Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contempt order against...

Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange...

Scumbags, including a Qilin ransomware affiliate, began hitting this hole May 7

Monday again. The weekend was meant to be quiet. It wasn't. Last week had poisoned packages, a broken AI helper, and a worm tearing through repos. The ugly part: basic tricks still worked. A...

Phishing has always been a numbers game. AI has turned it into a volume machine. Attackers can now create convincing emails, fake login pages, and tailored lures in minutes. Every polished message...

Meanwhile, 13 schools in Wales affected by separate attack

Broadcom VMware security advisory (AV26-560)

The code WIRED identified is gone from the latest version of Meta AI, the companion app for the company’s smart glasses. Meta won’t say why or whether it’s coming back.

The U.S. House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection held a hearing examining how frontier AI... The post Frontier AI, cyber defense, and critical...

Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this line right here...

General Dynamics Information Technology (GDIT), a business unit of General Dynamics, announced on Monday that it has expanded... The post GDIT expands Splunk partnership to deliver AI-driven...

Honeywell announced the expansion of its Operational Technology (OT) Cybersecurity Suite, delivering advanced, proactive protection for industrial environments... The post Honeywell expands OT...

If you’re a user—owner?—of this cryptocurrency, this is important: On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus...

In an unstable geopolitical climate, attackers see nothing but opportunity

A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and...

Miasma worm shapeshifts, but cloud secret-scouting remains the goal

Check Point security advisory (AV26-559)

Spring security advisory (AV26-558)

[Control systems] CISA ICS security advisories (AV26–556)

Red Hat security advisory (AV26-557)

Zuckercorp says surveillance-for-hire vendor was still running phishing operations after federal court told it to knock it off

Dell security advisory (AV26-554)

Ubuntu security advisory (AV26-555)

IBM security advisory (AV26-553)

The hunt is on to find protections against the coming generation of adaptive AI worm malware in order to head off a global incident on the scale of other famous worm events, such as NotPetya,...

Check Point Research has identified active exploitation of CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN and Mobile Access deployments...

Meta says roughly 20,000 Instagram accounts may have been hacked in a recent attack abusing an AI-powered account recovery support tool. Hackers compromised many Instagram accounts simply by...

One of the largest hospital trusts in England has confirmed thousands of patient test results were stolen in a cyber attack in 2024. Mid and South Essex NHS Foundation Trust (MSE), which runs...

A cybersecurity incident Sunday has forced Evanston Township High School to cancel all summer school classes, sports camps and other on-campus activities through Tuesday. In an announcement...

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial...

The injured teenage survivor of a January 2025 shooting at a Nashville, Tennessee high school recently sued the manufacturer of an “AI gun detection” system that failed to detect the handgun that...

From January through May 2026, Mandiant identified a financially motivated data theft extortion campaign executed by the threat cluster UNC3753 (also tracked as “Luna Moth,” “Chatty Spider,” and...

Grixba is a custom Infostealer developed by Play Ransomware Group using Costura (.NET tool for embedding dependencies into single executable), which is publicly disclosed in 2023 (but originally...

Sen. Mark Warner, D-Va., is introducing legislation to permanently fund a cybersecurity information-sharing program used by thousands of state, local, tribal and territorial governments, after the...

At the Port of Beirut, the new scanners did exactly what they were built to do. They saw the lithium batteries. They saw the drone propellers. They saw the fiber optic cable. They matched the...

New York moved closer toward becoming the first U.S. state to enact a moratorium on large data centers this week. On Thursday, the state legislature approved a one-year ban on the facilities...

The U.S. is scrambling to strengthen guardrails around increasingly powerful artificial intelligence models before China can catch up. It may already be running out of time. New AI models, such as...

Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). [...]

Wiz unifies cloud and AI cost visibility to help teams eliminate waste and improve spend efficiency across their AWS, Azure, and GCP environments.

Attackers can chain three already fixed vulnerabilities in the Ubiquiti UniFi OS server to execute remote code with root privileges and without authentication. [...]

Microsoft has announced that Visual Studio Code (VS Code) will apply a two-hour delay before extensions for the integrated development environment (IDE) are updated automatically to a newer...

In April, Anthropic initated Project Glasswing. The idea was to let companies use their new model to find and fix vulnerabilities in their own software. It was a fantastic PR move, and so many...

Security teams are increasingly overwhelmed by alert fatigue, infrastructure maintenance, and complex hybrid environments. This article explores how Wazuh Cloud helps simplify SIEM/XDR operations...

Cybersecurity teams face a familiar problem. Too much data, not enough insight.

Industrial cybersecurity firm Dragos has joined Anthropic’s Project Glasswing, applying Claude Mythos Preview to explore its own products... The post Dragos applies Claude Mythos Preview to...

Following last week’s release of an executive order aimed at strengthening the cybersecurity posture of government and private-sector... The post White House unveils AI security strategy focused...

Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in zero-day attacks. [...]

On June 7, 2026, a ransomware attack disrupted access to district systems, internet services, and computer infrastructure. Due to this incident, Evanston Township High School will be closed on...

The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services platform had been compromised. [...]

A WIRED timeline shows how dozens of governments, companies, and other organizations across Europe are moving, or planning to shift, away from US Big Tech.

Meta has revealed that over 20,000 Instagram users had their accounts hijacked in a recent incident where attackers used Meta's AI-powered support system to reset passwords. [...]