📰

Today's News Highlights

🔐 BleepingComputer Critical

Google fixes one actively exploited Android zero-day, 124 flaws

Today · 11:10 UTC

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

Read full article →
🔐 The Hacker News High

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

Today · 11:58 UTC

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever…

Read full article →
🔐 Schneier on Security High

The Intersection of Encryption and AI

Today · 11:06 UTC

As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite pi…

Read full article →
🔐 Infosecurity Magazine High

Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets

Today · 10:00 UTC

Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets

Read full article →
🔐 The Hacker News Medium

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Today · 09:05 UTC

Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance w…

Read full article →
🔐 Schneier on Security Medium

Microsoft Threatening Security Researcher

Today · 11:00 UTC

An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLoc…

Read full article →

Top Stories by Impact

🏢 Rapid7 Blog Critical

CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)

Yesterday · 13:00 UTC

OverviewRapid7 Labs conducted a zero-day research project against an HP Poly VVX 450 Voice over Internet Protocol (VoIP) phone. This research resulted in the discovery of a critica…

Read full article →
🏢 Rapid7 Blog Critical

CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation

Yesterday · 13:00 UTC

One of the more persistent myths in security is that old bug classes become old problems. They don’t. They just show up in different places, under different conditions, and usually…

Read full article →
🔐 BleepingComputer Critical

Google fixes one actively exploited Android zero-day, 124 flaws

Today · 11:10 UTC

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

Read full article →
🔐 CISA Alerts Critical

CISA Adds One Known Exploited Vulnerability to Catalog

Yesterday · 12:00 UTC

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-21182 Oracle WebLogic Server Unspecifi…

Read full article →
🔐 Schneier on Security Critical

Vulnerability Disclosure in the Age of AI

Yesterday · 16:49 UTC

New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance betw…

Read full article →
🔐 BleepingComputer Critical

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Yesterday · 22:14 UTC

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. [...]

Read full article →
🤖 The Guardian Technology Critical

Hackers trick Meta AI support bot to infiltrate Obama White House Instagram account

Yesterday · 22:32 UTC

Breach of high-profile accounts raises concerns about reliance on AI for security measures such as passwordsHackers used Meta’s AI-powered support chatbot to infiltrate high-profil…

Read full article →
🏢 Check Point Research Critical

1st June – Threat Intelligence Report

Yesterday · 14:43 UTC

For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Carnival Corporation, a global cru…

Read full article →
🔐

Cybersecurity

BleepingComputer

1

Google fixes one actively exploited Android zero-day, 124 flaws

Critical

Today · 11:10 UTC

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

Read full article →
2

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Critical

Yesterday · 22:14 UTC

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. [...]

Read full article →
3

Red Hat npm packages compromised to steal developer credentials

High

Yesterday · 21:38 UTC

More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed "Miasma." [...]

Read full article →

CISA Alerts

1

CISA Adds One Known Exploited Vulnerability to Catalog

Critical

Yesterday · 12:00 UTC

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-21182 Oracle WebLogic Server Unspecified Vulnerability This type of vulnerabil…

Read full article →

Schneier on Security

1

Vulnerability Disclosure in the Age of AI

Critical

Yesterday · 16:49 UTC

New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediat…

Read full article →
2

The Intersection of Encryption and AI

High

Today · 11:06 UTC

As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite piece and share their reflections on the t…

Read full article →
3

Microsoft Threatening Security Researcher

Medium

Today · 11:00 UTC

An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal acti…

Read full article →

CyberScoop

1

Attackers are exploiting Palo Alto Networks defect that initially flew under the radar

Critical

Yesterday · 22:29 UTC

The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning. The post Attackers are exploiting Palo Alto Networks defect that initially flew under the rad…

Read full article →
2

Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight

Medium

Yesterday · 19:47 UTC

The former Colorado election clerk struck an unrepentant pose in her first interview after her prison sentence was commuted by Colorado Governor Jared Polis. The post Tina Peters, convicted in election-security breach, e…

Read full article →
3

USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order

Yesterday · 17:57 UTC

A judge said Democrats and civil groups filed the lawsuit too early to demonstrate harm, but that could change after newly proposed postal regulations. The post USPS moving forward with mail-in ballot changes as courts w…

Read full article →

Dark Reading

1

Microsoft's Zero-Day Legal Threats Spark Backlash

Critical

Yesterday · 18:52 UTC

After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges were in order.

Read full article →
2

Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise Defense

Medium

Today · 12:00 UTC

Twenty years after Dark Reading launched, we're looking ahead at what's next for enterprise security. Spoiler: It's hyper-segmented, AI-orchestrated, and way more sophisticated than your dad's firewall.

Read full article →
3

Anthropic to Open Mythos AI to EU's ENISA

Yesterday · 21:07 UTC

The European security agency's entry to Project Glasswing is the result of "strong bilateral cooperation" between the European Commission and Anthropic.

Read full article →

The Hacker News

1

AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.

High

Today · 11:58 UTC

AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. A…

Read full article →
2

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Medium

Today · 09:05 UTC

Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote access trojan…

Read full article →
3

How Leading Organizations Are Turning EDR Into Operational Resilience

Today · 10:30 UTC

Most organizations now recognize that endpoint protection alone is no longer sufficient. That's why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organizations understand that…

Read full article →

Cloudflare Blog

1

Project Glasswing: what Mythos showed us

High

18 May 2026

Cloudflare shares findings from testing Mythos and other security-focused LLMs against live code across critical infrastructure, including model strengths, weaknesses, and what is needed before this work can scale.

Read full article →

Infosecurity Magazine

1

Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets

High

Today · 10:00 UTC

Attackers backdoored 32 packages in Red Hat's official npm scope to steal cloud and CI secrets

Read full article →
2

Threat Actor Uses AI to Build EDR Evasion Tools

Medium

Today · 11:00 UTC

A threat actor used AI coding tools to build and test EDR evasion malware, Sophos finds

Read full article →
3

Infosecurity Europe: UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

Medium

Today · 10:00 UTC

UK organizations are prioritizing AI-driven cybersecurity as 43% cite AI-powered attacks as their top risk, prompting significant investment in advanced threat defense

Read full article →

Krebs on Security

1

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

Yesterday · 17:32 UTC

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on T…

Read full article →

SANS Internet Storm Center

1

New Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)

Today · 07:29 UTC

For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. No URL in the body, just “an imag…

Read full article →
2

ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)

Today · 02:00 UTC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read full article →
3

ISC Stormcast For Monday, June 1st, 2026 https://isc.sans.edu/podcastdetail/9952, (Mon, Jun 1st)

Yesterday · 02:00 UTC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read full article →

Ars Technica

1

Moderna gets $50 million to develop mRNA Ebola vaccine against Bundibugyo

Yesterday · 20:58 UTC

Amid a raging Ebola outbreak, officials "urgently accelerate development" of vaccines.

Read full article →
2

AI costs how much? GitHub Copilot users react to new usage-based pricing system.

Yesterday · 22:18 UTC

Some report burning through their whole monthly "AI credit" allotment in a single day.

Read full article →
3

Why cats prefer silver vine to catnip and other May highlights

Yesterday · 21:38 UTC

Prehistoric mining in the Pyrenees, a new species of tiny blue octopus, slapstick acoustics, and more.

Read full article →
🤖

AI & Technology

The Guardian Technology

1

Hackers trick Meta AI support bot to infiltrate Obama White House Instagram account

Critical

Yesterday · 22:32 UTC

Breach of high-profile accounts raises concerns about reliance on AI for security measures such as passwordsHackers used Meta’s AI-powered support chatbot to infiltrate high-profile Instagram accounts, the company has co…

Read full article →
2

Google owner Alphabet to sell $80bn in stock to fund AI spending spree

Today · 08:38 UTC

One of largest equity fundraisings ever includes $10bn share sale to US investment group Berkshire HathawayBusiness live – latest updatesGoogle’s parent company, Alphabet, has said it plans to raise up to $80bn (£59bn) i…

Read full article →
3

Florida lawsuit accuses OpenAI of ignoring safety warnings and putting children at risk

Yesterday · 21:51 UTC

State sues maker of ChatGPT and CEO Sam Altman, alleging company ‘allowed a dangerous product to reach millions’Florida filed a lawsuit against OpenAI, the maker of ChatGPT, and its CEO, Sam Altman, on Monday alleging th…

Read full article →

Ars Technica AI

1

Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts

High

Yesterday · 20:44 UTC

Pricey Instagram handles were stolen and resold before Meta patched the exploit.

Read full article →
2

AI costs how much? GitHub Copilot users react to new usage-based pricing system.

Yesterday · 22:18 UTC

Some report burning through their whole monthly "AI credit" allotment in a single day.

Read full article →
3

Florida sues OpenAI, Sam Altman after multiple ChatGPT-linked murders

Yesterday · 18:52 UTC

Altman has an "utter disregard" for human lives, Florida AG says.

Read full article →

ABC Technology (AU)

1

Councillor defends calling CEO 'despicable, disgusting woman'

Today · 08:36 UTC

A regional councillor has justified using offensive language towards the council's CEO in multiple emails and social media videos, claiming that he was attacked first and that "it’s a two-way street".

Read full article →
2

'Terribly sad day': Beer experts say Boag's closure points to growing cost of brewing

Today · 07:46 UTC

Beer industry stakeholders say it's a "sad day for the history of Tassie beer" after the announcement Boag's brewery in Launceston will close.

Read full article →
3

ICAC to probe allegations against University of Wollongong executives

Today · 06:27 UTC

The anti-corruption commission is to examine allegations about recruitment and the employment of a consultancy firm against Chancellor Michael Still and other members of the university's executive.

Read full article →

MIT Technology Review AI

1

How small businesses can leverage AI

Today · 09:00 UTC

This article is from Making AI Work, MIT Technology Review’s limited-run newsletter examining how to apply LLMs across industries. To receive it in your inbox,sign up here. From accounting to design to market research an…

Read full article →

The Verge

1

The Google Pixel Watch 5 may have been spoiled by… the creator of Borderlands

Yesterday · 20:59 UTC

We may just have gotten an early look at the Google Pixel Watch 5 - and from an unusual source. Randy Pitchford, the creator of the Borderlands game franchise, posted a pair of images of a watch on X, saying that his fri…

Read full article →
2

People are leaving a lot of weird stuff in their robotaxis

Today · 12:00 UTC

A unicorn Beanie Baby. A 15-pound green bowling ball. A pair of dentures. These are just some of the items left behind in robotaxis in the past year, according to Uber's annual Lost and Found Index. For the first time, t…

Read full article →
3

How to watch Microsoft’s Build 2026 conference

Today · 11:00 UTC

Microsoft is kicking off its yearly Build developer conference in San Francisco today, sandwiched between the recent Google I/O and Apple's upcoming WWDC event. While tickets to attend Build in person are sold out, the c…

Read full article →

Wired AI

1

The Trump Administration Is at War With Itself Over AI Regulation

Today · 09:30 UTC

Donald Trump killed an executive order to regulate AI. Now, administration officials and AI executives are trying to figure out if there’s anything left to piece back together.

Read full article →
2

Anthropic Confidentially Files for What Could Be the Largest IPO Ever

Yesterday · 17:17 UTC

The AI giant behind Claude submitted paperwork on Monday that would take it public, just a couple of weeks after SpaceX’s splashy IPO announcement.

Read full article →
3

Norse Atlantic Airways Offers Dirt-Cheap Tickets. There’s a Catch

Yesterday · 11:00 UTC

Dozens of people have complained to the Federal Trade Commission about Norse Atlantic Airways’ tech-first customer service operation. Some said they lost thousands of dollars.

Read full article →

TechCrunch AI

1

Alphabet plans to raise $80B to pay for AI buildout

Yesterday · 22:55 UTC

"The company is experiencing strong demand for its AI solutions and services from enterprises and consumers, at levels that are exceeding the company’s available supply," Alphabet said in its statement.

Read full article →
2

Nvidia chases $200B CPU market with AI agent PCs from Microsoft, Dell, and HP

Yesterday · 21:35 UTC

If Nvidia has cracked a way to bring AI agents easily, safely, and usefully to the masses, it could — and should — be big.

Read full article →
3

Florida sues OpenAI, Sam Altman, in first-of-its-kind lawsuit over violent incidents

Yesterday · 20:03 UTC

The lawsuit partially revolves around a shooting at Florida State University last year, and ChatGPT's alleged role in the incident.

Read full article →

Import AI

1

Import AI 459: AI oversight is difficult; scaling laws for protein folding models; and pricing the extinction risk of AI systems

Yesterday · 13:31 UTC

Do you feel as though you are living in a revolution?

Read full article →

NVIDIA AI Blog

1

Why Financial Institutions Are Converging on Transaction Foundation Models to Build Their Own Intelligence

Today · 06:00 UTC

Financial institutions have spent years building AI: fraud models, credit models, recommendation engines and risk systems. While this sprawl of task-specific models has been effective, it’s also constrained by siloed sys…

Read full article →
2

NVIDIA Jetson Brings Agentic AI to the Physical World

Today · 02:00 UTC

Agentic AI is getting physical. At COMPUTEX on Tuesday, NVIDIA announced NVIDIA JetPack 7.2 and NVIDIA NemoClaw support on NVIDIA Jetson. JetPack 7.2 brings agentic AI skills, Yocto project support, NVIDIA CUDA 13 on NVI…

Read full article →
3

NVIDIA AI Cloud Ecosystem Expands Worldwide to Meet Global AI Compute Demand

Yesterday · 05:00 UTC

The NVIDIA AI Cloud ecosystem is accelerating the global buildout of AI factory infrastructure. Partners are expanding capacity to meet growing demand from enterprises, startups, nations, AI labs and developers scaling a…

Read full article →

ITNews Australia

1

SUBCO, Firmus to double Tasmania's undersea internet capacity to mainland

Today · 06:23 UTC

New spur from SMAP transcontinental cable system across Bass Strait.

Read full article →
2

In Pictures: iTnews Executive Retreat - Data & AI edition

Today · 04:11 UTC

A selection of photos from the recent iTnews Executive Retreat at the Chateau Elan in the Hunter Valley.

Read full article →
3

'Miasma' worm infests Red Hat npm packages

Today · 03:23 UTC

Trusted publishing defence mechanism side-stepped with compromised token.

Read full article →
🏢

Vendor Security

Rapid7 Blog

1

CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)

Critical

Yesterday · 13:00 UTC

OverviewRapid7 Labs conducted a zero-day research project against an HP Poly VVX 450 Voice over Internet Protocol (VoIP) phone. This research resulted in the discovery of a critical unauthenticated stack-based buffer ove…

Read full article →
2

CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation

Critical

Yesterday · 13:00 UTC

One of the more persistent myths in security is that old bug classes become old problems. They don’t. They just show up in different places, under different conditions, and usually at the exact moment we’ve convinced our…

Read full article →
3

Rapid7 and Exclusive Networks Expand Partnership Across the Nordics

Yesterday · 08:00 UTC

Building stronger cybersecurity outcomes togetherThe cybersecurity landscape across the Nordics is evolving rapidly. Organizations are facing increasing pressure to modernize security operations, reduce complexity, and r…

Read full article →

Check Point Research

1

1st June – Threat Intelligence Report

Critical

Yesterday · 14:43 UTC

For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Carnival Corporation, a global cruise line operator, has confirmed a data…

Read full article →

Kaspersky Securelist

1

Containers on fire: from container escapes to supply chain attacks

Critical

Yesterday · 10:00 UTC

We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, API compromise, and supply chain attacks.

Read full article →
2

Wardriving assessment across Mexico: Preparing for the 2026 World Cup

Today · 12:00 UTC

In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential exposure ris…

Read full article →

Microsoft Security

1

Malicious npm packages abuse dependency confusion to profile developer environments

Medium

30 May 2026 · 00:06 UTC

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and detection opportuni…

Read full article →

Palo Alto Unit 42

1

Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor

Medium

Today · 10:00 UTC

Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework. The post Operation FlutterBridge: macOS Malvertising Campaign Spr…

Read full article →

StepSecurity

1

Multiple redhat-cloud-services npm Packages compromised

Medium

Yesterday · 17:59 UTC

Several packages in the @redhat-cloud-services npm scope were found to carry malicious payloads that fire via a preinstall hook on every npm install. The affected versions span multiple packages across the RedHat Cloud S…

Read full article →

OpenAI News

1

Codex is becoming a productivity tool for everyone

Today · 02:00 UTC

The Next Era of Knowledge Work report explores how Codex is transforming productivity through AI-powered research, data analysis, workflow automation, and content creation.

Read full article →
2

Our views on AI policy and political advocacy

Yesterday · 17:00 UTC

Our approach to AI policy and political advocacy, transparency, support for thoughtful regulation and AI safety, and that no outside political group speaks on the company’s behalf.

Read full article →
3

Building the infrastructure for the Intelligence Age in Michigan

Yesterday · 12:00 UTC

OpenAI breaks ground on a 1GW data center project in Michigan as part of Stargate, building AI infrastructure to expand access, create jobs, and support communities.

Read full article →

AWS Security

1

Spring 2026 SOC 1, 2, and 3 reports are now available with 188 services in scope

Yesterday · 16:07 UTC

Amazon Web Services (AWS) is pleased to announce that the Spring 2026 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The reports cover 188 services over the 12-month period from April 1, 20…

Read full article →

CrowdStrike Blog

1

CrowdStrike Brings Enterprise-Grade Security to the AI Factory with NVIDIA Vera BlueField-4 STX

Yesterday · 05:00 UTC

Read full article →
2

CrowdStrike Scales AI-Native Agents Across Falcon Exposure Management with NVIDIA

Yesterday · 05:00 UTC

Read full article →
3

Secure Shadow AI at the Control Plane with Falcon for IT

Yesterday · 05:00 UTC

Read full article →