Tag: service
-
US FCC Eases Router Ban for Cable ISPs
Waiver Allows Component Swaps for 1 Year. The U.S. Federal Communications Commission approved a cable industry lobbying group’s request to grant large scale internet service providers with a waiver from Trump administrations’ current ban on consumer grade foreign-made routers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-fcc-eases-router-ban-for-cable-isps-a-31982
-
Cyberattack on Russian tech firm Astral disrupts business, government services for week
According to customer complaints, the disruption affected a range of services used by businesses, leading to interruptions in cash register operations, difficulties selling certain regulated goods, loss of access to customer portals and corporate email and problems with electronic human resources document management systems and authentication using digital certificates. First seen on therecord.media Jump to…
-
Big tech must introduce age checks to support UK’s under-16s social media ban
Keir Starmer announces UK social media ban for under-16s that requires mandatory age verification to access social media services First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366644294/Big-tech-must-introduce-age-checks-to-support-UKs-under-16s-social-media-ban
-
Handala Hacking Group Claims Breach of California Water Service
The Handala hacking group claims it has targeted California Water Service, leaking 5GB of customer database and GPS network files in its latest infrastructure attack. First seen on hackread.com Jump to article: hackread.com/handala-hacking-group-california-water-service-breach/
-
FBI disrupts massive AI-powered phishing service using a million URLs
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/
-
Manipulierte Red-Hat-npm-Pakete verbreiten neue Malware
Das JFrog-Security-Research-Team hat eine neue Welle der Supply-Chain-Schadsoftware Shai-Hulud analysiert. Betroffen sind 96 manipulierte Paketversionen aus dem npm-Namensraum @redhat-cloud-services, einem von Red Hat selbst genutzten und damit vertrauenswürdigen Bereich. Die Angreifer haben dabei nicht etwa Typosquatting-Pakete platziert, sondern legitime, weit verbreitete Komponenten als Träger missbraucht. Im Schadcode selbst wird die Kampagne als ‘Miasma: The Spreading…
-
Critical Splunk Enterprise Pre-Auth RCE Chain Exposes Databases
Tags: api, authentication, cve, cvss, cyber, flaw, rce, remote-code-execution, service, vulnerabilityA critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked asCVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects thePostgreSQL Sidecar Serviceintroduced in Splunk version 10. The root cause of CVE-2026-20253 lies in the PostgreSQL Sidecar Service’s HTTP API…
-
Critical Splunk Enterprise Pre-Auth RCE Chain Exposes Databases
Tags: api, authentication, cve, cvss, cyber, flaw, rce, remote-code-execution, service, vulnerabilityA critical pre-authentication remote code execution (RCE) vulnerability in Splunk Enterprise has been disclosed, carrying a near-perfect CVSS score of 9.8. Tracked asCVE-2026-20253, the flaw was published by Splunk on June 10, 2026, and affects thePostgreSQL Sidecar Serviceintroduced in Splunk version 10. The root cause of CVE-2026-20253 lies in the PostgreSQL Sidecar Service’s HTTP API…
-
OnyxC2 stealer sold as a service targets over 210 applications
Tags: serviceFirst seen on scworld.com Jump to article: www.scworld.com/brief/onyxc2-stealer-sold-as-a-service-targets-over-210-applications
-
AudiA6 cryptocurrency service dismantled for allegedly laundering over $380 million
First seen on scworld.com Jump to article: www.scworld.com/brief/audia6-cryptocurrency-service-dismantled-for-laundering-over-380-million
-
Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it…
-
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans.The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant.”The operation weaponized Gemini…
-
Google Sues Chinese Phishing Service Over Gemini Abuse
Complaint Says Service Generated More Than 1.5 Million Malicious URLs. Google has sued a Chinese phishing-as-a-service provider accused of teaching customers to use Gemini to generate and customize scam websites, a campaign linked to more than 1.59 million phishing URLs, over 100,000 victims, and widespread credential and financial theft. First seen on govinfosecurity.com Jump to…
-
INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday.The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and saw authorities from 13 countries in the Middle East and North Africa (MENA) region making 201 arrests.Included among them was Guedz, the…
-
OnyxC2 Stealer Uses Cloudflare-Fronted C2 to Exfiltrate Browser Data and Credentials
A new commercial-grade information stealer, marketed as OnyxC2, surfaced on cybercrime forums in early 2026 and demonstrates how commodity malware is increasingly packaged as a full-service product. For $250 a month buyers receive a web-based control panel, a payload builder, tiered licensing, and even refund guarantees if a build is detected lowering the barrier for…
-
OnyxC2 Stealer Uses Cloudflare-Fronted C2 to Exfiltrate Browser Data and Credentials
A new commercial-grade information stealer, marketed as OnyxC2, surfaced on cybercrime forums in early 2026 and demonstrates how commodity malware is increasingly packaged as a full-service product. For $250 a month buyers receive a web-based control panel, a payload builder, tiered licensing, and even refund guarantees if a build is detected lowering the barrier for…
-
Authorities dismantle crypto laundering service that moved Euro336 million for cybercriminals
An international law enforcement operation has dismantled a cryptocurrency laundering service linked to ransomware groups and other cybercriminals that processed more than … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/12/europol-audia6-crypto-laundering-service-ransomware-groups/
-
Authorities Seize AudiA6 Crypto Laundering Service Used by Cybercriminal Gangs
Tags: crypto, cyber, cybercrime, finance, infrastructure, international, network, ransomware, serviceAuthorities have dismantled a major cryptocurrency laundering infrastructure known as “AudiA6,” disrupting a critical financial backbone used by ransomware gangs and cybercriminal networks to legitimize illicit proceeds. The coordinated international operation, supported by Europol and Eurojust, targeted a service believed to have laundered more than EUR 336 million between 2022 and 2025, marking one of…
-
Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
Authorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks.Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a “key financial pipeline used to wash hundreds of millions in illicit profits.” The service is estimated to have been used to launder more than Euro336…
-
Researcher Uses AI to Hack Google, Earns $500,000 Bug Bounty
Tags: access, ai, api, attack, bug-bounty, control, cyber, flaw, framework, google, infrastructure, service, vulnerabilityResearcher Arvin Shivram has earned $500,000 in bug bounties from Google’s Vulnerability Reward Program (VRP) by deploying an AI-powered fuzzing framework against Google’s internal API infrastructure, uncovering critical access-control flaws across multiple high-impact services in under 3 months. The research began after Shivram was invited to bugSWAT Mexico in October 2025, which reignited his interest in Google’s attack surface. Recognizing that…
-
Researcher Uses AI to Hack Google, Earns $500,000 Bug Bounty
Tags: access, ai, api, attack, bug-bounty, control, cyber, flaw, framework, google, infrastructure, service, vulnerabilityResearcher Arvin Shivram has earned $500,000 in bug bounties from Google’s Vulnerability Reward Program (VRP) by deploying an AI-powered fuzzing framework against Google’s internal API infrastructure, uncovering critical access-control flaws across multiple high-impact services in under 3 months. The research began after Shivram was invited to bugSWAT Mexico in October 2025, which reignited his interest in Google’s attack surface. Recognizing that…
-
CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways
CISA’s LiteLLM warning shows why AI gateways and agents need service account governance, scoped access, credential rotation, and audit trails. The post CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-litellm-cisa-ai-gateway-service-account-governance/
-
CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways
CISA’s LiteLLM warning shows why AI gateways and agents need service account governance, scoped access, credential rotation, and audit trails. The post CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-litellm-cisa-ai-gateway-service-account-governance/
-
Cyber Force not included in Senate defense policy roadmap
An amendment by Sen. Kirsten Gillibrand (D-NY) to the chamber’s fiscal 2027 national defense authorization bill that would have created the digital-focused service was defeated 14-13 when the Senate Armed Services Committee took up the nearly $1.2 trillion legislation behind closed doors this week. First seen on therecord.media Jump to article: therecord.media/cyber-force-not-included-senate-defense-roadmap
-
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service (RaaS) schemes like LockBit (aka Tenacious Mantis), Qilin (aka Pestilent Mantis), and Medusa (aka Venomous Mantis).According to a detailed report First seen on…
-
Authorities dismantle ‘AudiA6’ ransomware crypto-laundering service
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/authorities-dismantle-audia6-ransomware-crypto-laundering-service/
-
OnyxC2 Malware-as-a-Service Offers Enterprise-Grade Data Theft
OnyxC2 is a MaaS stealer targeting 210+ apps, using DLL sideloading, encrypted payloads, and remote access features to evade detection. OnyxC2 appeared on a cybercrime forum earlier this year and is sold as a subscription service: $250 per month for the standard build, $500 for the premium tier that includes HVNC, and $6,000 for an…
-
Check Point treibt die sichere KI-Transformation für Managed-Service-Provider voran
Check Point gibt eine umfassende Erweiterung seiner Managed-Service-Provider-Plattform bekannt. Die neue Strategie wurde auf der Konferenz <<Pax8 Beyond 2026" vorgestellt. Sie wird nun weltweit für Check Point-Partner eingeführt und soll MSPs dabei unterstützen, den Einsatz von KI abzusichern, Abläufe zu optimieren und die Bereitstellung von Managed-Security zu vereinfachen. Die Ankündigung vereint drei strategische Innovationen unter…
-
NCC Group outlines cyber future
Firm concludes strategic review, ruling out a sale, and will operate as a security and services player First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366644166/NCC-Group-outlines-cyber-future
-
Cloud Services made in Germany: PASS stärkt digitale Souveränität für regulierte Unternehmen
Digitale Souveränität entwickelt sich von einem politischen Schlagwort zu einem konkreten IT-Kriterium. Unternehmen wollen wissen, wo ihre Daten liegen und wer Zugriff hat. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cloud-services-made-in-germany-pass-staerkt-digitale-souveraenitaet-fuer-regulierte-unternehmen/a45449/