Cybersecurity

Feeds last updated @: UTC - 22:45 - 13/06/2026

Security.nl

https://www.security.nl

More

Slashdot

https://slashdot.org/

 Bewerken

Amazon CEO's Talks with U.S. Officials Triggered Crackdown on Anthropic Models

  Pagina openen
The Wall Street Journal reports: The Trump administration's decision to halt all foreign use of Anthropic's most capable AI models was prompted by conversations between Amazon Chief Executive Andy Jassy and U.S. officials including Treasury Secretary Scott Bessent, people familiar with the matter said. Researchers at Amazon had used a series of prompts to get Anthropic's Fable 5 model to provide them with information that could be used to aid cyberattacks and was supposed to be off limits, Jassy told the officials, according to people familiar with the matter. Tech industry executives have been in regular touch with the administration about the power of cutting-edge AI tools. Shortly afterward, White House officials held a meeting to discuss how to respond and security researchers began testing Amazon's claims. The officials asked Anthropic to fix the vulnerabilities or take down the model, according to administration officials. The officials decided that the most direct way to address that risk was by preventing foreign governments, companies and individuals from accessing the tool, the people said. President Trump later signed off on the action despite reservations about it hindering innovation, a senior White House official said. The administration had long felt that Anthropic, one of the leaders in America's AI race, couldn't be trusted to manage the security risks its new model presented. Friday's call between some administration officials and Anthropic Chief Executive Dario Amodei reinforced that feeling, the people said... Anthropic has said that the vulnerabilities like those flagged by Amazon are relatively basic. The company has said that other publicly available models are capable of discovering them and that they don't represent a full so-called jailbreak, a point of view shared by some security researchers familiar with Amazon's research. The article points out that Amazon is "a big investor in Anthropic, supply Anthropic with chips for data centers.

Read more of this story at Slashdot.

https://news.slashdot.org/story/26/06/13/2227234/amazon-ceos-talks-with-us-officials-triggered-crackdown-on-anthropic-models?utm_source=rss1.0mainlinkanon&utm_medium=feed

 Bewerken

Shutterstock 'Evolves' Into 'Human-Led, AI-Powered Creative Platform'

  Pagina openen
Slashdot reader BrianFagioli writes: Shutterstock has unveiled what it calls a "human-led, AI-powered" creative platform that combines its massive library of [human] contributor-created content with AI image and video generation, AI editing, conversational search, prompt enhancement, and automated model selection tools. The company says the goal is to help creators move from idea to finished work faster [in a single application] while maintaining commercial licensing protections and contributor royalty payments... While Shutterstock repeatedly emphasizes human creativity, much of the platform's future appears centered on AI-generated and AI-modified content. An article at Nerds.xyz suggests Shutterstock's AI tools let users "transform existing content into something new," while noting Shutterstock's repeated references to human creativity "almost feel defensive." But it points out other companies including Adobe and Canva "and countless startups are all racing to integrate AI into creative workflows."

Read more of this story at Slashdot.

https://slashdot.org/story/26/06/13/1911226/shutterstock-evolves-into-human-led-ai-powered-creative-platform?utm_source=rss1.0mainlinkanon&utm_medium=feed

 Bewerken

GM Updates 250,000 EVs with Vehicle-to-Grid Firmware, Announces Grid-Scale Sodium-Ion Batteries

  Pagina openen
"Battery breakthroughs will lessen AI's demand on the electricity grid," argues The Washington Post's editoral board, arguing that GM's latest moves "offer a fresh reminder that resource constraints can be solved by innovation." Or As Fortune put it, "America's electric grid is buckling under extreme weather, aging infrastructure, and an AI build-out that is quietly rewriting U.S. power demand — and General Motors wants to turn that crisis into a business." They describe GM's plan as offering itself "as a distributed utility in disguise... stitching together hundreds of thousands of battery-powered cars, new grid-scale storage, and a unified charging platform into what amounts to a virtual fleet of power plants." The bet puts GM on a collision course with Ford's newly branded Ford Energy unit as both Detroit rivals race to repurpose underused EV capacity for a more urgent problem: keeping the lights on in the AI era. GM's case rests on three planks. The first is its existing fleet. GM says more than 250,000 of its EVs on U.S. roads can already charge bidirectionally — pulling electricity from the grid and sending it back. "Every evening, a quiet transformation occurs across the American landscape," GM Energy vice president Wade Sheffer writes in an open letter to utilities and regulators, describing the EVs sitting in driveways as "a massive opportunity to aggregate energy storage capacity." A firmware update is rolling out to customers with GM Energy's vehicle-to-home hardware, converting those systems into full vehicle-to-grid assets with no new hardware and turning home backup systems into grid resources when utilities need them. GM is piloting the idea in Michigan with DTE Energy at 30 employee homes, and has sketched a 2030 vision with Pacific Gas & Electric in which more than 52,000 GM EVs help balance the grid out of a projected 130,000 vehicles in the area. GM is also "seeking partnerships with utility companies nationwide to assist in offering such vehicle-to-grid services for customers," reports CNBC, noting it's one of two moves "meant to address concerns about rising energy costs amid an artificial intelligence boom." Forbes reports that GM's second goal "is to leapfrog the dominant battery cell tech used for energy storage packs right now" — right past the LFP (lithium-iron phosphate) stage, "which is dominated by China." Sodium batteries are cheaper to use than LFP because they don't need an additional cooling system. They also have a 20-year usable life and are made from materials that can be sourced from within the U.S., the company said at a briefing in San Francisco on Tuesday. "Sodium-ion actually is the better chemistry for that application. And when I say sodium-ion is better, I mean GM's version of sodium-ion," Kurt Kelty, GM's battery chief and a long-time Tesla battery executive, told Forbes. He said GM is seeing great results from its prototypes, even at scorching temperatures of 55 Celsius (131 Fahrenheit). "Sodium-ion-powered energy storage systems have the potential to operate without active cooling and with much less system complexity," Kurt Kelty, GM's vice president of battery and sustainability, said Tuesday in a blog post. "In large energy storage systems, that matters." Not having to cool the battery cells could lead to lower upfront costs as well as operating costs, the automaker said. TechCrunch reports on GM's big new partnership with energy-storage startup Peak Energy to develop GM's sodium-ion battery chemistry for grid-scale deployments: GM wouldn't share with TechCrunch how much money it is investing in this energy-storage effort. But we do know the company has committed $900 million to commercialize new battery chemistries, an investment that includes a new battery-development center. .. The first GM cells are expected to enter trial production at the company's Battery Cell Development Center in 2028. "Our next-generation sodium-ion cell development will drive energy density higher," promises GM's blog post, arguing they're extending the company's battery expertise and technical infrastructure "into the electrical grid itself. If we get this right, we will not just build better batteries. We will help create a more resilient, more affordable and more flexible energy future... Every improvement we make strengthens the development stack that supports both EVs and energy storage." "The message: GM isn't just selling cars into a stressed grid; it's supplying the batteries to stabilize it," argues Fortune. And GM also announced they're augmenting their apps with an "Energy Pass" offering "seamless access to Tesla Supercharger, IONNA, Electrify America, and soon, ChargePoint and EVgo networks." Their goal is to simplify the charging experience with an app "that covers nearly 70% of all DC fast chargers in the United States, plus many Level 2 chargers, all through one app."

Read more of this story at Slashdot.

https://hardware.slashdot.org/story/26/06/13/0224235/gm-updates-250000-evs-with-vehicle-to-grid-firmware-announces-grid-scale-sodium-ion-batteries?utm_source=rss1.0mainlinkanon&utm_medium=feed

 Bewerken

Vim Classic 8.3 Launched as an AI-Free Vim Fork

  Pagina openen
This month saw the release of Vim Classic 8.3, the first stable version of a new long-term support fork of Vim maintained without generative AI tools. Linuxiac reports: The release is based on Vim 8.2.0148 and includes selected bug fixes and patches backported from later upstream Vim releases. Vim Classic was first announced by [SourceHut's CEO/founder] Drew DeVault in March 2026 after he objected to LLM-assisted development in Vim and Neovim. In his announcement, DeVault said he no longer wanted to use software developed with LLM assistance and introduced Vim Classic as a fork for users who want to continue using Vim without that involvement... Vim Classic follows Vim's charityware model and continues to direct users toward Bram Moolenaar's long-running support for children in Uganda. The release is distributed as a signed source tarball from SourceHut, while future important announcements are expected through the project's mailing list. "Vim is important to me..." DeVault wrote in March. (DeVault even tattooed "hjkl" on his right arm.) "[A]lmost every word I have ever committed to posterity, through this blog, in my code, all of the docs I've written, emails I've sent, and more, almost all of it has passed through Vim." But DeVault wrote that he also cares about AI's impact on air pollution, fresh water supplies, global supply chains, and the working conditions of miners in African companies: And at a moment when the climate demands immediate action to reduce our footprint on this planet, the AI boom is driving data centers to consume a full 1.5% of the world's total energy production in order to eliminate jobs and replace them with a robot that lies... All this to enrich the few, centralize power, reduce competition, and underwrite an enormous bubble that, once it bursts, will ruin the lives of millions of the world's poor and marginalized classes. I don't think it's cute that someone vibe coded "battleship" in VimScript. I think it's more important that we stop collectively pretending that we don't understand how awful all of this is. I don't want to use software which has slop in it. I do what I can to avoid it, and sadly even Vim now comes under scrutiny in that effort as both Vim and NeoVim are relying on LLMs to develop the software... To keep my conscience clear, and continue to enjoy the relationship I have with this amazing piece of software, I have forked Vim... Since forking from this base, I have backported a handful of patches, most of which address CVEs discovered after this release, but others which address minor bug fixes. I also penned a handful of original patches which bring the codebase from this time up to snuff for building it on newer toolchains... I invite you to use Vim Classic, if you feel the same way as me, and to maintain it with me, contributing the patches you need to support your own use cases.

Read more of this story at Slashdot.

https://news.slashdot.org/story/26/06/13/0524209/vim-classic-83-launched-as-an-ai-free-vim-fork?utm_source=rss1.0mainlinkanon&utm_medium=feed

 Bewerken

Arch Linux Malware Incident: Malicious Commits Found in 1,579 Packages

  Pagina openen
More than 1,500 user-contributed packages in the Arch Linux User Repository "AUR" were infected with malware, reports Phoronix: The last message in the thread over this security incident is noting that Arch Linux developers have deleted all the malicious commits they are aware of. Cited was this list that puts the number of malware-affected packages at 1,579... Even at 1,579 packages listed, that final updated noted, it's a "list containing many (but not all) of the affected packages". Thanks to long-time Slashdot reader couchslug for sharing the report.

Read more of this story at Slashdot.

https://linux.slashdot.org/story/26/06/13/1817206/arch-linux-malware-incident-malicious-commits-found-in-1579-packages?utm_source=rss1.0mainlinkanon&utm_medium=feed

More

theregister.com/security

https://www.theregister.com/security

More

CISO2CISO.com

https://ciso2ciso.com

Hackread.com

https://www.hackread.com

More

Vuldb

https://vuldb.com

 Bewerken

CVE-2026-5513 | ladela Online Scheduling and Appointment Booking System Plugin setting cross site scripting (EUVD-2026-36651)

  Pagina openen
A vulnerability categorized as problematic has been discovered in ladela Online Scheduling and Appointment Booking System Plugin up to 27.2 on WordPress. Impacted is an unknown function of the component setting Handler. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2026-5513. The attack can be executed remotely. There is not any exploit available.

https://vuldb.com/vuln/370827

 Bewerken

CVE-2026-9061 | Store Locator Plugin up to 1.6.8 on WordPress cross site scripting (EUVD-2026-36643)

  Pagina openen
A vulnerability was found in Store Locator Plugin up to 1.6.8 on WordPress. It has been rated as problematic. This issue affects some unknown processing. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2026-9061. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

https://vuldb.com/vuln/370826

 Bewerken

CVE-2026-9629 | codesupplyco Canvas Plugin up to 2.5.2 on WordPress day cross site scripting (EUVD-2026-36648)

  Pagina openen
A vulnerability was found in codesupplyco Canvas Plugin up to 2.5.2 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument day results in cross site scripting. This vulnerability is cataloged as CVE-2026-9629. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

https://vuldb.com/vuln/370825

 Bewerken

CVE-2026-11624 | Google MCP Toolbox for Databases up to 0.24.x origin validation (Issue 3113 / EUVD-2026-36650)

  Pagina openen
A vulnerability was found in Google MCP Toolbox for Databases up to 0.24.x and classified as critical. Affected by this issue is some unknown functionality. Executing a manipulation can lead to origin validation error. This vulnerability is tracked as CVE-2026-11624. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

https://vuldb.com/vuln/370823

More

Debian.org/security

https://www.debian.org/security/

More

Microsoft Security

https://msrc.microsoft.com/update-guide/vulnerability

More

advisories.ncsc.nl

https://advisories.ncsc.nl/

 Bewerken

NCSC-2026-0197 [1.00] [M/H] Kwetsbaarheid verholpen in Fortinet FortiPortal

  Pagina openen
Fortinet heeft een kwetsbaarheid verholpen in FortiPortal versies 7.0 tot en met 7.4.7. De kwetsbaarheid betreft de FortiPortal API endpoints, waarbij een externe aanvaller met een organisatiegebruikersrol via speciaal opgemaakte HTTP-verzoeken gevoelige netwerkconfiguratiegegevens kan benaderen. Deze problemen beïnvloeden de integriteit van de access control mechanismen en kunnen leiden tot blootstelling van kritieke netwerkconfiguratie-informatie aan onbevoegde gebruikers.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0197

 Bewerken

NCSC-2026-0196 [1.00] [M/H] Kwetsbaarheden verholpen in GitLab Enterprise Edition

  Pagina openen
GitLab heeft meerdere kwetsbaarheden verholpen in GitLab Community Edition en Enterprise Edition (EE) versies variërend van 12.0 tot voor 19.0.2, inclusief belangrijke releases zoals 17.x, 18.10.8, 18.11.5 en 19.0.2. De kwetsbaarheden betreffen verschillende onderdelen van GitLab CE & EE. Geauthenticeerde gebruikers met developer-permissies kunnen via de Analytics Dashboard interface willekeurige client-side code uitvoeren door onvoldoende sanitatie van gebruikersinput. Op de CI/CD Catalog pagina kan een denial of service (DoS) worden veroorzaakt door onjuiste inputsanitatie, waardoor de pagina onbeschikbaar raakt. Een DoS kan ook optreden door het uploaden van speciaal vervaardigde bestanden die leiden tot resource-uitputting, wat de GitLab service kan laten crashen of onresponsief maken. Verder kunnen geauthenticeerde gebruikers ongeautoriseerde toegang krijgen tot vertrouwelijke issuegegevens door onjuiste autorisatiecontroles. Developer-gebruikers kunnen verborgen merge requests wijzigen door gebrekkige autorisatie, en ook merge request diff views manipuleren door onjuiste verwerking van bestandsnamen, wat wijzigingen kan verbergen tijdens code reviews. Gebruikers met de Security Manager rol kunnen projectbeveiligingsinstellingen beheren ondanks dat deze functie uitgeschakeld is, door onjuiste autorisatie. Binnen Group SAML identity management kunnen group Owners de controle over andere groepsleden overnemen door onjuiste autorisatiecontroles. Ongeautoriseerde e-mailadressen kunnen aan accounts worden toegevoegd via onvoldoende inputsanitatie in groepsinstellingen. Tijdens repository-import kan onvoldoende validatie van secundaire URL's leiden tot het uitlezen van willekeurige bestanden op de Gitaly-server en toegang tot interne netwerkbronnen. Ten slotte kan een niet-geauthenticeerde gebruiker de GitLab Support Bot imiteren door het injecteren van arbitraire inhoud in Service Desk e-mailantwoorden, veroorzaakt door onjuiste verwerking van e-mailsjablonen.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0196

 Bewerken

NCSC-2026-0195 [1.00] [M/H] Kwetsbaarheid verholpen in Oracle PeopleSoft Enterprise PeopleTools

  Pagina openen
Oracle heeft een kwetsbaarheid verholpen in Oracle PeopleSoft Enterprise PeopleTools versies 8.61 en 8.62. De kwetsbaarheid maakt het mogelijk voor ongeauthenticeerde aanvallers om het systeem op afstand via HTTP te misbruiken. Hierdoor kan remote code execution plaatsvinden, wat kan leiden tot volledige overname van het systeem. De kwetsbaarheid treft Oracle PeopleSoft Enterprise PeopleTools en is met name misbruikbaar wanneer de PeopleSoft Environment Management Hub (PSEMHUB) vanaf het internet bereikbaar is. Het is gebruikelijk om dergelijke beheercomponenten uitsluitend via interne netwerken of een VPN toegankelijk te maken. Google CTI laat weten dat deze kwetsbaarheid al zeker sinds 27 mei als zeroday is misbruikt.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0195

 Bewerken

NCSC-2026-0180 [1.02] [H/H] Kwetsbaarheden verholpen in Ivanti Sentry

  Pagina openen
Ivanti heeft twee kwetsbaarheden verholpen in Sentry. De kwetsbaarheid met kenmerk CVE-2026-10520, waarvan Ivanti een CVSS-score van 10 heeft toegekend, kan een ongeauthenticeerde kwaadwillende op afstand in staat stellen willekeurige code uitvoeren met root rechten. De kwetsbaarheid met kenmerk CVE-2026-10523, die Ivanti een CVSS score van 9.9, heeft gegeven, kan door een ongeauthenticeerde kwaadwillende op afstand worden misbruikt om administratieve accounts aan te maken. Misbruik van deze kwetsbaarheden is mogelijk, maar de randvoorwaarden die nodig zijn om deze kwetsbaarheden op afstand uit te buiten, vereisen dat een managementpoort aan het internet is ontsloten. Deze randvoorwaarden zijn niet aanwezig in standaardimplementaties van Ivanti Sentry. De kwetsbaarheden hebben Ivanti bereikt via responsible disclosure. Momenteel vindt er, voor zover bekend, geen actief misbruik van deze kwetsbaarheden plaats en is er geen publieke PoC code beschikbaar. Het NCSC verwacht echter dat dit op korte termijn zal veranderen.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0180

 Bewerken

NCSC-2026-0194 [1.00] [M/H] Kwetsbaarheden verholpen in Adobe InDesign Desktop

  Pagina openen
Adobe heeft meerdere kwetsbaarheden verholpen in Adobe InDesign Desktop versies 21.3, 20.5.3 en eerdere versies. De kwetsbaarheden bevinden zich in de wijze waarop Adobe InDesign Desktop malafide bestanden verwerkt. Er zijn stack-based en heap-based buffer overflow kwetsbaarheden die leiden tot geheugenbeschadiging, waardoor een aanvaller code kan uitvoeren met de rechten van de gebruiker die de applicatie draait. Daarnaast is er een Use After Free kwetsbaarheid die eveneens kan leiden tot het uitvoeren van willekeurige code. Verder zijn er out-of-bounds write en read kwetsbaarheden die geheugenbeschadiging veroorzaken en mogelijk leiden tot het uitlekken van gevoelige informatie. Ook is er een NULL Pointer Dereference kwetsbaarheid die een crash van de applicatie veroorzaakt, wat resulteert in een denial-of-service situatie. Al deze kwetsbaarheden worden geactiveerd door het openen van speciaal vervaardigde kwaadaardige bestanden binnen de applicatie. De problemen zijn aanwezig in meerdere versies van Adobe InDesign Desktop.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0194

More

NCSC Nieuws

https://www.ncsc.nl/actueel

 Bewerken

Microsoft verhelpt 6 ernstige kwetsbaarheden in Windows

  Pagina openen
Deze 'Patch Tuesday' heeft Microsoft heeft een groot aantal kwetsbaarheden verholpen in Windows. Zes van deze kwetsbaarheden zijn zeer ernstig en krijgen van Microsoft een CVSS-score van 9 en hoger. Vanwege kans op grootschalig misbruik van deze beveiligingslekken op korte termijn, is het advies om de door Microsoft uitgegeven software-updates zo snel mogelijk te (laten) installeren.

https://www.ncsc.nl/alerts/microsoft-verhelpt-6-ernstige-kwetsbaarheden-in-windows

 Bewerken

Ernstige kwetsbaarheden in Check Point Remote and Mobile Access VPN

  Pagina openen
Er is actief misbruik van ernstige kwetsbaarheden in de Check Point Remote and Mobile Access VPN producten, die gebruikmaken van het verouderde IKEv1-protocol, geconstateerd. Dit beveiligingslek is beoordeeld als ernstig met een CVSS-score van 7.4, omdat het kan leiden tot ongeautoriseerde toegang tot interne systemen. Het NCSC adviseert daarom de beveiligingsupdates van Check Point zo snel mogelijk te installeren.

https://www.ncsc.nl/alerts/ernstige-kwetsbaarheden-in-check-point-remote-and-mobile-access-vpn

 Bewerken

NCSC sluit zich aan bij Sectorpact Weerbaar Energiesysteem

  Pagina openen
Het Nationaal Cyber Security Centrum (NCSC) heeft zich aangesloten bij het Sectorpact Weerbaar Energie Systeem. Energie-Nederland en Netbeheer Nederland maakten het initiatief bekend tijdens het congres Weerbaar Energiesysteem op 1 juni. Met het pact willen partijen in de energiesector gezamenlijk optrekken om de weerbaarheid tegen fysieke en digitale dreigingen te versterken. Naast het NCSC sloot ook Energy Innovation NL zich als eerste partner aan.

https://www.ncsc.nl/nieuws/ncsc-sluit-zich-aan-bij-sectorpact-weerbaar-energiesysteem

 Bewerken

Misconfiguraties bieden open deur tot gevoelige gegevens

  Pagina openen
Steeds meer organisaties zetten hun klantgegevens, financiële data en interne documenten in SaaS- en cloudomgevingen. Dat is logisch want het werkt snel, schaalbaar en het werkt overal. Maar één verkeerd vinkje in de configuratie kan voldoende zijn om al die gevoelige informatie onbedoeld benaderbaar te maken voor de buitenwereld. Kwaadwillenden scannen geautomatiseerd en op grote schaal het internet af op zoek naar precies dat ene foutje. Het NCSC heeft de afgelopen maanden verschillende incidenten waargenomen waarbij een misconfiguratie kwaadwillenden in staat stelde om gevoelige informatie buit te maken.

https://www.ncsc.nl/expertblogs/misconfiguraties-bieden-open-deur-tot-gevoelige-gegevens

More

NIST Cybersecurity

https://www.nist.gov

wid.cert-bund.de

https://wid.cert-bund.de

More

cert.ssi.gouv.fr

https://www.cert.ssi.gouv.fr

More

theHackerNews

https://thehackernews.com

 Bewerken

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

  Pagina openen
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system. "In Splunk Enterprise versions below 10.2.4 and 10.0.7, an unauthenticated user could create or truncate arbitrary

https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html

 Bewerken

U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals

  Pagina openen
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
Anthropic said on Friday it will "abruptly disable" its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national security concerns. The AI company said it received an order at 5:21 p.m. ET, instructing it to suspend

https://thehackernews.com/2026/06/us-orders-anthropic-to-suspend-fable-5.html

 Bewerken

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

  Pagina openen
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to hide itself. The AUR is Arch Linux's community package collection, and it is separate

https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html

 Bewerken

Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing

  Pagina openen
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. "The operation weaponized Gemini to help

https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html

 Bewerken

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

  Pagina openen
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who is allowed to sign in, planting its access where ordinary cleanup could not reach it. The network it targeted had no

https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html

More

Techrepublic

https://techrepublic.com/topic/security

More

BleepingComputer.com

https://www.bleepingcomputer.com/

 Bewerken

US Gov asks Anthropic to ban 'foreign national' access to Fable, Mythos

  Pagina openen
The US government has ordered Anthropic to block all foreign nationals from accessing Fable 5 and Mythos 5, forcing the company to suspend both models worldwide. Anthropic is complying but disputes the basis, calling the cited jailbreak narrow and the capability widely available elsewhere. [...]

https://www.bleepingcomputer.com/news/security/us-gov-asks-anthropic-to-ban-foreign-national-access-to-fable-mythos/

More

securityboulevard.com

https://securityboulevard.com

CXSecurity.com

https://cxsecurity.com/

More

Brian Krebs

https://krebsonsecurity.com

 Bewerken

Who Runs the Ransomware Group ‘The Gentlemen?’

  Pagina openen
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.

https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/

 Bewerken

A Record-Breaking Patch Tuesday for June 2026

  Pagina openen
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft's most dire "critical" rating, and exploit code for at least three of the weaknesses is now publicly available.

https://krebsonsecurity.com/2026/06/a-record-breaking-patch-tuesday-for-june-2026/

 Bewerken

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

  Pagina openen
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta's "AI support assistant" bot into resetting account passwords.

https://krebsonsecurity.com/2026/06/hackers-used-metas-ai-support-bot-to-seize-instagram-accounts/

 Bewerken

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

  Pagina openen
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the European Union. The two men were the focus of a 2025 KrebsOnSecurity story about how their hosting companies had assumed control over the technical infrastructure of Stark Industries Solutions, an Internet service provider sanctioned last year by the EU as a frequent staging ground for cyber mischief from Russia's intelligence agencies.

https://krebsonsecurity.com/2026/05/netherlands-seizes-800-servers-arrests-2-for-aiding-cyberattacks/

 Bewerken

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

  Pagina openen
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account. The inquiry comes as CISA is still struggling to contain the breach and invalidate the leaked credentials.

https://krebsonsecurity.com/2026/05/lawmakers-demand-answers-as-cisa-tries-to-contain-data-leak/

More

Troy Hunt

https://www.troyhunt.com

 Bewerken

Weekly Update 507

  Pagina openen

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

1,000 breaches is one hell of a milestone. It's not just the process of getting data, verifying it, loading it, sending notifications etc, it's all the other stuff that goes into keeping the whole thing afloat. Legal docs. Trademarks. Accounting. Agreements. The most mind-numbingly

https://www.troyhunt.com/weekly-update-507/

 Bewerken

Welcoming the Philippine Government to Have I Been Pwned

  Pagina openen

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Today, we welcome the 46th government onboarded to Have I Been Pwned’s free gov service: the Philippines.

The Philippines’ National CERT, working with the Department of Information and Communications Technology, now has access to monitor official government domains against the data in HIBP. This gives their Cyber

https://www.troyhunt.com/welcoming-the-philippine-government-to-have-i-been-pwned/

 Bewerken

1,000 Data Breaches Later, the Disclosure Lag is Worse Than Ever

  Pagina openen

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Today, I loaded the 1,000th data breach into Have I Been Pwned. Reflecting on that milestone number, I pondered how to mark the occasion in writing, and what immediately came to mind was a very simple question: why is it still needed? Especially considering the emergence of privacy regulations

https://www.troyhunt.com/1000-data-breaches-later-the-disclosure-lag-is-worse-than-ever/

 Bewerken

Weekly Update 506

  Pagina openen

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

I'm finding it quite fascinating to watch the current spate of ShinyHunters breaches and dumps. There's the obvious criminality of it all, but then there's also the response from organisations (or lack thereof, as it relates to disclosure to victims), the appearance and disappearance

https://www.troyhunt.com/weekly-update-506/

 Bewerken

Welcoming the Bhutanese Government to Have I Been Pwned

  Pagina openen

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Today, we welcome the 45th government onboarded to Have I Been Pwned’s free gov service: Bhutan. The Bhutan Computer Incident Response Team, BtCIRT, now has access to monitor Bhutanese government domains against the data in HIBP. As Bhutan’s national CIRT, BtCIRT is responsible for consuming threat

https://www.troyhunt.com/welcoming-the-bhutanese-government-to-have-i-been-pwned/

More

Bruce Schneier

https://www.schneier.com

 Bewerken

Bernie Sanders’ AI Sovereign Wealth Fund Plan

  Pagina openen

Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful of billionaires who have promoted and developed AI, with virtually no democratic input, who stand to become even richer and more powerful than they are today?”

We agree entirely that this is one of the most potent questions facing global democracy today. Our book, Rewiring Democracy, surveys the emerging uses for and impacts of AI in democracy around the world and reaches the same conclusion: that the most urgent risk posed by AI is the ...

https://www.schneier.com/blog/archives/2026/06/bernie-sanders-ai-sovereign-wealth-fund-plan.html

 Bewerken

Enhanced License Plate Tracking

  Pagina openen

The surveillance company Leonardo wants more data:

A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices, as well as capture the license plate of passing vehicles, would also sweep up unique identifiers of mobile phones, wearables, and other Bluetooth-enabled devices in those cars, potentially letting law enforcement identify specific drivers or passengers.

The technology, called SignalTrace, would turn ALPR cameras from devices focused on tracking cars to ones that can more readily track the location of particular people. ALPR cameras have become a commonly deployed technology all across the U.S.; SignalTrace would make some of those cameras capable of collecting much more data...

https://www.schneier.com/blog/archives/2026/06/enhanced-license-plate-tracking.html

 Bewerken

GPS As a Key Distribution Platform

  Pagina openen

This is interesting:

The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden “numbers station,” according to Steven Murdoch...

That means every device that uses GPS has been receiving hidden government information for years, and nobody outside the military knew it until now.

[...]

Murdoch discovered that this particular sentinel was transmitted by all 31 operational satellites within a window of a few hours on May 26, 2011, potentially heralding the activation of a new operational system. He confirmed that this timeline coincided with the rollout of the military’s Over-the-Air Distribution (OTAD) and the Over-the-Air Rekeying (OTAR) by cross-referencing declassified documents, including a 2015 presentation about the dates of the operation...

https://www.schneier.com/blog/archives/2026/06/gps-as-a-key-distribution-platform.html

More

Security Affairs

https://securityaffairs.co

 Bewerken

Washington Pulled the Plug on Anthropic ‘s Fable 5 and Mythos 5 models. The Rest of the World Is Watching.

  Pagina openen
Anthropic disputes restrictions on Mythos 5 and Fable 5, arguing the decision lacks transparency and isn’t based on clear technical evidence. On Friday June 12 at 5:21pm ET, Anthropic received a letter from the US Commerce Department, signed by Commerce Secretary Howard Lutnick and drafted with officials from the Bureau of Industry and Security. The [...]

https://securityaffairs.com/193579/ai/washington-pulled-the-plug-on-anthropic-fable-5-and-mythos-5-models.html

 Bewerken

U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog

  Pagina openen
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Oracle PeopleSoft Enterprise PeopleTools flaw, tracked as CVE-2026-35273 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. Oracle PeopleSoft Enterprise PeopleTools is the underlying technology platform [...]

https://securityaffairs.com/193574/security/u-s-cisa-adds-oracle-peoplesoft-enterprise-peopletools-flaw-to-its-known-exploited-vulnerabilities-catalog.html

 Bewerken

Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.

  Pagina openen
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it [...]

https://securityaffairs.com/193565/uncategorized/iran-linked-handala-breached-a-california-water-utility-it-could-have-done-worse-and-it-knows-that.html

 Bewerken

U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14

  Pagina openen
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Sentry flaw, tracked as CVE-2026-10520 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti Sentry is a secure gateway appliance that sits between an organization’s internal [...]

https://securityaffairs.com/193557/security/u-s-cisa-adds-ivanti-sentry-flaw-to-its-known-exploited-vulnerabilities-catalog-and-urges-patching-by-june-14.html

 Bewerken

Oracle PeopleSoft RCE Flaw Used as Zero-Day in Ongoing ShinyHunters Campaign

  Pagina openen
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran [...]

https://securityaffairs.com/193543/cyber-crime/oracle-peoplesoft-rce-flaw-used-as-zero-day-in-ongoing-shinyhunters-campaign.html

More

news.sophos.com

https://news.sophos.com

More