Over 900 automatic tank gauge (ATG) systems across the United States, used to monitor fuel and chemical storage tanks across various critical infrastructure sectors, have been found exposed online...
Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about browser-layer security gaps and...
Introduction In today’s digital-first world, organizations collect, process, and store enormous volumes of data every day. Customer information, financial records, employee details, and...
In today’s hyperconnected digital landscape, a brand’s reputation can be damaged within minutes. Customers, partners, and stakeholders increasingly interact with businesses through websites,...
A vulnerability has been discovered in Cisco products that could allow for Server-Side Request Forgery. Cisco Unified Communications Manager (Unified CM) / Cisco Unified Communications Manager...
EU telecommunications ministers are set to review progress on a proposed cybersecurity package at the Transport, Telecommunications and... The post EU Council to examine cybersecurity package...
Ransomware activity edged higher in May 2026, with researchers at Comparitech recording 661 attacks worldwide, a 3% increase... The post Global ransomware activity rises modestly in May as Qilin,...
In May 2026, the corporate travel management company BCD Travel was claimed as a victim of the ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from BCD was subsequently...
Powys County Council is responding to a cyber security incident affecting some school systems, which has resulted in unauthorised access to some personal data. The incident was initially...
Lyne compared the underground landscape to a bar where threat actors can "get everything but a good drink." "It felt like cyber threats were all quite stovepiped. You had hacktivists, you had...
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. [...]
A familiar tactic popularized by chaotic crime crew Lapsus$
Future’s Intelligence Grap® uses holistic sourcing across 1M+ sources for complete threat intelligence and proactive defense.
TeamPCP has leveraged a compromised GitHub account to inject malicious code into at least 42 repositories and 236 branches across the Azure, Azure-Samples and Microsoft GitHub organizations. They...
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as...
Codex drops an HTTP/2 Bomb
A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub...
Over the past several weeks, the cybersecurity community has been reminded how quickly frontier and agentic AI in defense networks can challenge our assumptions. When Anthropic's Claude Mythos...
Shyam Sankar, the chief technology officer at Palantir Technologies, has emerged as a lead contender for the long vacant Cybersecurity and Infrastructure Security Agency (CISA) director role,...
Docker security advisory (AV26-550)
On June 2, 2026, the White House signed an Executive Order directing federal agencies to harden their systems with AI-enabled cyber defenses and to stand up a new AI cybersecurity clearinghouse —...
It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is...
Overview The "ClickFix" threat landscape has undergone a significant architectural shift, transitioning from legacy Windows-based execution to sophisticated macOS-targeted campaigns. These...
SolarWinds security advisory (AV26-549)
The LevelBlue OpsIntel CTI team examined the latest version of the ClickFix campaign, which emerged in early May 2026. The campaign employs a multi-stage phishing delivery chain that impersonates...
Joe’s on-the-ground report from Cisco Live U.S. is here, complete with therapy dog pictures and tips on handling conference overstimulation.
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been...
Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetization-focused features. [...]
Code reviewed by WIRED uncovered an unreleased face-recognition system embedded in Meta’s smart glasses platform. It’s designed to identify people via biometric data stored on users’ phones.
The Windows version of the Hola Browser has been compromised in a supply chain attack that delivered an undeclared executable identified by researchers as a cryptocurrency miner. [...]