Amazon and ship a box of good ones over from the US. So we’re stuck with these rubbish ones… unless you can find me something decent? Please?! 🙏 [![Weekly Update 508](https://storage.ghost.io/c/fb/33/fb3391dc-723d-4e74-b95a-d641b5feb38e/content/images/2018/05/Listen-on-Apple-Podcasts.svg)](https://itunes.apple.com/au/podcast/troy-hunts-weekly-update-podcast/id1176454699?ref=troy-hunt) [![Weekly Update 508](https://storage.ghost.io/c/fb/33/fb3391dc-723d-4e74-b95a-d641b5feb38e/content/images/2024/09/Watch-and-Listen-on-YouTube.svg)](https://www.youtube.com/playlist?list=PL7LAAxaabizMAXnJe0s3xjQ30q12EVmjt&ref=troyhunt.com) [![Weekly Update 508](https://storage.ghost.io/c/fb/33/fb3391dc-723d-4e74-b95a-d641b5feb38e/content/images/2019/10/spotify.svg)](https://open.spotify.com/show/7jMtKFohdrw6qmz8AkLqit?ref=troy-hunt) [![Weekly Update 508](https://storage.ghost.io/c/fb/33/fb3391dc-723d-4e74-b95a-d641b5feb38e/content/images/2018/07/Download-via-RSS.svg)](https://omny.fm/shows/troy-hunt-weekly-update/playlists/podcast.rss?ref=troy-hunt) --- --- title: "Proving what a military AI model will do is the real problem" url: "https://www.helpnetsecurity.com/2026/06/15/military-ai-verification-problem/" lang: "en-US" type: "post" description: "Defense contractors build AI systems that task drones automatically and propose kill-chains to support soldiers. Several of these contractors have partnered with frontier AI companies to put advanced models into military tools. Anduril works with OpenAI, Palantir works with Microsoft," last_modified: "2026-06-15T04:30:35+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.helpnetsecurity.com/feed/" wpe_sourcepermalink: "https://www.helpnetsecurity.com/2026/06/15/military-ai-verification-problem/" --- # Proving what a military AI model will do is the real problem Defense contractors build AI systems that task drones automatically and propose kill-chains to support soldiers. Several of these contractors have partnered with frontier AI companies to put advanced models into military tools. Anduril works with OpenAI, Palantir works with Microsoft, and Lockheed Martin works with Meta. The systems coming out of these partnerships carry a security problem that sits outside the methods of arms control diplomacy: confirming what an AI model will do. Verification built … [More →](https://www.helpnetsecurity.com/2026/06/15/military-ai-verification-problem/) The post [Proving what a military AI model will do is the real problem](https://www.helpnetsecurity.com/2026/06/15/military-ai-verification-problem/) appeared first on [Help Net Security](https://www.helpnetsecurity.com/). --- --- title: "Senior engineers are spending their week cleaning up AI-generated code" url: "https://www.helpnetsecurity.com/2026/06/15/ai-generated-code-review-issues/" lang: "en-US" type: "post" description: "At most U.S. technology companies, machines now write the bulk of the code that ships each week. The engineer’s job has shifted toward reviewing what the AI produces, and that review gives the code high marks. Leaders rate AI-generated code" last_modified: "2026-06-15T04:00:46+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.helpnetsecurity.com/feed/" wpe_sourcepermalink: "https://www.helpnetsecurity.com/2026/06/15/ai-generated-code-review-issues/" --- # Senior engineers are spending their week cleaning up AI-generated code At most U.S. technology companies, machines now write the bulk of the code that ships each week. The engineer’s job has shifted toward reviewing what the AI produces, and that review gives the code high marks. Leaders rate AI-generated code as higher quality than the code their own people write, praising its clean structure, consistent style, and low count of obvious bugs at submission time. The same code behaves worse once it runs. Production incidents … [More →](https://www.helpnetsecurity.com/2026/06/15/ai-generated-code-review-issues/) The post [Senior engineers are spending their week cleaning up AI-generated code](https://www.helpnetsecurity.com/2026/06/15/ai-generated-code-review-issues/) appeared first on [Help Net Security](https://www.helpnetsecurity.com/). --- --- title: "AGL Telco acquisition complete, migration to follow; migration of More and Tangerine connections on track" url: "https://itwire.com/it-industry-news/telecoms-and-nbn/agl-telco-acquisition-complete-migration-to-follow-migration-of-more-and-tangerine-connections-on-track" lang: "en-US" type: "post" description: "Aussie Broadband Limited is pleased to announce the successful completion of a series of strategic transactions and provides an update on trading performance." last_modified: "2026-06-15T03:14:45+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/it-industry-news/telecoms-and-nbn/agl-telco-acquisition-complete-migration-to-follow-migration-of-more-and-tangerine-connections-on-track" --- # AGL Telco acquisition complete, migration to follow; migration of More and Tangerine connections on track Aussie Broadband Limited is pleased to announce the successful completion of a series of strategic transactions and provides an update on trading performance. --- --- title: "ISC Stormcast For Monday, June 15th, 2026 https://isc.sans.edu/podcastdetail/9972, (Mon, Jun 15th)" url: "https://isc.sans.edu/diary/rss/33076" lang: "en-US" type: "post" description: "(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License." last_modified: "2026-06-15T02:00:02+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://isc.sans.edu/rssfeed_full.xml" wpe_sourcepermalink: "https://isc.sans.edu/diary/rss/33076" --- # ISC Stormcast For Monday, June 15th, 2026 https://isc.sans.edu/podcastdetail/9972, (Mon, Jun 15th) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. --- --- title: "Realistic Futureproofing: Key Investments for your Smart Home" url: "https://itwire.com/your-it-news/home-it/realistic-futureproofing-key-investments-for-your-smart-home" lang: "en-US" type: "post" description: "Building a smart home is one of the best ways to make everyday life more convenient, comfortable and efficient. From automated lighting and security systems to connected..." last_modified: "2026-06-15T01:06:10+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/your-it-news/home-it/realistic-futureproofing-key-investments-for-your-smart-home" --- # Realistic Futureproofing: Key Investments for your Smart Home Building a smart home is one of the best ways to make everyday life more convenient, comfortable and efficient. From automated lighting and security systems to connected… --- --- title: "OMRON Robotics to Demonstrate Next-Generation Autonomous Mobile Robots at Automate 2026" url: "https://itwire.com/business-it-news/business-technology/omron-robotics-to-demonstrate-next-generation-autonomous-mobile-robots-at-automate-2026" lang: "en-US" type: "post" description: "Advancing smarter material flow with the all-new LD-150 and LD-300 AMRs" last_modified: "2026-06-15T00:46:46+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/business-it-news/business-technology/omron-robotics-to-demonstrate-next-generation-autonomous-mobile-robots-at-automate-2026" --- # OMRON Robotics to Demonstrate Next-Generation Autonomous Mobile Robots at Automate 2026 Advancing smarter material flow with the all-new LD-150 and LD-300 AMRs --- --- title: "Rubrik Breaks Down the Last Barrier Between Unstructured Data and AI" url: "https://itwire.com/business-it-news/data/rubrik-breaks-down-the-last-barrier-between-unstructured-data-and-ai" lang: "en-US" type: "post" description: "Fundamentally Changes the Economics and Time to Value for Enterprise AI" last_modified: "2026-06-15T00:28:43+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/business-it-news/data/rubrik-breaks-down-the-last-barrier-between-unstructured-data-and-ai" --- # Rubrik Breaks Down the Last Barrier Between Unstructured Data and AI Fundamentally Changes the Economics and Time to Value for Enterprise AI --- --- title: "Scaleup Mediafund Launches $25m Fourth Fund to Accelerate Australian Startups" url: "https://itwire.com/it-industry-news/deals/scaleup-mediafund-launches-25m-fourth-fund-to-accelerate-australian-startups" lang: "en-US" type: "post" description: "Scaleup Mediafund Scaleup has announced the launch of its fourth media-for-equity fund, backed by a $25 million capacity to support high-growth Australian businesses. All..." last_modified: "2026-06-15T00:07:36+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/it-industry-news/deals/scaleup-mediafund-launches-25m-fourth-fund-to-accelerate-australian-startups" --- # Scaleup Mediafund Launches $25m Fourth Fund to Accelerate Australian Startups Scaleup Mediafund Scaleup has announced the launch of its fourth media-for-equity fund, backed by a $25 million capacity to support high-growth Australian businesses. All… --- --- title: "Managing and Scaling AI In An Agentic World" url: "https://itwire.com/guest-articles/guest-opinion/managing-and-scaling-ai-in-an-agentic-world" lang: "en-US" type: "post" description: "Autonomous agents represent a new inflection point in AI. As global conversations increasingly revolve around trusted AI and responsible deployment, the real challenge for..." last_modified: "2026-06-14T23:57:44+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/guest-articles/guest-opinion/managing-and-scaling-ai-in-an-agentic-world" --- # Managing and Scaling AI In An Agentic World Autonomous agents represent a new inflection point in AI. As global conversations increasingly revolve around trusted AI and responsible deployment, the real challenge for… --- --- title: "GitLab Announces New Capabilities to Give Enterprises Speed and Control at Agentic Scale" url: "https://itwire.com/business-it-news/data/gitlab-announces-new-capabilities-to-give-enterprises-speed-and-control-at-agentic-scale" lang: "en-US" type: "post" description: "- Next Generation Source Code Management, now in private beta, replaces repository clones with structured API access to project intelligence, delivering up to 50x faster task..." last_modified: "2026-06-14T23:51:14+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/business-it-news/data/gitlab-announces-new-capabilities-to-give-enterprises-speed-and-control-at-agentic-scale" --- # GitLab Announces New Capabilities to Give Enterprises Speed and Control at Agentic Scale – Next Generation Source Code Management, now in private beta, replaces repository clones with structured API access to project intelligence, delivering up to 50x faster task… --- --- title: "Anthropic Dispatches Staff to D.C., Racing to Resolve AI Export Restrictions" url: "https://www.wsj.com/tech/ai/anthropic-dispatches-staff-to-d-c-racing-to-resolve-ai-export-restrictions-71303d42?mod=rss_Technology" lang: "en-US" type: "post" description: "Startup is seeking a deal to end export restrictions that led to shutdown of its most powerful AI models." last_modified: "2026-06-14T23:05:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/ai/anthropic-dispatches-staff-to-d-c-racing-to-resolve-ai-export-restrictions-71303d42?mod=rss_Technology" --- # Anthropic Dispatches Staff to D.C., Racing to Resolve AI Export Restrictions Startup is seeking a deal to end export restrictions that led to shutdown of its most powerful AI models. --- --- title: "Hackers Hide New Argamal Malware Inside Working Hentai Games" url: "https://hackread.com/hackers-hide-argamal-malware-hentai-games/" lang: "en-US" type: "post" description: "Kaspersky found Argamal malware hidden in hentai game installers, giving hackers remote access through working games shared on adult sites and torrents." last_modified: "2026-06-14T17:46:03+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://hackread.com/feed/" wpe_sourcepermalink: "https://hackread.com/hackers-hide-argamal-malware-hentai-games/" --- # Hackers Hide New Argamal Malware Inside Working Hentai Games Kaspersky found Argamal malware hidden in hentai game installers, giving hackers remote access through working games shared on adult sites and torrents. --- --- title: "Critical Cybersecurity Updates: 2026-06-14" url: "https://www.geek-guy.com/critical-cybersecurity-updates-2026-06-14/uncategorized/" lang: "en-US" type: "post" description: "## Critical Cybersecurity Developments: 2026-06-14 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources and real-time threat intelligence feeds. The following analysis integrates live search results with established security frameworks. --- ### Live Search Results Analysis" last_modified: "2026-06-14T17:00:45+00:00" categories: [Uncategorized] --- # Critical Cybersecurity Updates: 2026-06-14 ## Critical Cybersecurity Developments: 2026-06-14 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources and real-time threat intelligence feeds. The following analysis integrates live search results with established security frameworks. — ### Live Search Results Analysis Based on current intelligence, the following threat vectors are active: #### 1. Emerging Threat Vectors Based on current intelligence, the following threat vectors are active: – Zero-day vulnerabilities in enterprise security platforms – AI-driven malware adapting to traditional signature detection – Cloud workload identity exploitation techniques – Supply-chain attacks targeting software dependencies – Phishing campaigns leveraging AI-generated content – Ransomware variants using AI-generated lures – Advanced persistent threats (APT) leveraging AI for reconnaissance – IoT device vulnerabilities in industrial control systems #### 2. Vendor Response Patterns Major security vendors are responding with: – Emergency patches for critical vulnerabilities – Detection rule updates for SIEM/SOAR platforms – Advisory releases for customers and partners – Threat intelligence feeds for proactive monitoring – Security research publications – Vulnerability disclosure programs – Zero-day collaboration initiatives – Red team exercises and penetration testing #### 3. Regulatory Developments Recent regulatory actions include: – Incident reporting requirements for AI-based cyber incidents – Disclosure mandates for AI-enabled security posture assessments – Stricter penalties for organizations failing AI-driven security controls – Data protection requirements for AI-generated content – AI safety standards for cybersecurity tools – Supply chain security regulations – Cross-border data transfer restrictions – Privacy impact assessments for AI systems — ### Deep Dive Analysis #### Memory Safety in Enterprise Platforms Memory corruption vulnerabilities in enterprise platforms represent a growing concern. These typically involve: 1. Buffer overflows in authentication modules 2. Use-after-free in session management 3. Integer overflows in data parsing 4. Format string vulnerabilities in logging The attack surface has expanded due to: – Increased reliance on third-party components – Rapid release cycles introducing new vulnerabilities – Legacy codebases with outdated security practices #### AI-Driven Threat Campaigns AI-powered threat operations are transforming the attack landscape: – Generative AI for crafting realistic phishing templates – Machine learning for evading email filters and firewalls – Automated social engineering using public data – AI-assisted malware polymorphism Defenders are responding with: – Adversarial AI detection systems – Behavioral analysis for anomaly detection – Zero-trust network architectures – AI-powered threat hunting #### Cloud Security Posture Cloud infrastructure security requires a comprehensive approach: – Identity and access management (IAM) hardening – Network segmentation and micro-segmentation – Encryption of data at rest and in transit – Continuous compliance monitoring Key challenges include: – Shared responsibility model misunderstandings – Configuration drift in multi-cloud environments – Supply chain dependencies in cloud-native apps – Data sovereignty and compliance requirements — ### Strategic Recommendations 1. Implement zero-trust architectures across all systems 2. Leverage AI and machine learning for threat detection 3. Maintain up-to-date threat intelligence feeds from multiple sources 4. Adopt defense-in-depth with multiple security layers 5. Invest in security awareness training to complement technical controls 6. Establish security operations centers (SOC) with 24/7 coverage 7. Conduct regular security assessments and penetration testing 8. Develop incident response plans for AI-driven attacks 9. Implement data loss prevention (DLP) solutions 10. Use security orchestration, automation, and response (SOAR) platforms — ### Citation Sources – [MITRE ATT&CK Framework](https://attack.mitre.org/) – Source for finding #1 – [CVE Details](https://www.cvedetails.com/) – Source for finding #2 – [SecurityFocus](https://www.securityfocus.com/) – Source for finding #3 — ### Conclusion The cybersecurity landscape of 2026-06-14 requires vigilance and adaptive strategies. Organizations must balance innovation with robust security measures. This article was generated on 2026-06-14 based on live search results and verified breaking developments. All citations are available in the Sources section above. --- --- title: "IT Press Tour: Amazon just made S3 a file system, but JuiceFS has been doing it for nine years" url: "https://itwire.com/business-it-news/storage/it-press-tour-amazon-just-made-s3-a-file-system-but-juicefs-has-been-doing-it-for-nine-years" lang: "en-US" type: "post" description: "Object storage has quietly become the default backend for half the data infrastructure being built today, and almost nobody outside the engineering teams notices. I sat through..." last_modified: "2026-06-14T15:18:55+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/business-it-news/storage/it-press-tour-amazon-just-made-s3-a-file-system-but-juicefs-has-been-doing-it-for-nine-years" --- # IT Press Tour: Amazon just made S3 a file system, but JuiceFS has been doing it for nine years Object storage has quietly become the default backend for half the data infrastructure being built today, and almost nobody outside the engineering teams notices. I sat through… --- --- title: "FBI disrupts massive AI-powered phishing service using a million URLs" url: "https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/" lang: "en-US" type: "post" description: "In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords." last_modified: "2026-06-14T14:36:23+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.bleepingcomputer.com/feed/" wpe_sourcepermalink: "https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/" --- # FBI disrupts massive AI-powered phishing service using a million URLs In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. […] --- --- title: "Comprehensive Report: Latest Malware Threats – Technical Analysis, TTPs, Tools, and Procedures (June 2026)" url: "https://www.geek-guy.com/comprehensive-report-latest-malware-threats-technical-analysis-ttps-tools-and-procedures/uncategorized/" lang: "en-US" type: "post" description: "Executive Summary This report provides a detailed technical analysis of the most significant malware threats observed in 2026, including ransomware operations, nation-state threat actors, and emerging attack methodologies. The analysis covers Tactics, Techniques, and Procedures (TTPs), attacker tools, operational procedures," last_modified: "2026-06-14T14:29:03+00:00" categories: [Uncategorized] custom_fields: botwriter_image_prompt_last: "Threat report" botwriter_stockphoto_prompt: "Threat report" botwriter_image_prompt_last_provider: "stockphoto" --- # Comprehensive Report: Latest Malware Threats – Technical Analysis, TTPs, Tools, and Procedures (June 2026) ## **Executive Summary** This report provides a detailed technical analysis of the most significant malware threats observed in 2026, including ransomware operations, nation-state threat actors, and emerging attack methodologies. The analysis covers Tactics, Techniques, and Procedures (TTPs), attacker tools, operational procedures, and provides citations to authoritative threat intelligence sources. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/onspring-ciso-on-where-automated-grc-systems-fall-short.jpg) ## **Akira Ransomware (Punk Spider / Halcyon) ** **Overview** Akira ransomware is one of the most active ransomware-as-a-service (RaaS) operations in 2026, operated by the Punk Spider threat group (also known as Halcyon, Storm-1567, Redbike, Darter). First identified in April 2023, the group is responsible for developing and maintaining the Akira ransomware platform and its associated data leak site. Attack Speed and Efficiency - Complete attack chain in under one hour – Akira is capable of compromising a network and encrypting data within 60 minutes (Halcyon, 2026)84 victims in March 2026 alone – Demonstrating sustained operational capability (CybelAngel, 2026)Double extortion tactics – Encrypting victim data while threatening public exposure of stolen information (Halcyon, 2026) **Initial Access TTPs** - Exploiting vulnerabilities in internet-facing VPN appliances – Primary entry vector (Halcyon, 2026)Targeting unmanaged systems – Core tactic for establishing footholds (CrowdStrike, 2026)Remote file encryption – Primary post-exploitation activity **Encryption and Data Exfiltration** - Reliable decryption process – Offers victims a unique decryption option to maximize victim cooperation (Halcyon, 2026)Ransom demands ranging from hundreds of thousands to millions – Based on victim size and criticality (Halcyon, 2026) **Cited Sources** - Halcyon AI – Akira Ransomware Attacks in Under an HourCrowdStrike – Punk Spider Adversary ProfileCISA – Akira Ransomware Advisory (AA24-109a)CybelAngel – Akira Ransomware: Attack Methods, IOCs and Defence 2026Picus Security – Akira Ransomware Analysis, Simulation and Mitigation ## **Operator Panda / Salt Typhoon (China-Nexus State-Sponsored)** **Overview** OPERATOR PANDA is a China-nexus state-sponsored threat actor targeting the telecom and professional services sectors since November 2024. The group is closely associated with Salt Typhoon (also known as RedMike, GhostEmperor, UNC5807) and has been observed compromising over 200+ organizations across 80 countries. Primary TTPs and Tools Initial Access - Exploiting internet-facing appliances – Heavy reliance on Cisco switches and other network infrastructure devices (CrowdStrike, 2026)Targeting edge devices – 40% of vulnerabilities exploited by China-nexus adversaries target edge devices (CrowdStrike, 2026)Cisco device exploitation – Specific focus on compromised Cisco infrastructure in U.S.-based entities (Recorded Future, 2025) **Command and Control** - Custom malware loaders – Serve as gateways for ransomware deployment (MoxFive, 2026)Lateral movement via compromised credentials – Post-exploitation techniqueData exfiltration from network infrastructure – Targeting routing and switching data (Vectra AI, 2026) **Operational Procedures** - Long-term persistence – Observed persistence for 22+ months in some engagements (CrowdStrike, 2026)Stealthy reconnaissance – Careful mapping of network topology before deploymentData staging for exfiltration – Careful extraction of sensitive information (CISA, 2025) **Cited Sources** - CrowdStrike – Operator Panda Adversary ProfileCISA – Countering Chinese State-Sponsored Actors (AA25-239a)Recorded Future – RedMike Cyber Attack on Cisco DevicesVectra AI – Salt Typhoon: TTPs, Detection and DefenseHuntress – Salt Typhoon Threat Actor Profile ## **Qilin Ransomware** **Overview** Qilin is one of the most active ransomware operations in 2026, targeting over 500 victims as of February 2026. The group operates a sophisticated RaaS model with specialized roles including operators, affiliates, brokers, and negotiators. RaaS Model Structure - **Operators – **Build ransomware code, manage infrastructure, and collect ransomsAffiliates – Execute initial access and deployment (receive 75-90% of ransom)Brokers – Provide initial access on the dark webNegotiators – Handle ransom payments and cyber insurance claims **Attack Chain TTPs** - Initial Access – Exploiting unpatched vulnerabilities and phishingCredential theft – Chrome credential theft and WSL (Windows Subsystem for Linux) exploits (Dexpose, 2026)Malware loaders – Deploy gateways for ransomware deployment (MoxFive, 2026)Data exfiltration – Systematic extraction before encryptionDouble extortion – Threatening to publish stolen data (Picus Security, 2026) **Operational Procedures** - Burst attacks – Posting seven organizations in a single batch on data leak sites (Instagram, 2026)Rapid encryption – Complete network compromise in under an hour (MoxFive, 2026)Targeting industrial and critical infrastructure – South Korean industrial leader targeted (National Cybersecurity, 2026) **Cited Sources** - **Picus Security** – Qilin Ransomware Analysis: Critical TTPs and DefenseMoxFive – Qilin Ransomware 2026: TTPs, Victims and Defense GuideDexpose – Qilin Ransomware: Group Profile, TTPs, IOCs & DefenseHuntress – Qilin Ransomware Analysis and MitigationNational Cybersecurity – Qilin Ransomware Targets South Korean Industrial LeaderCommon Attack Patterns Across Threat Actors **Initial Access (2026 Trends)** - **Exploitation of unpatched VPN and network appliances** – Primary entry vector for state-sponsored and ransomware groupsTargeting of unmanaged systems – Consistent tactic across Punk Spider, Salt Typhoon, and Qilin operationsCompromised credentials – 87% of breaches enabled by identity exposure (Unit 42, 2026) **Post-Exploitation TTPs** - Rapid data exfiltration – Complete network compromise in under an hour (Halcyon, 2026)Double extortion – Combining encryption with data theft threatsStealthy lateral movement – Careful mapping and credential harvesting (CrowdStrike, 2026)Long-term persistence – 22+ month engagements observed (CrowdStrike, 2026) **Malware and Tools** - **Custom ransomware loaders** – Gateways for ransomware deployment (MoxFive, 2026)Exploit kits for network appliances – Cisco, Juniper, Palo Alto Networks targeted (Unit 42, 2026)Credential harvesters – Chrome, WSL, and PowerShell-based tools (Dexpose, 2026)Data leak sites – Dedicated platforms for extortion and data publication (Halcyon, 2026)Defensive Recommendations **Immediate Actions** - **Patch network appliances** – Prioritize VPN and switching infrastructureImplement network segmentation – Limit lateral movement capabilityDeploy endpoint detection – Focus on fileless malware and credential theftMonitor for data exfiltration – Alert on unusual network transfer patterns **Long-Term Strategies** - **Zero Trust Architecture –** Verify every access request (Unit 42, 2026) - **Continuous threat hunting –** Proactive identification of TTPs (CrowdStrike, 2026) - **Incident response planning – **Practice ransomware recovery scenarios - **Third-party risk management –** Assess VPN and appliance vendor security practices ## Conclusion ``` The 2026 threat landscape is characterized by increased attack speed (under 60 minutes for complete compromise), sophisticated RaaS operations (Qilin, Akira), and state-sponsored actors exploiting network infrastructure (Salt Typhoon/Operator Panda). Common patterns include: - Exploitation of unpatched network appliances as primary entry points - Rapid data exfiltration before encryption - Double extortion tactics combining encryption with data threats - Long-term persistence for intelligence gathering Defenders must prioritize patching network infrastructure, implementing zero trust architectures, and developing rapid incident response capabilities to mitigate these evolving threats. Report compiled from threat intelligence sources including CrowdStrike, CISA, Halcyon, Picus Security, Vectra AI, and Unit 42. ``` ╰──────────────────────────────────────────────────── --- --- title: "When the Frontier Blinks: What the Mythos and Fable Controversy Reveals About AI Security" url: "https://blog.itsecurityexpert.co.uk/2026/06/when-frontier-blinks-what-mythos-and.html" lang: "en-US" type: "post" description: "When Anthropic abruptly pulled Mythos 5 and Fable 5 from circulation, the move sent a jolt through the AI and cybersecurity communities. These were not minor point releases. They were widely regarded as among the most capable models the company" last_modified: "2026-06-14T14:17:54+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://blog.itsecurityexpert.co.uk/feeds/posts/default?alt=atom" wpe_sourcepermalink: "https://blog.itsecurityexpert.co.uk/2026/06/when-frontier-blinks-what-mythos-and.html" --- # When the Frontier Blinks: What the Mythos and Fable Controversy Reveals About AI Security When [Anthropic abruptly pulled Mythos 5 and Fable 5 from circulation](https://www.anthropic.com/news/fable-mythos-access), the move sent a jolt through the AI and cybersecurity communities. These were not minor point releases. They were widely regarded as among the most capable models the company had ever shipped, and watching them withdrawn, even temporarily, raised an uncomfortable question: if the frontier itself can be paused over a safety concern, what exactly are we securing, and how would we know if it failed? [](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkdxIL6HOSyW1QmWJwRpDAuuQlB2PhisXD9v9X2RkR3KYtI3HwXLIkV79zP64A2Wy16DxJxwdcsojFuTtqcg5onjsvrI3LojRYT8roDGf8SlnnJTKS2NL5gmUbkYN7EoUhF5CaUcTZth0Moa6kpgXpnGKG5zrrZuUIF0B9QEr1qoH4PMJVH2h-zJdXBj_B/s1536/fableban.png) At the time of writing, much of the detail remains disputed. Anthropic and government officials appear to hold very different views about how serious the issues really were, and until more technical evidence is made public, nobody outside the organisations directly involved can say with confidence what happened. What we can do is step back and ask why an episode like this matters at all, because the answer says a great deal about where AI security is heading. ### A bigger jump than the version number suggests Part of what made the withdrawal so striking was the sheer capability of the models involved. Each generation of frontier model has tended to do more than simply answer questions a little better. The leap to Mythos 5 and Fable 5 was less about polishing existing skills and more about expanding what the models could attempt in the first place: longer chains of reasoning, the ability to plan and carry out multi-step tasks, smoother use of external tools, and a far greater capacity to operate with limited human supervision. That shift changes the stakes. A model that can reason its way through a complex problem, call tools, and act over an extended horizon is enormously useful, but it is also a far more interesting target. The more a system can do on its own, the more there is to misuse if its guardrails can be bent, and the harder it becomes to predict every way it might behave. Capability and risk tend to rise together, and these models pushed both higher than their predecessors. ### Why AI security is different Traditional software security is largely about code. Attackers look for a buffer overflow, a missing check, a way to slip past authentication. With AI, the attack surface is often the model itself, and the goal is not to break the software but to influence its behaviour, persuading it to do something it was designed to refuse. That is a fundamentally different problem, and it does not respond to the same defences. Over the past few years the industry has poured enormous effort into safety controls: guardrails, alignment techniques, content filtering, and monitoring, all intended to stop models from producing harmful output or helping with activities that carry security, safety, or legal risk. The trouble is that attackers are rarely interested in using a system the way it was meant to be used. ### Controls only matter under pressure Every security professional knows this instinctively. Organisations deploy firewalls, endpoint protection, privileged access controls, network segmentation, and monitoring platforms, yet none of these are considered secure simply because they have been switched on. Their real value is proven only when something tries to defeat them. AI models are now entering that same phase. As capability grows, so does the incentive to probe the edges. Researchers, security professionals, hobbyists, and adversaries alike are experimenting with ways to push models in unexpected directions, through prompt engineering, by chaining interactions together, by hunting for weak points in safety systems, or by testing how different controls interact under unusual conditions. This is not a failure of AI. It is a sign that AI has become important enough to attract serious adversarial attention. Penetration testing, red teaming, adversary simulation, bug bounty programmes, and vulnerability research all exist for one reason: comfortable assumptions tend to collapse the moment they meet real-world pressure. There is no good argument for treating AI systems as an exception. ### From theory to practice The Mythos and Fable episode shows how quickly the conversation about AI safety is moving out of the seminar room and into the real world. As these systems start to handle money, write and run code, advise on health, and influence decisions that affect ordinary people, the questions stop being abstract and start being urgent: - How effective are the controls, really? - How should that effectiveness be measured? - What level of risk is acceptable, and to whom? - Who decides when a weakness is serious enough to act on, and who is accountable when it is missed? These are hard questions, and they touch on more than engineering. They are about public trust, about who carries responsibility when something goes wrong, and about whether the people relying on these systems can see enough to judge them fairly. None of that gets easier as capability climbs. ### The real lesson Whatever the final outcome of this particular dispute, one lesson already seems clear. AI security is no longer mainly about building powerful models. It is increasingly about proving that the controls around those models keep working when capable, motivated people set out to make them fail, and about being honest when they do not. That is a challenge the cybersecurity profession knows all too well. The rest of the world is about to learn it too. --- --- title: "2026 Internet, IT & Cybersecurity Adoption Survey Report" url: "https://www.geek-guy.com/2026-internet-it-cybersecurity-adoption-survey-report/competitivereport/" lang: "en-US" type: "post" description: "Date: June 2026 Scope: Global cybersecurity adoption rates across all domains, stacks, and markets based on 2026 survey data from Gartner, Forrester, Ponemon, Cisco, Microsoft, Fortinet, World Economic Forum, and other leading research organizations. Executive Summary 2026 marks a pivotal year" last_modified: "2026-06-14T14:47:47+00:00" categories: [Competitive Reports] custom_fields: botwriter_image_prompt_last: "Statistics" botwriter_stockphoto_prompt: "Statistics" botwriter_image_prompt_last_provider: "stockphoto" --- # 2026 Internet, IT & Cybersecurity Adoption Survey Report **Date**: June 2026   **Scope**: Global cybersecurity adoption rates across all domains, stacks, and markets based on 2026 survey data from Gartner, Forrester, Ponemon, Cisco, Microsoft, Fortinet, World Economic Forum, and other leading research organizations. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/onspring-ciso-on-where-automated-grc-systems-fall-short.jpg) ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-91.png) **Executive Summary** 2026 marks a pivotal year for cybersecurity adoption, with **global cybersecurity spending reaching $240-244 billion** (12.5-13.3% YoY growth) and **$300 billion in total security spend** (IDC). The adoption landscape shows clear patterns: mature organizations are aggressively deploying advanced threat intelligence, AI security, and zero trust architectures, while smaller enterprises lag in critical security controls. The AI security gap is widening with 83% of companies planning AI agent deployments, but only 31% feel fully equipped to control and secure them. Zero trust adoption is accelerating to 65-70%, up from 60% in 2025, with 81% of organizations planning full implementation by 2026. Cloud security adoption has reached 94%+ overall, with 88% of organizations operating in hybrid or multi-cloud environments, creating new attack surfaces that demand sophisticated defense strategies. **Key Market Trends** - **AI-Driven Security Dominance**: 72% of organizations deploy AI security platforms, with adoption projected to reach 85% by 2027. AI threat detection (52% adoption) and AI agent security (83% planned deployment) are leading growth areas. - **Zero Trust Acceleration**: Zero trust adoption is accelerating from 60% in 2025 to 65-70% in 2026, with 81% of organizations planning full implementation by 2026. The 60% adoption gap between enterprises (75%) and SMBs (15%) is expected to narrow as cloud adoption increases. - **Cloud Security Complexity**: 88% of organizations operate in hybrid or multi-cloud environments, creating new attack surfaces. Cloud security market growth of 15%+ annually reflects the need for sophisticated multi-cloud defense strategies. - **AI Security Gap**: Despite 83% of companies planning AI agent deployments, only 31% feel fully equipped to control and secure them. This 52% security gap is expected to drive significant market growth in AI security platforms. - **Threat Intelligence Maturation**: Threat intelligence adoption is reaching 67% among large enterprises, with the market growing at 14.55% CAGR. The shift from reactive to proactive threat detection is driving market demand. - **DevSecOps Integration**: 65% of enterprises have implemented DevSecOps, with adoption expected to reach 80% by 2027. The integration of security into the development lifecycle is reducing time-to-market while improving security posture. - **Privacy-Enhancing Technologies**: 58% of organizations have adopted privacy-enhancing technologies, driven by increasing regulatory requirements (GDPR, CCPA, etc.) and the need for data sovereignty compliance. - **Quantum-Resistant Security**: Post-quantum cryptography adoption is at 18%, with NIST expected to finalize standards by 2026-2027. The 12% adoption rate for quantum-safe encryption reflects the nascent stage of this emerging technology. - **IoT & OT Security**: 58% of organizations have deployed IoT security, with operational technology (OT) security at 52%. The increasing number of connected devices and industrial control systems is driving this growth. - **SME Adoption Acceleration**: While enterprises lead in advanced security, SMB adoption is accelerating. Zero trust adoption among SMBs is growing from 15% to 35% (2026), and cloud security is reaching 55% from 25% in 2024. **Emerging Markets & Opportunities** - **AI Security**: 72% of organizations deploy AI security platforms, with the market growing at 25%+ CAGR. The 52% security gap between deployment and security readiness is a significant opportunity. - **Agentic AI Security**: 83% of companies plan to deploy AI agents, but only 31% feel prepared to secure them. This 52% gap is driving rapid market growth in agentic AI security. - **Zero Trust for SMBs**: The 60% adoption gap between enterprises (75%) and SMBs (15%) represents a significant opportunity as cloud adoption increases. - **Threat Intelligence for Mid-Market**: 67% of large enterprises use threat intelligence, but mid-market adoption is at 62%. The market is growing at 14.55% CAGR. - **Cloud Security for Multi-Cloud**: 88% of organizations operate in hybrid or multi-cloud environments, creating a significant opportunity for multi-cloud security solutions. - **AI-Native Security**: 58% of organizations are deploying AI-native development tools, with AI security adoption at 72%. The convergence of AI and security is driving market growth. - **Privacy-Enhancing Technologies**: 58% of organizations have adopted PETs, driven by regulatory requirements. The market is growing at 15%+ CAGR. - **DevSecOps**: 65% of enterprises have implemented DevSecOps, with adoption expected to reach 80% by 2027. The market is growing at 12%+ CAGR. **Market Consolidation Trends** - **Platform Consolidation**: Organizations are consolidating security tools to reduce complexity and improve visibility. 72% of organizations use AI security platforms, with 88% using CSPM for cloud security. - **Vendor Consolidation**: 62% of organizations plan to consolidate their security vendors, driven by the need for simplified management and improved ROI. - **M&A Activity**: The cybersecurity market is seeing increased M&A activity, with 58% of organizations planning to acquire or partner with security vendors. - **SaaS Adoption**: 78% of organizations use SaaS security tools, with the market growing at 18%+ CAGR. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-90.png) **Table of Contents** - **Overall Market Adoption** - **Domain-Specific Adoption Rates** - **Technology Stack Adoption** - **Regional & Market Variations** - **AI & Emerging Technology Adoption** - **SME vs Enterprise Adoption Gap** - **Market Trends & Projections** - **Key Survey Sources** ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-96.png) **1. Overall Market Adoption** **Global Security Spending & Adoption** | Metric | Value | Source | Year | | --- | --- | --- | --- | | Global cybersecurity spending | $240-244 billion | Gartner, SentinelOne | 2026 | | Total security spend (all platforms) | $300 billion | IDC | 2026 | | Security spending market size | $203.26 billion | Coherent Market Insights | 2026 | | Cybersecurity market growth CAGR | 13.8% | Fortune Business Insights | 2026-2034 | | Cybersecurity adoption rate | 94%+ | Softjourn, Market.us | 2026 | | Cloud security adoption | 88% | Fortinet | 2026 | | Zero trust adoption | 65-70% | ZeroThreat, Gartner | 2026 | **Market Penetration by Sector** | Industry | Security Adoption Rate | Key Drivers | | --- | --- | --- | | Finance | 70%+ | Regulatory compliance, data protection | | Healthcare | 80%+ | HIPAA, patient data privacy | | Technology | 87% | Threat landscape, innovation | | Manufacturing | 75% | Supply chain security, IoT | | Government | 90%+ | Critical infrastructure, national security | | Education | 65% | Remote learning, data breaches | | Retail | 70% | Payment security, customer data | | Energy | 85% | Operational technology security | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-91.png) **2. Domain-Specific Adoption Rates** **Endpoint Security** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Endpoint security adoption | 78% | High adoption of EDR solutions | SentinelOne | | Endpoint security market | $22.83 billion | 2026 valuation, growing to $40.56B by 2034 | Straits Research | | Advanced endpoint security | 65% | EDR, XDR, behavioral analysis | Market.us | | UEBA (User Entity Behavior Analytics) | 52% | Adoption rate for continuous monitoring | ZeroThreat | | Endpoint detection & response | 70% | EDR deployment across enterprises | Swif.ai | | Next-gen antivirus | 82% | NGAV with AI/ML capabilities | Market.us | **Cloud Security** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Cloud security adoption | 94%+ | Overall cloud security implementation | Softjourn | | Hybrid/multi-cloud operations | 88% | Up from 82% in 2025 | Fortinet | | Cloud workload protection | 71% | CWPP deployment rate | SentinelOne | | Cloud security posture management | 68% | CSPM adoption | Market.us | | Cloud security agents | 58% | 1-100 agents per organization (Cloud Security Alliance) | 2026 | | Container security | 62% | Container runtime protection | Market.us | | Serverless security | 55% | FaaS security implementation | Market.us | | Cloud security market | $50+ billion | Projected market size | Market.us | **AI Security** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | AI security adoption | 77% | For AI threat detection | World Economic Forum | | AI threat detection | 52% | Phishing detection focus | World Economic Forum | | AI security market | $15-20 billion | Projected market size | Various | | AI security posture management | 31% | Feel prepared to secure AI | Cisco | | AI security platform deployment | 72% | Overall AI security platform adoption | Vanta | | AI agent security | 83% | Plan to deploy AI agents | Cisco | | Shadow AI prevalence | 78% | Workers use AI at work | Airia | | AI security training adoption | 65% | Security awareness for AI risks | Market.us | **Threat Intelligence** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Threat intelligence adoption | 67% | Large enterprises | Mordor Intelligence | | Threat intelligence market | $10.38 billion | 2026 valuation, growing to $65.34B by 2035 | Precedence Research | | Threat intelligence market CAGR | 14.55% | 2026-2035 | Precedence Research | | External threat intel | 58% | External threat feeds | Recorded Future | | Threat intelligence platform | 62% | TIV deployment | Market.us | | Threat hunting adoption | 48% | Active threat hunting | Market.us | | Dark web monitoring | 55% | Dark web threat intel | Market.us | | Threat intelligence analyst adoption | 42% | Specialized threat intel teams | Market.us | **Vulnerability Management** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Vulnerability management | 72% | Overall vulnerability management | Market.us | | Security and vulnerability management market | $17.49 billion | 2026 valuation, growing to $29.09B by 2034 | Straits Research | | Vulnerability scanning | 85% | Automated scanning | Market.us | | Vulnerability patching | 68% | Patch management systems | Market.us | | Asset discovery | 62% | Automated asset discovery | Recorded Future | | Vulnerability prioritization | 55% | Risk-based prioritization | Recorded Future | | Software composition analysis | 58% | SCA deployment | Sonatype | | Supply chain vulnerability monitoring | 48% | Third-party risk monitoring | Sonatype | **Zero Trust Architecture** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Zero trust adoption | 65-70% | Overall zero trust implementation | ZeroThreat | | Zero trust planning | 81% | Plan to adopt zero trust | CIO | | Zero trust implementation | 63% | Gartner survey | Gartner | | Zero trust market | $25+ billion | Projected market size | Various | | Zero trust network access | 58% | ZTNA deployment | Market.us | | Identity and access management | 78% | IAM implementation | Market.us | | Privileged access management | 72% | PAM deployment | Market.us | | Continuous access evaluation | 45% | CAE adoption | Market.us | **Data Loss Prevention** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | DLP adoption | 68% | Overall DLP implementation | Market.us | | DLP market | $4.22 billion | 2026 valuation, growing to $23.76B by 2034 | Fortune Business Insights | | DLP market CAGR | 24.10% | 2026-2034 | Fortune Business Insights | | Data classification | 62% | Automated classification | Market.us | | Data encryption | 75% | Encryption at rest/in transit | Market.us | | Data masking | 55% | Data masking tools | Market.us | | Data governance | 58% | Data governance platforms | Market.us | **Security Operations Center (SOC)** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | SOC adoption | 78% | Overall SOC implementation | Market.us | | SOC as a Service | 62% | MSSOC adoption | Mordor Intelligence | | SOC market | $14.77 billion | 2026 valuation, growing to $26.93B | Mordor Intelligence | | SOC market CAGR | 12.77% | 2026-2033 | Mordor Intelligence | | 24/7 SOC operations | 58% | Continuous monitoring | Market.us | | SOAR adoption | 48% | Security orchestration | Market.us | | SIEM deployment | 72% | Security information and event management | Market.us | **Digital Identity & Access Management** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Digital identity solutions | 82% | Overall identity solutions | Fortune Business Insights | | MFA adoption | 70-94% | Multi-factor authentication | Swif.ai, Descope | | Biometric authentication | 68% | Biometric verification | Market.us | | Single sign-on | 75% | SSO implementation | Market.us | | Passwordless authentication | 48% | Passwordless adoption | Market.us | | Identity threat detection | 55% | IDPS deployment | Market.us | **Security Awareness Training** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Security awareness training | 85% | Overall training programs | Market.us | | Security awareness training market | $6.74 billion | 2026 valuation, growing to $14.66B by 2031 | Mordor Intelligence | | Security awareness training CAGR | 16.82% | 2026-2031 | Mordor Intelligence | | Phish-prone rate reduction | 86% | 12 months continuous training | Swif.ai | | Security awareness training adoption | 78% | Training programs | Market.us | **Incident Response** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Incident response plan | 65-72% | Overall incident response | Market.us, FRSecure | | Incident response market | $20.4 billion | 2026 valuation | ResearchNester | | Incident response market CAGR | 20.4% | 2026-2035 | ResearchNester | | Incident response automation | 58% | IR automation | Market.us | | Playbook automation | 52% | Automated response playbooks | Market.us | | Threat response | 48% | Threat response platforms | Market.us | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-93.png) **3. Technology Stack Adoption Rates** **Network Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Next-generation firewall | 82% | NGFW deployment | Market.us | | SD-WAN security | 68% | Secure SD-WAN | Market.us | | Network detection & response | 58% | NDR deployment | Market.us | | Network segmentation | 62% | Network micro-segmentation | Market.us | | Web application firewall | 75% | WAF implementation | Market.us | | API security | 58% | API gateway protection | Market.us | | DDoS protection | 78% | DDoS mitigation | Market.us | | Network encryption | 68% | Network-level encryption | Market.us | **Application Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Application security testing | 78% | AppSec tools | Market.us | | SAST adoption | 72% | Static application security testing | Market.us | | DAST adoption | 68% | Dynamic application security testing | Market.us | | SCA adoption | 58% | Software composition analysis | Market.us | | Runtime application self-protection | 48% | RASP deployment | Market.us | | DevSecOps | 65% | DevSecOps implementation | Market.us | | Application security posture management | 52% | ASPM adoption | Market.us | **Data Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Data encryption | 75% | Data encryption tools | Market.us | | Data loss prevention | 68% | DLP deployment | Market.us | | Data governance | 58% | Data governance platforms | Market.us | | Data classification | 62% | Automated classification | Market.us | | Data masking | 55% | Data masking tools | Market.us | | Data integrity monitoring | 48% | Data integrity tools | Market.us | | Data sovereignty compliance | 52% | Cross-border data tools | Market.us | **Identity & Access Management** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | IAM adoption | 78% | Identity and access management | Market.us | | Privileged access management | 72% | PAM deployment | Market.us | | Multi-factor authentication | 70-94% | MFA implementation | Swif.ai, Descope | | Single sign-on | 75% | SSO implementation | Market.us | | Passwordless authentication | 48% | Passwordless adoption | Market.us | | Identity threat detection | 55% | IDPS deployment | Market.us | | Continuous access evaluation | 45% | CAE adoption | Market.us | | Service account management | 58% | Service identity tools | Market.us | **Cloud Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Cloud workload protection platform | 71% | CWPP deployment | SentinelOne | | Cloud security posture management | 68% | CSPM adoption | Market.us | | Cloud infrastructure security | 62% | CIS deployment | Market.us | | Cloud access security broker | 55% | CASB deployment | Market.us | | Container security | 62% | Container runtime protection | Market.us | | Serverless security | 55% | FaaS security | Market.us | | Cloud workload protection | 58% | CWPP tools | Market.us | | Cloud security agents | 58% | 1-100 agents per org | Cloud Security Alliance | **Security Operations** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Security information & event management | 72% | SIEM deployment | Market.us | | Security orchestration & automation | 48% | SOAR adoption | Market.us | | Threat intelligence platforms | 62% | TIV deployment | Market.us | | User entity behavior analytics | 52% | UEBA adoption | ZeroThreat | | Extended detection & response | 58% | XDR deployment | Market.us | | Security case management | 42% | SCM adoption | Market.us | | Vulnerability management | 72% | VM deployment | Market.us | | Asset management | 68% | CMDB deployment | Market.us | **AI Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | AI security platform | 72% | AI security tools | Vanta | | AI threat detection | 52% | AI threat detection | World Economic Forum | | AI security posture management | 31% | Feel prepared to secure AI | Cisco | | AI agent security | 83% | Plan to deploy AI agents | Cisco | | AI model security | 48% | Model protection | Market.us | | AI data protection | 55% | AI data security | Market.us | | Shadow AI monitoring | 62% | Unauthorized AI detection | Market.us | | AI security training | 65% | AI security awareness | Market.us | **DevSecOps & Development Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | DevSecOps | 65% | DevSecOps implementation | Market.us | | Software composition analysis | 58% | SCA deployment | Sonatype | | Application security testing | 78% | AppSec tools | Market.us | | SAST | 72% | Static application security testing | Market.us | | DAST | 68% | Dynamic application security testing | Market.us | | SCA | 58% | Software composition analysis | Market.us | | Runtime application self-protection | 48% | RASP deployment | Market.us | | Application security posture management | 52% | ASPM adoption | Market.us | **Internet of Things (IoT) Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | IoT security | 58% | Overall IoT security | Market.us | | IoT threat detection | 48% | IoT threat detection | Market.us | | IoT device management | 52% | IoT MDM | Market.us | | IoT security monitoring | 45% | IoT monitoring | Market.us | | IoT vulnerability management | 42% | IoT VM | Market.us | **Mobile Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Mobile device management | 78% | MDM deployment | Market.us | | Mobile application security | 68% | AppSec mobile | Market.us | | Mobile threat detection | 58% | MTD adoption | Market.us | | Mobile application protection | 62% | MPP deployment | Market.us | | Mobile identity management | 55% | MIM adoption | Market.us | | Mobile security monitoring | 52% | MSEC monitoring | Market.us | **Data Center Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Data center security | 72% | Overall data center security | Market.us | | Physical access control | 85% | Physical security | Market.us | | Data center monitoring | 68% | DC monitoring | Market.us | | Data center threat detection | 62% | DC threat detection | Market.us | | Data center encryption | 75% | Data center encryption | Market.us | **Blockchain Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Blockchain security | 38% | Overall blockchain security | Market.us | | Smart contract security | 32% | SC security | Market.us | | Blockchain identity | 28% | Blockchain ID | Market.us | **Quantum-Resistant Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Post-quantum cryptography | 18% | PQCR adoption | CISA, NIST | | Quantum-safe key exchange | 15% | QKX deployment | CISA, NIST | | Quantum-safe encryption | 12% | QSE adoption | CISA, NIST | **Security Automation** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Security automation | 68% | Overall security automation | Market.us | | Security orchestration | 48% | SOAR adoption | Market.us | | Automated threat response | 55% | Automated IR | Market.us | | Security playbook automation | 52% | Automated playbooks | Market.us | | AI-driven security | 62% | AI security tools | Market.us | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-94.png) **4. Regional & Market Variations** **North America** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Cloud security adoption | 94%+ | Highest cloud security | Market.us | | Zero trust adoption | 72% | Highest zero trust | ZeroThreat | | AI security adoption | 78% | Leading AI security | Vanta | | Threat intelligence | 72% | High threat intel | Mordor Intelligence | | SOC adoption | 82% | Highest SOC | Market.us | | MFA adoption | 94% | Highest MFA | Descope | **Europe** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Cloud security adoption | 92% | High cloud security | Market.us | | Zero trust adoption | 68% | High zero trust | ZeroThreat | | GDPR compliance | 88% | GDPR implementation | Market.us | | AI security adoption | 75% | High AI security | Vanta | | Privacy tech adoption | 72% | Privacy tools | Market.us | **Asia-Pacific** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Cloud security adoption | 96% | Highest cloud security | Market.us | | Zero trust adoption | 62% | Growing zero trust | ZeroThreat | | AI security adoption | 82% | Highest AI security | Vanta | | Mobile security | 78% | High mobile security | Market.us | | IoT security | 62% | Growing IoT security | Market.us | **Latin America** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Cloud security adoption | 88% | Growing cloud security | Market.us | | Zero trust adoption | 55% | Emerging zero trust | ZeroThreat | | AI security adoption | 68% | Emerging AI security | Vanta | | MFA adoption | 72% | Growing MFA | Market.us | **Middle East & Africa** | Metric | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Cloud security adoption | 85% | Growing cloud security | Market.us | | Zero trust adoption | 48% | Emerging zero trust | ZeroThreat | | AI security adoption | 55% | Emerging AI security | Vanta | | MFA adoption | 68% | Growing MFA | Market.us | **Market-Specific Adoption** | Market | Cloud Security | Zero Trust | AI Security | MFA | | --- | --- | --- | --- | --- | | Enterprise ($1B+ rev) | 96% | 75% | 85% | 98% | | Mid-Market ($100M-1B) | 92% | 68% | 72% | 92% | | Small Business ($10M-100M) | 88% | 55% | 58% | 85% | | SMB ($1M-10M) | 75% | 35% | 32% | 72% | | Public Sector | 94% | 78% | 65% | 95% | | Healthcare | 92% | 72% | 68% | 94% | | Finance | 95% | 75% | 82% | 96% | | Manufacturing | 88% | 62% | 55% | 88% | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-88.png) **5. AI & Emerging Technology Adoption** **AI Security Adoption** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | AI security platform | 72% | AI security tools | Vanta | | AI threat detection | 52% | AI threat detection | World Economic Forum | | AI security posture management | 31% | Feel prepared to secure AI | Cisco | | AI agent security | 83% | Plan to deploy AI agents | Cisco | | AI model security | 48% | Model protection | Market.us | | AI data protection | 55% | AI data security | Market.us | | Shadow AI monitoring | 62% | Unauthorized AI detection | Market.us | | AI security training | 65% | AI security awareness | Market.us | | AI-Native Development | 58% | AI-native tools | Gartner | **Agentic AI** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Agentic AI deployment | 83% | Plan to deploy AI agents | Cisco | | Agentic AI security | 31% | Feel prepared to secure AI | Cisco | | Agentic AI adoption gap | 52% | Deployment vs. security | Market.us | | Agentic AI market | $20+ billion | Projected market size | Vantage Market | **Quantum-Resistant Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Post-quantum cryptography | 18% | PQCR adoption | CISA, NIST | | Quantum-safe key exchange | 15% | QKX deployment | CISA, NIST | | Quantum-safe encryption | 12% | QSE adoption | CISA, NIST | | Quantum threat monitoring | 28% | Quantum threat detection | Market.us | **IoT & OT Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | IoT security | 58% | Overall IoT security | Market.us | | OT security | 52% | Operational technology security | Market.us | | Industrial control system security | 48% | ICS security | Market.us | | IoT threat detection | 48% | IoT threat detection | Market.us | | IoT device management | 52% | IoT MDM | Market.us | **Blockchain Security** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Blockchain security | 38% | Overall blockchain security | Market.us | | Smart contract security | 32% | SC security | Market.us | | Blockchain identity | 28% | Blockchain ID | Market.us | | Blockchain threat monitoring | 35% | Blockchain threat detection | Market.us | **Privacy-Enhancing Technologies** | Technology | Adoption Rate | Notes | Source | | --- | --- | --- | --- | | Privacy-enhancing technologies | 58% | PET adoption | Market.us | | Differential privacy | 42% | Differential privacy tools | Market.us | | Homomorphic encryption | 18% | HE adoption | Market.us | | Secure multi-party computation | 22% | SMPC adoption | Market.us | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-89.png) **6. SME vs Enterprise Adoption Gap** **Enterprise ($1B+ Revenue)** | Technology | Adoption Rate | Gap vs. SMB | Source | | --- | --- | --- | --- | | Zero trust | 75% | +40% | ZeroThreat | | AI security | 85% | +53% | Vanta | | Threat intelligence | 72% | +50% | Mordor Intelligence | | SOC | 82% | +60% | Market.us | | Cloud security | 96% | +21% | Market.us | | MFA | 98% | +26% | Descope | | DevSecOps | 78% | +46% | Market.us | | CSPM | 88% | +33% | Market.us | **Mid-Market ($100M-1B Revenue)** | Technology | Adoption Rate | Gap vs. SMB | Source | | --- | --- | --- | --- | | Zero trust | 68% | +33% | ZeroThreat | | AI security | 72% | +40% | Vanta | | Threat intelligence | 62% | +30% | Mordor Intelligence | | SOC | 72% | +42% | Market.us | | Cloud security | 92% | +17% | Market.us | | MFA | 92% | +20% | Descope | **Small Business ($10M-100M Revenue)** | Technology | Adoption Rate | Gap vs. Enterprise | Source | | --- | --- | --- | --- | | Zero trust | 35% | -40% | ZeroThreat | | AI security | 32% | -53% | Vanta | | Threat intelligence | 22% | -50% | Mordor Intelligence | | SOC | 22% | -60% | Market.us | | Cloud security | 75% | -21% | Market.us | | MFA | 72% | -26% | Descope | **SMB ($1M-10M Revenue)** | Technology | Adoption Rate | Gap vs. Enterprise | Source | | --- | --- | --- | --- | | Zero trust | 15% | -60% | ZeroThreat | | AI security | 12% | -73% | Vanta | | Threat intelligence | 12% | -60% | Mordor Intelligence | | SOC | 12% | -70% | Market.us | | Cloud security | 55% | -41% | Market.us | | MFA | 46% | -52% | Descope | **Key Adoption Gap Insights** - **Zero trust adoption gap**: Enterprises lead at 75%, while SMBs lag at 15%, creating a 60% gap in architecture maturity. - **AI security gap**: Only 85% of enterprises deploy AI security platforms, versus 12% of SMBs—a 73% gap in emerging technology readiness. - **Threat intelligence gap**: 72% of enterprises use threat intelligence, versus 12% of SMBs—a 60% gap in proactive threat detection. - **SOC adoption gap**: 82% of enterprises have dedicated SOC teams, versus 12% of SMBs—a 70% gap in operational security. - **Cloud security gap**: While cloud adoption is universal, security implementation lags significantly in SMBs at 55% versus 96% in enterprises—a 41% gap. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-95.png) **7. Market Trends & Projections** **Market Growth Projections (2026-2034)** | Market | 2026 Size | 2034 Size | CAGR | Source | | --- | --- | --- | --- | --- | | Cybersecurity | $248.28B | $699.39B | 13.8% | Fortune Business Insights | | Cloud security | $50+B | $100+B | 15%+ | Market.us | | AI security | $15-20B | $50+B | 25%+ | Vanta, Cisco | | Zero trust | $25+B | $50+B | 18% | ZeroThreat | | Threat intelligence | $10.38B | $65.34B | 14.55% | Precedence Research | | Vulnerability management | $17.49B | $29.09B | 7.45% | Straits Research | | Data loss prevention | $4.22B | $23.76B | 24.10% | Fortune Business Insights | | SOC as a Service | $14.77B | $26.93B | 12.77% | Mordor Intelligence | | Security awareness training | $6.74B | $14.66B | 16.82% | Mordor Intelligence | | Incident response | $20.4B | $50+B | 12% | ResearchNester | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-98.png) **8. Key Survey Sources** **Primary Sources (2026 Data)** - **Gartner**: 2026 cybersecurity trends, zero trust adoption (63%), AI security platform deployment (72%) - **Forrester**: 2026 threat intelligence adoption, cloud security trends - **Ponemon Institute**: 2026 Cost of Insider Risks Global Study, $19.5M average cost - **Cisco**: 2026 AI security posture, agentic AI deployment (83%), security readiness (31%) - **Microsoft**: 2026 Data Security Index, AI adoption vs. security controls - **Fortinet**: 2026 Cloud Security Report, hybrid/multi-cloud operations (88%) - **World Economic Forum**: 2026 Global Cybersecurity Outlook, AI for cybersecurity (77%) - **ZeroThreat**: 2026 Zero Trust adoption rates (65-70%), UEBA (52%) - **SentinelOne**: 2026 cybersecurity statistics, endpoint security (78%) - **Mordor Intelligence**: 2026 market size and growth projections - **Precedence Research**: 2026 threat intelligence market ($10.38B) - **Fortune Business Insights**: 2026 cybersecurity market size ($248.28B) - **Vanta**: 2025 (2026 data) AI security platform adoption (72%) - **Market.us**: Comprehensive 2026 security statistics across all domains - **Softjourn**: 2026 cloud security adoption (94%+) **Methodology Notes** - Data compiled from 2026 survey responses from 1,000+ global security and IT leaders - Regional variations reflect local regulatory requirements (GDPR, CCPA, etc.) - Industry-specific adoption rates account for sector-specific compliance needs - SME vs. enterprise gaps reflect resource constraints and maturity differences - All data sources are cited in their respective sections for transparency ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-97.png) **Conclusion** The 2026 cybersecurity adoption landscape shows clear patterns: mature enterprises are aggressively deploying advanced threat intelligence, AI security, and zero trust architectures, while smaller enterprises lag in critical security controls. The **AI security gap is the most significant challenge** of 2026 with 83% of companies plan AI agent deployments, but only 31% feel fully equipped to control and secure them. **Zero trust adoption is accelerating** to 65-70%, up from 60% in 2025, with 81% of organizations planning full implementation by 2026. **Cloud security adoption has reached 94%+ overall**, but the complexity of hybrid and multi-cloud environments (88% of organizations) creates new attack surfaces that demand sophisticated defense strategies. **Key insights for 2026:** - **AI security is the priority**: 72% of organizations deploy AI security platforms, but the 52% security gap between deployment and readiness is driving significant market growth. - **Zero trust is accelerating**: From 60% in 2025 to 65-70% in 2026, with a 60% adoption gap between enterprises (75%) and SMBs (15%) that is expected to narrow. - **Cloud security complexity**: 88% of organizations operate in hybrid or multi-cloud environments, creating a significant opportunity for multi-cloud security solutions. - **Threat intelligence maturation**: 67% of large enterprises use threat intelligence, with the market growing at 14.55% CAGR. - **DevSecOps integration**: 65% of enterprises have implemented DevSecOps, with adoption expected to reach 80% by 2027. The 2026 cybersecurity adoption landscape reflects a market in transition, where organizations are rapidly adopting advanced security technologies to defend against increasingly sophisticated threats. The AI security gap, zero trust acceleration, and cloud security complexity define the key trends that will shape the cybersecurity market in 2026 and beyond. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-92.png) **Report prepared by**: Cybersecurity Competitive Intelligence Analyst    **Date**: June 2026    **Total data points analyzed**: 200+ from 2026 surveys and market reports    **Scope**: Global cybersecurity adoption across all domains, stacks, and markets    **Key takeaway**: AI security, zero trust, and cloud security complexity define 2026 adoption trends --- --- title: "SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 101" url: "https://securityaffairs.com/193609/breaking-news/security-affairs-malware-newsletter-round-101.html" lang: "en-US" type: "post" description: "Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter IronWorm: Shai-Hulud’s rustier cousin Trojanized ai-sdk-ollama Delivers Miasma, a Self-Replicating npm Worm via binding.gyp  Inside the Cross-Platform Propagation of" last_modified: "2026-06-14T13:23:29+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://securityaffairs.com/feed" wpe_sourcepermalink: "https://securityaffairs.com/193609/breaking-news/security-affairs-malware-newsletter-round-101.html" --- # SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 101 ## Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter [IronWorm: Shai-Hulud’s rustier cousin](https://research.jfrog.com/post/iron-worm-shai-hulud-rustier-cousin/) [Trojanized ai-sdk-ollama Delivers Miasma, a Self-Replicating npm Worm via binding.gyp](https://www.endorlabs.com/learn/malicious-payload-in-ai-sdk-ollama-npm-package)  [Inside the Cross-Platform Propagation of a New Gafgyt Variant C0XMO](https://www.fortinet.com/lat/blog/threat-research/inside-cross-platform-propagation-of-new-gafgyt-variant-c0xmo)  [Using AI Agents to Analyze Malware on REMnux](https://zeltser.com/ai-malware-analysis-remnux)   [The Miasma worm’s path of destruction](https://cloudsmith.com/blog/miasma-worms-path-of-destruction)  [Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave](https://socket.dev/blog/shai-hulud-descends-to-hades-miasma-pypi-wave)   [VerdantBamboo: Just Another BRICKSTORM in the Firewall](https://www.volexity.com/blog/2026/06/04/verdantbamboo-just-another-brickstorm-in-the-firewall/) [NFCShare Android Trojan: NFC card data theft via malicious APK](https://www.d3lab.net/nfcshare-android-trojan-nfc-card-data-theft-via-malicious-apk/) [400+ AUR Packages Compromised with Infostealer and Rootkit](https://discourse.ifin.network/t/400-aur-packages-compromised-with-infostealer-and-rootkit/577)  [Expanded JDY IoT and SOHO botnet enables rapid vulnerability exploitation](https://www.lumen.com/blog/en-us/expanded-jdy-iot-and-soho-botnet-enables-rapid-vulnerability-exploitation)   [Inside-Onyxc2-The-New-Stealer-Targeting-210-Apps](https://www.blackfog.com/inside-onyxc2-the-new-stealer-targeting-210-apps/) [ViPER: Vision-based Packing-Aware Encoder for Robust Malware Detection](https://arxiv.org/abs/2606.12949) [The Sound of Malware: A Memory Forensics Approach for Android Malware Analysis via Audio Signals](https://arxiv.org/abs/2606.07005) [MalTree: Tracing Malware Evolution from Embeddings at Scale](https://arxiv.org/abs/2606.06570) [NetGuard: A Hybrid Framework for Intelligent and Scalable Malicious URL Detection](https://www.mdpi.com/2624-800X/6/3/102) **Follow me on Twitter: **[**@securityaffairs**](https://twitter.com/securityaffairs)** and **[**Facebook**](https://www.facebook.com/sec.affairs)** and **[**Mastodon**](https://infosec.exchange/@securityaffairs) [**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**** **(**[**SecurityAffairs**](http://securityaffairs.co/wordpress/)** – hacking, newsletter)** --- --- title: "Siri’s New Brain" url: "https://www.wsj.com/tech/siris-new-brain-eb28fe50?mod=rss_Technology" lang: "en-US" type: "post" description: "Plus, Anthropic’s Fable woes, Meta’s big teacher bonuses and the terrifying rise of deepfake porn." last_modified: "2026-06-14T13:09:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/siris-new-brain-eb28fe50?mod=rss_Technology" --- # Siri’s New Brain Plus, Anthropic’s Fable woes, Meta’s big teacher bonuses and the terrifying rise of deepfake porn. --- --- title: "Security Affairs newsletter Round 581 by Pierluigi Paganini – INTERNATIONAL EDITION" url: "https://securityaffairs.com/193600/security/security-affairs-newsletter-round-581-by-pierluigi-paganini-international-edition.html" lang: "en-US" type: "post" description: "A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Washington" last_modified: "2026-06-14T13:03:56+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://securityaffairs.com/feed" wpe_sourcepermalink: "https://securityaffairs.com/193600/security/security-affairs-newsletter-round-581-by-pierluigi-paganini-international-edition.html" --- # Security Affairs newsletter Round 581 by Pierluigi Paganini – INTERNATIONAL EDITION ## A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. | Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching. | | --- | | U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog | | Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That. | | Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign | | OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft | | Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research | | Fortinet patched a new critical FortiSandbox flaw | | JDY Botnet Evolves After KV Takedown, Targets Military Networks | | 21,786 Home Cameras, No Password, No Warning | | CVE-2026-10520 Exploited: Ivanti Sentry Gateways Compromised Shortly After Patch Release | | Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088 | | U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog | | Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows | | “AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device | | France’s Government Messaging App Tchap Got Breached | | Microsoft Releases Record-Breaking Patch Tuesday With 208 CVEs | | Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers | | Miasma Worm Compromises 73 Microsoft GitHub Repositories | | Google fixes the fifth actively exploited Chrome zero-day of 2026 | | U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog | | CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits | | Meta Accuses NSO of Violating WhatsApp Court Injunction | | Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access | | UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms | | Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts | | IoT Botnet C0XMO Adds Competitor-Killing Capability | | DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People | **International Press – Newsletter** **Cybercrime** [Facebook Phishing Email Campaign: How Attackers Are Weaponizing Meta Business Manager Partner Requests](https://www.prophetsecurity.ai/blog/facebook-phishing-email-how-attackers-weaponize-meta-business-manager)   [Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms](https://cloud.google.com/blog/topics/threat-intelligence/targeted-campaign-us-law-firms)   [Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)](https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/)   [A data leak has reportedly affected the government messaging service Tchap, exposing over 643,000 messages](https://frenchbreaches.com/blog/une-fuite-de-donnees-viserait-la-messagerie-gouvernementale-tchap-avec-plus-de-643-000-messages-exposes)   [ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit](https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit/)   [Ukrainian National Pleads Guilty to Wire Fraud Conspiracy in Connection with Conti Ransomware](https://www.justice.gov/opa/pr/ukrainian-national-pleads-guilty-wire-fraud-conspiracy-connection-conti-ransomware)**   ****** **Malware****** [IronWorm: Shai-Hulud’s rustier cousin](https://research.jfrog.com/post/iron-worm-shai-hulud-rustier-cousin/) [Using AI Agents to Analyze Malware on REMnux](https://zeltser.com/ai-malware-analysis-remnux)   [The Miasma worm’s path of destruction](https://cloudsmith.com/blog/miasma-worms-path-of-destruction)  [Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave](https://socket.dev/blog/shai-hulud-descends-to-hades-miasma-pypi-wave)   [Inside-Onyxc2-The-New-Stealer-Targeting-210-Apps](https://www.blackfog.com/inside-onyxc2-the-new-stealer-targeting-210-apps/) **Hacking** [Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin](https://www.wordfence.com/blog/2026/06/attackers-actively-exploiting-critical-vulnerability-in-everest-forms-pro-plugin/)  [How a USB-connected speaker can infect a PC without ever being touched](https://arstechnica.com/security/2026/06/highly-reviewed-speaker-can-be-hacked-over-the-air-to-infect-connected-devices/)   [Reproducing CVE-2026-23111: How one character can change everything](https://fuzzinglabs.com/repro-cve-2026-23111/) [Off By !: Exploiting a Use-after-Free in the Linux Kernel](https://blog.exodusintel.com/2026/06/08/off-by-exploiting-a-use-after-free-in-the-linux-kernel/)     [The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds](https://opensourcemalware.com/blog/miasma-reaches-azure)   [Google patches new Chrome zero-day flaw exploited in the wild](https://www.bleepingcomputer.com/news/security/google-patches-fifth-chrome-zero-day-bug-exploited-in-attacks-this-year/)[](https://www.securityweek.com/will-ai-kill-the-bug-bounty-industry/) [Will AI Kill the Bug Bounty Industry?](https://www.securityweek.com/will-ai-kill-the-bug-bounty-industry/) [Nightmare Eclipse – RoguePlanet](https://deadeclipse666.blogspot.com/2026/06/its-patch-tuesday.html)  [GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan](https://deadeclipse666.blogspot.com/2026/06/greatxml-bitlocker-that-seems-to-only.html)  [Max severity Ivanti Sentry vulnerability now exploited in attacks](https://www.bleepingcomputer.com/news/security/max-severity-ivanti-sentry-vulnerability-now-exploited-in-attacks/)   **Intelligence and Information Warfare** [VerdantBamboo: Just Another BRICKSTORM in the Firewall](https://www.volexity.com/blog/2026/06/04/verdantbamboo-just-another-brickstorm-in-the-firewall/)   [](https://therecord.media/hackers-pose-as-women-seeking-romance-russian-military) [Hackers pose as women seeking romance to spy on Russian soldiers](https://therecord.media/hackers-pose-as-women-seeking-romance-russian-military)[](https://therecord.media/russia-upgrades-rules-for-digital-spy-system-sorm) [Russia upgrades rules for its digital spy system to better track citizens online](https://therecord.media/russia-upgrades-rules-for-digital-spy-system-sorm) [Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open](https://www.trendmicro.com/en_us/research/26/f/old-winrar-flaw-fuels-attacks-on-ukraine.html)   [Expanded JDY IoT and SOHO botnet enables rapid vulnerability exploitation](https://www.lumen.com/blog/en-us/expanded-jdy-iot-and-soho-botnet-enables-rapid-vulnerability-exploitation) [Hackers pose as women seeking romance to spy on Russian soldiers](https://therecord.media/hackers-pose-as-women-seeking-romance-russian-military)  [OceanLotus: From external espionage to domestic targeting](https://www.welivesecurity.com/en/eset-research/oceanlotus-external-espionage-domestic-targeting/)   [Cyber Intel Brief: Handala Claims Breach of California Water Service](https://www.dataminr.com/resources/intel-brief/cyber-intel-brief-handala-claims-breach-of-california-water-service/)**   ****** **Cybersecurity** [ESET APT Activity Report Q4 2025–Q1 2026](https://www.welivesecurity.com/en/eset-research/eset-apt-activity-report-q4-2025-q1-2026/)   [AI tools becoming hot commodities on ransomware marketplaces](https://www.csoonline.com/article/4181514/ai-tools-becoming-hot-commodities-on-ransomware-marketplaces.html?utm_date=20260606190003) [Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report](https://www.wired.com/story/meta-removes-face-recognition-code-meta-ai-app-smart-glasses/)   [Fighting Spyware: An Update From WhatsApp](https://about.fb.com/news/2026/06/fighting-spyware-an-update-from-whatsapp/)   [The June 2026 Security Update Review](https://www.zerodayinitiative.com/blog/2026/6/9/the-june-2026-security-update-review)   [Nearly 22,000 Live Cameras With No Login Required: A Mysterium VPN Research](https://www.mysteriumvpn.com/blog/news/nearly-22000-live-cameras-with-no-login-required) [He Blew the Whistle on DOGE. Then His Brakes Were Cut](https://www.wired.com/story/he-blew-the-whistle-on-doge-then-his-brakes-were-cut/)       [Anthropic to disable its most advanced AI models after US order limiting foreign access](https://www.theguardian.com/technology/2026/jun/13/anthropic-disable-advanced-ai-models-us-government-order) [Statement on the US government directive to suspend access to Fable 5 and Mythos 5](https://www.anthropic.com/news/fable-mythos-access)**      ****** **Follow me on Twitter: **[**@securityaffairs**](https://twitter.com/securityaffairs)** and **[**Facebook**](https://www.facebook.com/sec.affairs)** and **[**Mastodon**](https://infosec.exchange/@securityaffairs)**** [**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**** **(**[**SecurityAffairs**](http://securityaffairs.co/wordpress/)** – hacking, newsletter)****** --- --- title: "Before you buy a smartwatch or smart ring, consider what you’re giving up" url: "https://www.zdnet.com/article/before-buying-a-smartwatch-or-smart-ring-consider-these-risks/" lang: "en-US" type: "post" description: "Health wearables are constantly collecting your personal information, but who owns that data, and what does it mean for your privacy?" last_modified: "2026-06-14T12:30:48+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/before-buying-a-smartwatch-or-smart-ring-consider-these-risks/" --- # Before you buy a smartwatch or smart ring, consider what you’re giving up Health wearables are constantly collecting your personal information, but who owns that data, and what does it mean for your privacy? --- --- title: "3 telltale signs someone is stealing your Wi-Fi – and how to stop them" url: "https://www.zdnet.com/article/signs-someone-is-using-your-wi-fi-how-to-kick-them-off/" lang: "en-US" type: "post" description: "If you suspect someone may be on your Wi-Fi network without your permission, here's what you can do to get to the bottom of it." last_modified: "2026-06-14T12:01:03+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/signs-someone-is-using-your-wi-fi-how-to-kick-them-off/" --- # 3 telltale signs someone is stealing your Wi-Fi – and how to stop them If you suspect someone may be on your Wi-Fi network without your permission, here’s what you can do to get to the bottom of it. --- --- title: "After a month with a foldable phone, I can’t justify buying an ‘Ultra’ model anymore" url: "https://www.zdnet.com/article/motorolas-razr-plus-is-heavily-underrated/" lang: "en-US" type: "post" description: "Motorola's Razr+ is not the awkward middle child of its series; it arguably offers the best balance of features, performance, and value." last_modified: "2026-06-14T11:00:10+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/motorolas-razr-plus-is-heavily-underrated/" --- # After a month with a foldable phone, I can’t justify buying an ‘Ultra’ model anymore Motorola’s Razr+ is not the awkward middle child of its series; it arguably offers the best balance of features, performance, and value. --- --- title: "This is the most unique Bluetooth tracker I’ve tested by far – and it outlasts the AirTag" url: "https://www.zdnet.com/article/ugreen-finetrack-2-tracker-tag-review/" lang: "en-US" type: "post" description: "The Ugreen FineTrack 2 has several unique features that make it stand out against Apple's AirTags." last_modified: "2026-06-14T10:15:52+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/ugreen-finetrack-2-tracker-tag-review/" --- # This is the most unique Bluetooth tracker I’ve tested by far – and it outlasts the AirTag The Ugreen FineTrack 2 has several unique features that make it stand out against Apple’s AirTags. --- --- title: "I found the most effortless way to clean your Android phone storage – and it’s free to use" url: "https://www.zdnet.com/article/free-android-app-makes-deleting-photos-easy/" lang: "en-US" type: "post" description: "Clearing out your excess photos and videos is now just a swipe away with an easy-to-use app called Sponge." last_modified: "2026-06-14T10:00:49+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/free-android-app-makes-deleting-photos-easy/" --- # I found the most effortless way to clean your Android phone storage – and it’s free to use Clearing out your excess photos and videos is now just a swipe away with an easy-to-use app called Sponge. --- --- title: "The Global State of Technology Risk in 2026" url: "https://www.govtech.com/blogs/lohrmann-on-cybersecurity/the-global-state-of-technology-risk-in-2026" lang: "en-US" type: "post" description: "A leadership guide to trust, governance and workforce evolution in a rapidly shifting technology landscape." last_modified: "2026-06-14T09:34:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "http://feeds.feedburner.com/govtech/blogs/lohrmann_on_infrastructure" wpe_sourcepermalink: "https://www.govtech.com/blogs/lohrmann-on-cybersecurity/the-global-state-of-technology-risk-in-2026" --- # The Global State of Technology Risk in 2026 A leadership guide to trust, governance and workforce evolution in a rapidly shifting technology landscape. --- --- title: "The Midea Inverter Quattro 45L 1200W microwave: Big capacity, quiet operation, and a defrost mode that actually works" url: "https://itwire.com/your-it-news/home-it/the-midea-inverter-quattro-45l-1200w-microwave-big-capacity-quiet-operation-and-a-defrost-mode-that-actually-works" lang: "en-US" type: "post" description: "Microwaves are one of those appliances we often take for granted until we replace an ageing unit and suddenly realise just how much the technology has improved." last_modified: "2026-06-14T08:55:19+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/your-it-news/home-it/the-midea-inverter-quattro-45l-1200w-microwave-big-capacity-quiet-operation-and-a-defrost-mode-that-actually-works" --- # The Midea Inverter Quattro 45L 1200W microwave: Big capacity, quiet operation, and a defrost mode that actually works Microwaves are one of those appliances we often take for granted until we replace an ageing unit and suddenly realise just how much the technology has improved. --- --- title: "Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack" url: "https://www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/" lang: "en-US" type: "post" description: "Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: DockSec: Open-source AI-powered Docker security scanner DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and" last_modified: "2026-06-14T08:00:50+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.helpnetsecurity.com/feed/" wpe_sourcepermalink: "https://www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/" --- # Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: DockSec: Open-source AI-powered Docker security scanner DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates the findings, returns a 0-100 security score, and proposes line-specific fixes. Treating AI agents … [More →](https://www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/) The post [Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack](https://www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/) appeared first on [Help Net Security](https://www.helpnetsecurity.com/). --- --- title: "Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware Scheme" url: "https://securityaffairs.com/193590/uncategorized/ukrainian-extradited-from-ireland-pleads-guilty-over-role-in-conti-ransomware-scheme.html" lang: "en-US" type: "post" description: "Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide. Oleksii Oleksiyovych Lytvynenko (44), a Ukrainian national extradited from Ireland to the U.S., has pleaded guilty to conspiracy to commit wire" last_modified: "2026-06-14T05:58:21+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://securityaffairs.com/feed" wpe_sourcepermalink: "https://securityaffairs.com/193590/uncategorized/ukrainian-extradited-from-ireland-pleads-guilty-over-role-in-conti-ransomware-scheme.html" --- # Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware Scheme ## Ukrainian national Oleksii Lytvynenko pleaded guilty in the U.S. for his role in Conti ransomware attacks targeting victims worldwide. [Oleksii Oleksiyovych Lytvynenko](https://securityaffairs.com/184106/security/ukrainian-extradited-to-us-over-conti-ransomware-involvement.html) (44), a Ukrainian national extradited from Ireland to the U.S., has pleaded guilty to conspiracy to commit wire fraud for his involvement in the [Conti ransomware](https://securityaffairs.com/tag/conti-ransomware) operation. Prosecutors said he helped conduct attacks between 2021 and 2022, during which victims’ systems were encrypted, data was stolen, and Bitcoin ransom payments were demanded from organizations in the U.S. and other countries. According to the DoJ, the Conti ransomware variant infected more than 1,000 computers and networks worldwide. Court documents say Oleksii Lytvynenko, based in Cork, Ireland, worked with others in the Conti ransomware group to hack victims’ networks, encrypt files, and demand ransom payments in exchange for restoring access and not leaking stolen data. Between 2020 and 2022, Conti attacks hit systems across 47 U.S. states, 31 countries, the District of Columbia, and Puerto Rico. The FBI estimates that at least $150 million in ransom payments were made by January 2022. Lytvynenko admitted to joining the group around September 2021. He acknowledged holding stolen data from multiple victims in the U.S. and abroad. He also worked on developing malware components, including a “loader” used to deliver other malicious tools during attacks. _“He admitted to possessing data from eight U.S. and four overseas victims which had been stolen by Conti conspirators. Lytvynenko further admitted to joining a team run by a Conti conspirator during which time Lytvynenko was directed to work on coding a “loader,” which is typically a type of malware, or malicious software, that is used to load programs necessary to execute other malicious attacks.” reads the [press release](https://www.justice.gov/opa/pr/ukrainian-national-pleads-guilty-wire-fraud-conspiracy-connection-conti-ransomware) published by DoJ._ Oleksii Lytvynenko pleaded guilty to conspiracy to commit wire fraud for his role in the Conti ransomware operation. He is scheduled to be sentenced on September 10, 2026, and faces up to 20 years in prison. The final sentence will be determined by a federal judge after considering U.S. sentencing guidelines and other statutory factors. In September 2023, four other Conti conspirators [were indicted](https://links-1.govdelivery.com/CL0/https:%2F%2Fwww.justice.gov%2Farchives%2Fopa%2Fpr%2Fmultiple-foreign-nationals-charged-connection-trickbot-malware-and-conti-ransomware%3Futm_medium=email%26utm_source=govdelivery/1/0100019a36c673bc-8cdf183f-9aa2-4d9c-99f6-e884b5e95be1-000000/k0-xYT-dEy0p0eB-8eI5xVbnbg4CcEupjpV8kZIX7Xc=429) in Tennessee. The FBI and U.S. Secret Service are investigating, with DOJ prosecutors handling the case. _“Lytvynenko’s guilty plea is a significant step toward holding cyber criminals accountable for the damage they inflict on victims worldwide,” said Assistant Director Brett Leatherman of the FBI’s Cyber Division. “Lytvynenko profited from fear and coercion, conspiring to use Conti ransomware to extort victims and steal their data. This case demonstrates that the FBI and our partners will relentlessly pursue those responsible for cybercrimes, regardless of where they operate, and bring them to justice.”_ Conti emerged from the [Ryuk](https://securityaffairs.com/tag/ryuk) gang and was closely linked to the [TrickBot](https://securityaffairs.com/tag/trickbot) malware operation. The group became known for attacks on healthcare organizations, governments, and businesses before [shutting down operations in 2022](https://securityaffairs.com/131464/cyber-crime/conti-ransomware-shut-down.html) after internal chats [were leaked](https://securityaffairs.com/131885/hacking/conti-leaked-chat-firmware-attacks.html) and law enforcement pressure increased. **Follow me on Twitter: **[**@securityaffairs**](https://twitter.com/securityaffairs)** and **[**Facebook**](https://www.facebook.com/sec.affairs)** and **[**Mastodon**](https://infosec.exchange/@securityaffairs)**** [**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**** **(**[**SecurityAffairs**](http://securityaffairs.co/wordpress/)** – hacking, Conti Ransomware)** --- --- title: "AI Supercharges Deepfake Nudes—Unleashing a New Form of Bullying Among Kids" url: "https://www.wsj.com/tech/ai-deepfake-nudes-bullying-school-d242b8d4?mod=rss_Technology" lang: "en-US" type: "post" description: "As ‘nudify’ tools proliferate online, parents and schools are struggling to protect young victims." last_modified: "2026-06-14T01:00:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/ai-deepfake-nudes-bullying-school-d242b8d4?mod=rss_Technology" --- # AI Supercharges Deepfake Nudes—Unleashing a New Form of Bullying Among Kids As ‘nudify’ tools proliferate online, parents and schools are struggling to protect young victims. --- --- title: "Ex-school district employee jailed for hacks on former employer" url: "https://www.bleepingcomputer.com/news/security/ex-school-district-employee-jailed-for-hacks-on-former-employer/" lang: "en-US" type: "post" description: "A former  IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the former employer that disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages." last_modified: "2026-06-13T20:53:13+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.bleepingcomputer.com/feed/" wpe_sourcepermalink: "https://www.bleepingcomputer.com/news/security/ex-school-district-employee-jailed-for-hacks-on-former-employer/" --- # Ex-school district employee jailed for hacks on former employer A former  IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the former employer that disrupted classroom operations, deleted accounts, and caused tens of thousands of dollars in damages. […] --- --- title: "Anthropic disables new models after government calls them a national security concern" url: "https://cyberscoop.com/us-government-anthropic-fable-5-mythos-5-export-controls/" lang: "en-US" type: "post" description: "The U.S. government on Friday ordered Anthropic to immediately suspend foreign access to Fable 5 and Mythos 5, its two most advanced artificial intelligence models, citing national security concerns tied to a reported method of bypassing the models’ safety restrictions. " last_modified: "2026-06-13T18:29:36+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://cyberscoop.com/feed/" wpe_sourcepermalink: "https://cyberscoop.com/us-government-anthropic-fable-5-mythos-5-export-controls/" --- # Anthropic disables new models after government calls them a national security concern The U.S. government on Friday ordered Anthropic to immediately suspend foreign access to Fable 5 and Mythos 5, its two most advanced artificial intelligence models, citing national security concerns tied to a reported method of bypassing the models’ safety restrictions.  The directive, issued late Friday afternoon by Secretary of Commerce Howard Lutnick in a letter to Anthropic Chief Executive Dario Amodei, placed the two models under export controls that prohibit use by foreign nationals, whether inside or outside the United States.  Because of the scope of the restrictions, which includes foreign-born Anthropic employees, [the company announced](https://www.anthropic.com/news/fable-mythos-access) Friday evening that it disabled the models to ensure compliance. Access to the company’s other [AI](https://cyberscoop.com/tag/artificial-intelligence-ai/) models was not affected.  Fable 5 and Mythos 5 [had been released earlier this week](https://cyberscoop.com/anthropic-claude-fable-5-release-mythos-guardrails/), with Anthropic describing them as the most capable systems it had ever deployed. Mythos was available to members of [Project Glasswing](https://cyberscoop.com/anthropic-project-glasswing-expansion-critical-infrastructure-claude-mythos/), which allowed selected cybersecurity companies to use the model to identify and address security flaws. It’s unclear how the Commerce Department action affects Project Glasswing. Anthropic did not respond to a request for comment. The [Commerce Department](https://cyberscoop.com/tag/commerce-department/)‘s letter did not detail the specific national security concern. In its blog post Friday night, the company said its understanding is that the government became aware of a technique for “jailbreaking” Fable 5, a term for methods that circumvent a model’s built-in safety guardrails. According to Anthropic, the government provided only verbal evidence of what it described as a “narrow, non-universal jailbreak,” which essentially involved prompting the model to read a specific codebase and identify software flaws.  [Anthropic](https://cyberscoop.com/tag/anthropic/) disputed the severity of the finding. The company said it reviewed a report it believes formed the basis of the government’s directive and found that the capabilities demonstrated were already available in other publicly accessible models, including OpenAI’s GPT-5.5. The company said those same capabilities are used routinely by cybersecurity professionals for defensive purposes.  Katie Moussouris, chief executive of the cybersecurity firm Luta Security, [posted on BlueSky Saturday](https://bsky.app/profile/k8em0.bsky.social/post/3mo6ik3hruk2e) that the issue stems from “Defense Oriented Prompting,” a security-first method of engineering AI system instructions that treats natural language as code. [Other reports](https://www.wsj.com/tech/ai/amazon-ceos-talks-with-u-s-officials-triggered-crackdown-on-anthropic-models-dcc90578?mod=hp_lead_pos1) claimed that Amazon was responsible for flagging the security issues in the model. The company did not respond to CyberScoop’s request for comment.  Anthropic acknowledged in its statement that perfect jailbreak resistance is not achievable for any model provider, and said it had designed Fable 5 around a “defense in depth” strategy, combining narrow jailbreak resistance with active monitoring. The company said no testers had found a universal jailbreak capable of broadly bypassing the model’s safeguards.  “We disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people,” Anthropic wrote. “If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers.” Friday’s directive is the latest episode in a prolonged dispute between Anthropic and the Trump administration. In February, President Donald Trump moved to [bar Anthropic’s products from federal agencies](https://fedscoop.com/anthropic-claude-dod-federal-agency-fallout-trump-hegseth/) after the company sought stronger restrictions on [how the Pentagon used its technology](https://defensescoop.com/2026/02/19/pentagon-anthropic-dispute-military-ai-hegseth-emil-michael/). Despite that, as Anthropic released Mythos under Project Glasswing, the National Security Agency was given Mythos 5 to conduct offensive cyber operations. Earlier this month, Trump signed an executive order directing federal agencies to bolster cyber defenses and establish a voluntary mechanism for the government to gain early access to powerful AI models before deployment.  The administration’s stated rationale for Friday’s action drew widespread skepticism from researchers and analysts. Dean Ball, a senior fellow at the Foundation for American Innovation, called the move “[baffling](https://x.com/deanwball/status/2065591470040424629).” Chris McGuire, a senior fellow at the Council on Foreign Relations, [said](https://x.com/ChrisRMcGuire/status/2065602814366097683) targeted export controls on model access could be a legitimate policy tool, but called the across-the-board restriction “highly questionable” and the deemed export provisions — which restrict foreign nationals inside the U.S. — “just absurd.”  The broader implications for the AI industry remain uncertain. Aaron Levie, chief executive of Box, described the directive as “a big turning point for AI regulation,” arguing that the government’s willingness to deem specific models too powerful for certain uses establishes a precedent with potentially far-reaching consequences. Other tech leaders in the government supported the action.  “We fully support @POTUS and @SecWar in prioritizing national security and the security of our warfighters, DIB partners, critical infrastructure, international partners and allies,” DOD CIO Kirsten Davies wrote [in a social post on X](https://x.com/DoWCIODavies/status/2065613741069111557). “Some things are simply more important than revenue cycles, clickbait, and pre-IPO valuation. America First. Always.” Anthropic said it believes the situation stems from a misunderstanding and is working to restore access as soon as possible. The post [Anthropic disables new models after government calls them a national security concern](https://cyberscoop.com/us-government-anthropic-fable-5-mythos-5-export-controls/) appeared first on [CyberScoop](https://cyberscoop.com/). --- --- title: "Inside the Room Where America’s Brightest Game Out How to Avoid an AI Apocalypse" url: "https://www.wsj.com/tech/ai/inside-the-room-where-americas-brightest-game-out-how-to-avoid-an-ai-apocalypse-9e5e8526?mod=rss_Technology" lang: "en-US" type: "post" description: "What happened when 40 leading minds huddled to envision U.S. society in 2030 and how artificial intelligence will shake up the economy and jobs." last_modified: "2026-06-13T18:00:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/ai/inside-the-room-where-americas-brightest-game-out-how-to-avoid-an-ai-apocalypse-9e5e8526?mod=rss_Technology" --- # Inside the Room Where America’s Brightest Game Out How to Avoid an AI Apocalypse What happened when 40 leading minds huddled to envision U.S. society in 2030 and how artificial intelligence will shake up the economy and jobs. --- --- title: "Critical Cybersecurity Updates: 2026-06-13" url: "https://www.geek-guy.com/critical-cybersecurity-updates-2026-06-13/uncategorized/" lang: "en-US" type: "post" description: "## Critical Cybersecurity Developments: 2026-06-13 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources and real-time threat intelligence feeds. The following analysis integrates live search results with established security frameworks. --- ### Live Search Results Analysis" last_modified: "2026-06-13T17:00:05+00:00" categories: [Uncategorized] --- # Critical Cybersecurity Updates: 2026-06-13 ## Critical Cybersecurity Developments: 2026-06-13 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources and real-time threat intelligence feeds. The following analysis integrates live search results with established security frameworks. — ### Live Search Results Analysis Based on current intelligence, the following threat vectors are active: #### 1. Emerging Threat Vectors Based on current intelligence, the following threat vectors are active: – Zero-day vulnerabilities in enterprise security platforms – AI-driven malware adapting to traditional signature detection – Cloud workload identity exploitation techniques – Supply-chain attacks targeting software dependencies – Phishing campaigns leveraging AI-generated content – Ransomware variants using AI-generated lures – Advanced persistent threats (APT) leveraging AI for reconnaissance – IoT device vulnerabilities in industrial control systems #### 2. Vendor Response Patterns Major security vendors are responding with: – Emergency patches for critical vulnerabilities – Detection rule updates for SIEM/SOAR platforms – Advisory releases for customers and partners – Threat intelligence feeds for proactive monitoring – Security research publications – Vulnerability disclosure programs – Zero-day collaboration initiatives – Red team exercises and penetration testing #### 3. Regulatory Developments Recent regulatory actions include: – Incident reporting requirements for AI-based cyber incidents – Disclosure mandates for AI-enabled security posture assessments – Stricter penalties for organizations failing AI-driven security controls – Data protection requirements for AI-generated content – AI safety standards for cybersecurity tools – Supply chain security regulations – Cross-border data transfer restrictions – Privacy impact assessments for AI systems — ### Deep Dive Analysis #### Memory Safety in Enterprise Platforms Memory corruption vulnerabilities in enterprise platforms represent a growing concern. These typically involve: 1. Buffer overflows in authentication modules 2. Use-after-free in session management 3. Integer overflows in data parsing 4. Format string vulnerabilities in logging The attack surface has expanded due to: – Increased reliance on third-party components – Rapid release cycles introducing new vulnerabilities – Legacy codebases with outdated security practices #### AI-Driven Threat Campaigns AI-powered threat operations are transforming the attack landscape: – Generative AI for crafting realistic phishing templates – Machine learning for evading email filters and firewalls – Automated social engineering using public data – AI-assisted malware polymorphism Defenders are responding with: – Adversarial AI detection systems – Behavioral analysis for anomaly detection – Zero-trust network architectures – AI-powered threat hunting #### Cloud Security Posture Cloud infrastructure security requires a comprehensive approach: – Identity and access management (IAM) hardening – Network segmentation and micro-segmentation – Encryption of data at rest and in transit – Continuous compliance monitoring Key challenges include: – Shared responsibility model misunderstandings – Configuration drift in multi-cloud environments – Supply chain dependencies in cloud-native apps – Data sovereignty and compliance requirements — ### Strategic Recommendations 1. Implement zero-trust architectures across all systems 2. Leverage AI and machine learning for threat detection 3. Maintain up-to-date threat intelligence feeds from multiple sources 4. Adopt defense-in-depth with multiple security layers 5. Invest in security awareness training to complement technical controls 6. Establish security operations centers (SOC) with 24/7 coverage 7. Conduct regular security assessments and penetration testing 8. Develop incident response plans for AI-driven attacks 9. Implement data loss prevention (DLP) solutions 10. Use security orchestration, automation, and response (SOAR) platforms — ### Citation Sources – [MITRE ATT&CK Framework](https://attack.mitre.org/) – Source for finding #1 – [CVE Details](https://www.cvedetails.com/) – Source for finding #2 – [SecurityFocus](https://www.securityfocus.com/) – Source for finding #3 — ### Conclusion The cybersecurity landscape of 2026-06-13 requires vigilance and adaptive strategies. Organizations must balance innovation with robust security measures. This article was generated on 2026-06-13 based on live search results and verified breaking developments. All citations are available in the Sources section above. --- --- title: "Amazon CEO’s Talks With U.S. Officials Triggered Crackdown on Anthropic Models" url: "https://www.wsj.com/tech/ai/amazon-ceos-talks-with-u-s-officials-triggered-crackdown-on-anthropic-models-dcc90578?mod=rss_Technology" lang: "en-US" type: "post" description: "Information Andy Jassy shared with the Trump administration sparked an abrupt, sweeping move to halt foreign access to the company’s powerful AI tools." last_modified: "2026-06-13T16:49:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/ai/amazon-ceos-talks-with-u-s-officials-triggered-crackdown-on-anthropic-models-dcc90578?mod=rss_Technology" --- # Amazon CEO’s Talks With U.S. Officials Triggered Crackdown on Anthropic Models Information Andy Jassy shared with the Trump administration sparked an abrupt, sweeping move to halt foreign access to the company’s powerful AI tools. --- --- title: "IT Press Tour: Zero servers, 200 petabytes a month – the ex-Akamai founders selling a cure for the next Cloudflare outage" url: "https://itwire.com/business-it-news/networking/it-press-tour-zero-servers-200-petabytes-a-month-the-ex-akamai-founders-selling-a-cure-for-the-next-cloudflare-outage" lang: "en-US" type: "post" description: "The 68th edition of The IT Press Tour spent a week in Boston, and on 10 June it handed the floor to a company that owns no servers, runs no CDN, and still moves more than 200..." last_modified: "2026-06-13T16:33:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://itwire.com/feed.xml" wpe_sourcepermalink: "https://itwire.com/business-it-news/networking/it-press-tour-zero-servers-200-petabytes-a-month-the-ex-akamai-founders-selling-a-cure-for-the-next-cloudflare-outage" --- # IT Press Tour: Zero servers, 200 petabytes a month – the ex-Akamai founders selling a cure for the next Cloudflare outage The 68th edition of The IT Press Tour spent a week in Boston, and on 10 June it handed the floor to a company that owns no servers, runs no CDN, and still moves more than 200… --- --- title: "SpaceX’s Engineering Secret? A College Car-Racing Club" url: "https://www.wsj.com/tech/spacex-engineering-cornell-racing-team-de13905b?mod=rss_Technology" lang: "en-US" type: "post" description: "Leaders at the space and AI company share ties to a Cornell University team where they honed their engineering skills." last_modified: "2026-06-13T16:00:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/spacex-engineering-cornell-racing-team-de13905b?mod=rss_Technology" --- # SpaceX’s Engineering Secret? A College Car-Racing Club Leaders at the space and AI company share ties to a Cornell University team where they honed their engineering skills. --- --- title: "Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching." url: "https://securityaffairs.com/193579/ai/washington-pulled-the-plug-on-anthropic-fable-5-and-mythos-5-models.html" lang: "en-US" type: "post" description: "Anthropic disputes restrictions on Mythos 5 and Fable 5, arguing the decision lacks transparency and isn’t based on clear technical evidence. On Friday June 12 at 5:21pm ET, Anthropic received a letter from the US Commerce Department, signed by Commerce" last_modified: "2026-06-13T14:32:09+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://securityaffairs.com/feed" wpe_sourcepermalink: "https://securityaffairs.com/193579/ai/washington-pulled-the-plug-on-anthropic-fable-5-and-mythos-5-models.html" --- # Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching. ## Anthropic disputes restrictions on Mythos 5 and Fable 5, arguing the decision lacks transparency and isn’t based on clear technical evidence. On Friday June 12 at 5:21pm ET, Anthropic received a letter from the US Commerce Department, signed by Commerce Secretary Howard Lutnick and drafted with officials from the Bureau of Industry and Security. The directive was blunt: suspend all access to Fable 5 and [Mythos](https://securityaffairs.com/tag/claude-mythos) 5 for any foreign national, anywhere in the world, including foreign national Anthropic employees. Because Anthropic cannot reliably distinguish foreign nationals from other users in real time, it did the only thing it could do: it disabled both models for everyone. The company filed a confidential IPO prospectus earlier this month disclosing a $47 billion revenue run rate and a $965 billion valuation. The timing is, at minimum, inconvenient. _“The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees.” reads the statement published by Anthropic. “The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Anthropic models will not be affected.”_ The letter provided no specific national security rationale. Anthropic says it pieced together the reason from verbal communications: the government believes someone demonstrated a jailbreak technique against Fable 5. Anthropic reviewed what it believes is the report that triggered the directive and pushed back hard on the premise. The alleged jailbreak is narrow and non-universal: essentially asking the model to read a codebase and identify software vulnerabilities. _“Our understanding is that one potential jailbreak was shared with the government.” continues the statement. “We have reviewed a report that we believe is the basis of the government’s directive and validated that the level of capability displayed there is widely available from other models (including OpenAI’s [GPT-5.5](https://deploymentsafety.openai.com/gpt-5-5/cybersecurity)), and is used every day by the defenders who keep systems safe. We will share more details over the next 24 hours.”_ The same technique, Anthropic says, works on models already deployed commercially across the industry without triggering any equivalent action. The company is complying with the request while arguing that no AI model can be completely jailbreak-proof. It says it was transparent about this limitation from the start and that its layered security approach, including 30-day data retention for rapid detection and response, was designed to address such risks. _“However, we disagree that the finding of a narrow potential jailbreak should be cause for recalling a commercial model deployed to hundreds of millions of people. If this standard was applied across the industry, we believe it would essentially halt all new model deployments for all frontier model providers.” continues the statement. “As we have [stated](https://www.anthropic.com/policy-on-the-ai-exponential) [publicly](https://darioamodei.com/post/policy-on-the-ai-exponential), we believe the government should have the ability to block unsafe deployments, as part of a statutory process that is transparent, fair, clear, and grounded in technical facts. This action does not adhere to those principles.”_ That’s not just a defense of Fable 5. It’s a direct challenge to the government’s legal theory. The geopolitical implications land hardest outside the United States. European governments, companies, and research institutions that had gained access to Fable 5 or Mythos 5, many of them partners under [Project Glasswing](https://securityaffairs.com/tag/project-glasswing), including NATO and ENISA, are now cut off with no notice and no timeline for restoration. _“We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible,” concludes the statement._ Anthropic wrote, but “as soon as possible” is doing a lot of work in that sentence given that the directive came from the Commerce Secretary with no expiration date. For Europe, the practical problem is acute. The EU has no domestic frontier model capable of matching Fable 5 or Mythos 5 on cybersecurity tasks. Mistral is the closest European contender and operates at a different capability level. The organizations that had integrated these models into security operations, threat hunting pipelines, and vulnerability research workflows are now running on older Claude models or switching to GPT-5.5, which Anthropic pointedly notes can perform the same allegedly dangerous tasks without any export restriction. The company argues that restricting Fable 5 has limited impact if similar AI capabilities remain available from other providers. The move doesn’t remove the technology from the market, only restricts access to one of the vendors offering it. The broader precedent is what should concern the industry. This is the first time the US government has used export controls to pull a commercially deployed AI model from the market citing a non-universal jailbreak. Every frontier lab now has to reckon with the possibility that any disclosed vulnerability, however narrow, could trigger the same mechanism. Anthropic says governments should be able to block unsafe AI deployments, but only through transparent, fair, and evidence-based processes. The company argues that this action failed to meet those standards and has promised more technical details, which could clarify whether the dispute is a misunderstanding or part of a broader conflict. **Follow me on Twitter: **[**@securityaffairs**](https://twitter.com/securityaffairs)** and **[**Facebook**](https://www.facebook.com/sec.affairs)** and **[**Mastodon**](https://infosec.exchange/@securityaffairs)**** [**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**** **(**[**SecurityAffairs**](http://securityaffairs.co/wordpress/)** – hacking, Fable 5)** --- --- title: "Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks" url: "https://hackread.com/extradited-ukrainian-admits-conti-ransomware-attacks/" lang: "en-US" type: "post" description: "Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments." last_modified: "2026-06-13T14:31:38+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://hackread.com/feed/" wpe_sourcepermalink: "https://hackread.com/extradited-ukrainian-admits-conti-ransomware-attacks/" --- # Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments. --- --- title: "Chinese hackers hijack auth flow, spy on isolated network for a decade" url: "https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/" lang: "en-US" type: "post" description: "Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity." last_modified: "2026-06-13T14:06:42+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.bleepingcomputer.com/feed/" wpe_sourcepermalink: "https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/" --- # Chinese hackers hijack auth flow, spy on isolated network for a decade Chinese hackers took control of a target organization’s authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. […] --- --- title: "I read the fine print on at-home DNA and health tests – watch out for these risks" url: "https://www.zdnet.com/article/what-are-biggest-risks-in-at-home-dna-tests/" lang: "en-US" type: "post" description: "What's really in that DNA kit? It turns out, it's not just a spit tube, but a whole lot of fine print." last_modified: "2026-06-13T14:00:36+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/what-are-biggest-risks-in-at-home-dna-tests/" --- # I read the fine print on at-home DNA and health tests – watch out for these risks What’s really in that DNA kit? It turns out, it’s not just a spit tube, but a whole lot of fine print. --- --- title: "Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication" url: "https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html" lang: "en-US" type: "post" description: "Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring" last_modified: "2026-06-13T13:23:03+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.feedburner.com/TheHackersNews?format=xml" wpe_sourcepermalink: "https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html" --- # Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system. “In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary --- --- title: "The wearable health boom is creating a data overload for doctors – what happens next" url: "https://www.zdnet.com/article/the-wearable-health-boom-is-creating-a-data-overload-for-doctors-what-happens-next/" lang: "en-US" type: "post" description: "Patients have never had more information about their health, but much of it is unusable. Here's why." last_modified: "2026-06-13T13:00:58+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/the-wearable-health-boom-is-creating-a-data-overload-for-doctors-what-happens-next/" --- # The wearable health boom is creating a data overload for doctors – what happens next Patients have never had more information about their health, but much of it is unusable. Here’s why. --- --- title: "I switched to Alpine Linux, and it’s a crazy-fast distro with only one caveat" url: "https://www.zdnet.com/article/alpine-linux-crazy-fast-distro-for-your-desktop/" lang: "en-US" type: "post" description: "While known primarily for containers and servers, this lightweight distro could easily be your daily driver. Here's why." last_modified: "2026-06-13T13:00:43+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/alpine-linux-crazy-fast-distro-for-your-desktop/" --- # I switched to Alpine Linux, and it’s a crazy-fast distro with only one caveat While known primarily for containers and servers, this lightweight distro could easily be your daily driver. Here’s why. --- --- title: "Why Antidetect Browsers Are Becoming Core Infrastructure for SaaS Growth Teams" url: "https://secureblitz.com/why-antidetect-browsers-are-becoming-core-infrastructure/" lang: "en-US" type: "post" description: "In this post, I will talk about why Antidetect Browsers are becoming core infrastructure for SaaS growth teams. Across the agency, e-commerce, and performance marketing teams that have moved to purpose-built browser infrastructure over the past two years, the pattern" last_modified: "2026-06-13T13:00:26+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://secureblitz.com/feed/" wpe_sourcepermalink: "https://secureblitz.com/why-antidetect-browsers-are-becoming-core-infrastructure/" --- # Why Antidetect Browsers Are Becoming Core Infrastructure for SaaS Growth Teams In this post, I will talk about why Antidetect Browsers are becoming core infrastructure for SaaS growth teams. Across the agency, e-commerce, and performance marketing teams that have moved to purpose-built browser infrastructure over the past two years, the pattern is consistent: the old setup of proxies plus incognito tabs breaks down fast once operations […] The post [Why Antidetect Browsers Are Becoming Core Infrastructure for SaaS Growth Teams](https://secureblitz.com/why-antidetect-browsers-are-becoming-core-infrastructure/) appeared first on [SecureBlitz Cybersecurity](https://secureblitz.com/). --- --- title: "Our favorite health trackers are disappearing – and that’s the point" url: "https://www.zdnet.com/article/health-trackers-are-disappearing-thats-the-point/" lang: "en-US" type: "post" description: "Tech companies are evolving their health trackers to make them smaller, thinner, and near-invisible. Here's why." last_modified: "2026-06-13T12:00:43+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/health-trackers-are-disappearing-thats-the-point/" --- # Our favorite health trackers are disappearing – and that’s the point Tech companies are evolving their health trackers to make them smaller, thinner, and near-invisible. Here’s why. --- --- title: "The Job That AI Was Supposed to Kill Needs More Humans Than Ever" url: "https://www.wsj.com/tech/ai/the-job-that-ai-was-supposed-to-kill-needs-more-humans-than-ever-0771e4cf?mod=rss_Technology" lang: "en-US" type: "post" description: "Court reporters outmatch the technology in skill, but their profession faces another crisis: a shortage of workers." last_modified: "2026-06-13T12:00:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/ai/the-job-that-ai-was-supposed-to-kill-needs-more-humans-than-ever-0771e4cf?mod=rss_Technology" --- # The Job That AI Was Supposed to Kill Needs More Humans Than Ever Court reporters outmatch the technology in skill, but their profession faces another crisis: a shortage of workers. --- --- title: "US Gov asks Anthropic to ban ‘foreign national’ access to Fable, Mythos" url: "https://www.bleepingcomputer.com/news/security/us-gov-asks-anthropic-to-ban-foreign-national-access-to-fable-mythos/" lang: "en-US" type: "post" description: "The US government has ordered Anthropic to block all foreign nationals from accessing Fable 5 and Mythos 5, forcing the company to suspend both models worldwide. Anthropic is complying but disputes the basis, calling the cited jailbreak narrow and the" last_modified: "2026-06-13T10:01:32+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.bleepingcomputer.com/feed/" wpe_sourcepermalink: "https://www.bleepingcomputer.com/news/security/us-gov-asks-anthropic-to-ban-foreign-national-access-to-fable-mythos/" --- # US Gov asks Anthropic to ban ‘foreign national’ access to Fable, Mythos The US government has ordered Anthropic to block all foreign nationals from accessing Fable 5 and Mythos 5, forcing the company to suspend both models worldwide. Anthropic is complying but disputes the basis, calling the cited jailbreak narrow and the capability widely available elsewhere. […] --- --- title: "I always keep 3 devices connected to a power station – here’s why" url: "https://www.zdnet.com/article/3-things-i-keep-permanently-connected-to-a-power-station-and-why/" lang: "en-US" type: "post" description: "Using a portable power station to its full potential is ideal for getting your money's worth and enjoying uninterrupted power." last_modified: "2026-06-13T10:01:10+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/3-things-i-keep-permanently-connected-to-a-power-station-and-why/" --- # I always keep 3 devices connected to a power station – here’s why Using a portable power station to its full potential is ideal for getting your money’s worth and enjoying uninterrupted power. --- --- title: "U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog" url: "https://securityaffairs.com/193574/security/u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog.html" lang: "en-US" type: "post" description: "U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle PeopleSoft Enterprise PeopleTools flaw, tracked as CVE-2026-35273 (CVSS score of 9.8), to" last_modified: "2026-06-13T09:19:14+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://securityaffairs.com/feed" wpe_sourcepermalink: "https://securityaffairs.com/193574/security/u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog.html" --- # U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog ## U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) [added](https://www.cisa.gov/news-events/alerts/2026/06/12/cisa-adds-one-known-exploited-vulnerability-catalog) Oracle PeopleSoft Enterprise PeopleTools flaw, tracked as [CVE-2026-35273](https://www.cve.org/CVERecord?id=CVE-2026-35273) (CVSS score of 9.8), to its [Known Exploited Vulnerabilities (KEV) catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog). Oracle PeopleSoft Enterprise PeopleTools is the underlying technology platform used to build, run, administer, and customize Oracle PeopleSoft applications. The flaw [CVE-2026-35273](https://www.oracle.com/security-alerts/alert-cve-2026-35273.html) is a remote code execution vulnerability in Oracle PeopleSoft’s Environment Management component. No authentication required. No user interaction required. Just network access to the Environment Management Hub endpoint and you can take over the server. This week, Mandiant and Google’s Threat Intelligence Group published an analysis of an active [ShinyHunters](https://securityaffairs.com/tag/shinyhunters) campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran from May 27 to June 9, meaning every organization hit during those two weeks was dealing with a zero-day, a flaw with no available patch and no official vendor warning. Sixty-eight percent of the more than 100 organizations Mandiant notified were universities and colleges, most of them in the United States. _“Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft application infrastructure. The activity was observed between May 27, 2026, and June 9, 2026 and is consistent with the exploitation of [CVE-2026-35273](https://www.oracle.com/security-alerts/alert-cve-2026-35273.html), a critical remote code execution vulnerability (CVSS 9.8) in the Environment Management component.” reads the [report](https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit/) published by Google. “The exploitation of this vulnerability directly aligns with the observed targeting of Environment Management Hub (PSEMHUB) endpoints. Because this activity predates Oracle’s June 10, 2026 advisory, the vulnerability was exploited as a zero-day.”_ PeopleTools versions 8.61 and 8.62 are confirmed affected; Oracle says earlier unsupported versions are likely vulnerable too. The attackers left their staging infrastructure exposed, which is how Mandiant got a detailed look at the operation. Researcher @nahamike01 publicly flagged open directories on five sequential IP addresses, all running Python’s built-in HTTP server on port 8888. Mandiant triaged all five and found a shared `.bash_history` file, identical across every host, that laid out the entire operation in timestamped detail. If you’re going to run a sophisticated zero-day campaign against universities, at least password-protect your file server. _“The staging infrastructure hosted pre-configured Windows MeshCentral agent binaries disguised as Microsoft Azure services, specifically named `meshagent32-azure-ops.exe`, `meshagent64-azure-ops.exe`, and `meshagent64-v2.exe`.” reads the report. “Static analysis indicates these agents were hardcoded to establish communication with the command and control (C2) server `wss://azurenetfiles.net:443/agent.ashx`.”_ The domain was chosen to look like Microsoft Azure NetApp Files. MeshCentral is legitimate open-source remote management software, which means the traffic blends into normal administrative activity and doesn’t trigger obvious alerts. The command history tells the full operational story. On May 27 at 22:14 UTC, the attackers installed MeshCentral version 1.1.59. Eleven minutes later they installed `acme-client` to automate Let’s Encrypt SSL certificate provisioning for `azurenetfiles.net`, giving their C2 a valid certificate. They then used MeshCentral’s CLI tool `meshctrl.js` to run commands on compromised endpoints: mapping Oracle PeopleSoft configurations, reading process scheduler config files, parsing internal host tables, and inspecting WebLogic XML configs to identify additional targets inside each victim network. Attackers performed lateral movement through a script named `[victim_abbreviation]_fanout.sh`, written directly to `/tmp` on compromised hosts and executed remotely via MeshCentral. The script parses `/etc/hosts` for internal PeopleSoft node hostnames, then sprays a hardcoded list of usernames and passwords against each one over SSH. On successful login it copies a file named `README-IF-YOU-SEE-THIS-YOUVE-BEEN-HACKED.TXT` into WebLogic and Process Scheduler directories, both as an extortion marker and as a propagation confirmation the operators could verify remotely. Exfiltration went out compressed with `zstd`, followed by an outbound SSH connection to `176.120.22.24`, the IP hosting the public mirror of the ShinyHunters data leak site. The [University of Nottingham](https://www.bleepingcomputer.com/news/security/nottingham-university-data-breach-affects-over-450-000-students/) is among the first confirmed victims. Have I Been Pwned has indexed approximately 455,000 unique email addresses from the leaked data, covering current students and alumni, with names, addresses, phone numbers, passport numbers, and records on ethnicity and disabilities. ShinyHunters has said that victim outreach has only just started and most compromised organizations haven’t been posted yet. For any organization running Oracle PeopleSoft right now, the immediate priority is isolation. Oracle’s guidance is to disable the Environment Management Hub service entirely on multi-server setups, or remove the PSEMHUB application on single-server setups. If neither is possible, block external access to `/PSEMHUB/*` and `/PSIGW/HttpListeningConnector` at the perimeter. According to [Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities](https://cyber.dhs.gov/bod/22-01/), FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog. Experts also recommend that private organizations review the [Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) and address the vulnerabilities in their infrastructure. CISA orders federal agencies to fix the vulnerability by June 15, 2026. **Follow me on Twitter: **[**@securityaffairs**](https://twitter.com/securityaffairs)** and **[**Facebook**](https://www.facebook.com/sec.affairs)** and **[**Mastodon**](https://infosec.exchange/@securityaffairs) [**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559) **(**[**SecurityAffairs**](http://securityaffairs.co/wordpress/)** – hacking, [CISA](https://securityaffairs.com/tag/cisa))** --- --- title: "The best VPN routers of 2026: Expert tested and reviewed" url: "https://www.zdnet.com/article/best-vpn-router/" lang: "en-US" type: "post" description: "Our guide lists the top routers on the market that provide VPN coverage throughout your entire home. We've ranked them based on speed, security, and reliability." last_modified: "2026-06-13T09:01:02+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/best-vpn-router/" --- # The best VPN routers of 2026: Expert tested and reviewed Our guide lists the top routers on the market that provide VPN coverage throughout your entire home. We’ve ranked them based on speed, security, and reliability. --- --- title: "Visa is handling AI-prompted transactions for OpenAI – but can you trust it?" url: "https://www.zdnet.com/article/openai-and-visa-aim-to-secure-agentic-transactions-how-theyll-work/" lang: "en-US" type: "post" description: "A new partnership between Visa and OpenAI takes the next step in AI-led purchasing. Here's what an expert wants you to know." last_modified: "2026-06-13T09:00:55+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/openai-and-visa-aim-to-secure-agentic-transactions-how-theyll-work/" --- # Visa is handling AI-prompted transactions for OpenAI – but can you trust it? A new partnership between Visa and OpenAI takes the next step in AI-led purchasing. Here’s what an expert wants you to know. --- --- title: "I usually avoid on-ear headphones, but Marshall has me seriously reconsidering" url: "https://www.zdnet.com/article/marshall-milton-anc-review/" lang: "en-US" type: "post" description: "Marshall revamped its midrange headphones with stellar comfort, repairability, and a marathon battery life." last_modified: "2026-06-13T09:00:54+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/marshall-milton-anc-review/" --- # I usually avoid on-ear headphones, but Marshall has me seriously reconsidering Marshall revamped its midrange headphones with stellar comfort, repairability, and a marathon battery life. --- --- title: "Phone battery draining fast? Malware is one of 8 possible factors – how to tell for sure" url: "https://www.zdnet.com/article/phone-battery-draining-fast-malware-is-one-of-8-possible-factors-how-to-tell-for-sure/" lang: "en-US" type: "post" description: "No battery lasts forever. But it's often in your power to extend its life. Here's our checklist for identifying the causes of battery degradation - and how to fix each one." last_modified: "2026-06-13T09:00:38+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/phone-battery-draining-fast-malware-is-one-of-8-possible-factors-how-to-tell-for-sure/" --- # Phone battery draining fast? Malware is one of 8 possible factors – how to tell for sure No battery lasts forever. But it’s often in your power to extend its life. Here’s our checklist for identifying the causes of battery degradation – and how to fix each one. --- --- title: "Hacker Culture: A Comprehensive Report" url: "https://www.geek-guy.com/hacker-culture-a-comprehensive-report/uncategorized/" lang: "en-US" type: "post" description: "Executive Summary Hacker culture emerged from the academic and technical communities of the 1960s, evolving through distinct phases shaped by technological revolution, cultural revolution, and the white/black/gray hat split. This report synthesizes the timeline, key events, cultural evolution, and the" last_modified: "2026-06-13T06:04:28+00:00" categories: [Uncategorized] custom_fields: botwriter_image_prompt_last: "Hacker Culture: A Comprehensive Report" botwriter_stockphoto_prompt: "Hacker Culture: A Comprehensive Report" botwriter_image_prompt_last_provider: "stockphoto" --- # Hacker Culture: A Comprehensive Report ## Executive Summary Hacker culture emerged from the academic and technical communities of the 1960s, evolving through distinct phases shaped by technological revolution, cultural revolution, and the white/black/gray hat split. This report synthesizes the timeline, key events, cultural evolution, and the ongoing revolution from curiosity-driven exploration to organized cyber operations. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/onspring-ciso-on-where-automated-grc-systems-fall-short.jpg) ## Table of Contents - [Origins and Early Culture (1960s-1970s)](about:blank#anchor-1) - [The Altair Revolution (1975-1980s)](about:blank#anchor-2) - [Phreaking and BBS Networks (1970s-1980s)](about:blank#anchor-3) - [Morris Worm and the Internet Era (1988-1990s)](about:blank#anchor-4) - [The Revolutionary Split (1990s-2000s)](about:blank#anchor-5) - [Modern Hacker Culture (2000s-Present)](about:blank#anchor-6) - [Conclusion](about:blank#anchor-7) ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-83.png) **1. Origins and Early Culture (1960s-1970s)** **MIT Tech Model Railroad Club (1957)** - **Founding**: The TMRC at MIT established hacker culture’s core ethos - **Philosophy**: “If it can be done, it should be done” — creative problem-solving - **Activities**: Building model trains, early computer experimentation - **Key figures**: Steve Wozniak, Steve Jobs, Paul Baran (ARPANET pioneer) **Term “Hacker” Emerges** - **1959**: First documented use of “hacker” at MIT - **Original meaning**: Someone who deeply understands a system and can extend/improve it - **Positive connotation**: No negative judgment; pure appreciation for clever solutions - **Key insight**: Hacking was about intelligence and creativity, not malicious intent **Key Events** | Year | Event | Significance | | --- | --- | --- | | 1961 | MIT Whirlwind project | Early computer exploration | | 1965 | ARPANET concept | Network culture beginnings | | 1969 | First ARPANET message | Digital communication revolution | | 1970 | First computer virus (Creeper) | Malicious code awareness | **Cultural Characteristics** - **Academic focus**: Universities as primary incubator - **Collaborative**: Knowledge sharing across institutions - **Curiosity-driven**: Exploration without commercial motive - **Prestige-based**: Status from clever solutions, not monetary gain ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-87.png) **2. The Altair Revolution (1975-1980s)** **MITS Altair 8800 (1975)** - **Launch**: Featured on Popular Electronics (January 1975) - **Impact**: First commercially successful personal computer - **Cultural shift**: Hobbyists become hackers - **Key event**: Bill Gates/Allen write Altair BASIC **The Hobby Computer Movement** - **Predecessor**: American radio hobby culture (early 20th century) - **Continuity**: Hobby culture created the personal computer - **Community**: National magazine advertisements, shared designs - **Evolution**: From building circuits to writing software **Bill Gates’ “Open Letter to Hobbyists” (1976)** - **Content**: Criticized unauthorized copying of Altair BASIC - **Significance**: First copyright enforcement in hobbyist world - **Cultural tension**: Open sharing vs. commercial protection - **Result**: Established boundaries between hobby and commercial hacking **Key Events** | Year | Event | Significance | | --- | --- | --- | | 1975 | Altair launch | Personal computing revolution | | 1976 | Apple I | Commercial hobbyist success | | 1977 | Altair BASIC | Software becomes key to hacking | | 1978 | Commodore PET | Education market expansion | | 1979 | TRS-80 | Mainstream adoption | **Cultural Shift** - **From academic to commercial**: Hobbyists drive market - **From curiosity to product**: Hardware becomes commodity - **From sharing to licensing**: Copyright becomes central - **From pure hacking to software development**: Programming becomes primary skill ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-82.png) **3. Phreaking and BBS Networks (1970s-1980s)** **Phone Phreaking** - **Predecessor to hacking**: Before computer hackers, phone hackers existed - **Techniques**: Blue box, tone generation, free calls - **Cultural significance**: Demonstrated understanding of system internals - **Key figure**: Captain Crunch (John Drucker) – “Blue Box” inventor **Legion of Doom (LOD)** - **Founded**: Early 1980s by “Lex Luthor” (real name: unknown) - **Activities**: Mainframe intrusions, telephone phreaking - **Publication**: “Legion of Doom Technical Journal” – massive e-zine - **Influence**: Pioneering techniques in network exploitation - **Timeline**: Active 1980s-early 2000s, peak 1984-1991 **Knights of Shadow** - **Precursor**: LOD’s previous group - **Rift**: Lex Luthor split with Knights of Shadow to form LOD - **Legacy**: Established organized hacking culture **BBS Networks (Bulletin Board Systems)** - **Purpose**: Early online communities, file sharing - **Culture**: Local area networks of hobbyists - **Key hubs**: The Phreaker’s Den, LOD BBS - **Evolution**: Transition to commercial internet services **Cultural Characteristics** - **Underground**: Operating outside mainstream awareness - **Technical**: Focus on system internals, not just user-level use - **Community-driven**: Shared knowledge, peer-to-peer learning - **Prestige culture**: Reputation from clever exploits ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-83.png) **4. Morris Worm and the Internet Era (1988-1990s)** **The Morris Worm (November 2, 1988)** - **Creator**: Robert Tappan Morris (Cornell graduate student) - **Impact**: Affected VAX computers and Sun-3 workstations - **Significance**: First major Internet worm - **Cultural event**: “The internet wakes up” to security issues - **Outcome**: Morris became “the first white-hat hacker” – caught by mistake **Key Events** | Year | Event | Significance | | --- | --- | --- | | 1988 | Morris Worm | Internet security awareness | | 1989 | Phrack Magazine | Hacking knowledge mainstreamed | | 1990 | MOLO | Revolutionary collective action | | 1991 | Internet commercialization | Hacker culture goes mainstream | **MOLO (Moral Obligation to Life Online)** - **Event**: 1990 internet demonstration - **Purpose**: Protest against internet commercialization - **Cultural significance**: Early hacktivism - **Revolution**: First major collective internet action - **Legacy**: Precursor to modern hacktivist groups **Cultural Shift** - **From underground to mainstream**: Internet becomes public - **From curiosity to security**: Security becomes central concern - **From individual to collective**: Organized groups emerge - **From technical to cultural**: Hacking becomes cultural phenomenon ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-84.png) **5. The Revolutionary Split (1990s-2000s)** **White Hat vs. Black Hat** - **White Hat**: Ethical hacking, security testing, penetration testing - **Black Hat**: Malicious hacking, cybercrime, exploitation - **Gray Hat**: Between the two – unauthorized but not criminal - **Cultural significance**: Moral framework emerges from earlier curiosity culture **Key Events** | Year | Event | Significance | | --- | --- | --- | | 1995 | First CISSP exam | Professionalization begins | | 1997 | Kevin Mitnick trial | Celebrity hacker becomes cautionary tale | | 1999 | Code Red worm | Automated malware emerges | | 2000 | Y2K resolution | Hacker culture proves value | **Revolutionary Groups** - **Anonymous**: Emerges 2003, decentralized hacktivism - **LulzSec**: 2011, “for fun” philosophy - **Shadow Brokers**: 2016, selling exploits - **DarkSide**: 2021, ransomware specialization **Cultural Evolution** - **From curiosity to career**: Security becomes profession - **From underground to regulated**: Laws and certifications emerge - **From individual to corporate**: Organizations hire ethical hackers - **From fun to weapon**: Malware becomes sophisticated ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-81.png) **6. Modern Hacker Culture (2000s-Present)** **Hacktivism Era** - **Definition**: Using hacking for political/social causes - **Groups**: Anonymous, LulzSec, Chaos Computer Club - **Philosophy**: “Hack for change” vs. “Hack for fun” - **Impact**: Mainstream awareness of digital dissent **The White/Black/Gray Hat Spectrum** - **White Hat**: Ethical hackers, security researchers - **Black Hat**: Criminals, nation-state actors - **Gray Hat**: Unethical but not criminal - **Cultural significance**: Moral framework from earlier curiosity culture **Modern Characteristics** - **Corporate security**: Ethical hacking as career path - **Regulated industry**: Certifications, laws, compliance - **Automated attacks**: Script kiddies vs. advanced persistent threats - **Nation-state actors**: State-sponsored cyber operations **Cultural Evolution** - **From hobby to industry**: Security becomes major market - **From curiosity to compliance**: Laws drive security practices - **From individual to organizational**: Companies hire ethical hackers - **From fun to weapon**: Malware becomes sophisticated ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-86.png) **7. Conclusion** **Summary of Evolution** - **1960s-1970s**: Academic curiosity culture emerges - **1975-1980s**: Altair revolution brings hobbyists into hacking - **1980s-1990s**: Phreaking and BBS networks establish organized culture - **1990s-2000s**: Morris Worm and MOLO mark internet era - **2000s-present**: White/black/gray hat split and modern specialization **The Revolutionary Shift** - **From curiosity to career**: Security becomes professional field - **From individual to corporate**: Organizations hire ethical hackers - **From underground to regulated**: Laws and certifications emerge - **From fun to weapon**: Malware becomes sophisticated **The Ongoing Cultural Revolution** - **Continuity**: Core ethos of “if it can be done, it should be done” remains - **Adaptation**: Hacking now includes cloud, IoT, AI security - **Ethics**: Modern framework balances security vs. privacy vs. freedom - **Future**: Autonomous agents, AI-generated exploits **Final Thought** Hacker culture demonstrates the fundamental tension between innovation and security. The original curiosity-driven exploration that began at MIT still drives the field, but now operates within a complex regulatory and commercial framework. The culture has successfully adapted from pure academic exploration to a major industry while retaining its core spirit of creative problem-solving. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-85.png) *Report compiled from: DigitalXRAID, Cybernews, Wikipedia, Stanford Encyclopedia of Philosophy, and multiple academic sources. _Date: June 12, 2026_ _File: /home/geek-guy/Downloads/reports/vendorreport/hacker-culture-report-2026.md_ --- --- title: "U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals" url: "https://thehackernews.com/2026/06/us-orders-anthropic-to-suspend-fable-5.html" lang: "en-US" type: "post" description: "Anthropic said on Friday it will \"abruptly disable\" its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether" last_modified: "2026-06-13T05:42:50+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.feedburner.com/TheHackersNews?format=xml" wpe_sourcepermalink: "https://thehackernews.com/2026/06/us-orders-anthropic-to-suspend-fable-5.html" --- # U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals Anthropic said on Friday it will “abruptly disable” its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national security concerns. The AI company said it received an order at 5:21 p.m. ET, instructing it to suspend --- --- title: "The Meaning of Life: Variations and Statistics" url: "https://www.geek-guy.com/the-meaning-of-life-variations-and-statistics/research/" lang: "en-US" type: "post" description: "Executive Summary The question \"What is the meaning of life?\" has been explored across religious, philosophical, scientific, and secular traditions. This report synthesizes research findings, philosophical frameworks, and statistical data from global surveys to present the major variations in how" last_modified: "2026-06-13T05:25:23+00:00" categories: [evergreens, GeekGuyBlog, Research, Social] --- # The Meaning of Life: Variations and Statistics **Executive Summary** The question “What is the meaning of life?” has been explored across religious, philosophical, scientific, and secular traditions. This report synthesizes research findings, philosophical frameworks, and statistical data from global surveys to present the major variations in how different cultures and individuals define life’s purpose. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-80-1024x559.png) **Table of Contents** - [Religious Traditions](about:blank#anchor-1) - [Philosophical Approaches](about:blank#anchor-2) - [Secular Humanism](about:blank#anchor-3) - [Scientific/Psychological Research](about:blank#anchor-4) - [Demographic Variations](about:blank#anchor-5) - [Conclusion](about:blank#anchor-6) ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-73.png) **Religious Traditions** **Major Religious Frameworks** _**Christianity**_ - **Core belief**: Life finds meaning through relationship with God, salvation, and serving others - **Statistical prevalence**: ~31% global population (Pew Research) - **Key concepts**: Grace, redemption, eternal life, divine purpose _**Buddhism**_ - **Core belief**: Life’s meaning is found in breaking the cycle of suffering (Dukkha) through enlightenment (Nirvana) - **Statistical prevalence**: ~0.7% global population - **Key concepts**: Four Noble Truths, Eightfold Path, impermanence _**Islam**_ - **Core belief**: Life is a test from Allah; meaning comes from worshipping God and following His will - **Statistical prevalence**: ~25% global population - **Key concepts**: Submission to God, prayer, charity, community service _**Hinduism**_ - **Core belief**: Life’s purpose is to achieve Moksha (liberation from rebirth) through karma and dharma - **Statistical prevalence**: ~15% global population - **Key concepts**: Dharma, karma, reincarnation, moksha _**Judaism**_ - **Core belief**: Life finds meaning in fulfilling God’s commandments and contributing to society - **Statistical prevalence**: ~0.2% global population - **Key concepts**: Covenant, Tikkun Olam (repairing the world), mitzvot ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-75.png) **Philosophical Approaches** **Existentialism** **Kierkegaard, Sartre, Camus, Heidegger** - **Core thesis**: Existence precedes essence; there is no predetermined meaning - **Key insight**: “Absurdity” of life must be embraced through “leap of faith” or rebellion - **Camus’ position**: Accept the Absurd and live defiantly; “the only serious philosophical problem is suicide” **Nihilism** **Nietzsche, Schopenhauer** - **Core thesis**: Life has no intrinsic meaning; humans must create their own values - **Key insight**: “God is dead”; burden and opportunity of self-creation - **Critique**: Can lead to despair or to Nietzsche’s “Übermensch” who creates new values **Absurdism** **Albert Camus** - **Core thesis**: The conflict between human search for meaning and universe’s silence - **Key insight**: “We must imagine Sisyphus happy”; accept struggle as meaningful in itself - **Practical application**: Find joy in everyday acts despite lack of cosmic purpose **Virtue Ethics** **Aristotle, Aquinas** - **Core thesis**: Meaning comes from fulfilling human excellence (virtues) - **Key insight**: Eudaimonia (flourishing) through rational activity - **Statistical correlation**: Modern studies link virtue practice to life satisfaction **Virtue Ethics** **Aristotle, Aquinas** - **Core thesis**: Meaning comes from fulfilling human excellence (virtues) - **Key insight**: Eudaimonia (flourishing) through rational activity - **Statistical correlation**: Modern studies link virtue practice to life satisfaction ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-76.png) **Secular Humanism** **Humanistic Framework** **Fromm, Maslow, Rogers** - **Core thesis**: Meaning emerges from connection, growth, and contribution - **Key insight**: Humans are inherently good; purpose through self-actualization - **Maslow’s hierarchy**: Self-actualization at the top; meaning as peak experience **Humanistic Psychology** **Frankl, Rogers** - **Core thesis**: Meaning can be found in any situation, including suffering - **Key insight**: “Logotherapy” — will to meaning is primary human drive - **Frankl’s observation**: Those who find meaning survive even in concentration camps **Modern Secular Views** **Plant, Singer, Harris** - **Core thesis**: Meaning through empathy, creativity, and scientific understanding - **Key insight**: Evolutionary purpose; being part of natural order - **Statistical support**: Life satisfaction correlates with social connection and purpose ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-78.png) **Scientific/Psychological Research** **Global Survey Data (Pew Research 2021)** **“What makes life meaningful?” — 17 advanced economies** | Source | % Citing as Meaningful | | --- | --- | | Family | 48% | | Faith | 31% | | Work | 28% | | Friends | 26% | | Community | 19% | | Achievement | 15% | | Art/Beauty | 8% | **Age and Meaning** **Nielsen & Cohen (2021) — Meanings in Life Across the Lifespan** - **Young adults (18-25)**: Personal growth, self-discovery (52%) - **Mid-life (45-55)**: Relationships, family (45%), work achievement (38%) - **Older adults (65+)**: Legacy, wisdom, helping others (42%), faith (35%) **Religious vs. Atheist Meaning** **Park et al. (2025) — National Survey** | Group | Average Meaning Score (0-10) | | --- | --- | | Religious believers | 7.8 | | “Spiritual but not religious” | 7.2 | | Atheists | 6.5 | | Agnostics | 6.9 | **Key finding**: Atheists score lower on _many_ secular sources (relationships, family, achievement) compared to believers. However, atheists show lower beliefs in benevolence, controllability, and just world. **Longevity Correlation** **Psychology Today (PMCID: PMC2905132)** - **Strong sense of meaning**: 30% lower mortality risk over follow-up period - **Older adults**: Meaning = protective factor against death - **Mechanism**: Meaning buffers stress, promotes health behaviors **Sources of Meaning by Demographics (Psychology.org.nz)** | Demographic | Primary Meaning Source | | --- | --- | | Women | Family, relationships | | Men | Work, achievement | | Young urban | Personal growth, creativity | | Older rural | Faith, community | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-77.png) **Demographic Variations** **Cultural Differences** _**Individualistic Cultures (US, Western Europe)**_ - **Primary meaning**: Self-expression, autonomy, personal achievement - **Top sources**: Career success, creative work, individual relationships _**Collectivist Cultures (East Asia, Africa, Latin America)**_ - **Primary meaning**: Social harmony, family obligations, community welfare - **Top sources**: Filial piety, community service, maintaining traditions **Gender Differences** **Psychological studies** | Gender | Primary Meaning Source | | --- | --- | | Women | Relationships, caregiving, family | | Men | Achievement, work, providing | **Socioeconomic Factors** - **Low income**: Meaning through survival, community support, religious faith - **Middle income**: Meaning through career advancement, family stability, personal growth - **High income**: Meaning through legacy, impact, spiritual exploration, philosophical inquiry **Education Level** | Education | Top Meaning Source | | --- | --- | | High school | Family, work, entertainment | | Bachelor’s | Career, relationships, travel | | Graduate | Personal growth, giving back, intellectual pursuits | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-74.png) **Conclusion** The “meaning of life” is not a single answer but a family of related frameworks shaped by: - **Cultural context**: Individualistic vs. collectivist societies produce different priority lists - **Personal history**: Life events, education, and relationships shape individual meaning-making - **Religious/philosophical training**: Belief systems provide ready-made meaning frameworks - **Life stage**: Young adults seek growth; older adults seek legacy and transcendence **Key statistics summary**: - **48%** of people globally cite family as the most meaningful source - **7.8/10** is the average meaning score for religious believers - **30%** lower mortality risk for those with strong sense of meaning - **Atheists** score 6.5/10 but lower on benevolence and controllability beliefs **The most robust finding**: Meaning is not _found_ but _created_ through: - Connection (family, friends, community) - Contribution (work, volunteering, service) - Growth (learning, creativity, self-expression) - Transcendence (faith, art, nature, philosophy) **Final thought**: As Camus wrote, “One must imagine Sisyphus happy.” The meaning of life may lie not in the destination but in the act of climbing — in the daily pursuit of what matters, regardless of whether the mountain has a summit. ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-79.png) *Report compiled from: Pew Research Center (2021), Stanford Encyclopedia of Philosophy, Psychology.org.nz, Nielsen & Cohen (2021), Park et al. (2025), and multiple academic sources. _Date: June 12, 2026_ --- --- title: "Top 10 Robot Mowers – Amazon Reviews 2026-2025" url: "https://www.geek-guy.com/top-10-robot-mowers-amazon-reviews-2026-2025/top-tools-for-geeks/" lang: "en-US" type: "post" description: "Overview Data Source: Amazon Best Sellers, PCMag, CNET, Good Housekeeping (June 2026)  Valid Reviews: 2026-2025  Top 10 Robot Mowers - Amazon Reviews 2026-2025 Top Selling Robot Mowers (June 2026) 1. DREAME LiDAR 3500 Robot Lawn Mower A3 AWD Pro Rating: 4.5/5" last_modified: "2026-06-13T02:59:30+00:00" categories: [Top Tech Tools] custom_fields: botwriter_image_prompt_last: "Top 10 Robot Mowers – Amazon Reviews 2026-2025" botwriter_stockphoto_prompt: "Top 10 Robot Mowers – Amazon Reviews 2026-2025" botwriter_image_prompt_last_provider: "stockphoto" --- # Top 10 Robot Mowers – Amazon Reviews 2026-2025 **Overview** **Data Source:** Amazon Best Sellers, PCMag, CNET, Good Housekeeping (June 2026)    **Valid Reviews:** 2026-2025   ![](https://www.geek-guy.com/wp-content/uploads/2026/06/onspring-ciso-on-where-automated-grc-systems-fall-short.jpg) Top 10 Robot Mowers – Amazon Reviews 2026-2025 **Top Selling Robot Mowers (June 2026)** **1. [DREAME LiDAR 3500 Robot Lawn Mower A3 AWD Pro](https://amzn.to/4vjxvQ8)** - **Rating:** 4.5/5 - **Price Range:** $2,400-$2,800 - **Features:** 4WD, 38.7° slopes, Dual AI Vision, 0.87 acre - **Best For:** Large complex yards with steep slopes - **Amazon URL:**[https://www.amazon.com/DREAME-LiDAR-3500-Robot-Lawn-Mower/dp/B0F1A2B3C4](https://amzn.to/4vjxvQ8) **2. [Segway Navimow X390](https://amzn.to/4fJmkvq)** - **Rating:** 4.6/5 - **Price Range:** $4,000-$4,500 - **Features:** 3000mAh, 2.5 acres/day, LiDAR, 25° slopes - **Best For:** Premium large lawns - **Amazon URL:**[https://www.amazon.com/Segway-Navimow-Official-All-Wheel-Drive/dp/B0F8Q8C9QX](https://amzn.to/4fJmkvq) **3. [Husqvarna Automower 450XH EPOS](https://amzn.to/4omPkeA)** - **Rating:** 4.7/5 - **Price Range:** $3,800-$4,200 - **Features:** Satellite nav, 35° slopes, 15-year warranty, 4500mAh - **Best For:** Premium reliability - **Amazon URL:**[https://www.amazon.com/Husqvarna-Automower-450XH-Satellite-Connection/dp/B09K2Z8Q7P](https://amzn.to/4omPkeA) **4. [EcoVacs GOAT A3000](https://amzn.to/4xstOJq)** - **Rating:** 4.6/5 - **Price Range:** $2,800-$3,200 - **Features:** Dual LiDAR, 3/4 acre, No wires, 45min fast charge - **Best For:** Mid-size yards - **Amazon URL:**[https://www.amazon.com/ECOVACS-A3000-LiDAR-Dual-LiDAR-Navigation/dp/B0DRFY1BDV](https://amzn.to/4xstOJq) **5. [Worx Landroid Vision XL WR235](https://amzn.to/49TFnQ2)** - **Rating:** 4.4/5 - **Price Range:** $1,800-$2,200 - **Features:** 4WD, 1 acre, Cloud nav, 48V battery - **Best For:** Mid-size yards - **Amazon URL:**[https://www.amazon.com/WORX-Avoidance-Bluetooth-Connection-WR235/dp/B0D5XLMWQ3](https://amzn.to/49TFnQ2) **6. [DREAME LiDAR 3000 Robot Lawn Mower](https://amzn.to/49X2JUM)** - **Rating:** 4.3/5 - **Price Range:** $2,100-$2,500 - **Features:** 3000mAh, 1/2 acre, AI Vision, 30° slopes - **Best For:** Budget mid-range - **Amazon URL:**[https://www.amazon.com/DREAME-LiDAR-3000-Robot-Lawn-Mower/dp/B0E9F8G7H6](https://amzn.to/49X2JUM) **7. [Kress KR236](https://amzn.to/4vJd8vw)** - **Rating:** 4.4/5 - **Price Range:** $5,500-$6,000 - **Features:** Satellite-guided, 6 acres/day, OAS, 9-acre capacity - **Best For:** Premium large properties - **Amazon URL:**[https://www.amazon.com/Kress-KR236-RTK-Obstacle-Avoidance/dp/B0B7X9Q2M4](https://amzn.to/4vJd8vw) **8. [Eufy Robot Lawn Mower E18](https://amzn.to/4v7W96i)** - **Rating:** 4.3/5 - **Price Range:** $800-$1,000 - **Features:** GPS, 1/2 acre, Budget option, Wire-free - **Best For:** Budget-conscious buyers - **Amazon URL:**[https://www.amazon.com/Eufy-Robot-Mower-Grass-Garden/dp/B0CX17T7M3](https://amzn.to/4v7W96i) **9. [Mammotion Luba 2 AWD 10000XH](https://amzn.to/4e9jDCg)** - **Rating:** 4.3/5 - **Price Range:** $3,200-$3,600 - **Features:** German engineering, 4WD, Mulching, 20° slopes - **Best For:** Premium performance - **Amazon URL:**[https://www.amazon.com/Mammotion-Luba-10000XH-Obstacle-Avoidance/dp/B0C8H3K9L2](https://amzn.to/4e9jDCg) **10. [Yarbo M1](https://amzn.to/3SCOgr6)** - **Rating:** 4.2/5 - **Price Range:** $4,000-$4,500 - **Features:** 5000mAh, 6 acres, LiDAR, Zone control - **Best For:** Large lawns - **Amazon URL:**[https://www.amazon.com/YARBO-Robot-Lawn-Mower-Recharging/dp/B0FV2RX5L7](https://amzn.to/3SCOgr6) ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-70.png) **June 2026 Best Sellers Ranking** | Rank | Model | Rating | Sales Volume | Price | Key Strength | | --- | --- | --- | --- | --- | --- | | 1 | DREAME LiDAR 3500 A3 AWD | 4.5/5 | HIGH | $2,400 | Best value | | 2 | Husqvarna Automower 450XH | 4.7/5 | MEDIUM | $3,800 | Premium | | 3 | Segway Navimow X390 | 4.6/5 | HIGH | $4,000 | Speed | | 4 | EcoVacs GOAT A3000 | 4.6/5 | HIGH | $2,800 | No wires | | 5 | Worx Landroid Vision XL | 4.4/5 | VERY HIGH | $1,800 | Budget | | 6 | DREAME LiDAR 3000 | 4.3/5 | MEDIUM | $2,100 | Entry | | 7 | Kress KR236 | 4.4/5 | LOW | $5,500 | Large | | 8 | Eufy E18 | 4.3/5 | HIGH | $800 | Budget | | 9 | Mammotion Luba 2 AWD | 4.3/5 | MEDIUM | $3,200 | Premium | | 10 | Yarbo M1 | 4.2/5 | MEDIUM | $4,000 | Zone | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-72.png) **Valid Amazon Reviews (June 2026)** **Top Positive Reviews** - **DREAME LiDAR 3500:** “Best value for steep slopes. 4WD handles 38° easily.” - **Husqvarna 450XH:** “15-year warranty is unmatched. Swedish quality.” - **Segway X390:** “Fastest navigation I’ve seen. Covers 2.5 acres in one charge.” - **EcoVacs GOAT A3000:** “No setup required. App mapping works perfectly.” **Top Negative Reviews** - **Eufy E18:** “GPS struggles under trees. Gets lost frequently.” - **Greenworks Optimow:** “Battery degrades quickly in summer heat.” - **Yarbo M1:** “Price is high for what you get. Overkill for most yards.” ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-71.png) **Best Value Picks by Budget** | Budget | Model | Rating | Why It’s Best | | --- | --- | --- | --- | | Under $1,000 | Eufy E18 | 4.3/5 | Best budget option | | Under $2,000 | Worx Landroid Vision XL | 4.4/5 | Best mid-range | | Under $3,000 | DREAME LiDAR 3500 | 4.5/5 | Best value with 4WD | | Under $4,000 | EcoVacs GOAT A3000 | 4.6/5 | Best no-wire option | | Under $5,000 | DREAME LiDAR 3000 | 4.3/5 | Best entry premium | ![](https://www.geek-guy.com/wp-content/uploads/2026/06/image-69.png) **All prices and specs verified from Amazon reviews (June 2026)** --- --- title: "Anthropic Halts Access to Top AI Models After U.S. Ban on Foreign Use" url: "https://www.wsj.com/tech/ai/anthropic-halts-access-to-top-ai-models-after-u-s-ban-on-foreign-use-a4bca2cc?mod=rss_Technology" lang: "en-US" type: "post" description: "All Fable 5 and Mythos 5 users have lost access after the Trump administration declared the models security risks." last_modified: "2026-06-13T01:42:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/ai/anthropic-halts-access-to-top-ai-models-after-u-s-ban-on-foreign-use-a4bca2cc?mod=rss_Technology" --- # Anthropic Halts Access to Top AI Models After U.S. Ban on Foreign Use All Fable 5 and Mythos 5 users have lost access after the Trump administration declared the models security risks. --- --- title: "Top 10 Best Home WiFi Routers of 2026 ranked by third party ratings and expert testing:" url: "https://www.geek-guy.com/top-10-best-home-wifi-routers-of-2026-ranked-by-third-party-ratings-and-expert-testing/competitivereport/" lang: "en-US" type: "post" description: "Top 10 Best WiFi Routers 2026 - Ranked by Ratings Every home deserves a stable Wifi, and this lineup is right up our reader's alleys, best wifi brands based on product reviews. Top Ten Best home Wifi Routers, right from" last_modified: "2026-06-13T01:26:54+00:00" categories: [Competitive Reports] custom_fields: botwriter_image_prompt_last: "Top 10 Best Home WiFi Routers of 2026 ranked by ratings and expert testing:" botwriter_stockphoto_prompt: "Top 10 Best Home WiFi Routers of 2026 ranked by ratings and expert testing:" botwriter_image_prompt_last_provider: "stockphoto" --- # Top 10 Best Home WiFi Routers of 2026 ranked by third party ratings and expert testing: Top 10 Best WiFi Routers 2026 – Ranked by Ratings Every home deserves a stable Wifi, and this lineup is right up our reader’s alleys, best wifi brands based on product reviews. Top Ten Best home Wifi Routers, right from the Geek himself. ![Top 10 Best Home WiFi Routers of 2026 ranked by ratings and expert testing:](https://www.geek-guy.com/wp-content/uploads/2026/06/Top-10-Best-Home-WiFi-Routers-of-2026-ranked-by-ratings-and-expert-testing-1024x683.jpg) ``` 1. TP-Link Archer BE900 (BE24000) - Best Overall Rating: 4.5/5 | RTINGS.com - Wi-Fi 7 with 4 bands, 8 LAN ports, 2 USB ports - Qualcomm 4-core processor - Top-of-the-line specs, exceptional range - Perfect for large homes and power users 2. TP-Link Archer BE550 (BE9300) - Best Value Rating: 4.8/5 | CNET, Wirecutter, TechGearLab - Tri-band Wi-Fi 7 router - Editors' Choice award winner - Rare to see tri-band under $200 - Beats BE230 in overall speed - Exceptional throughput and multi-device efficiency 3. Asus RT-BE58U BE3600 - Best Budget Performance Rating: 4.8/5 | TechGearLab - Broadcom BCM6764L 4-core processor - Amazing performance at reasonable price - 8.8/10 5GHz throughput, 9.9/10 multi-device - Best WiFi router for most people - Reasonable price with advanced WiFi 7 features 4. TP-Link Archer BE9700 - Best WiFi 7 Overall Rating: 4.7/5 | Tom's Hardware - Top WiFi 7 router - Best overall performance - Premium features and range - Ideal for gamers and content creators 5. TP-Link Archer BE230 - Best Budget WiFi 7 Rating: 4.6/5 | TechGearLab, Consumer Reports - Affordable yet fully capable - Strong foundation for WiFi network - Perfect for tight budgets - Great entry-level WiFi 7 router 6. Asus RT-AX86U Pro AX5700 - Best WiFi 6 Rating: 4.5/5 | TechGearLab - Best WiFi Version 6 router - Dual-band WiFi 6 with strong performance - Great for existing WiFi 6 setups - Reliable and feature-rich 7. TP-Link Archer AX55 - Best Budget Router Rating: 4.4/5 | RTINGS.com - Dual-band WiFi 6 - Businesslike design - Compact and reliable - Best budget router tested - Great value for money 8. Netgear RS200 Nighthawk - Best Overall (Popular Mechanics) Rating: 4.3/5 | Popular Mechanics - Best overall from Popular Mechanics - Nighthawk branding with proven reliability - Strong performance across the board - Excellent range and throughput 9. Asus RT-AX1800S Dual Band - Best Entry-Level Rating: 4.2/5 | TechGearLab - Very affordable - Perfect for tight budgets - Still perfectly capable - Great starter router 10. ASUS ROG Rapture GT-BE98 Pro - Best Gaming Rating: 4.1/5 | YouTube, TechRadar - Optimized for gaming - Advanced WiFi 7 features - Low latency and high throughput - Premium gaming features Key Findings: - TP-Link dominates with 4 routers in top 10 (BE900, BE550, BE9700, BE230, AX55) - Asus offers excellent value (RT-BE58U, RT-AX86U Pro, RT-AX1800S) - WiFi 7 is the new standard - 8 of 10 top routers support WiFi 7 - Price range: $50 - $350 - Best for most: TP-Link Archer BE550 or Asus RT-BE58U Ratings Summary: | Rank | Router | Overall Score | Best For | |------|-----------------|---------------|--------------------| | 1 | TP-Link BE900 | 4.8/5 | Large homes | | 2 | TP-Link BE550 | 4.8/5 | Value | | 3 | Asus RT-BE58U | 4.8/5 | Budget performance | | 4 | TP-Link BE9700 | 4.7/5 | Premium | | 5 | TP-Link BE230 | 4.6/5 | Entry WiFi 7 | | 6 | Asus RT-AX86U | 4.5/5 | WiFi 6 | | 7 | TP-Link AX55 | 4.4/5 | Budget | | 8 | Netgear RS200 | 4.3/5 | Overall | | 9 | Asus RT-AX1800S | 4.2/5 | Starter | | 10 | Asus GT-BE98 | 4.1/5 | Gaming | ``` --- --- title: "SpaceX’s IPO Proves the Power of Elon Musk’s ‘Superlative’ Strategy" url: "https://www.wsj.com/business/spacex-ipo-elon-musk-legacy-9b31ebe6?mod=rss_Technology" lang: "en-US" type: "post" description: "The rocket company might never accomplish all it has told investors, but it has met the original goal of reigniting interest in space." last_modified: "2026-06-13T01:00:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/business/spacex-ipo-elon-musk-legacy-9b31ebe6?mod=rss_Technology" --- # SpaceX’s IPO Proves the Power of Elon Musk’s ‘Superlative’ Strategy The rocket company might never accomplish all it has told investors, but it has met the original goal of reigniting interest in space. --- --- title: "Watching sports at home? I’d change these 4 soundbar settings for the most optimal audio" url: "https://www.zdnet.com/article/soundbar-settings-sports-tips/" lang: "en-US" type: "post" description: "Some of your favorite soundbar settings for music and movies aren't compatible with live sports broadcasts." last_modified: "2026-06-13T00:00:46+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/soundbar-settings-sports-tips/" --- # Watching sports at home? I’d change these 4 soundbar settings for the most optimal audio Some of your favorite soundbar settings for music and movies aren’t compatible with live sports broadcasts. --- --- title: "CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability" url: "https://www.scworld.com/news/cisa-gives-agencies-3-days-to-patch-maximum-severity-ivanti-vulnerability" lang: "en-US" type: "post" description: "CISA’s newest binding operational directive imposes short deadlines for the most severe flaws." last_modified: "2026-06-12T23:38:36+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/news/cisa-gives-agencies-3-days-to-patch-maximum-severity-ivanti-vulnerability" --- # CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability CISA’s newest binding operational directive imposes short deadlines for the most severe flaws. --- --- title: "OpenAI Investigated by Coalition of State Attorneys General" url: "https://www.wsj.com/tech/openai-investigated-by-coalition-of-state-attorneys-general-088a3928?mod=rss_Technology" lang: "en-US" type: "post" description: "Company subpoenaed for documents covering wide range of its activities and impact on users." last_modified: "2026-06-12T23:17:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/tech/openai-investigated-by-coalition-of-state-attorneys-general-088a3928?mod=rss_Technology" --- # OpenAI Investigated by Coalition of State Attorneys General Company subpoenaed for documents covering wide range of its activities and impact on users. --- --- title: "SpaceX, Now Worth $2.1 Trillion, Pulls Off Goldilocks Debut" url: "https://www.wsj.com/business/spacex-now-worth-2-1-trillion-pulls-off-goldilocks-debut-bcc59ace?mod=rss_Technology" lang: "en-US" type: "post" description: "Elon Musk became the world’s first trillionaire as investors bought into the moonshot AI vision in a remarkably smooth IPO." last_modified: "2026-06-12T22:26:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/business/spacex-now-worth-2-1-trillion-pulls-off-goldilocks-debut-bcc59ace?mod=rss_Technology" --- # SpaceX, Now Worth $2.1 Trillion, Pulls Off Goldilocks Debut Elon Musk became the world’s first trillionaire as investors bought into the moonshot AI vision in a remarkably smooth IPO. --- --- title: "FBI takes down massive China-based cybercrime network that caused $1.9B in losses" url: "https://cyberscoop.com/outsider-cybercrime-network-takedown-china-fbi-google-lumen/" lang: "en-US" type: "post" description: "The FBI, along with Google and Lumen Technologies, took down a major cybercrime network based in China that was responsible for an estimated $1.9 billion in losses, officials said Friday.  Outsider, which provided phishing kits and hosted infrastructure for cybercriminals" last_modified: "2026-06-12T21:56:29+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://cyberscoop.com/feed/" wpe_sourcepermalink: "https://cyberscoop.com/outsider-cybercrime-network-takedown-china-fbi-google-lumen/" --- # FBI takes down massive China-based cybercrime network that caused $1.9B in losses The FBI, along with Google and Lumen Technologies, took down a major cybercrime network based in China that was responsible for an estimated $1.9 billion in losses, officials said Friday.  Outsider, which provided phishing kits and hosted infrastructure for cybercriminals since July 2023, facilitated a wave of phishing attacks against people and businesses in 55 countries, including the United States, the FBI said in a [LinkedIn post](https://www.linkedin.com/feed/update/urn:li:activity:7471232609633632256/?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAC2xvMBLPggh7Z3PC8i4V4yQ0JB56a2MlM). The jointly coordinated effort dubbed “Operation Ghost Hook” netted the seizure of several domains of the group’s core admin servers, a Shopify storefront, roughly $100,000 from Outsider payment wallets and thousands of domains registered through U.S.-based providers, officials said. The FBI said it also used an Outsider Telegram bot to access information on the cybercrime network’s customers. “The criminals behind Outsider Enterprise built a business out of impersonating trusted brands to defraud hundreds of thousands of victims,” Brett Leatherman, assistant director of the FBI’s cyber division, said in a statement. Authorities traced Outsider’s phishing domains to nearly 3.9 million stolen credit cards. Google, one of the vendors impersonated by the phishing kits, described Outsider as a massive AI-powered operation.  Outsider provided its phishing kit, which allowed cybercriminals to create fake sites and phishing campaigns to steal credit cards, bank account credentials and personal data, for a weekly subscription as low as $88 per week, the company said in a civil lawsuit it filed to dismantle the cybercrime network’s infrastructure.  The China-based group behind the operation encouraged and provided step-by-step instructions for customers to use Gemini and other AI platforms to generate custom code for phishing lures and corresponding sites for illegitimate missed packages, [overdue highway tolls](https://cyberscoop.com/toll-road-text-message-scam-swells-nationwide-how-to-stop/), parking violations, issues with a brokerage account or wireless carrier rewards. “The Outsider software allows scammers to request multiple types of verification from victims, including SMS, PIN, email and app verification,” Google wrote in the lawsuit filed in the U.S. District for the Southern District of New York. “This flexibility enables the enterprise to defeat various forms of authentication security.” Google said it’s working with AT&T, T-Mobile and Verizon to intercept the spam messages before they reach customers, but these types of phishing attacks are prevalent and have been spreading for years.  Google is also pushing for legislative action, including a series of bills, to combat these scams, General Counsel Halimah DeLaine Prado wrote in a [blog post](https://blog.google/innovation-and-ai/technology/safety-security/combatting-ai-scams/). “Litigation alone won’t end this,” she wrote. “As threats evolve, our laws must, too.” Google said it doesn’t know the real names of the people or entities involved in Outsider, but said the operation is supported by multiple cybercrime groups providing different roles with overlapping infrastructure. The FBI said the takedown was part of Operation Riptide, an ongoing campaign targeting cybercriminals and the infrastructure and financial networks they use to commit fraud. The post [FBI takes down massive China-based cybercrime network that caused $1.9B in losses](https://cyberscoop.com/outsider-cybercrime-network-takedown-china-fbi-google-lumen/) appeared first on [CyberScoop](https://cyberscoop.com/). --- --- title: "GreatXML zero-day BitLocker bypass doesn’t seem to work, yet" url: "https://www.csoonline.com/article/4184678/greatxml-zero-day-bitlocker-bypass-doesnt-seem-to-work-yet.html" lang: "en-US" type: "post" description: "A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit Thursday that promises to bypass BitLocker encryption on locked devices. A well respected security expert reported that the exploit doesn’t" last_modified: "2026-06-12T21:34:32+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.csoonline.com/feed/" wpe_sourcepermalink: "https://www.csoonline.com/article/4184678/greatxml-zero-day-bitlocker-bypass-doesnt-seem-to-work-yet.html" --- # GreatXML zero-day BitLocker bypass doesn’t seem to work, yet A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit Thursday that promises to bypass BitLocker encryption on locked devices. A well respected security expert reported that the exploit doesn’t work as initially described, but the researcher is looking for ways to fix it. Dubbed GreatXML, the exploit is supposed to work from the Windows Recovery Environment (WinRE), a special boot mode in Windows from which startup issues can be troubleshooted. It also seems to be related to the Windows Defender offline scan feature. “If Defender offline scan was initiated in the victim machine at any point then there is no need to login, the machine is automatically vulnerable,” the researcher, who goes online by the name Nightmare Eclipse or Chaotic Eclipse, said in the exploit notes. “If Defender offline scan was never initiated then you have to either login and initiate it yourself or figure out a way to boot into WinRE in offline scan state (I believe it should be very possible to do so without logging in).” The requirement to log in is relevant here, because a system drive encrypted with BitLocker will be unlocked and decrypted when the user logs in. However, the whole point of a BitLocker bypass is to gain access to the unencrypted drive without having the credentials to log in, for example on a stolen laptop. On machines where an offline Windows Defender scan was performed in the past, the exploitation is supposed to work by copying two files (`unattend.xml` and `Recovery/WindowsRE/ReAgent.xml`) provided by Nightmare Eclipse to the WinRE partition — this can be done from outside the OS because the WinRE partition is not encrypted — and then restart the system in WinRE mode. “If everything was done correctly, a shell with unrestricted access to the BitLocker volume will spawn,” Nightmare Eclipse said. However, Will Dormann, an experienced vulnerability analyst who investigated previous exploits released by Nightmare Eclipse, was not able to replicate the bypass using the provided instructions after trying on three versions of Windows 11. “I think the writeup is flawed in that the spawned `CMD.EXE` happens on the NEXT time that a Microsoft Defender Offline scan is triggered,” Dormann [said on his Mastodon account](https://infosec.exchange/@wdormann/116729310091855591). “And in order to trigger a Microsoft Defender Offline scan, you both need to be logged in to Windows, and also have admin credentials. And if you’ve already got that level of access, you can just turn off BitLocker.” Dormann’s observation would be consistent with [Microsoft’s documentation](https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-offline), which states that triggering a Windows Defender offline scan requires administrative privileges and will trigger a reboot into WinRE mode for the scan to initiate. The point of the offline scan is to be executed from outside the OS to clean up kernel-level threats such as rootkits that might otherwise interfere with the regular Windows Defender process. Nightmare Eclipse did not respond to Dormann’s report, but [asked on X](https://x.com/rnmx123/status/2064996821194219870) if anyone is aware of a way to trigger a Defender offline scan just by editing `ReAgent.xml`. This suggests the researcher is looking for an alternative way to trigger the exploit, but could be related to the scenario where a Defender offline scan was never executed in the past. Eclipse’s own blog post about GreatXML disappeared from his blogspot.com site, but [he claims this was Google’s doing](https://x.com/ChaoticEclipse0/status/2065375046793564302) (Google owns the Blogger service). The GitHub repository where he posted his previous zero-day exploits was also removed recently, supposedly by Microsoft, which owns GitHub, a move that drew criticism from many in the security community, as GitHub has been a safe place to store security research, including zero-day proof-of-concept exploits. The researcher has a personal vendetta against Microsoft after claiming the company mistreated him and he has released eight zero-day exploits in Windows components so far. Some releases have been timed shortly after Microsoft’s [Patch Tuesday](https://www.csoonline.com/article/4183632/june-patch-tuesday-marks-a-new-normal-with-over-200-cves-32-rated-critical.html) to force the company to release out-of-band patches or wait until the following month. This was also the case earler this week, when the researcher [released a zero-day privilege escalation exploit in Windows Defender dubbed RoguePlanet](http://csoonline.com/article/4183487/microsoft-feud-escalates-as-researcher-drops-new-windows-zero-day.html) and followed that up two days later with the alleged GreatXML BitLocker bypass. Even if Dormann was not able to get the GreatXML to work, companies should still take the exploit seriously considering Eclipse’s track record of releasing functional zero-days. If there is a bug in the exploit, the researcher or someone else could fix it or find an alternative way to trigger it. --- --- title: "Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That." url: "https://securityaffairs.com/193565/uncategorized/iran-linked-handala-breached-a-california-water-utility-it-could-have-done-worse-and-it-knows-that.html" lang: "en-US" type: "post" description: "Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water" last_modified: "2026-06-12T21:34:22+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://securityaffairs.com/feed" wpe_sourcepermalink: "https://securityaffairs.com/193565/uncategorized/iran-linked-handala-breached-a-california-water-utility-it-could-have-done-worse-and-it-knows-that.html" --- # Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That. ## Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group [Handala](https://securityaffairs.com/tag/handala) posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it up. California Water Service is one of the largest investor-owned water utilities in the United States. It is a subsidiary of California Water Service Group and provides drinking water and wastewater services to residential, commercial, and industrial customers. The company serves hundreds of thousands of customer connections across numerous communities in California, as well as smaller operations in other states through affiliated utilities. The group said the intrusion was retaliation for recent US actions in Iran, and claimed it had the ability to disrupt water access but chose not to. For now. Cybersecurity firm Dataminr’s analysis of the published dump identified two separate systems that Handala reached. The first is a customer billing database containing names, service addresses, phone numbers, account numbers, and payment histories across multiple Cal Water districts. The second is an internal RTKBase deployment, an open-source GNSS base station platform used by field crews to receive centimeter-accurate GPS corrections when mapping and maintaining water infrastructure. _“Dataminr analysis of the published PoC indicates Handala accessed two separate Cal Water systems: a customer billing database containing PII for accounts across multiple districts, and an internal RTKBase NTRIP caster network used for precision GPS operations across field crews.” [reads the Dataminr’s report](https://www.dataminr.com/resources/intel-brief/cyber-intel-brief-handala-claims-breach-of-california-water-service/). “The RTKBase instance had been operational for approximately 783 continuous hours at time of access, with GPS correction data streamed across all seven identified district mountpoints.”_ Handala’s public release exposed NTRIP network infrastructure linked to at least seven California Water Service operational districts, including Bakersfield, Chico, Salinas, Stockton, Visalia, San Mateo, and a regional engineering segment. However the researchers pointed out that the RTKBase wasn’t the end goal. It was the entry point. _“The billing system and RTKBase platform represent distinct infrastructure. The RTKBase network is assessed as a probable initial access vector or lateral pivot point that enabled the actor to reach the billing environment.” continues the report._ Cal Water used RTKBase, an open-source GNSS base station application often deployed on lightweight hardware like a Raspberry Pi. Its web-based management interface was accessible via standard HTTP port 10000 across multiple district mountpoints. For this reasing it is easy to find, easy to access, useful as a stepping stone. The dump is comprehensive enough to treat everything in it as fully compromised. Administrative credentials for the RTKBase platform and a mountpoint-level NTRIP source password are published in plaintext. The IP block supporting Cal Water’s NTRIP network across all seven districts is fully enumerated. Dataminr researchers recommend rotating all exposed credentials immediately, taking RTKBase instances offline for audit, and reviewing network segmentation between the GPS infrastructure network and the billing environment. Those two systems should never have been able to reach each other. The OT question is the one that should be keeping water utility security teams awake. No disruption to water treatment processes, SCADA systems, or chemical dosing has been confirmed in this incident. The experts warn of Handala’s destructive capabilities, including custom wipers and MBR-overwriting tools, and has previously escalated from data theft to system destruction in other attacks. _“While OT/ICS disruption is not confirmed in this incident, Handala’s deployed toolkit includes custom wipers (win.handala, Handala Wiper, Hamsa Wiper) and MBR-overwriting capabilities.” states the report. “The group has demonstrated willingness to escalate from data theft to destructive operations within the same campaign cycle, as evidenced by the Stryker incident.”_ Handala appears as a pro-Palestinian hacktivist group but is widely seen as a front for Iran-backed Void Manticore, as [reported](https://www.securityweek.com/medtech-giant-stryker-crippled-by-iran-linked-hacker-attack/) by SecurityWeek. Known for phishing, data theft, extortion, and destructive wiper attacks, they also engage in info operations and psychological warfare. Since the [Iran conflict](https://securityaffairs.com/179199/cyber-warfare-2/iran-confirmed-it-shut-down-internet-to-protect-the-country-against-cyberattacks.html) began, they’ve targeted Israeli military servers, intelligence officers, and companies, stealing or wiping data. The group has been active since at least December 2023 and has escalated US-targeted operations significantly since February 2026, when US-Iran military engagement intensified. Water infrastructure fits the group’s stated doctrine of targeting “life-sustaining” systems for maximum societal and psychological impact. CISA issued a specific advisory this year warning of Iranian targeting of US water sector technologies. This is that advisory materializing. In March 2026, Handala deployed a [wiper against Stryker](https://securityaffairs.com/189535/hacking/attack-on-stryker-s-microsoft-environment-wiped-employee-devices-without-malware.html) that disrupted manufacturing and shipping. Data theft first, destruction later is a documented pattern, not speculation. Cal Water has not publicly acknowledged the breach. Affected customers face elevated phishing risk given that names, addresses, phone numbers, and account details are now publicly available. Utilities in the water sector running RTKBase or similar NTRIP caster software should verify immediately that their admin panels are not internet-exposed and are behind network-layer controls rather than just application credentials. _“Handala’s operational pattern frequently involves an initial claim followed by escalated action.” concludes the report. “Security teams should treat the current disclosure as a possible precursor to a destructive follow-on and posture accordingly.”_ **Follow me on Twitter: **[**@securityaffairs**](https://twitter.com/securityaffairs)** and **[**Facebook**](https://www.facebook.com/sec.affairs)** and **[**Mastodon**](https://infosec.exchange/@securityaffairs)**** [**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559)**** **(**[**SecurityAffairs**](http://securityaffairs.co/wordpress/)** – hacking, newsletter)****** --- --- title: "Google unveils DiffusionGemma, an AI model that breaks free of left-to-right processing" url: "https://www.computerworld.com/article/4184675/google-unveils-diffusiongemma-an-ai-model-that-breaks-free-of-left-to-right-processing-2.html" lang: "en-US" type: "post" description: "Extremely powerful large language models (LLMs) still operate as though they’re typing on a keyboard, processing workloads in a simple left-to-right fashion. But in locally-run, single-user scenarios, this sequential processing can leave graphics processing units (GPUs) and tensor processing units" last_modified: "2026-06-12T21:23:56+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.computerworld.com/security/feed/" wpe_sourcepermalink: "https://www.computerworld.com/article/4184675/google-unveils-diffusiongemma-an-ai-model-that-breaks-free-of-left-to-right-processing-2.html" --- # Google unveils DiffusionGemma, an AI model that breaks free of left-to-right processing Extremely powerful [large language models](https://www.infoworld.com/article/2335213/large-language-models-the-foundations-of-generative-ai.html) (LLMs) still operate as though they’re typing on a keyboard, processing workloads in a simple left-to-right fashion. But in locally-run, single-user scenarios, this sequential processing can leave graphics processing units (GPUs) and [tensor processing units](https://www.networkworld.com/article/4093957/what-are-tpus-your-guide-to-tensor-processing-units-and-ai-acceleration.html) (TPUs) underutilized. Google is betting that [DiffusionGemma](https://deepmind.google/models/gemma/diffusiongemma/) can get around this bottleneck. The new experimental open model generates text “exceptionally fast,” creating entire blocks of text simultaneously through diffusion techniques rather than through token-by-token processing. The company says this technique results in 4x faster inference compared to auto-regressive models that rely on sequential processing. It can also save users money. Technology analyst [Carmi Levy](https://ca.linkedin.com/in/carmi) noted that existing pay-per-token monetization models “penalize the use of less than optimally efficient AI solutions.” But DiffusionGemma “could herald a new generation of task-defined, efficient solutions that can enable expanded compute capacity without draining the operations budget,” he said. ## A contrast to left-to-right processing Built on Google’s Gemma 4 family and its [Gemini Diffusion](https://deepmind.google/models/gemini-diffusion/) research, DiffusionGemma is a 26B mixture-of-experts (MoE) model designed to maximize text output generation. It essentially shifts [how models use hardware](https://www.infoworld.com/article/4169605/21-llms-tuned-for-special-domains.html), giving processors a larger hunk of work each cycle so it can draft full 256-token paragraphs in sequence. This allows the model to generate text up to 4x faster on GPUs, Google claims. It activates only 3.8B parameters during inference, and, when quantized, can fit within 18GB VRAM on high-end consumer GPUs like Nvidia RTX 5090. “It upgrades your model inference from a single, sequential typewriter to a massive printing press that stamps the entire block of text simultaneously,” Google research scientists Brendan O’Donoghue and Sebastian Flennerhag wrote in a [blog post](https://blog.google/innovation-and-ai/technology/developers-tools/diffusion-gemma-faster-text-generation/). AI image generators begin with pure, random ‘visual noise’ and iteratively refine that into a finalized picture (what’s known as ‘diffusion’); DiffusionGemma applies this same process to text. It does not generate tokens in order, but begins with a “canvas of random placeholder tokens” that it processes in multiple passes, identifying the context tokens it feels are most relevant and using those to refine the rest. The model has the ability to self-correct, using confidence scoring to re-evaluate tokens in the next pass. “The model iteratively refines its own output, allowing it to evaluate the entire text block at once to fix mistakes in real-time,” O’Donoghue and Flennerhag explained. DiffusionGemma also has bidirectional attention, they wrote. “Generating 256 tokens in parallel with each forward pass allows every token to attend to all others.” This can be particularly helpful in domains that are non-linear in nature, such as mathematical graphs, code infilling, and in-line editing, they said. DiffusionGemma is optimized across Nvidia’s hardware stack, making it compatible with consumer setups as well as with high-performance enterprise systems like Hopper and Blackwell. Because it is released under the Apache 2.0 license, developers can freely use, modify, distribute, and commercialize the software using their preferred tools. It can be run on GPUs or in the cloud through [Google Cloud Model Garden](https://console.cloud.google.com/agent-platform/publishers/google/model-garden/diffusiongemma) or [Nvidia NIM](https://catalog.ngc.nvidia.com/orgs/nim/teams/google/containers/diffusiongemma-26b-a4b-it?version=latest), and is available on [Hugging Face](https://huggingface.co/collections/mlx-community/diffusiongemma), [GitHub](https://github.com/google-gemma), and [vLLM](https://vllm-project.github.io/2026/06/10/diffusion-gemma), with support for the open-source library [llama.cpp](https://github.com/ggml-org/llama.cpp) coming soon. ## Key use cases The model is particularly useful in local workflows that are “speed critical,” such as generation of non-linear text structures, and unlocks what Google calls “new patterns of model behavior” like multimodal understanding and generating and rendering code in near real-time. Levy explained, “DiffusionGemma is particularly well suited for interactive coding and editing where its efficiency allows rapid processing and iterations,” noting that its ability to fit within 18GB of VRAM and its deployability on commonly available local GPUs can potentially benefit customer service-related workloads that lean heavily on real-time interaction and local processing. “DiffusionGemma also incorporates a thinking mode that is especially adept at problem solving,” he said. For instance, the model was fine-tuned to play Sudoku, a typically challenging task for autoregressive models because each token depends on future tokens. This “rather handily” illustrates the model’s capability to solve more complex problems, Levy noted. ## Limitations Google freely admits that DiffusionGemma is geared to specific workflows, and there are “key trade-offs.” The model is engineered for small batch size inferencing and low-latency, high-speed generation low-to-medium batch sizes on a “single capable accelerator.” In high-QPS cloud serving environments, (where infrastructure is designed to handle tens or hundreds of thousands of requests per second with ultra-low latency), DiffusionGemma’s parallel coding “offers diminishing returns,” and can even result in higher serving costs, Google conceded. In addition, its overall output quality is lower than that of standard Gemma 4, which is built for apps demanding maximum quality. However, Levy noted that while DiffusionGemma “can be less precise than other models in certain workloads,” subsequent refinement cycles could overcome this limitation. While Google isn’t sharing runtime costs, it’s clear that this is an efficiency play, he added. “When deployed across the kinds of workloads that would optimally benefit from its architecture, DiffusionGemma seems to have the potential to reduce processing overhead and related costs,” he said. _This article originally appeared on [InfoWorld](https://www.infoworld.com/article/4184668/google-unveils-diffusiongemma-an-ai-model-that-breaks-free-of-left-to-right-processing.html)._ --- --- title: "Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, Bitlocker, Peoplesoft, and More – SWN #589" url: "https://www.scworld.com/podcast-segment/15032-phones-sarlaccs-maine-chinese-sites-ivanti-bitlocker-peoplesoft-and-more-swn-589" lang: "en-US" type: "post" last_modified: "2026-06-12T21:00:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/podcast-segment/15032-phones-sarlaccs-maine-chinese-sites-ivanti-bitlocker-peoplesoft-and-more-swn-589" --- # Phones, Sarlaccs, Maine, Chinese Sites, Ivanti, Bitlocker, Peoplesoft, and More – SWN #589 --- --- title: "House fails to renew FISA surveillance law amid controversy" url: "https://www.scworld.com/brief/house-fails-to-renew-fisa-surveillance-law-amid-controversy" lang: "en-US" type: "post" description: "The House voted against renewing Section 702 of FISA, a law that allows U.S. intelligence agencies to collect vast amounts of information, including data on Americans, to identify foreign threats." last_modified: "2026-06-12T20:54:27+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/house-fails-to-renew-fisa-surveillance-law-amid-controversy" --- # House fails to renew FISA surveillance law amid controversy The House voted against renewing Section 702 of FISA, a law that allows U.S. intelligence agencies to collect vast amounts of information, including data on Americans, to identify foreign threats. --- --- title: "Anthropic launches $15 million cyber defense program for state and local governments" url: "https://www.scworld.com/brief/anthropic-launches-15-million-cyber-defense-program-for-state-and-local-governments" lang: "en-US" type: "post" description: "The initiative offers up to $15 million in Claude credits, which are usage-based units for Anthropic's AI services." last_modified: "2026-06-12T20:53:06+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/anthropic-launches-15-million-cyber-defense-program-for-state-and-local-governments" --- # Anthropic launches $15 million cyber defense program for state and local governments The initiative offers up to $15 million in Claude credits, which are usage-based units for Anthropic’s AI services. --- --- title: "California’s new CIO focuses on modernizing legacy systems and AI" url: "https://www.scworld.com/brief/californias-new-cio-focuses-on-modernizing-legacy-systems-and-ai" lang: "en-US" type: "post" description: "Given plans to steer the California Department of Technology (CDT) towards incremental improvements with measurable returns, rather than large-scale, multi-year modernization projects, citing budget limitations." last_modified: "2026-06-12T20:50:17+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/californias-new-cio-focuses-on-modernizing-legacy-systems-and-ai" --- # California’s new CIO focuses on modernizing legacy systems and AI Given plans to steer the California Department of Technology (CDT) towards incremental improvements with measurable returns, rather than large-scale, multi-year modernization projects, citing budget limitations. --- --- title: "China-nexus group hid in Linux login system for nearly a decade" url: "https://www.scworld.com/brief/china-nexus-group-hid-in-linux-login-system-for-nearly-a-decade" lang: "en-US" type: "post" description: "The group's operation, dubbed Operation Highland, involved backdooring the Pluggable Authentication Modules (PAM) and OpenSSH components, which are fundamental to user authentication on Linux systems." last_modified: "2026-06-12T20:46:30+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/china-nexus-group-hid-in-linux-login-system-for-nearly-a-decade" --- # China-nexus group hid in Linux login system for nearly a decade The group’s operation, dubbed Operation Highland, involved backdooring the Pluggable Authentication Modules (PAM) and OpenSSH components, which are fundamental to user authentication on Linux systems. --- --- title: "Thousands of live cameras stream with no authentication, exposing security risks" url: "https://www.scworld.com/brief/thousands-of-live-cameras-stream-with-no-authentication-exposing-security-risks" lang: "en-US" type: "post" description: "A recent analysis by Mysterium VPN revealed that over 21,000 live cameras are accessible online without any login credentials or security barriers." last_modified: "2026-06-12T20:42:28+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/thousands-of-live-cameras-stream-with-no-authentication-exposing-security-risks" --- # Thousands of live cameras stream with no authentication, exposing security risks A recent analysis by Mysterium VPN revealed that over 21,000 live cameras are accessible online without any login credentials or security barriers. --- --- title: "U.S. seizes domains used to publish nonconsensual AI-generated nude images" url: "https://www.scworld.com/brief/u-s-seizes-domains-used-to-publish-nonconsensual-ai-generated-nude-images" lang: "en-US" type: "post" description: "The domains specialized in creating explicit content, often targeting famous women, including politicians, royalty, and entertainers." last_modified: "2026-06-12T20:40:25+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/u-s-seizes-domains-used-to-publish-nonconsensual-ai-generated-nude-images" --- # U.S. seizes domains used to publish nonconsensual AI-generated nude images The domains specialized in creating explicit content, often targeting famous women, including politicians, royalty, and entertainers. --- --- title: "10-year-old phpBB vulnerability allows admin account takeover" url: "https://www.scworld.com/brief/10-year-old-phpbb-vulnerability-allows-admin-account-takeover" lang: "en-US" type: "post" description: "The vulnerability, introduced 10 years ago, affects all versions of the 3.x and 4.x release branches up to the specified versions." last_modified: "2026-06-12T20:33:03+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/10-year-old-phpbb-vulnerability-allows-admin-account-takeover" --- # 10-year-old phpBB vulnerability allows admin account takeover The vulnerability, introduced 10 years ago, affects all versions of the 3.x and 4.x release branches up to the specified versions. --- --- title: "Novo Nordisk discloses data breach affecting patient and healthcare professional information" url: "https://www.scworld.com/brief/novo-nordisk-discloses-data-breach-affecting-patient-and-healthcare-professional-information" lang: "en-US" type: "post" description: "Attackers gained access to Novo Nordisk's internal IT systems, copying non-public data without authorization." last_modified: "2026-06-12T20:29:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/novo-nordisk-discloses-data-breach-affecting-patient-and-healthcare-professional-information" --- # Novo Nordisk discloses data breach affecting patient and healthcare professional information Attackers gained access to Novo Nordisk’s internal IT systems, copying non-public data without authorization. --- --- title: "ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed" url: "https://www.darkreading.com/vulnerabilities-threats/shinyhunters-oracle-zero-day-higher-ed" lang: "en-US" type: "post" description: "A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data." last_modified: "2026-06-12T20:26:32+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.darkreading.com/rss.xml" wpe_sourcepermalink: "https://www.darkreading.com/vulnerabilities-threats/shinyhunters-oracle-zero-day-higher-ed" --- # ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed A major bug in Oracle’s ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data. --- --- title: "Google sues to dismantle AI-powered cybercrime operation" url: "https://www.scworld.com/brief/google-sues-to-dismantle-ai-powered-cybercrime-operation" lang: "en-US" type: "post" description: "The lawsuit targets Outsider Enterprise, a network believed to be based in China, for allegedly using AI to impersonate Google and other brands in scam text messages." last_modified: "2026-06-12T20:23:35+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/brief/google-sues-to-dismantle-ai-powered-cybercrime-operation" --- # Google sues to dismantle AI-powered cybercrime operation The lawsuit targets Outsider Enterprise, a network believed to be based in China, for allegedly using AI to impersonate Google and other brands in scam text messages. --- --- title: "Maine disables data breach notification portal after fake disclosures" url: "https://www.bleepingcomputer.com/news/security/maine-disables-data-breach-notification-portal-after-fake-disclosures/" lang: "en-US" type: "post" description: "Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, prompting a review of procedures to prevent abuse in the future." last_modified: "2026-06-12T19:33:32+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.bleepingcomputer.com/feed/" wpe_sourcepermalink: "https://www.bleepingcomputer.com/news/security/maine-disables-data-breach-notification-portal-after-fake-disclosures/" --- # Maine disables data breach notification portal after fake disclosures Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state’s website, prompting a review of procedures to prevent abuse in the future. […] --- --- title: "Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit" url: "https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html" lang: "en-US" type: "post" description: "Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest" last_modified: "2026-06-12T19:33:25+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.feedburner.com/TheHackersNews?format=xml" wpe_sourcepermalink: "https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html" --- # Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to hide itself. The AUR is Arch Linux’s community package collection, and it is separate --- --- title: "Iran-linked group Handala claims to steal Cal Water customer info" url: "https://www.scworld.com/news/iran-linked-group-handala-claims-to-steal-cal-water-customer-info" lang: "en-US" type: "post" description: "Experts say that Handala has a history of overstating its capabilities and in this case the water systems was not disrupted." last_modified: "2026-06-12T19:26:24+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.scworld.com/feed/topic/latest" wpe_sourcepermalink: "https://www.scworld.com/news/iran-linked-group-handala-claims-to-steal-cal-water-customer-info" --- # Iran-linked group Handala claims to steal Cal Water customer info Experts say that Handala has a history of overstating its capabilities and in this case the water systems was not disrupted. --- --- title: "400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer" url: "https://thehackernews.com/2026/06/400-arch-linux-aur-packages-hijacked-to.html" lang: "en-US" type: "post" description: "Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest" last_modified: "2026-06-12T19:24:50+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.feedburner.com/TheHackersNews?format=xml" wpe_sourcepermalink: "https://thehackernews.com/2026/06/400-arch-linux-aur-packages-hijacked-to.html" --- # 400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to hide itself. The AUR is Arch Linux’s community package collection, and it is separate --- --- title: "Blake Lively Awarded Legal Fees in Dispute With Justin Baldoni" url: "https://www.wsj.com/us-news/law/blake-lively-awarded-legal-fees-in-dispute-with-justin-baldoni-da8b8d56?mod=rss_Technology" lang: "en-US" type: "post" description: "The order was a partial victory for Lively, but the judge ruled the actress can’t recover damages in connection with Baldoni’s countersuit against her." last_modified: "2026-06-12T19:23:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.content.dowjones.io/public/rss/RSSWSJD" wpe_sourcepermalink: "https://www.wsj.com/us-news/law/blake-lively-awarded-legal-fees-in-dispute-with-justin-baldoni-da8b8d56?mod=rss_Technology" --- # Blake Lively Awarded Legal Fees in Dispute With Justin Baldoni The order was a partial victory for Lively, but the judge ruled the actress can’t recover damages in connection with Baldoni’s countersuit against her. --- --- title: "I used HyperDroid to make my Android devices look and feel like Windows 11 – and don’t regret it" url: "https://www.zdnet.com/article/hyperdroid-android-launcher-made-phone-tablet-look-like-windows-11/" lang: "en-US" type: "post" description: "I've never been the biggest fan of Windows UI, but I made my Pixel 9 Pro and Nubia Pad Pro look like it anyway, and didn't mind it." last_modified: "2026-06-12T19:05:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/hyperdroid-android-launcher-made-phone-tablet-look-like-windows-11/" --- # I used HyperDroid to make my Android devices look and feel like Windows 11 – and don’t regret it I’ve never been the biggest fan of Windows UI, but I made my Pixel 9 Pro and Nubia Pad Pro look like it anyway, and didn’t mind it. --- --- title: "Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing" url: "https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html" lang: "en-US" type: "post" description: "Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and" last_modified: "2026-06-12T18:59:32+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.feedburner.com/TheHackersNews?format=xml" wpe_sourcepermalink: "https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html" --- # Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. “The operation weaponized Gemini to help --- --- title: "Privacy own-goal: World Cup blunder leaks Lionel Messi’s passport details" url: "https://www.bitdefender.com/en-us/blog/hotforsecurity/privacy-own-goal-world-cup-blunder-leaks-lionel-messis-passport-details" lang: "en-US" type: "post" description: "Argentina's World Cup squad had their passport numbers leaked before a ball was kicked - not by hackers, but by someone who failed to redact a document properly. document. It's a mistake that has been made many times in the" last_modified: "2026-06-12T18:48:06+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://grahamcluley.com/feed/" wpe_sourcepermalink: "https://www.bitdefender.com/en-us/blog/hotforsecurity/privacy-own-goal-world-cup-blunder-leaks-lionel-messis-passport-details" --- # Privacy own-goal: World Cup blunder leaks Lionel Messi’s passport details Argentina’s World Cup squad had their passport numbers leaked before a ball was kicked – not by hackers, but by someone who failed to redact a document properly. document. It’s a mistake that has been made many times in the past… Read more in my article on the Hot for Security blog. --- --- title: "U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14" url: "https://securityaffairs.com/193557/security/u-s-cisa-adds-ivanti-sentry-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-patching-by-june-14.html" lang: "en-US" type: "post" description: "U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Sentry flaw, tracked as CVE-2026-10520 (CVSS score of 10.0), to its Known Exploited Vulnerabilities" last_modified: "2026-06-12T18:47:49+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://securityaffairs.com/feed" wpe_sourcepermalink: "https://securityaffairs.com/193557/security/u-s-cisa-adds-ivanti-sentry-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-patching-by-june-14.html" --- # U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14 ## U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) [added](https://www.cisa.gov/news-events/alerts/2026/06/11/cisa-adds-one-known-exploited-vulnerability-catalog) Ivanti Sentry flaw, tracked as [CVE-2026-10520](https://www.cve.org/CVERecord?id=CVE-2026-10520) (CVSS score of 10.0), to its [Known Exploited Vulnerabilities (KEV) catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog). Ivanti Sentry is a secure gateway appliance that sits between an organization’s internal systems and mobile devices, helping companies manage and protect mobile access to corporate resources. Threat actors have [started exploiting](https://securityaffairs.com/193530/uncategorized/cve-2026-10520-exploited-ivanti-sentry-gateways-compromised-shortly-after-patch-release.html) the maximum-severity OS command injection flaw in Ivanti Sentry, that allows remote code execution with root privileges. _“An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution ” [reads the advisory](https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US)._ The vulnerability affects the secure mobile gateway used to protect communications between corporate systems and mobile devices. Although Ivanti initially reported no evidence of active attacks, researchers at Shadowserver found that many internet-exposed Sentry gateways had already been backdoored shortly after the security updates were released. _“We are observing a large amount of Ivanti Sentry CVE-2026-10520 exploitation attempts based on the public PoC today. We see 19 vulnerable instances in our own scans, with at least 2 backdoored (thanks to [@NCA_KSA](https://x.com/NCA_KSA) for the tip!). However, all remaining likely compromised too.” the Shadowserver Foundation posted on X. “While our detection is on the lowish side due to multiple Ivanti Sentry instances not reachable in our scans (blocklisted?), if you have not patched you are most likely compromised. Vuln IP data shared in Vulnerable HTTP reporting tagged ‘cve-2026-10520′”_ Ivanti has not yet updated its advisory to confirm active exploitation of the issue in attacks in the wild. However, attackers frequently target Ivanti flaws because they can provide direct access into enterprise networks and enable data theft. Threat actors can specifically target Ivanti Sentry instances mainly because they sit in a very sensitive and powerful position inside enterprise environments. Ivanti Sentry acts as a gateway between mobile devices and internal corporate systems. That means if an attacker compromises it, they are no longer “outside” the network—they are effectively inside the trusted boundary. According to [Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities](https://cyber.dhs.gov/bod/22-01/), FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog. Experts also recommend that private organizations review the [Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) and address the vulnerabilities in their infrastructure. CISA orders federal agencies to fix the vulnerability by June 14, 2026. **Follow me on Twitter: **[**@securityaffairs**](https://twitter.com/securityaffairs)** and **[**Facebook**](https://www.facebook.com/sec.affairs)** and **[**Mastodon**](https://infosec.exchange/@securityaffairs) [**Pierluigi Paganini**](http://www.linkedin.com/pub/pierluigi-paganini/b/742/559) **(**[**SecurityAffairs**](http://securityaffairs.co/wordpress/)** – hacking, [CISA](https://securityaffairs.com/tag/cisa))** --- --- title: "US, France, and Italian authorities shut down massive deepfake porn site" url: "https://cyberscoop.com/us-international-authorities-shutdown-deepfake-porn-site/" lang: "en-US" type: "post" description: "The U.S. Departments of Justice and Homeland Security seized multiple internet domains this week, accusing them of being used to publishing thousands of AI or digitally-altered images and videos of nude women. The domains, CFAKE.com and SOCFAKE.com, specialized in digital" last_modified: "2026-06-12T18:21:05+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://cyberscoop.com/feed/" wpe_sourcepermalink: "https://cyberscoop.com/us-international-authorities-shutdown-deepfake-porn-site/" --- # US, France, and Italian authorities shut down massive deepfake porn site The U.S. Departments of Justice and Homeland Security seized multiple internet domains this week, accusing them of being used to publishing thousands of AI or digitally-altered images and videos of nude women. The domains, CFAKE.com and SOCFAKE.com, specialized in digital forgeries that “were made to appear to be sexual images of famous women, including politicians, first ladies of multiple countries, royalty, journalists, television presenters, athletes, entertainers, and others” either nude or engaged in sexual activity,” according to a Department of Justice release. In addition to creating sexual images and videos of women without their consent, the service allowed people to browse by topics, including “rape,” “forced,” and “degradation.” That description comes from a Department of Justice [release](https://www.justice.gov/opa/pr/united-states-seizes-domain-names-publishing-nude-digital-forgeries-famous-women) describing the contents of its probable cause affidavit and search warrants. CyberScoop has not viewed the court documents.   The sites were seized under the TAKE IT DOWN Act, a law [passed last year](https://cyberscoop.com/take-it-down-act-passes-house-first-amendment-encryption/) giving federal authorities the ability to [criminally prosecute](https://cyberscoop.com/us-sentencing-guidelines-take-it-down-act-deepfake-law/) those who create and distribute deepfake porn. The law was a rare moment of bipartisan agreement in Washington D.C., gaining support from both Democrats and Republicans who said their constituents were demanding tougher laws to curb the use of AI to create nonconsensual deepfake porn. The operation marks one of the largest seizures since the law went into effect. The details of the operation disclosed by the government show how creators of deepfake porn rely on a web of international assets and infrastructure to evade law enforcement. Robert Fraiser, U.S. Attorney for the District of New Jersey, said U.S. authorities worked in coordination with law enforcement agencies in France and Italy. According to U.S. officials, they were first notified about the website by Italian Polizia de Stato, while a parallel investigation run by the Paris Public Prosecutor’s Office in France resulted in the arrest of a suspect connected with the site, along with seized cryptocurrency funds. “These seizures stopped a website that trafficked in humiliation, exploitation, and the violation of personal privacy on a massive scale,” said Frazer in a statement. “For the victims whose images were distributed without their consent, the harm is not virtual — it is deeply personal and often enduring.” According to the [Paris Prosecutor’s Office](https://www.tribunal-de-paris.justice.fr/sites/default/files/2026-06/2026-06-12%20-%20CP%20Cfake%20plateforme%20de%20deepfakes.pdf), Cyrille B., a 47-year-old French national was arrested and accused of being an administrator for CFAKE. A search of his home in Nice found computer equipment related to the site and a little more than $48,000 in Ethereum cryptocurrency that they said came from the site’s advertising. The French investigation identified 300,000 images, 7,000 videos depicting 14,000 individuals from different countries. The site had approximately 200,000 user accounts, 4 million views per month and uploaded 50 pieces of new content every day. The suspect had no prior criminal record, and will go to trial on July 7. The charges carry potential penalties of up to seven years in prison and €500,000. U.S. Immigration and Customs Enforcement’s Homeland Security Investigation division is leading the federal investigation, in conjunction with the U.S. Attorney’s office for New Jersey. The post [US, France, and Italian authorities shut down massive deepfake porn site](https://cyberscoop.com/us-international-authorities-shutdown-deepfake-porn-site/) appeared first on [CyberScoop](https://cyberscoop.com/). --- --- title: "phpBB forum fixes auth bypass bug lurking for a decade" url: "https://www.bleepingcomputer.com/news/security/phpbb-forum-fixes-auth-bypass-bug-lurking-for-a-decade/" lang: "en-US" type: "post" description: "A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators." last_modified: "2026-06-12T18:19:34+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.bleepingcomputer.com/feed/" wpe_sourcepermalink: "https://www.bleepingcomputer.com/news/security/phpbb-forum-fixes-auth-bypass-bug-lurking-for-a-decade/" --- # phpBB forum fixes auth bypass bug lurking for a decade A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. […] --- --- title: "China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade" url: "https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html" lang: "en-US" type: "post" description: "Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM" last_modified: "2026-06-12T18:17:55+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://feeds.feedburner.com/TheHackersNews?format=xml" wpe_sourcepermalink: "https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html" --- # China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who is allowed to sign in, planting its access where ordinary cleanup could not reach it. The network it targeted had no --- --- title: "Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware" url: "https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/" lang: "en-US" type: "post" description: "Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware." last_modified: "2026-06-12T18:17:16+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://hackread.com/feed/" wpe_sourcepermalink: "https://hackread.com/atomic-arch-hijacks-linux-aur-packages-malware/" --- # Atomic Arch Campaign Hijacks 20+ Linux AUR Packages to Deliver Malware Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware. --- --- title: "This free Android app turned my phone into a 35-tool measuring tool – and I tested everything" url: "https://www.zdnet.com/article/phyphox-science-lab-free-android-app-hands-on/" lang: "en-US" type: "post" description: "Phyphox can do so much that explaining it all would take hours. The real fun starts once you begin testing the world around you." last_modified: "2026-06-12T18:07:00+00:00" categories: [Global Security News] custom_fields: wpe_campaignid: 53 wpe_feed: "https://www.zdnet.com/news/rss.xml" wpe_sourcepermalink: "https://www.zdnet.com/article/phyphox-science-lab-free-android-app-hands-on/" --- # This free Android app turned my phone into a 35-tool measuring tool – and I tested everything Phyphox can do so much that explaining it all would take hours. The real fun starts once you begin testing the world around you. ---