On June 9th, Anthropic released its Fable generative AI model. Three days later, the US government classified it as a dangerous munition, and used its export-control authority to prohibit any...
And how XDR keeps getting better every day
The head of the U.K.’s National Cyber Security Centre (NCSC) warned that hostile states are driving the majority... The post NCSC’s Horne warns UK infrastructure under sustained cyber pressure...
New data from Doppel identified that manufacturing remains one of the most heavily targeted sectors for cyberattacks, as... The post Manufacturing cyber threats shift toward identity-driven...
The U.S. National Institute of Standards and Technology (NIST) released Special Publication 1339, an OT (Operational Technology) Backup... The post NIST SP-1339 releases OT Backup Quick Start...
Accenture announced on Thursday that it is acquiring a majority stake in Dragos at a $3.25 billion valuation,... The post Accenture’s Dragos investment marks new phase for OT cybersecurity in...
A dataset containing valid administrative and VPN credentials for tens of thousands of Fortinet FortiGate firewalls.
F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to achieve code execution on affected systems. The vulnerabilities are listed...
In June 2026, fashion retailer Ralph Lauren was targeted in a ShinyHunters "pay or leak" extortion campaign. The group subsequently published hundreds of gigabytes of data they claimed was...
Leaked files show the invite-only network grades members by their money and fame, shaping who’s in, who’s out, and who pays.
Cybersecurity firms, researchers and officials took down 106 servers and remediated nearly 15,000 sites that were infected with the malware. The post Authorities disrupt Evil Corp’s SocGholish...
If an autonomous AI agent interacts with your company's core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is a...
The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS...
While preventing third parties from profiting off unauthorized deepfakes of artists and performers is a bipartisan concern, some business and digital rights groups are opposed. The post Congress...
On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation, a prolific malware distribution network used to compromise systems and facilitate further...
Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026 with clipboard-intercepting malware with self-spreading capabilities...
Cybersecurity researchers have charted the evolution of INC from an nascent ransomware-as-a-service (RaaS) operation to one of the most prolific cybercrime groups in 2026, claiming no less than...
An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout,...
Threat actors associated with the DragonForce ransomware have been observed using a custom Go-based remote access trojan (RAT) called Backdoor.Turn to conceal command-and-control (C2) traffic...
In the latest Threat Source, Hazel channels her inner Spielberg to explore why humans are delightfully irrational, reminding us that while security best practices are simple in theory, they’re a...
We break down the technical architecture behind our multi-stage vulnerability discovery harness and automated triage loop. Learn how we manage state controls, squash false positives through...
EXCLUSIVE 'Working as intended' for the win … again
The threat group’s remarkable success targeting open-source software was inevitable and fueled by the industry’s decision to prioritize code shipping over security. The post How software...
Identified through macOS endpoint monitoring, the CL-CRI-1089 cluster, delivered under the publicly reported Operation FlutterBridge campaign, demonstrates a deliberate misuse of the Flutter...
CERT Polska has received a report about 6 vulnerabilities (from CVE-2026-54219 to CVE-2026-54224) found in UBB.threads software.
The FBI expects to conduct more court-authorized cyber operations to remove foreign hackers’ access to privately owned routers and edge devices, a senior bureau official said, underscoring how...
CERT Polska has received a report about 3 vulnerabilities (from CVE-2026-40455 to CVE-2026-40457) found in LMS (LAN Management System) software.
The spotlight has been on frontier models, but the goals are more far reaching -- including supercharging cyber defense and remediating risk at machine speed
Building on its $10 billion cybersecurity business, Accenture is expanding its position with the acquisition of a majority... The post Accenture expands OT cybersecurity capabilities with Dragos...
Out-of-bounds Read vulnerability (CVE-2026-50643) has been found in 8cc compiler.