Security Articles

Articles
AryStinger botnet infected thousands of D-Link routers worldwide 2026-06-21 A previously undocumented malware botnet named AryStinger has compromised more than 4,000 outdated routers to turn them into proxies for malicious tra... Bleeping Computer Security
New Prinz Eugen ransomware prioritizes recent files for encryption 2026-06-20 A new ransomware operation named 'Prinz Eugen' prioritizes recently modified files for encryption and leaves no ransom note on the system. [...] Bleeping Computer Security
AMD Reverses Course On Removing TSME From Ryzen Chips; Will Reinstate The Feature Through A New BIOS Update 2026-06-20 The company has decided to restore the memory encryption feature on consumer Ryzen CPUs after the backlash. AMD To Restore TSME Feature on Consumer Ry... Wccf Tech SecurityiOS
College Students Consumed by “Resignation and Despair” as They’re Relentlessly Pressured to Use AI 2026-06-20 "They feel like there's no escaping it." The post College Students Consumed by “Resignation and Despair” as They’re Relentlessly Pressured to Use AI a... Futurism Security
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys 2026-06-20 Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The ... The Hacker News Security
From PGP to Mythos: a brief history of export controls that didn’t stop anyone 2026-06-19 For the last 30 years, stopping the flow of cybersecurity-related software has proven to be ineffective. It's unclear why it would work now with Anthr... Tech Crunch AISecurity
Klue OAuth breach victim list grows as Icarus hackers claim attack 2026-06-19 Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect t... Bleeping Computer Security
7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes 2026-06-19 Your AI agent did exactly what it was designed to do. The framework underneath it just handed an attacker a shell on the box that holds your OpenAI ke... VentureBeat AISecurityDev ToolsMicrosoftPythonCloudDatabase
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin 2026-06-19 Threat actors are exploiting an unauthenticated information disclosure vulnerability in the WordPress plugin Gravity SMTP, active on 100,000 sites. [.... Bleeping Computer Security
Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain 2026-06-20 Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM... The Hacker News SecurityApple
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes 2026-06-20 The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers... The Hacker News Security
Is the US government’s Anthropic ban accidentally helping the brand? 2026-06-19 Just as last week was ending, the US government forced Anthropic to pull its two newest models, Fable 5 and Mythos 5, citing national security concern... Tech Crunch AISecurity
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution 2026-06-19 Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code executio... The Hacker News AISecurityMicrosoftJavaScript
CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices 2026-06-19 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secur... The Hacker News Security
Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way 2026-06-19 AI agents can access data, trigger workflows, deploy code, and interact with critical business systems, often with little oversight. Token Security br... Bleeping Computer AISecurity
Webinar: How attackers bypass MFA and how defenders can respond 2026-06-19 Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without steali... Bleeping Computer SecurityMicrosoft
From Assistive to Agentic: The AI Shift That's Redefining Threat Management 2026-06-19 Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. Bu... The Hacker News AISecurityMicrosoftWindows
Anthropic’s most advanced AI models could be restored shortly following dramatic emergency freeze 2026-06-19 Fable 5 and Mythos 5 may return within days after a sudden US national security directive pulled them offline. Android Authority AISecurity
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday 2026-06-19 CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in a... Bleeping Computer Security
Forget Data Leakage: Shadow AI's Real Threat Is Access Control 2026-06-19 The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams respo... The Hacker News SecurityMicrosoft