Today's News Highlights
Max severity Ivanti Sentry vulnerability now exploited in attacks
Today · 06:20 UTC
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways…
Read full article →OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
Today · 09:45 UTC
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPEC…
Read full article →Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
Today · 10:20 UTC
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed
Read full article →GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
Today · 06:23 UTC
GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The ch…
Read full article →Trust No Skill: Integrity Verification for AI Agent Supply Chains
Today · 10:00 UTC
Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains. The post Trust No Skill: Integrity Ver…
Read full article →Microsoft fixes BitLocker recovery bug on Windows Server 2025
Today · 08:44 UTC
Microsoft has resolved a known issue causing some Windows Server 2025 devices to boot into BitLocker recovery after installing the April 2026 security update. [...]
Read full article →Top Stories by Impact
Patch Tuesday - June 2026
9 Jun 2026 · 21:04 UTC
Microsoft is publishing 200 vulnerabilities on June 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild for any of these vulnerabilities, and is aware of public…
Read full article →CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry
Yesterday · 10:21 UTC
OverviewOn June 9, 2026, Ivanti published a security advisory for two critical vulnerabilities affecting Ivanti Sentry (formerly known as MobileIron Sentry), which per the vendor w…
Read full article →Siemens KACO Blueplanet Inverters
9 Jun 2026 · 12:00 UTC
View CSAF Summary KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the devices serial number and misuse them t…
Read full article →Schneider Electric EcoStruxure Panel Server
9 Jun 2026 · 12:00 UTC
View CSAF Summary Schneider Electric is aware of its vulnerability in its EcoStruxure Panel Server offer. The EcoStruxure Panel Server is a high performance, modular gateway with e…
Read full article →A Record-Breaking Patch Tuesday for June 2026
9 Jun 2026 · 22:07 UTC
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's…
Read full article →CISA Adds Three Known Exploited Vulnerabilities to Catalog
9 Jun 2026 · 12:00 UTC
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-7473 Arista Extensible Operating S…
Read full article →Max severity Ivanti Sentry vulnerability now exploited in attacks
Today · 06:20 UTC
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways…
Read full article →Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans
Yesterday · 16:26 UTC
Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports containing valuable intelligence…
Read full article →Cybersecurity
CISA Alerts
Siemens KACO Blueplanet Inverters
Critical9 Jun 2026 · 12:00 UTC
View CSAF Summary KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the devices serial number and misuse them to gain unauthorized access. KACO new ene…
Read full article →Schneider Electric EcoStruxure Panel Server
Critical9 Jun 2026 · 12:00 UTC
View CSAF Summary Schneider Electric is aware of its vulnerability in its EcoStruxure Panel Server offer. The EcoStruxure Panel Server is a high performance, modular gateway with enhanced cybersecurity that provides easy…
Read full article →CISA Adds Three Known Exploited Vulnerabilities to Catalog
Critical9 Jun 2026 · 12:00 UTC
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-7473 Arista Extensible Operating System Incomplete Comparison with Missing…
Read full article →Krebs on Security
A Record-Breaking Patch Tuesday for June 2026
Critical9 Jun 2026 · 22:07 UTC
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly thre…
Read full article →Who Runs the Ransomware Group ‘The Gentlemen?’
HighYesterday · 14:03 UTC
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affi…
Read full article →BleepingComputer
Max severity Ivanti Sentry vulnerability now exploited in attacks
CriticalToday · 06:20 UTC
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. [...]
Read full article →Microsoft fixes BitLocker recovery bug on Windows Server 2025
HighToday · 08:44 UTC
Microsoft has resolved a known issue causing some Windows Server 2025 devices to boot into BitLocker recovery after installing the April 2026 security update. [...]
Read full article →Nottingham University data breach affects over 450,000 students
MediumToday · 07:27 UTC
The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current students and alums. [...]
Read full article →The Hacker News
OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
CriticalToday · 09:45 UTC
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a prolo…
Read full article →GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
HighToday · 06:23 UTC
GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques th…
Read full article →AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.
Today · 11:30 UTC
For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was straightforward enough; triage by seve…
Read full article →Infosecurity Magazine
Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims
CriticalToday · 10:20 UTC
Extortion-only attacks are increasing as data theft drives most ransomware claims, with many organizations unable to stop stolen data from being exposed
Read full article →Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats
Today · 12:30 UTC
Organizations are aware of the challenges that new technologies like AI bring: but cybersecurity staff struggle to make time for the required training during working hours
Read full article →Interpol Dismantles SniperDz Phishing-as-a-Service Platform
Today · 11:30 UTC
New revelations by Group-IB expose the full scale of the decade-old SniperDz phishing operation
Read full article →Dark Reading
Bug Bounty Research Triggers ServiceNow Security Alert
CriticalYesterday · 20:07 UTC
Bug bounty research inadvertently led organizations to believe they were being breached through their ServiceNow instances.
Read full article →CISA Rewrites Federal Patching Requirements for AI Threat Era
HighYesterday · 21:17 UTC
The new directive gives federal agencies three days to fix the most dangerous flaws, while less severe issues can be deferred.
Read full article →Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
Today · 00:01 UTC
North Korea's gross domestic product (GDP) has grown, in part because of the cybercrime gains of groups linked to the nation, which target business and financial firms.
Read full article →CyberScoop
CISA directive orders agencies to prioritize vulnerability patching in a new way
HighYesterday · 16:07 UTC
A vulnerability that meets all four criteria would need to be fixed within three days, for instance. The post CISA directive orders agencies to prioritize vulnerability patching in a new way appeared first on CyberScoop.
Read full article →Microsoft breaks Patch Tuesday record with 206 vulnerabilities
High9 Jun 2026 · 19:53 UTC
Fears and warnings about a roaring flood of error-riddled software have materialized. And the disease is spreading. The post Microsoft breaks Patch Tuesday record with 206 vulnerabilities appeared first on CyberScoop.
Read full article →OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers
Yesterday · 20:20 UTC
The company says there’s little evidence it influenced any real policy discussion. The post OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers appeared first on CyberScoop.
Read full article →Cloudflare Blog
Project Glasswing: what Mythos showed us
High18 May 2026
Cloudflare shares findings from testing Mythos and other security-focused LLMs against live code across critical infrastructure, including model strengths, weaknesses, and what is needed before this work can scale.
Read full article →Cybercrime Magazine
2026 CISO Compensation Data: Salaries, Bonuses, Equity
9 Jun 2026 · 12:41 UTC
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 9, 2026 – Read the report The 2026 CISO Report from Cybersecurity Ventures in partnership with Sophos examines the latest compen…
Read full article →New Book: Cybersecurity for Accounting and Business
Yesterday · 13:12 UTC
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 10, 2026 – Read the book Cybersecurity for Accounting and Business, a new book co-authored by Nancy Bagranoff, Professor at Univ…
Read full article →WireBadger Malicious Cable Detector For Penetration Testers And Red Teams
8 Jun 2026 · 12:46 UTC
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 8, 2026 – WireBadger production information USB technology was designed for convenience and universal compatibility. When a cabl…
Read full article →SANS Internet Storm Center
How has use of framing protection security headers changed in the past 3 years?, (Wed, Jun 10th)
Yesterday · 08:29 UTC
Back in 2023, I wrote a diary[1] discussing how commonly X-Frame-Options and CSP headers containing the frame-ancestors directive were used on 1 million most popular domains on the internet (based on the Tranco list[2]),…
Read full article →ISC Stormcast For Thursday, June 11th, 2026 https://isc.sans.edu/podcastdetail/9968, (Thu, Jun 11th)
Today · 02:25 UTC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Read full article →ISC Stormcast For Wednesday, June 10th, 2026 https://isc.sans.edu/podcastdetail/9966, (Wed, Jun 10th)
Yesterday · 02:00 UTC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Read full article →Schneier on Security
Enhanced License Plate Tracking
Today · 11:01 UTC
The surveillance company Leonardo wants more data: A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices, as well as capture the license plate of passing vehic…
Read full article →NSO Group Hacking WhatsApp Despite Court Order
Yesterday · 11:08 UTC
WhatsApp has caught the NSO Group phishing its users, in violation of a court order.
Read full article →GPS As a Key Distribution Platform
9 Jun 2026 · 15:06 UTC
This is interesting: The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden “numbers station,” according…
Read full article →Ars Technica
Several things I like about macOS 27 Golden Gate that have nothing to do with AI
Today · 11:00 UTC
AI aside, Golden Gate includes a bunch of subtle-but-helpful improvements.
Read full article →Diabetes org apologizes for ejecting scientists over criticism of Trump
Yesterday · 22:16 UTC
For days after the stunning incident, the ADA had doubled-down on the choice.
Read full article →Man sues Florida cops over arrest spurred by "93% match" in facial recognition
Yesterday · 21:30 UTC
Lawsuit: "Police let an error-prone AI system stand in for an investigation."
Read full article →AI & Technology
The Guardian Technology
Palantir to sue Sadiq Khan over blocked £50m Met police contract
Medium9 Jun 2026 · 15:13 UTC
US spy-tech company to challenge London mayor’s intervention after he raised concerns over breach of procurement rulesPalantir intends to sue the London mayor, Sadiq Khan, after he blocked a contract between the US spy-t…
Read full article →Crackdown on tech platforms will go ahead despite US intervention, says No 10
9 Jun 2026 · 17:47 UTC
US embassy came out against UK’s proposed under-16 social media ban, which would affect American firmsWhite House displeasure over the prospect of an under-16 social media ban will not deter the UK from cracking down on…
Read full article →AI absolutism is breaking our brains. The apocalyptic future we’re being sold isn’t inevitable
Today · 10:30 UTC
Nor is the dreamy promise that this tech will unlock boundless potential and productivityEverything we hear about artificial intelligence is conflicting, and hearing about it feels inescapable. AI is terrible. AI is wond…
Read full article →ITNews Australia
Marathon OAIC investigation finds Optus breached 51,000 customers' privacy
MediumToday · 06:23 UTC
In White Pages case.
Read full article →Westpac is embedding AI across its core "flows"
Today · 08:41 UTC
Lays out vision for more personalised consumer finance and service.
Read full article →Microsoft limits employee use of Anthropic's Claude Fable 5
Yesterday · 20:46 UTC
Over data retention concerns.
Read full article →Wired AI
Wrongful Arrest Exposes Failures in One of the Oldest Police Face-Recognition Tools in the US
Yesterday · 14:00 UTC
The ACLU is suing two Florida police departments over the arrest of a Fort Myers man in a child-abduction case, saying officers treated a flawed face-recognition match as a near-certain ID.
Read full article →Anthropic Walks Back Policy That Could Have ‘Sabotaged’ AI Researchers Using Claude
Today · 03:11 UTC
The company changed course after researchers spoke out against the policy, which would have covertly limited Claude’s ability to develop competing AI models.
Read full article →China Opens World’s First Wind-Powered Underwater Data Center
Yesterday · 13:39 UTC
With an initial capacity of 24 megawatts, the innovative data center uses seawater as a natural cooling system.
Read full article →The Guardian Technology
Anthropic releases 'safe' version of Claude Mythos AI model to public
9 Jun 2026 · 22:28 UTC
Anthropic released Fable 5, a public version of its advanced Mythos AI model class, while keeping tighter controls around cybersecurity and other sensitive uses.
Read full article →The Verge
Anthropic apologizes for invisible Claude Fable guardrails
Today · 11:40 UTC
Anthropic has apologized for stealthily throttling its new AI model, Claude Fable 5, with hidden guardrails that undermine both researchers and rivals using it to develop competing systems. The company says it is reversi…
Read full article →iFixit Trump phone teardown confirms it’s an HTC dupe
Today · 10:40 UTC
After getting its hands on a Trump phone and tearing it apart, iFixit has confirmed what I first reported back in February: the T1 Phone is an almost exact duplicate of the HTC U24 Pro. iFixit partnered with NBC to get h…
Read full article →The library rules (and so do library streaming services)
Today · 11:30 UTC
Summer is almost here, and that means getting outside, having fun in the sun, and touching grass. But if you need to cool down for a bit, allow me to sing the praises of the library. If your local library system is anyth…
Read full article →MIT Technology Review AI
Google DeepMind is worried about what happens when millions of agents start to interact
Today · 11:00 UTC
Google DeepMind is funding research into the potential dangers of situations where millions of different AI agents interact with each other online. According to Rohin Shah, who directs the company’s AGI safety and alignm…
Read full article →Learning to lead in a hybrid human-AI enterprise
9 Jun 2026 · 10:20 UTC
As adoption of AI agents looks set to surge by as much as 300% in the next two years, leadership teams are carefully considering the implications of a hybrid human-AI workforce. Unlike existing enterprise-level automatio…
Read full article →Five things you need to know about AI
9 Jun 2026 · 09:16 UTC
At SXSW London last week I gave a talk called “Five things you need to know about AI,” in which I shared what I think are the biggest themes in AI right now. I pulled a few things from our first AI10 list, an annual guid…
Read full article →TechCrunch AI
Anthropic’s Dario Amodei has just one direct report
Today · 03:53 UTC
If you doubted his genius, doubt no more.
Read full article →Opendoor’s India exit is fueling a bigger conversation about AI and outsourcing
Today · 04:02 UTC
The decision comes as India emerges as the world’s largest GCC market.
Read full article →xAI fired an engineer who raised alarms about Grok safety, new lawsuit claims
Yesterday · 22:31 UTC
A former xAI engineer is suing the company and SpaceX, alleging he was fired for raising AI safety concerns about Grok days before SpaceX's historic IPO.
Read full article →Ars Technica AI
Anthropic says these topics are too dangerous to let its Fable 5 model talk about
9 Jun 2026 · 19:20 UTC
New frontier model refuses cybersecurity, biology, and chemistry queries.
Read full article →Google DeepMind releases DiffusionGemma, a model that runs local AI 4x faster
Yesterday · 19:29 UTC
Diffusion AI is most common in image generation, but it can make text outputs much faster.
Read full article →Nobody needs AI to search the Internet, court says in ruling against Google
Yesterday · 17:19 UTC
Google AI Overview court loss in Germany could spell doom for AI search industry.
Read full article →Google DeepMind
Investing in multi-agent AI safety research
Yesterday · 10:21 UTC
Google DeepMind and partners announce a $10M funding call for multi-agent safety research.
Read full article →Fluid, natural voice translation with Gemini 3.5 Live Translate
9 Jun 2026 · 15:16 UTC
Gemini 3.5 Live Translate brings near real-time, natural speech translation to Google AI Studio, Google Translate and Google Meet.
Read full article →ABC Technology (AU)
Bluesfest creditors owed $7 million, financial report reveals
Today · 09:14 UTC
A report into the cancelled Byron Bay Bluesfest reveals creditors are unlikely to be repaid the millions of dollars they are owed.
Read full article →BHP bracing for strike after WA workers back industrial action
Today · 07:59 UTC
Unionised workers at BHPs operations in Port Hedland could walk off the job as soon as next week after endorsing protected industrial action.
Read full article →ACT education minister censured in Assembly as schools close for strike
Today · 02:29 UTC
ACT MLA Yvette Berry is censured in the Legislative Assembly over her record as minister for housing and education amid a teachers' strike that has closed schools across the territory.
Read full article →Import AI
Import AI 460: Reward hacking society, RSI data from Anthropic; and RL-based quadcopter racing
8 Jun 2026 · 12:31 UTC
When will markets price the singularity?
Read full article →NVIDIA AI Blog
For Robotaxis, Safety Must Be Built In, Not Bolted On
Yesterday · 19:00 UTC
A car pulls up to the curb. The app says, “Your ride is here.” No one’s in the driver’s seat. For people who live in one of the dozens of cities now hosting robotaxi services, this is already a reality. The robotaxi indu…
Read full article →NVIDIA Accelerates Google DeepMind’s DiffusionGemma for Local AI
Yesterday · 16:15 UTC
Today, Google DeepMind released DiffusionGemma — an experimental open model built for exceptionally fast text generation. NVIDIA has optimized DiffusionGemma to run even faster across NVIDIA GeForce RTX GPUs, the NVIDIA…
Read full article →NVIDIA Confidential Computing to Help Expand Apple’s Private Cloud Compute
9 Jun 2026 · 22:34 UTC
NVIDIA GPUs with Confidential Computing are now used for confidential inference in Apple’s Private Cloud Compute (PCC), as it expands beyond Apple’s data centers to Google Cloud. Unveiled during Apple’s annual WWDC gathe…
Read full article →Vendor Security
Rapid7 Blog
Patch Tuesday - June 2026
Critical9 Jun 2026 · 21:04 UTC
Microsoft is publishing 200 vulnerabilities on June 2026 Patch Tuesday. Microsoft is not aware of exploitation in the wild for any of these vulnerabilities, and is aware of public disclosure for three. This is similar to…
Read full article →CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry
CriticalYesterday · 10:21 UTC
OverviewOn June 9, 2026, Ivanti published a security advisory for two critical vulnerabilities affecting Ivanti Sentry (formerly known as MobileIron Sentry), which per the vendor website is an “in-line gateway that manag…
Read full article →Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans
CriticalYesterday · 16:26 UTC
Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports containing valuable intelligence about adversary behaviors, tactics, tec…
Read full article →Check Point Research
8th June – Threat Intelligence Report
Critical8 Jun 2026 · 14:47 UTC
For the latest discoveries in cyber research for the week of 1st June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES DentaQuest, a U.S. dental benefits administrator owned by Sun Life, has su…
Read full article →CrowdStrike Blog
June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days
Critical9 Jun 2026 · 05:00 UTC
Read full article →CrowdStrike 2026 Technology Threat Landscape Report: China’s Ambitions Fuel Attacks
Medium9 Jun 2026 · 05:00 UTC
Read full article →CrowdStrike Expands Identity Leadership with OpenID and IDPro
Yesterday · 05:00 UTC
Read full article →AWS Security
ICYMI: May 2026 @AWS Security
High8 Jun 2026 · 21:00 UTC
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, new service capabilities, code samples, and workshops. AWS Secu…
Read full article →Operationalizing AWS security: A maturity roadmap
8 Jun 2026 · 16:18 UTC
Enabling security tooling is the starting point. Making it operational—where findings drive decisions, response times are measurable, and your security posture improves week over week—is where most organizations struggle…
Read full article →Palo Alto Unit 42
Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
High9 Jun 2026 · 14:05 UTC
We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257. The post Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 appeared first on Unit 42.
Read full article →Trust No Skill: Integrity Verification for AI Agent Supply Chains
HighToday · 10:00 UTC
Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains. The post Trust No Skill: Integrity Verification for AI Agent Supply Chains app…
Read full article →Blinding the Watchmen: Abusing Cloud Logging Services for Defense Evasion and Visibility
Medium9 Jun 2026 · 22:00 UTC
Unit 42 research examines attack scenarios targeting cloud logging services. Learn how to defend against log manipulation and defense evasion. The post Blinding the Watchmen: Abusing Cloud Logging Services for Defense Ev…
Read full article →Microsoft Security
AI brands as bait: How threat actors are using the AI hype in social engineering
High8 Jun 2026 · 16:00 UTC
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. The post AI brands as bait: How threat actors are using the AI h…
Read full article →Turn specs into evals for any agent with ASSERT
Yesterday · 16:00 UTC
Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT) is an open-source framework for converting natural language behavior requirements into executable evaluations of AI models and agents. The post…
Read full article →Reconstructing AI activity in investigations
9 Jun 2026 · 17:35 UTC
Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach. This playbook helps security teams reconstruct events, assess data exposure, and detect p…
Read full article →Microsoft Threat Intel
AI brands as bait: How threat actors are using the AI hype in social engineering
High8 Jun 2026 · 16:00 UTC
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. The post AI brands as bait: How threat actors are using the AI h…
Read full article →Cisco Talos
Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities
High9 Jun 2026 · 21:21 UTC
Microsoft Patch Tuesday details for June 2026.
Read full article →StepSecurity
New in the Threat Center: Compromised Components, Now Available via API
High9 Jun 2026 · 21:04 UTC
StepSecurity's new Threat Center API returns the compromised packages for any supply chain incident, so you can automate response and confirm exposure fast.
Read full article →Pythagora-io/gpt-pilot Compromised on GitHub - Shai-Hulud Credential Stealer Blocked by Python Linter
High9 Jun 2026 · 21:04 UTC
An attacker hijacked a co-founder's GitHub account for gpt-pilot, a 33K-star AI coding tool, and force-pushed a credential-stealing Shai-Hulud payload to the main branch. The ruff Python linter caught formatting and lint…
Read full article →The Hades Campaign: Graph ML PyPI Packages Deploy Cross-Platform Memory Scrapers, AI Analyst Misdirection, and a Wiper Deterrent
Medium9 Jun 2026 · 21:04 UTC
On June 8, 2026, multiple Graph ML PyPI packages in the bioinformatics ecosystem were compromised in the Hades campaign, deploying cross-platform memory scrapers, AI prompt injections to misdirect scanners, and a token-r…
Read full article →OpenAI News
Access OpenAI models and Codex through your Oracle cloud commitment
Yesterday · 20:00 UTC
Access OpenAI models and Codex through Oracle Cloud, using existing commitments to build and deploy AI with enterprise security and governance.
Read full article →How an astrophysicist uses Codex to help simulate black holes
Today · 00:00 UTC
Discover how astrophysicist Chi-kwan Chan uses Codex to build black hole simulations, helping scientists study extreme physics and test Einstein’s theory of general relativity.
Read full article →Supporting Europe’s work in ensuring a trustworthy AI ecosystem
Today · 00:00 UTC
OpenAI supports the EU Code of Practice on AI content transparency, advancing provenance standards and tools to help people understand AI-generated content.
Read full article →