Tag: cybersecurity
-
CISA orders federal agencies to >>patch smarter<<
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/11/cisa-risk-based-vulnerability-management-government/
-
British high school sends students home following cyberattack
Great Marlow School, which has 1,428 pupils according to the Department for Education (DfE), said it was set to remain closed while it works with specialist IT and cybersecurity professionals to resolve the issue. First seen on therecord.media Jump to article: therecord.media/british-school-sends-students-home-cyberattack
-
Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories
Tags: cybersecurityMost good security work is invisible by design. Today is the exception.The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four main award categories.The reason is simple. Cybersecurity is full of work that deserves recognition and rarely gets it. Products that quietly close real gaps. Teams that stop incidents nobody reads about.…
-
Oracle PeopleSoft servers under attack, Oracle pushes outband security alert
A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/11/oracle-peoplesoft-under-attack-cve-2026-35273/
-
CISA tells govt agencies to patch critical exploited flaws in 3 days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive, 26-04, that prioritizes security updates for Federal Civilian Executive Branch (FCEB) agencies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-tells-govt-agencies-to-patch-critical-exploited-flaws-in-3-days/
-
Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats
Organizations are aware of the challenges that new technologies like AI bring: but cybersecurity staff struggle to make time for the required training during working hours First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cybersecurity-training-time/
-
Mackay Sugar Security Incident Forces Mill Shutdowns and Halts Harvesting Operations
Australia’s second-largest sugar producer, Mackay Sugar, is investigating a cyberattack that has disrupted parts of its operations and temporarily halted sugarcane harvesting in Queensland’s Mackay region. The Mackay Sugar security incident has led to the suspension of milling activities at two of the company’s facilities while cybersecurity specialists and authorities work to determine the nature and impact…
-
AI Is Reshaping Cybersecurity Training Priorities
ISC2 Survey Says AI Skills Top Training Agendas, But Teams Need to Act Quickly. AI now tops cybersecurity training priorities for 47% of security leaders, as critical cyber skills gaps are growing, according to an ISC2 survey. Most organizations train in-house, and 53% cite time – not budget – as the biggest barrier to effective…
-
CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
“Defenders cannot afford to take weeks to patch,” one Cybersecurity and Infrastructure Security Agency official warned on Wednesday. First seen on wired.com Jump to article: www.wired.com/story/cisa-ai-vulnerability-directive/
-
When Burnout Becomes a Cybersecurity Control Failure
Peter Coroneos of Cybermindz on Stress, the Brain and Human Capability Risk. Cybersecurity burnout is no longer just a wellness concern. It’s an operational risk that quietly degrades the capability of cyber defenders, says Peter Coroneos, founder and chairman of Cybermindz. Cyber burnout levels now exceed those of frontline healthcare workers. First seen on govinfosecurity.com…
-
Security Leaders Must Stop Living by the Framework
Paul Watts of Keywords Studios on Business Alignment, AI Hype and Workforce Risk. Cybersecurity leaders who still operate through the lens of frameworks and risk registers could be irrelevant in a world where business moves without them, said Paul Watts, CISO at Keywords Studios. He recommends investing in both AI and people to sustain operations…
-
SMEs Need Cyber Help That Speaks Their Language
Helen Barge of Howden on Scaling Practical Cyber Support for Small Businesses. Small and mid-sized businesses face unique cybersecurity barriers – from budget constraints to IT providers who fall short on basics – and need accessible, jargon-free guidance, said Helen Barge, principal and head of digital resilience services at global insurance group Howden. First seen…
-
Google DoubleClick Abused in New Malspam Campaign to Deliver .NET Loader
Cybersecurity researchers have flagged a new malspam campaign that makes use of Google’s DoubleClick domain as a way to evade detection and ultimately deliver an unidentified .NET-based loader.”Before the victim ever reaches attacker-controlled infrastructure, the lure routes through DoubleClick, a legitimate Google-owned domain that many security tools are less likely to treat as suspicious,” First…
-
Warum Security-Operations im KI-Zeitalter neu gedacht werden müssen
Cybersecurity steht vor einem grundlegenden Wandel. Lange Zeit bestand die Aufgabe von Security-Teams vor allem darin, immer mehr Warnmeldungen zu sichten, zusätzliche Tools zu integrieren und mit begrenzten Ressourcen auf eine stetig wachsende Zahl von Bedrohungen zu reagieren. Doch mit dem Aufstieg leistungsfähiger KI-Systeme verändert sich nicht nur die Verteidigung, sondern auch Angreifer arbeiten längst…
-
Hackers pose as women seeking romance to spy on Russian soldiers
The group, dubbed SiribClone by Russian cybersecurity firm F6, has been active since at least the summer of 2025 and has primarily targeted members of the Russian armed forces stationed in border regions and combat zones. First seen on therecord.media Jump to article: therecord.media/hackers-pose-as-women-seeking-romance-russian-military
-
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
Tags: ai, attack, cisa, cybersecurity, exploit, infrastructure, injection, open-source, vulnerabilityA command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/09/litellm-vulnerability-under-active-attack-cisa-warns-cve-2026-42271/
-
U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: The CVE-2026-42271…
-
Kuwait and Oman Sign Cybersecurity Pact to Counter Rising Digital Threats
As digital transformation accelerates across the Gulf region, Kuwait and Oman have taken a significant step toward strengthening their collective cybersecurity capabilities. The two countries recently signed a Memorandum of Understanding (MoU) designed to enhance bilateral cooperation in cybersecurity and improve their ability to address sophisticated digital threats. First seen on thecyberexpress.com Jump to article:…
-
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
Tags: cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2026-42271 (CVSS score: 8.7), is a command injection vulnerability that could allow any authenticated user to run arbitrary commands on the First seen…
-
Wie groß ist der Markt für Cybersecurity
Künstliche Intelligenz erschließt Wachstumspotenziale für Unternehmen, bringt aber auch neue Sicherheitsrisiken mit sich. Daher geben Sicherheitsverantwortliche geben KI-Themen bei der Budgetvergabe oberste Priorität. Wie groß dieses Wachstum ausfällt, zeigt auch das neue Statista Whitepaper Putting Agentic AI To Work[1]. Demnach belief sich der Umsatz mit Cyber Serurity im vergangenen Jahr auf 183 Milliarden Euro ……
-
Post-Quantum Prep Should Start Now, Says German State
It May Already Be Too Late, Says Athene. The transition to post-quantum cryptography will be a heavy lift. Experts from Germany’s National Research Center for Applied Cybersecurity say there’s plenty that can be done in the short term to prepare for a world in which classical cryptography is no longer able to protect secrets. First…
-
Lost in translation: Cybersecurity board reporting for CISOs
Cybersecurity board reports don’t always land. At the Security and Risk Management Summit 2026, Gartner analysts suggested a novel way to communicate cyber-risk to corporate directors. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366643884/Lost-in-translation-Cybersecurity-board-reporting-for-CISOs
-
Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites
Cybersecurity firm Resecurity reports Silent Ransom Group is using a fast flux botnet to hide data leak sites while targeting law firms with theft and vishing. First seen on hackread.com Jump to article: hackread.com/silent-ransom-group-fast-flux-botnet-leak-sites/
-
Mit dem Vorstand über Cybersicherheit sprechen Daten und Verantwortung teilen
Für Unternehmensführungen bleibt Cybersicherheit auch im Jahr 2026 eines der drängendsten Themen. Da so viele Geschäftsaktivitäten von Technologie abhängen, sind laut dem Bericht ‘Global Cybersecurity Outlook 2026″ des Weltwirtschaftsforums 63 % der Unternehmensleiter besorgt über die Auswirkungen der sich rasch wandelnden Bedrohungslandschaft und der Risiken für neue Technologien auf ihre Resilienz. Dies liegt auch ganz…
-
Check Point links VPN zero-day attacks to Qilin ransomware gang
Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/
-
Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)
A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/08/cisa-patch-actively-exploited-solarwinds-serv-u-dos-vulnerability-cve-2026-28318/
-
UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign
Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026.The activity has been attributed by Google Mandiant and Google Threat Intelligence Group (GTIG) to a threat actor dubbed UNC3753, which is also…
-
Cybersecurity in der Lieferkette – Warum NIS2 auch Zulieferer unter Druck setzt
First seen on security-insider.de Jump to article: www.security-insider.de/nis2-cybersecurity-anforderungen-zulieferer-lieferkette-a-b0c13c367beed6dfd5f3ecba87eed36a/
-
CBSE Re-Evaluation Portal Goes Live After Final Cybersecurity Clearance
The Central Board of Secondary Education has secured the final CBSE cybersecurity clearance required for its examiner-facing re-evaluation portal, allowing the reassessment of Class 12 answer scripts to move forward. The approval was granted on the night of June 6, 2026, after the completion of the final phase of cybersecurity testing conducted through an IIT-led red team…
-
CBSE Re-Evaluation Portal Goes Live After Final Cybersecurity Clearance
The Central Board of Secondary Education has secured the final CBSE cybersecurity clearance required for its examiner-facing re-evaluation portal, allowing the reassessment of Class 12 answer scripts to move forward. The approval was granted on the night of June 6, 2026, after the completion of the final phase of cybersecurity testing conducted through an IIT-led red team…

