access ai android api apple attack authentication backdoor breach browser business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud google governance government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
Smart Home: Update kann Signifys Hue Bridge Pro kaputt machen
Tags: updateBesitzer einer Hue Bridge Pro sollten vorerst keine Updates installieren. Falls dabei ein Defekt auftritt, muss die Bridge ausgetauscht werden. First seen on golem.de Jump to article: www.golem.de/news/smart-home-update-macht-signifys-hue-bridge-pro-kaputt-2607-210370.html also interesting: Microsoft bestätigt: Update für Windows 11 stürzt bei Installation ab The truth about KEV: CISA’s vuln deadlines good influence on private-sector patching Google fixes actively…
-
Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor’s safety sandbox and run any command on a developer’s computer. There is no click to fall for and no approval box to ignore.Cato AI Labs found the pair and named them DuneSlide. They are tracked as…
-
Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic
Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic.The ColdFusion updates “resolves critical and important vulnerabilities”¯that could lead to”¯arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass,” Adobe said in an alert released Tuesday.The vulnerabilities are listed First seen on thehackernews.com Jump to article:…
-
Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures
A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet’s FortiGuard Labs identified the campaign in May 2026.It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really in Spain or Portugal, and hides its real payload inside an image.The goal…
-
‘Phantom Squatting’: An Emerging AI-Driven Supply Chain Threat
LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/phantom-squatting-ai-driven-supply-chain-threat also interesting: AI supply chain threats loom, as security practices lag Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems Modern…
-
Turning Indicators into Intelligence in OpenCTI with Criminal IP
Torrance, California, USA, July 1st, 2026, CyberNewswire Cyber threat intelligence becomes more valuable when indicators are enriched with context that supports investigation, correlation, and decision-making. Through the Criminal IP integration with OpenCTI, security teams can transform IP addresses, domains, and URLs from isolated indicators into structured intelligence within the OpenCTI knowledge graph. The integration automatically…
-
US lifting export control restrictions on Anthropic’s Mythos, Fable
The company and the Commerce Department say they have reached an agreement that will see the AI models released publicly with new guardrails and classifiers. First seen on cyberscoop.com Jump to article: cyberscoop.com/us-lifting-export-control-restrictions-anthropic-mythos-fable/ also interesting: How Organizations Can Secure AI at the Speed of Business How to govern agentic AI so as not to lose…
-
Anthropic reactivates Fable, Mythos after securing government approval
Tags: governmentThe company’s powerful frontier models are back, but vetting issues remain unresolved. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/anthropic-ai-mythos-fable-reenable/824214/ also interesting: EU calls out Fancy Bear over attacks on Czech, German governments Russische Antiviren-Software: US-Regierung verbietet Kaspersky-Software DOGE latest: Citrix supremo has ‘read-only’ access to US Treasury payment system White House Defends Musk Amid…
-
Critical flaw in Oracle E-Business Suite is under immediate threat
Researchers warn that successful exploitation of the vulnerability could allow an attacker to compromise Oracle Payments. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-flaw-oracle-e-business-suite-threat/824230/ also interesting: Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V CVE-2025-61882: Frequently Asked Questions About…
-
Check Point Research warnt vor browser-nativer Ransomware durch KI-generierte Angriffstechnik
Der Fall ist deshalb relevant, weil die KI offenbar eine Lücke zwischen einem bekannten theoretischen Risiko und einer praktisch funktionierenden Angriffstechnik geschlossen hat. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-research-warnt-vor-browser-nativer-ransomware-durch-ki-generierte-angriffstechnik/a45644/ also interesting: Starbucks operations hit after ransomware attack on supply chain software vendor 2025 CSO Hall of Fame: Laura Deaner on AI, quantum threats,…
-
ObjectLücke gefährdet Magento-Shops – CVE-2026-45247 in Mirasvit Full Page Cache Warmer aktiv ausgenutzt
First seen on security-insider.de Jump to article: www.security-insider.de/magento-mirasvit-full-page-cache-warmer-cve-2026-45247-a-02011748fec50683ce828c03a2e793a6/ also interesting: VMware HCX Platform Vulnerable to SQL Injection Attacks Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) Critical Argument Injection Flaw in AI Agents Enables Remote Code Execution TP-Link Vulnerabilities Let Hackers Take Full Control of Devices
-
Fileless Malware Abuses Google Blogspot to Deploy Infostealer in Memory
Securonix said the Veil#Drop campaign abuses Google Blogspot to deliver PureLog Stealer in memory First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/veil-drop-blogspot-purelog-stealer/ also interesting: Google Adds Malware Scanner to Jelly Bean 4.2 New Octo Android malware version impersonates NordVPN, Google Chrome 77 bösartige Apps im Google-Play-Store mit über 19 Millionen Downloads entdeckt Cybercriminals Exploit Facebook…
-
AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining “unrealistic browser-malware concepts with a real browser capability” to turn it into a working ransomware technique that runs entirely inside the browser on both Windows and Android devices.”This is the first documented case where a frontier AI…
-
Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts
A recently disclosed critical security flaw impacting Progress”¯Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire’s Threat Response Unit (TRU).The Canadian cybersecurity company said it identified exploitation attempts targeting CVE-2026-8037 (CVSS score: 9.6), an operating system (OS) command injection flaw that could be exploited to achieve First seen on thehackernews.com Jump…
-
Attackers Seize Exposed AI Endpoints to Power Offensive Ops
Threat actors don’t need any special authentication to reach a target endpoint, they just need to know where it is. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/attackers-hijack-exposed-ai-endpoints-power-offensive-ops also interesting: Beware cybersecurity tech that’s past its prime, 5 areas to check or retire Cisco Firewall and VPN Zero Day Attacks: CVE-2025-20333 and CVE-2025-20362 Critical nginx…
-
Turning Indicators into Intelligence in OpenCTI with Criminal IP
Threat intelligence is only as useful as the context behind it. Criminal IP explains how its integration enriches threat indicators in OpenCTI with risk scoring, infrastructure intelligence, and phishing analysis. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/turning-indicators-into-intelligence-in-opencti-with-criminal-ip/ also interesting: What is Infrastructure Intelligence? Wiz’s Security GraphDB vs. DeepTempo’s LogLM What are zero-day attacks and…
-
Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs
81 Million Login Attempts, 78 Compromised Accounts: The LSHIY Password Spray Hitting Azure CLI Huntress researchers have been tracking a massive automated password spray campaign against Microsoft Azure CLI environments since June 12, 2026. A password spray attack is when attackers try a small number of common passwords across many accounts instead of many passwords…
-
Turning Indicators into Intelligence in OpenCTI with Criminal IP
Torrance, California, USA, 1st July 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/turning-indicators-into-intelligence-in-opencti-with-criminal-ip/ also interesting: US takes aim at healthcare cybersecurity with proposed HIPAA changes Vor diesen Ransomware-Banden sollten Sie sich hüten Russische Cyber-Kampagne in Nato-Staaten aufgedeckt Cognyte Adds GroupSense in $4M Threat Intelligence Deal
-
Fake Interpol Investigation Emails Push Ransomware at Small Businesses Globally
Fake Interpol investigation emails are targeting small businesses with Proton Drive links that deliver ransomware, encrypt files, and route victims to Tox chat. First seen on hackread.com Jump to article: hackread.com/fake-interpol-investigation-emails-ransomware-small-businesses/ also interesting: How defenders use the dark web INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty INTERPOL Dismantles Six Ransomware Operations, Detains…
-
Brazilian Banking Trojan Ousaban Targets Spain and Portugal
FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ousaban-banking-trojan-spain/ also interesting: New V3B Phishing Kit Steals Logins and OTPs from EU Banking Users New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics Hundreds of UK Ministry of Defence passwords found circulating…
-
Safe Events Start With Threat Intel and Digital Security
Planning ahead to defend against cyber threats is the work that keeps events uneventful. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/safe-events-threat-intel-digital-security also interesting: What is Network Pen Testing? Shift5 Gets $75M for Cyber Push in Defense and Transit React2Shell Vulnerability Hit by 8.1 Million Attack Attempts Iran-linked actors use Telegram as C2 in malware…
-
Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection
Frankfurt am Main, Deutschland, July 1st, 2026, CyberNewswire Link11, a leading European provider of cloud-based cybersecurity solutions, today announced the launch of its completely rebuilt Layer 3/4 DDoS mitigation solution, designed to address the growing complexity of modern network attacks. Today’s DDoS attacks are not just simple volume or protocol attacks anymore. They can originate…
-
Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection
Frankfurt am Main, Deutschland, July 1st, 2026, CyberNewswire Link11, a leading European provider of cloud-based cybersecurity solutions, today announced the launch of its completely rebuilt Layer 3/4 DDoS mitigation solution, designed to address the growing complexity of modern network attacks. Today’s DDoS attacks are not just simple volume or protocol attacks anymore. They can originate…
-
Cyberrisiko statt Sommerpause
Tags: unclassifiedWährend der Sommerferien sinkt in vielen Unternehmen die Personalstärke für Cyberkriminelle oft der ideale Zeitpunkt, um Sicherheitslücken auszunutzen. Arctic Wolf warnt deshalb davor, die Urlaubszeit als Phase geringerer Bedrohung einzuschätzen. Im Gegenteil: Wenn IT- und Security-Teams nur eingeschränkt verfügbar sind und Mitarbeitende verstärkt von unterwegs arbeiten, steigt das Cyberrisiko für erfolgreiche Angriffe. Die […] First…
-
Cloud-Firewalls von Check Point über AWS-European-Sovereign-Cloud verfügbar
Check Point gibt bekannt, dass das Unternehmen nun Partner der AWS-European-Sovereign-Cloud ist. Die Cloud-Firewalls von Check Point sind nun in der AWS-European-Sovereign-Cloud verfügbar und unterstützen damit Kunden in Europa noch besser. Die Lösungen von Check Point bieten präventive Sicherheit über Netzwerk-, Workload- und Anwendungsebenen hinweg und gewährleisten die gleiche Verfügbarkeit und Leistung, die Kunden von…
-
Ist Cybersecurity bereits voll von KI-Schrott?
Das Nebenprodukt des KI-Hypes ist KI-Schrott. Man denke an die schludrig produzierten Videos und Reels, die das Internet überschwemmen und auf den ersten Blick gut aussehen, bis sich zeigt, dass sie mit billigen KI-Tools zusammengeschustert wurden. Während das für den Durchschnittsmenschen lediglich ärgerlich ist, wird es zu einem ernsteren Problem, wenn dieses Verhalten in wichtige…
-
84 Prozent der Angriffe treffen vermeidbare Schwachstellen
Filigran, das europäische Open-Source-Unternehmen für Bedrohungsmanagement, hat den Bericht ‘The State of Threat Management Report” veröffentlicht. Die weltweite Studie wurde unter 550 Entscheidungsträgern und Fachleuten im IT-Sicherheitsbereich und vom unabhängigen Marktforschungsunternehmen Vanson Bourne durchgeführt. Dabei deckt die Untersuchung eine auffällige Diskrepanz auf: Während sich das Continuous-Threat-Exposure-Management (CTEM) als Branchenstandard zunehmend durchsetzt, lässt die operative Reife…
-
Ransomware ist kein IT-Problem, sondern eine Krise der Business-Continuity
Zu Beginn des ‘Ransomware Awareness Months” warnt Erich Kron, CISO-Advisor bei KnowBe4, Unternehmen davor, dass Malware-Prävention allein nicht mehr ausreicht, um moderne Angriffe abzuwehren. Die Bedrohungslandschaft im Bereich Ransomware hat sich in den letzten 12 Monaten grundlegend verändert. Cyberkriminelle haben das alte Schema aufgegeben, bei dem es lediglich darum ging, auf einen bösartigen Link zu…
-
U.S. lifting export control restrictions on Anthropic’s Mythos, Fable
The company and the Commerce Department say they have reached an agreement that will see the AI models released publicly with new guardrails and classifiers. First seen on cyberscoop.com Jump to article: cyberscoop.com/us-lifting-export-control-restrictions-anthropic-mythos-fable/ also interesting: Quantum supremacy: Cybersecurity’s ultimate arms race has China way in front Clément Domingo: “We are not using AI correctly to…
-
Japanese insurer, brewer, manufacturer and telecom disclose cyber breaches
Aflac’s Tokyo arm and brewer Sapporo are among the major Japanese companies to recently notify the public about data breaches. First seen on therecord.media Jump to article: therecord.media/japan-cyber-breaches-aflac-sapporo-nidec-kddi also interesting: UBS Employee Data Reportedly Exposed in Third Party Attack Foreign aircraft, domestic risks F5 BIG-IP Breach: 44 CVEs That Need Your Attention Now The Changing…
-
US lifts export controls on Anthropic’s frontier cybersecurity AI models
Anthropic said export controls on certain models had been lifted after the company came to a series of agreements with the government. First seen on therecord.media Jump to article: therecord.media/us-lifts-export-controls-anthropic-cyber-models also interesting: Modern supply-chain attacks and their real-world impact The LimaCharlie Manifesto: Security for an Autonomous Future Fortinet hit by another exploited cybersecurity flaw The…
-
KI in Hochschulprüfungen: Veeam sieht Bayerns Entscheidung als Signal für Wirtschaft und Gesellschaft
Die bayerische Entscheidung ist damit mehr als eine bildungspolitische Neuerung. Sie zeigt, dass sich Institutionen und Unternehmen auf eine neue Realität einstellen müssen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-in-hochschulpruefungen-veeam-sieht-bayerns-entscheidung-als-signal-fuer-wirtschaft-und-gesellschaft/a45641/ also interesting: Veeam übernimmt Securiti AI – und läutet eine neue Ära sicherer und skalierbarer KI ein DataAIModule von Veeam macht Prozesse der Datenresilienz…
-
2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience
Organizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybersecurity Assessment confirms this is the case, as this year’s findings reveal a series of surprising contradictions.Here are a few examples, based on the independent survey of 1,200 IT and cybersecurity…
-
AI Won’t Wipe Out Entry-Level Cybersecurity Jobs
Instead of eliminating jobs for early-career cyber pros, AI is creating new opportunities for candidates with strong human decision-making skills. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ai-wont-wipe-out-entry-level-cybersecurity-jobs also interesting: CISA cybersecurity workforce faces cuts amid shifting US strategy Getting the Most Value Out of the OSCP: The PEN-200 Labs Cybersecurity management for boards: Metrics…
-
Malicious Google Notes Extension Swaps Crypto Wallet Addresses During Transactions
Technically sophisticated campaign delivering a malicious Chromium extension that silently swaps cryptocurrency wallet addresses during transactions. Delivered via unsigned installers observed in both .NET and Golang variants access, the payload masquerades as a minimalist “Google Notes” browser extension. Once deployed, the extension acts as a clipboard-aware crypto clipper: it monitors copy-and-paste activity, recognizes wallet addresses…
-
Over 900 Oracle E-Business instances exposed to ongoing attacks
Over 900 Oracle E-Business Suite (EBS) instances have been found exposed online amid ongoing attacks exploiting a critical security flaw. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-900-oracle-e-business-instances-exposed-to-ongoing-attacks/ also interesting: Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day AI, Quantum, and the New Threat Frontier: What Will…
-
CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks
CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer allows attackers to escalate privileges locally in Microsoft Defender. The vulnerability, along with two other zero-days dubbed…
-
Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection
Frankfurt am Main, Deutschland, 1st July 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/mitigating-attacks-before-they-impact-infrastructure-link11-provides-next-generation-network-ddos-protection/ also interesting: Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection When Good Tools Go Bad: Dual-Use in Cybersecurity Top cybersecurity M&A deals for 2025 SystemBC Botnet Compromises 1,500 VPS Every Day to Rent Out…
-
Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection
Frankfurt am Main, Deutschland, 1st July 2026, CyberNewswire First seen on hackread.com Jump to article: hackread.com/mitigating-attacks-before-they-impact-infrastructure-link11-provides-next-generation-network-ddos-protection/ also interesting: Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection 9 things CISOs need know about the dark web 2025 Threat Landscape in Review: Lessons for Businesses Moving Into 2026 Operation Epic Fury: Why…
-
Cybersecurity-Assessment-Report von Bitdefender deckt KI-Risiken auf
Nicht nur die sich erweiternde Angriffsfläche ist für die dieses Jahr erneut von Bitdefender befragten professionellen IT-Sicherheitsverantwortlichen ein zunehmendes Risiko für die Datensicherheit. KI-Risiken, das Verschweigen von unberechtigten Zugriffen und Datensouveränität sind Trendthemen der aktuellen Neuauflage der Bitdefender-Studie zu Cybersecurity-Assessment. Im Rahmen einer unabhängigen Studie befragte Bitdefender über 1.200 IT- und IT-Sicherheitsprofis in den USA,…
-
Künstliche Intelligenz wird immer zu einem festen Bestandteil unseres Lernens, Arbeitens und Entscheidens
Tags: aiDie Entscheidung Bayerns, den Einsatz von künstlicher Intelligenz bei Hochschulprüfungen zuzulassen, ist ein klares Signal dafür, in welche Richtung sich die Gesellschaft entwickelt. Künstliche Intelligenz ist längst kein Randphänomen mehr. Sie wird immer mehr zu einem festen Bestandteil unseres Lernens, Arbeitens und Entscheidens. Ein Kommentar von Tim Pfälzer, GM and SVP EMEA bei Veeam. <<Versuche,…
-
Angreifer locken Firmen in gefälschte OpenAI-Konten
Tags: openaiAngreifer nutzen offizielle Einladungen von OpenAI, um IT-Sicherheitsfirmen zu imitieren und sensible Unternehmensdaten aus Chat-Verläufen abzufangen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/gefaelschte-openai-konten also interesting: Interview: How OpenAI is making ChatGPT public and private sector-ready Whisper Leak uses a side channel attack to eavesdrop on encrypted AI conversations OpenAI says AI browsers may always…
-
Exploitarium: Anonymer Forscher leakt massenweise Zero-Day-Exploits
Ein öffentliches Github-Repository enthält 26 Exploits für Zero-Day-Lücken in mehreren populären Softwaretools. Und es werden immer mehr. First seen on golem.de Jump to article: www.golem.de/news/exploitarium-anonymer-forscher-leakt-massenweise-zero-day-exploits-2607-210388.html also interesting: Auf der Suche nach Alternativen zum CVE-Programm Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201) Microsoft issues outband patch for critical security flaw in update to ASP.NET…
-
(g+) Kernel Live-Patching: Patchen ohne Neustart – und warum der Reboot trotzdem kommt
Tags: updateLive-Patching schließt Kernel-Lücken ohne Neustart – aber nicht jede Lücke. Wie Live-Patching funktioniert und wo seine Grenzen liegen. First seen on golem.de Jump to article: www.golem.de/news/kernel-live-patching-patchen-ohne-neustart-und-warum-der-reboot-trotzdem-kommt-2607-210375.html also interesting: Microsoft Activation Script (MAS) versorgt Windows 10 weiterhin mit kostenlosen Updates Microsoft updates Windows DLL that triggered security alerts Sophos modernisiert Partnerportal und startet neuen Partner-Blog Aktiv…
-
Anthropic’s Fable 5 and Mythos 5 Are Back with New Security Guardrails
Tags: controlThe new classifier in Fable 5 blocks the jailbreak technique that prompted the US export controls “in over 99% of cases” First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/anthropic-fable-mythos-back/ also interesting: Google adds endend email encryption to Gmail Das gehört in Ihr Security-Toolset XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics…
-
Microsoft Accelerates Post-Quantum Cryptography Shift to 2029
Microsoft on Tuesday said it’s accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encryption standards sooner than previously expected.”Advances in quantum research and development have shifted the risk horizon,” Mark Russinovich, chief technology officer of Microsoft Azure, said. “We believe First seen on thehackernews.com…
-
The Gentlemen Ransomware Targets Large Corporations and Critical Infrastructure Worldwide
The Gentlemen ransomware group has emerged in 2026 as a highly adaptive and technically sophisticated ransomware-as-a-service (RaaS) operation targeting large corporations and critical infrastructure across multiple regions. Public reporting places The Gentlemen among the top 10 ransomware actors by victim announcements on its data leak site during the first half of 2026 (see ransomware.live/stats/2026), and…
-
CISA Adds Actively Exploited SimpleHelp Vulnerability to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in SimpleHelp, tracked as CVE-2026-48558, and added it to its Known Exploited Vulnerabilities (KEV) catalog. This indicates that the vulnerability is actively being exploited in the wild, and CISA is urging immediate remediation. The flaw, classified as CWE-347 (Improper Verification of Cryptographic…
-
CISA Adds Actively Exploited SimpleHelp Vulnerability to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in SimpleHelp, tracked as CVE-2026-48558, and added it to its Known Exploited Vulnerabilities (KEV) catalog. This indicates that the vulnerability is actively being exploited in the wild, and CISA is urging immediate remediation. The flaw, classified as CWE-347 (Improper Verification of Cryptographic…
-
FCC Bans Chinese-Produced Network Equipment Linked to Cyber and Espionage Risks
The U.S. Federal Communications Commission (FCC) has implemented comprehensive new restrictions banning the import and marketing of Chinese-produced telecommunications and surveillance equipment identified as posing significant cybersecurity and espionage risks. Announced on June 26, 2026, this updated regulation addresses a longstanding loophole that previously allowed companies on the FCC’s “Covered List” to continue selling older,…

