📰

Today's News Highlights

🏢 Rapid7 Blog Critical

Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Today · 13:43 UTC

OverviewOn June 10, 2026, Oracle published a security alert for CVE-2026-35273, a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise Pe…

Read full article →
🔐 The Hacker News Critical

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Today · 09:50 UTC

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code…

Read full article →
🔐 Infosecurity Magazine Critical

GitHub to Update npm to Thwart Software Supply Chain Attacks

Today · 13:00 UTC

NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts

Read full article →
🔐 The Hacker News High

Rethinking MDR as Attackers and Defenders Embrace AI

Today · 11:00 UTC

For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and nee…

Read full article →
🔐 The Hacker News Medium

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

Today · 12:04 UTC

Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer m…

Read full article →
🔐 Dark Reading Medium

Phishing Attack Volume Down 20%, But Risk Still Rising

Today · 00:58 UTC

Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiply them.

Read full article →

Top Stories by Impact

🏢 Rapid7 Blog Critical

Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Today · 13:43 UTC

OverviewOn June 10, 2026, Oracle published a security alert for CVE-2026-35273, a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise Pe…

Read full article →
🏢 Mandiant Threat Intel Critical

ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit

Yesterday · 14:00 UTC

Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle…

Read full article →
🏢 Rapid7 Blog Critical

Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime

Yesterday · 13:00 UTC

IntroductionThe underground market for criminally oriented generative AI has moved beyond the early hype surrounding 'malicious chatbots.' The gradual integration of AI as a produc…

Read full article →
🔐 CISA Alerts Critical

Naxclow IoT Platform

Yesterday · 12:00 UTC

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to impersonate devices, intercept or manipulate communications, harvest sensitive credent…

Read full article →
🔐 CISA Alerts Critical

Yarbo Android/iOS Mobile Application and Cloud Infrastructure

Yesterday · 12:00 UTC

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credentials, gain access to telemetry data, and potentially send ope…

Read full article →
🔐 CISA Alerts Critical

Brickcom Cameras

Yesterday · 12:00 UTC

View CSAF Summary Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive…

Read full article →
🔐 Krebs on Security Critical

A Record-Breaking Patch Tuesday for June 2026

9 Jun 2026 · 22:07 UTC

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's…

Read full article →
🔐 The Hacker News Critical

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Today · 09:50 UTC

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code…

Read full article →
🔐

Cybersecurity

CISA Alerts

1

Naxclow IoT Platform

Critical

Yesterday · 12:00 UTC

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to impersonate devices, intercept or manipulate communications, harvest sensitive credentials at scale, or gain unauthorized acce…

Read full article →
2

Yarbo Android/iOS Mobile Application and Cloud Infrastructure

Critical

Yesterday · 12:00 UTC

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to obtain hard-coded credentials, gain access to telemetry data, and potentially send operational commands to the robot fleet. Th…

Read full article →
3

Brickcom Cameras

Critical

Yesterday · 12:00 UTC

View CSAF Summary Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive visual information from affected premis…

Read full article →

Krebs on Security

1

A Record-Breaking Patch Tuesday for June 2026

Critical

9 Jun 2026 · 22:07 UTC

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly thre…

Read full article →
2

Who Runs the Ransomware Group ‘The Gentlemen?’

High

10 Jun 2026 · 14:03 UTC

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affi…

Read full article →

The Hacker News

1

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Critical

Today · 09:50 UTC

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph is an open-source f…

Read full article →
2

Rethinking MDR as Attackers and Defenders Embrace AI

High

Today · 11:00 UTC

For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and needed someone else to handle the alert que…

Read full article →
3

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

Medium

Today · 12:04 UTC

Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Se…

Read full article →

Infosecurity Magazine

1

GitHub to Update npm to Thwart Software Supply Chain Attacks

Critical

Today · 13:00 UTC

NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts

Read full article →
2

Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol

Medium

Today · 14:00 UTC

Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others

Read full article →
3

Over 80% of Sports Organizations Targeted by Hackers in the Last Year

Medium

Today · 11:00 UTC

As the FIFA World Cup 2026 kicks off, a new Darktrace report warns that sports teams and bodies are a major target for cyber criminals

Read full article →

Dark Reading

1

Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure

High

Yesterday · 18:43 UTC

Initial methods suggest attackers had likely mapped out Ivanti's asset landscape upfront and acted quickly once the exploit became public.

Read full article →
2

Phishing Attack Volume Down 20%, But Risk Still Rising

Medium

Today · 00:58 UTC

Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiply them.

Read full article →
3

Claude Fable 5 Doesn't Change the Mythos Security Story

Today · 13:01 UTC

Stay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos "made safe for general use," Anthropic explained.

Read full article →

Cloudflare Blog

1

Project Glasswing: what Mythos showed us

High

18 May 2026

Cloudflare shares findings from testing Mythos and other security-focused LLMs against live code across critical infrastructure, including model strengths, weaknesses, and what is needed before this work can scale.

Read full article →

BleepingComputer

1

Early Warning Signs of Supply-Chain Attacks Live in the Dark Web

Medium

Today · 14:01 UTC

GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to software supply-chain risk. [...]

Read full article →
2

Pharma giant Novo Nordisk discloses breach of clinical trials data

Medium

Today · 10:13 UTC

Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. [...]

Read full article →
3

Microsoft fixes Windows update failures linked to WUSA installer

Today · 11:44 UTC

Microsoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share. [...]

Read full article →

Cybercrime Magazine

1

Parents: How To Help Your College Students Avoid Roommate Scams

Medium

Yesterday · 13:08 UTC

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 11, 2026 – Listen to the podcast Media outlets and cybersecurity industry experts have been warning for the past several years a…

Read full article →
2

Code Girls: The Secret Heroes Of World War II

Today · 12:34 UTC

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 12, 2026 – Watch the YouTube Short During World War II, some of America’s most powerful weapons weren’t bombs or guns. They were…

Read full article →
3

New Book: Cybersecurity for Accounting and Business

10 Jun 2026 · 13:12 UTC

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 10, 2026 – Read the book Cybersecurity for Accounting and Business, a new book co-authored by Nancy Bagranoff, Professor at Univ…

Read full article →

Schneier on Security

1

Bernie Sanders’ AI Sovereign Wealth Fund Plan

Today · 11:03 UTC

Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful of billionaires who have promoted and dev…

Read full article →
2

Enhanced License Plate Tracking

Yesterday · 11:01 UTC

The surveillance company Leonardo wants more data: A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices, as well as capture the license plate of passing vehic…

Read full article →
3

NSO Group Hacking WhatsApp Despite Court Order

10 Jun 2026 · 11:08 UTC

WhatsApp has caught the NSO Group phishing its users, in violation of a court order.

Read full article →

CyberScoop

1

Russian national charged in connection with Void Blizzard espionage campaign

Yesterday · 17:11 UTC

Denis Obrezko accused of orchestrating cyberattacks that compromised at least 11 U.S. companies as part of the Kremlin-linked group's sprawling espionage operation.\ The post Russian national charged in connection with V…

Read full article →
2

CyberCorps is adapting to AI. The budget isn’t keeping up.

Today · 11:57 UTC

CyberCorps is evolving to tackle AI threats. But budget cuts could derail it before the work even starts. The post CyberCorps is adapting to AI. The budget isn’t keeping up. appeared first on CyberScoop.

Read full article →
3

OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers

10 Jun 2026 · 20:20 UTC

The company says there’s little evidence it influenced any real policy discussion. The post OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers appeared first on CyberScoop.

Read full article →

SANS Internet Storm Center

1

How has use of framing protection security headers changed in the past 3 years?, (Wed, Jun 10th)

10 Jun 2026 · 08:29 UTC

Back in 2023, I wrote a diary[1] discussing how commonly X-Frame-Options and CSP headers containing the frame-ancestors directive were used on 1 million most popular domains on the internet (based on the Tranco list[2]),…

Read full article →
2

ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th)

Today · 12:30 UTC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read full article →
3

ISC Stormcast For Thursday, June 11th, 2026 https://isc.sans.edu/podcastdetail/9968, (Thu, Jun 11th)

Yesterday · 02:25 UTC

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Read full article →

Ars Technica

1

Cameras, sensors, and 3D body scans: All the tech helping eliminate blown calls

Today · 11:45 UTC

This World Cup, refs will use digital twins of each player to view plays from every angle.

Read full article →
2

Ebola cases in DRC rise to 676 as Kenya protests erupt over US plans

Today · 11:30 UTC

Outbreak responses are still playing catch-up as US works to isolate itself.

Read full article →
3

Pokémon Go players unwittingly contributed to tech with military drone uses

Today · 11:15 UTC

The repurposing of Pokémon Go data for AI training continues to draw scrutiny.

Read full article →
🤖

AI & Technology

ITNews Australia

1

AudiA6 crypto launderers arrested, network taken down by police

Medium

Today · 04:15 UTC

Australian ransomware victim's funds washed, AFP said.

Read full article →
2

US charges suspected Russian hacker with facilitating cyber campaign

Yesterday · 20:38 UTC

Allegedly linked to Void Blizzard.

Read full article →
3

Gov looks for upstream threat blocking by telcos, cloud operators

Yesterday · 20:33 UTC

As a key action in the evolution of cyber strategy.

Read full article →

The Guardian Technology

1

Pokémon Go data trained AI that could assist military drones in war zones

Medium

Today · 07:06 UTC

Location scans from the globally popular augmented reality game have helped train AI to recognise and interpret physical spacesFollow our Australia news live blog for latest updatesGet our breaking news email, free app o…

Read full article →
2

Canadian mother sues OpenAI, alleging ChatGPT led her daughter to kill herself

Yesterday · 19:14 UTC

Suit filed in US alleges chatbot told Alice Carrier, 24, ‘maybe this is just the end’ as she struggled with suicidal thoughtsA Canadian mother sued OpenAI and its CEO, Sam Altman, in US court on Thursday, alleging that C…

Read full article →
3

Musk’s xAI fired engineer for raising concerns about Grok chatbot, lawsuit claims

Yesterday · 15:47 UTC

Former xAI engineer Devin Kim alleges he was illegally fired for trying to implement safety mechanisms for the chatbotA former engineer at Elon Musk’s xAI who now heads a thinktank focused on AI safety filed a lawsuit cl…

Read full article →

The Guardian Technology

1

Anthropic releases 'safe' version of Claude Mythos AI model to public

9 Jun 2026 · 22:28 UTC

Anthropic released Fable 5, a public version of its advanced Mythos AI model class, while keeping tighter controls around cybersecurity and other sensitive uses.

Read full article →

MIT Technology Review AI

1

Google DeepMind is worried about what happens when millions of agents start to interact

Yesterday · 11:00 UTC

Google DeepMind is funding research into the potential dangers of situations where millions of different AI agents interact with each other online. According to Rohin Shah, who directs the company’s AGI safety and alignm…

Read full article →
2

Learning to lead in a hybrid human-AI enterprise

9 Jun 2026 · 10:20 UTC

As adoption of AI agents looks set to surge by as much as 300% in the next two years, leadership teams are carefully considering the implications of a hybrid human-AI workforce. Unlike existing enterprise-level automatio…

Read full article →
3

Five things you need to know about AI

9 Jun 2026 · 09:16 UTC

At SXSW London last week I gave a talk called “Five things you need to know about AI,” in which I shared what I think are the biggest themes in AI right now. I pulled a few things from our first AI10 list, an annual guid…

Read full article →

The Verge

1

Jeff Bezos’ AI startup aims to build an ‘artificial general engineer’

Today · 14:03 UTC

Amazon founder Jeff Bezos says his new AI startup will work toward developing an "artificial general engineer," according to reports from The New York Times and CNBC. The startup, called Prometheus, aims to develop AI-po…

Read full article →
2

SpaceX is now public

Today · 13:54 UTC

SpaceX is now a publicly traded company. In one of the most highly anticipated and controversial public offerings of all time, the rocket venture helmed by Elon Musk started trading on Nasdaq on June 12th at the take-it-…

Read full article →
3

Sorry, the Ooni pizza oven is totally worth it

Today · 13:30 UTC

Summer is approaching, which means it's time to enjoy some gloriously warm weather beside the grill. But let me pitch you on an alternative: Instead of the usual burgers, hot dogs, and kebabs, what if you made pizza? I'v…

Read full article →

Google DeepMind

1

Investing in multi-agent AI safety research

10 Jun 2026 · 10:21 UTC

Google DeepMind and partners announce a $10M funding call for multi-agent safety research.

Read full article →
2

DiffusionGemma: 4x faster text generation

10 Jun 2026 · 16:24 UTC

Read full article →
3

Fluid, natural voice translation with Gemini 3.5 Live Translate

9 Jun 2026 · 15:16 UTC

Gemini 3.5 Live Translate brings near real-time, natural speech translation to Google AI Studio, Google Translate and Google Meet.

Read full article →

Wired AI

1

You Probably Won’t Get Rich Off the SpaceX IPO

Today · 09:30 UTC

The company has set aside an unusually high number of shares for retail investors. Still, experts say, you’re just getting the crumbs.

Read full article →
2

Apple’s Camera Chief Thinks AI Can Give You Superpowers

Today · 01:00 UTC

The generative features in iOS 27’s new Photos app will add fake pixels to some of your shots, but Apple’s Jon McCormack says the company isn’t using AI “for the sake of AI.”

Read full article →
3

Why You Might Already Own SpaceX Shares, Siri’s AI Makeover, and Knicks Owner’s Surveillance Machine

Yesterday · 23:37 UTC

Today on Uncanny Valley, we take an early look at the SpaceX IPO and why you might find yourself among the investors without even realizing it.

Read full article →

TechCrunch AI

1

SpaceX IPO: Everything you need to know

Today · 14:08 UTC

TechCrunch has followed SpaceX's start, struggles, and successes from the early days. And we're here for what happens next too. This package of SpaceX IPO coverage includes who stands to win (and maybe some who won't), p…

Read full article →
2

Cheaper, faster, and culturally aware, Avataar’s video AI is built for India’s scale

Today · 04:30 UTC

Avataar AI's distilled video model is priced at $0.005 for every second of generation

Read full article →
3

Theker just raised $85M to build the factory robot that doesn’t specialize in anything

Today · 01:48 UTC

Unlike humanoid robots designed around a fixed form — think Boston Dynamics — Theker's machines are built to be reconfigured.

Read full article →

Ars Technica AI

1

Pokémon Go players unwittingly contributed to tech with military drone uses

Today · 11:15 UTC

The repurposing of Pokémon Go data for AI training continues to draw scrutiny.

Read full article →
2

Google DeepMind releases DiffusionGemma, a model that runs local AI 4x faster

10 Jun 2026 · 19:29 UTC

Diffusion AI is most common in image generation, but it can make text outputs much faster.

Read full article →
3

Nobody needs AI to search the Internet, court says in ruling against Google

10 Jun 2026 · 17:19 UTC

Google AI Overview court loss in Germany could spell doom for AI search industry.

Read full article →

NVIDIA AI Blog

1

Save Big and Play Bigger: GeForce NOW Summer Sale Brings Major Membership Savings

Yesterday · 13:00 UTC

The GeForce NOW summer sale kicked off today with limited-time savings of up to $70 off a 12-month membership, making now the perfect time to upgrade to get the best of the cloud and see just how far Ultimate gaming can…

Read full article →
2

For Robotaxis, Safety Must Be Built In, Not Bolted On

10 Jun 2026 · 19:00 UTC

A car pulls up to the curb. The app says, “Your ride is here.” No one’s in the driver’s seat. For people who live in one of the dozens of cities now hosting robotaxi services, this is already a reality. The robotaxi indu…

Read full article →
3

NVIDIA Accelerates Google DeepMind’s DiffusionGemma for Local AI

10 Jun 2026 · 16:15 UTC

Today, Google DeepMind released DiffusionGemma — an experimental open model built for exceptionally fast text generation. NVIDIA has optimized DiffusionGemma to run even faster across NVIDIA GeForce RTX GPUs, the NVIDIA…

Read full article →

ABC Technology (AU)

1

Breaking: Elon Musk set to become world's first trillionaire as SpaceX lists on US stock market

Today · 13:44 UTC

"SpaceX wants to be able to take you to the moon, take you to Mars, and ultimately beyond," Mr Musk said at a launch event in Starbase, Texas.

Read full article →
2

Senior Labor figures weigh in on BHP strike, cost could be $120m per day

Today · 09:01 UTC

Federal Resources Minister Madeleine King says workers threatening strike action at the nation's biggest port deserve "every single cent" of what they earn while a peak industry body says they are "letting down everyone"…

Read full article →
3

Mitre 10 franchisee battles to stop Bunnings opening next door

Today · 08:51 UTC

A small town retailer is battling it out with Australia's biggest hardware giant in the Federal Court to stop Bunnings from opening up literally next door to his Mitre 10 franchise.

Read full article →
🏢

Vendor Security

Rapid7 Blog

1

Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Critical

Today · 13:43 UTC

OverviewOn June 10, 2026, Oracle published a security alert for CVE-2026-35273, a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. Oracle released an out-of-ban…

Read full article →
2

Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime

Critical

Yesterday · 13:00 UTC

IntroductionThe underground market for criminally oriented generative AI has moved beyond the early hype surrounding 'malicious chatbots.' The gradual integration of AI as a productivity layer within cybercrime operation…

Read full article →
3

Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans

Critical

10 Jun 2026 · 16:26 UTC

Blake McDermott is Senior Threat Hunter at Rapid7.Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports containing valuable intelligence about adversary behaviors, tactics, tec…

Read full article →

Mandiant Threat Intel

1

ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit

Critical

Yesterday · 14:00 UTC

Introduction Mandiant and Google Threat Intelligence Group (GTIG) have identified an active compromise and extortion campaign attributed to UNC6240 (ShinyHunters) targeting Oracle PeopleSoft application infrastructure. T…

Read full article →

Check Point Research

1

From SQLi to RCE – Exploiting LangGraph’s Checkpointer

High

Yesterday · 13:37 UTC

By Yarden Porat AI agents need memory. Frameworks like LangGraph provide it through checkpointers – persistence layers that store execution state. But what happens when that persistence layer isn’t locked down? Key Point…

Read full article →

Palo Alto Unit 42

1

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257

High

9 Jun 2026 · 14:05 UTC

We include indicators of activity and mitigations for PAN-OS vulnerability CVE-2026-0257. The post Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 appeared first on Unit 42.

Read full article →
2

Trust No Skill: Integrity Verification for AI Agent Supply Chains

High

Yesterday · 10:00 UTC

Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains. The post Trust No Skill: Integrity Verification for AI Agent Supply Chains app…

Read full article →
3

Blinding the Watchmen: Abusing Cloud Logging Services for Defense Evasion and Visibility

Medium

9 Jun 2026 · 22:00 UTC

Unit 42 research examines attack scenarios targeting cloud logging services. Learn how to defend against log manipulation and defense evasion. The post Blinding the Watchmen: Abusing Cloud Logging Services for Defense Ev…

Read full article →

Cisco Talos

1

Microsoft Patch Tuesday for June 2026 — Snort rules and prominent vulnerabilities

High

9 Jun 2026 · 21:21 UTC

Microsoft Patch Tuesday details for June 2026.

Read full article →
2

A tale of two eras

Yesterday · 18:00 UTC

In this week’s newsletter, Amy reminisces on the tech toys of their childhood, inspired by a hilarious lesson about why your digital privacy shouldn't be left on an open channel.

Read full article →

StepSecurity

1

New in the Threat Center: Compromised Components, Now Available via API

High

9 Jun 2026 · 21:04 UTC

StepSecurity's new Threat Center API returns the compromised packages for any supply chain incident, so you can automate response and confirm exposure fast.

Read full article →
2

Pythagora-io/gpt-pilot Compromised on GitHub - Shai-Hulud Credential Stealer Blocked by Python Linter

High

9 Jun 2026 · 21:04 UTC

An attacker hijacked a co-founder's GitHub account for gpt-pilot, a 33K-star AI coding tool, and force-pushed a credential-stealing Shai-Hulud payload to the main branch. The ruff Python linter caught formatting and lint…

Read full article →
3

Miasma and Hades Are Spreading Now: Detect Them on Developer Machines with Suspicious Files

Yesterday · 16:11 UTC

Miasma and Hades worms are spreading across npm and PyPI, running on import and project open. See how Dev Machine Guard's Suspicious Files detects them.

Read full article →

CrowdStrike Blog

1

CrowdStrike 2026 Technology Threat Landscape Report: China’s Ambitions Fuel Attacks

Medium

9 Jun 2026 · 05:00 UTC

Read full article →
2

CrowdStrike Named an Innovation and Growth Leader in the 2026 Frost Radar™: Cloud and Application Runtime Security

Yesterday · 05:00 UTC

Read full article →
3

CrowdStrike Expands Identity Leadership with OpenID and IDPro

10 Jun 2026 · 05:00 UTC

Read full article →

GitHub Security Blog

1

Making secret scanning more trustworthy: Reducing false positives at scale

Yesterday · 16:00 UTC

Alerts are more trustworthy and actionable when noise is reduced. See how we improved the verification step with context-aware LLM reasoning. The post Making secret scanning more trustworthy: Reducing false positives at…

Read full article →

Microsoft Security

1

Turn specs into evals for any agent with ASSERT

10 Jun 2026 · 16:00 UTC

Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT) is an open-source framework for converting natural language behavior requirements into executable evaluations of AI models and agents. The post…

Read full article →
2

Reconstructing AI activity in investigations

9 Jun 2026 · 17:35 UTC

Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach. This playbook helps security teams reconstruct events, assess data exposure, and detect p…

Read full article →

SentinelOne Labs

1

LABScon25 Replay | Keynote: Steps to an Ecology of Cyber

Yesterday · 13:00 UTC

Decades of piling complexity onto non-standardized stacks have left security unsteerable. Juan Andrés Guerrero-Saade makes the case for a new approach.

Read full article →

OpenAI News

1

How Preply combines AI and human tutors to personalize learning

Today · 00:00 UTC

Preply uses OpenAI to launch AI-generated lesson summaries, providing personalised feedback and language learning exercises.

Read full article →
2

Supporting Europe’s work in ensuring a trustworthy AI ecosystem

Yesterday · 00:00 UTC

OpenAI supports the EU Code of Practice on AI content transparency, advancing provenance standards and tools to help people understand AI-generated content.

Read full article →
3

OpenAI to acquire Ona

Yesterday · 00:00 UTC

OpenAI plans to acquire Ona to expand Codex with secure, persistent cloud environments, enabling long-running AI agents across enterprise workflows.

Read full article →