POPULARITY
Categories
LastPass says Klue breach affected customer information, but passwords remain secure. Attackers begin exploiting Cisco Unified CM vulnerability. CISA flags actively exploited Ubiquiti and Lantronix flaws, urges rapid patching. DifyTap flaws could expose private AI conversations across tenants. Researchers find AI plugin registry let unofficial tools masquerade as trusted software. xpl0itrs launches leak site, signaling shift toward full-service cyber extortion. Ransomware attack hits Indian auto giant Bajaj Auto. U.S. presses Meta to submit AI models for national security reviews. Alleged criminal marketplace administrator extradited to the US. U.S. expands sanctions against Cambodian scam network tied to cyber fraud operations. On today's Industry Voices segment, we are joined by Mike Masciulli, Managing Director, Migration Products and Services at Semperis, discussing RC4 and AD Migration: The Break Scenarios Hiding in Your Source Domain. And a lesson in access control. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, we are joined by Mike Masciulli, Managing Director, Migration Products and Services at Semperis, discussing RC4 and AD Migration: The Break Scenarios Hiding in Your Source Domain. If you enjoyed this conversation, check out the full interview here. Selected Reading Password manager maker LastPass says hackers stole customer support case data during Klue breach (TechCrunch) Klue says hackers stole credential from 2022 that led to customer data breaches (TechCrunch) Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks (BleepingComputer) U.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog (SecurityAffairs) DifyTap: Zafran discovers how attackers can silently wiretap AI data across tenants on a platform powering 1M+ apps (Zafran) 23 ClawHub Plugins Squat Official Org Scopes (Manifold Security) Cyber Intel Brief: xpl0itrs Leak Site Launch (Dataminr) Indian auto giant Bajaj Auto hit by ransomware incident (The Record) U.S. Presses Meta to Agree to A.I. Reviews as Security Concerns Rise (NY Times) Algerian Man Extradited to US for Running Cybercrime Marketplaces (SecurityWeek) US adds sanctions against accused Cambodian scammers Prince Group (Reuters) Ushering in the Next Frontier of Quantum Innovation (The White House) Meta Exposed Data Internally From Its Controversial Employee-Tracking Program (WIRED) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
CVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration. https://isc.sans.edu/diary/CVE-2024-40766%3A%20The%20Patch%20Fixed%20the%20Bug.%20Nobody%20Fixed%20the%20Configuration./33094 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c https://www.vulncheck.com/advisories/libssh2-out-of-bounds-write-via-unchecked-packet-length-in-transport-c PixelSmash Critical FFmpeg Vulnerability Turns Media Files into Weapons https://jfrog.com/blog/pixelsmash-critical-ffmpeg-vulnerability-turns-media-files-into-weapons/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
Der Podcast macht mal wieder eine Episode zu einem einzelnen Thema in aller Tiefe und zwar zu Schwachstellen-Scores. Damit werden Sicherheitslücken klassifiziert, am bekanntesten ist das Common Vulnerability Scoring System (CVSS). Allerdings gibt es das CVSS in mehreren Versionen, wovon mindestens zwei praktisch relevant sind, und mit EPSS, SSVC, CWE und CPE kommen noch diverse ergänzende Klassifikationssysteme hinzu. Die Hosts beschreiben, wie die Systeme funktionieren, was sie leisten können, was sie nicht leisten können und als was sie mitunter missverstanden werden.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
eBanking Phishing Delivered Through IPv4-Mapped IPv6 Address https://isc.sans.edu/diary/eBanking%20Phishing%20Delivered%20Through%20IPv4-Mapped%20IPv6%20Address/33090 NGINX ngx_http_v3_module vulnerability CVE-2026-42530 https://my.f5.com/manage/s/article/K000161616 Squidbleed (CVE-2026-47729) https://blog.calif.io/p/squidbleed-cve-2026-47729 AMD will reinstate memory encryption on Ryzen 9000 CPUs through a BIOS update in July https://www.tomshardware.com/pc-components/cpus/amd-will-reinstate-memory-encryption-on-ryzen-9000-cpus-through-a-bios-update-in-july-tsme-is-coming-back-after-valuable-community-feedback My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - په مې میاشت کې ۱۱ ښځې او ۲۱ ماشومان له سوریې څخه اسټرالیا ته راستانه شول. دغې موضوع په رسنیو او ټولنه کې پراخ بحثونه او اندېښنې راپورته کړې دي. د اس بی اس اګزمنز پدې راپور کې ګورو چې د تاوتریخوالي او افراطیت د مخنیوي یا CVE پروګرامونه څه دي، په اسټرالیا کې څنګه کار کوي او د هغو کسانو د ټولنیز بیا ادغام په اړه کومې پوښتنې راولاړېږي چې له جګړه ځپلو سیمو څخه راګرځي.
Referências do EpisódioTURING DAY 2026 | 6ª EDIÇÃO - DIA 25/06K000161616: NGINX ngx_http_v3_module vulnerability CVE-2026-42530K000161584: NGINX ngx_http_proxy_v2_module and ngx_http_grpc_module vulnerability CVE-2026-42055Killing me gently: Inside Gentlemen's EDR killer frameworkLost in relocation: analysis of a new loader distributing CASTLESTEALERAutoJack: How a single page can RCE the host running your AI agent Oracle Critical Security Patch Update Advisory - June 2026PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVMRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
On this week's Security Sprint, Dave and Andy covered the following topics: Opening:• (TLP:CLEAR) WaterISAC – EPA: National Security Information Sharing Bulletin – Q2 2026 — WaterISAC • The New Threat Environment; Why geopolitics matters to your water system — NRWA • Registration is open for WaterISAC's H2OEx – Camden — Association of Metropolitan Water Agencies • EPA Advisory: Protecting Sensitive Operational Information in Water and Wastewater Systems — EPAMain Topics:Election Security and Cascading Risks: An explosion of AI deepfakes is redefining American elections — Axios — 16 Jun 2026. • FBI foils alleged plot to attack White House UFC event, Patel says • Man pleads guilty to killing a top Minnesota Democrat and her husband in politically motivated attack • Man Charged with Sending Antisemitic Threats to Kill Governor of Hawaii and His Family — U.S. DOJ• Threats Against Politicians Skyrocketed After Meta Changed Its Speech Rules & Violent Threats Against Members of Congress Quadrupled After Meta Rolled Back Moderation Policies — Center for Countering Digital Hate Operation Epic Fury & Continued Threats:• ThreatBeat reports Iranian-linked hackers claimed California water system breaches after Iran water facility strike & Iranian Cyber Group Handala Claims Cal Water Hack • Iran and US reach an initial deal to end the war and open the Strait of Hormuz but challenges remain • U.S. and Iran Shape the Optics of an Agreement • Domestic: Iran-linked group claims hack of FBI drones, threatens World Cup, monitor says • Swedish Crime Group Foxtrot Adds Fuel to Iran's Proxy War in Europe Anthropic, AI & Patching… N-days. Anthropic reported that frontier models can significantly accelerate development of exploits for N-day vulnerabilities, which are publicly disclosed flaws that remain unpatched on many systems. • Exclusive: Anthropic's Mythos can exploit new flaws in hours — Axios • Statement on the US government directive to suspend access to Fable 5 and Mythos 5 • Anthropic Says It's Taking Claude Fable 5 Offline to Comply With US Government Order • “They screwed us”: Personality clashes sent Anthropic's models offline • Anthropic Releases Claude Fable 5, a Limited-Release AI Model • CISA orders feds to patch actively exploited Ivanti flaw by Sunday & CISA Adds One Known Exploited Vulnerability to Catalog - CVE-2026-10520 Ivanti Sentry OS Command Injection Vulnerability • Oracle Security Alert for CVE-2026-35273 & Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations Quick Hits:• Wildfire Threats: National Interagency Coordination Center: 7-Day Significant Fire Potential• Weekly ransomware & data leak landscape — eCrime.ch — 15 Jun 2026. eCrime.ch reported 210 observed ransomware and data leak events for the 09 Jun to 15 Jun 2026 reporting window. The report identified 96 public data leak indicators, 38 active actors, and DeadLock as the highest-volume actor with 73 observed events. • Ransomware Evolution Report — Halcyon • Ransomware-as-a-Service: LockBit Alumni Launch Competing Programs as Ecosystem Consolidates in Q1 2026 • Ransomware Cybersecurity Framework Community Profile — NCCoE • National Security Presidential Memorandum/NSPM-12: National Policy for the Cybersecurity of National Security Systems — The White House • CISA sees leadership shakeup after infrastructure security chief moves to ONCD • MS-ISAC enters uncertain new era after losing federal funding and thousands of members
VulnCheck's Patrick Garrity on the NVD collapse, the first real AI disclosure wave, and why remediation, not finding bugs, is the bottleneck.DescriptionVulnerability management spent years as the chore everyone dreaded, and now it is one of the hottest topics in security because attackers made exploitation the number one way in. Patrick Garrity of VulnCheck rejoins the show to separate what is real from what is marketing. We get into the honest state of the NIST National Vulnerability Database after CISA pulled its funding, the new AI executive order that wants a clearinghouse for AI-discovered vulnerabilities, the first measurable wave of AI-assisted disclosures, and Patrick's audit of Anthropic's Glasswing ledger. We also dig into why cheap AI discovery makes the remediation bottleneck worse, how AI is raising the security poverty line, and whether the 90-day disclosure model still holds.Key takeawaysVulnerability management is hot again because attackers made it the top way in. As Patrick puts it, attention flows to wherever the attacker goes, and right now that is exploitation.The NIST NVD breakdown was worse than a backlog. A recent report confirmed CISA had stopped funding the NVD and NIST lost about half its funding, with no real plan to clear the backlog, which quietly hurts every defender who relies on enriched CVE data.A new AI executive order wants a clearinghouse for AI-discovered vulnerabilities, reportedly under Treasury. Patrick's reaction is that we already have a vulnerability database, the program is optional, and it may turn into a marketing race more than a coordination win.The first measurable AI disclosure wave is real. CVE volumes are up 563 percent for Chrome and GitHub advisories up 470 percent year to date, and Patrick separated genuine AI-assisted discovery from AI slop and from bugs that merely live in AI software by correlating researchers, domains, and email addresses across multiple advisory sources.Patrick audited Anthropic's Glasswing ledger and found the transparency lacking. He had around 80 vulnerabilities in his own database while the public ledger listed 27, several items had blown past their own 90-day disclosure window, and the ledger had not been updated in two weeks.Finding vulnerabilities is not the bottleneck, remediation is. AI makes discovery cheap, but the coordinated disclosure and fix process takes enormous human effort, and the median time to remediate even known exploited bugs is still measured in weeks.Exploitation looks like it is sustaining rather than surging. CISA KEV and VulnCheck KEV are tracking similar year-over-year volumes, partly because attackers already have more than enough to target and partly because you can only count the exploitation you can actually detect.AI is raising the security poverty line, at least for now. Token costs and access-restricted tools concentrate the most powerful discovery capabilities among well-funded teams, while smaller organizations lack the expertise to turn open-weight models into working vulnerability harnesses.The economics are circular. AI drives the surge in findings and attacker velocity, and AI is then sold as the fix, so teams pay to surface the problem and pay again to remediate it, all on consumption-based pricing against finite budgets.The 90-day disclosure norm mostly holds, though it may tighten. VulnCheck runs a strict 120-day policy with no exceptions and averages 45 to 48 days to fix and disclose, and for open source the fixing commit often makes the flaw public anyway.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - ISIS அமைப்புடன் தொடர்புடைய 11 பெண்களும் 21 குழந்தைகளும் சிரியாவிலிருந்து கடந்த மே மாதம் ஆஸ்திரேலியாவுக்கு திரும்பியுள்ளனர். இதனால் சமூகப் பாதுகாப்பு குறித்து கவலைகள் எழுந்துள்ளன. அவர்களின் வருகை ஊடகங்களில் பெரும் பரபரப்பையும், பல்வேறு கருத்துகளையும் முன்வைத்துள்ளது . வன்முறைத் மற்றும் தீவிரவாதத்தைத் தடுக்கும் (CVE) திட்டங்களில் இந்தப் பெண்கள் கட்டாயமாக பங்கேற்க வேண்டிய அவசியம் இல்லாதது குறித்து அரசியல்வாதிகளும் சமூக உறுப்பினர்களும் கவலை தெரிவித்துள்ளனர்.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
More Bitlocker Issues: GreatXML https://git.churchofmalware.org/Nightmare_Eclipse/GreatXML Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523) https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US Oracle Security Alert Advisory - CVE-2026-35273 https://www.oracle.com/security-alerts/alert-cve-2026-35273.html https://www.bleepingcomputer.com/news/security/oracle-mitigates-peoplesoft-zero-day-exploited-in-data-theft-attacks/ How Deceptive Installers Are Targeting macOS Users https://www.huntress.com/blog/deceptive-installers-macos-infostealers My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
Hello friends! I've been on a bit of an AI agent journey lately, and today I'm sharing my experience ditching OpenClaw and going all-in on Hermes — a self-hosted AI agent built by Nous Research. A Network Chuck video sold me on it, I wiped my Mac Mini (again), and baby's first Hermes adventure began! Here's what we get into today: Why I left OpenClaw — After getting the Mac Mini set up, OpenClaw left me feeling pretty meh: burning through API requests, random mid-conversation shutdowns, and a marketplace where the top listings were flagged as "potentially malicious." Hard pass. Network Chuck's five reasons Hermes rocks — His video summarized why Hermes stands out: (1) Nous Research has serious open source model cred predating OpenClaw, (2) more flexible persistent memory via markdown files + optional Honcho integration for building a profile of you over time, (3) a mission around humanistic and democratic AI, (4) a self-improvement loop where it writes its own skills after figuring things out, and (5) it just doesn't break — it feels like a product, not a project. The install — I used Claude to build a Mac Mini install guide from the Network Chuck transcript, and had Hermes up and running in about 15 minutes (one small Ollama hiccup aside). The install wizard lets you choose cloud models like Claude or ChatGPT, or go fully local with something like Gemma — I'm planning a hybrid setup with two Telegram bots. First real-world use: sitting in a truck running errands — With Hermes running on the Mac Mini and connected via Telegram, I asked it what it could do. It suggested Uptime Kuma for LAN monitoring — weirdly well-timed since I'd just been thinking about flaky IoT devices. I said "go install it," and it did — narrating its own troubleshooting out loud the whole time like a little robot intern. Remote access and Home Assistant — Had it install Home Assistant for smarthome control too, with plans to wire up TwinGate for remote access (it had a TailScale skill ready to fire in about two seconds, but I'm trying to keep VPN services consolidated). Daily digest via email — Hooked Hermes into a dedicated Gmail account and set up a 6 a.m. cron job that sends me a personalized morning digest: weather for my watched locations, recent breach/CVE news from select sites, and a summary of my favorite pentesting-focused Mastodon accounts. Needs tuning, but the first digest landed this morning and it's really good! The privacy angle — The real long-term win I see here is a hybrid model: feed raw, unsanitized pentest data to a local private model, let it analyze and sanitize, then hand off the clean version to a cloud model for deeper insight. Best of both worlds without the data exposure anxiety. Check out the Network Chuck video that started it all, and as always, if you're doing cool AI + security stuff, I'd love to hear about it. Find our pentesting services and training at 7MinSec.com, pentesting tips and scripts at 7MinSec.wiki, and if you want to support the show, head over to 7MinSec.club.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - بازگشت ۳۲ زن و کودک از سوریه که با گروه خودخوانده داعش مرتبط هستند، باعث ایجاد نگرانی در مورد امنیت جامعه و بحث در مورد فعالیت های اجباری مبارزه با افراط گرایی خشونت آمیز (CVE) برای افراد در معرض خطر شده است.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - 자칭 ‘이슬람국가(IS)'와 연관된 시리아 출신 여성과 어린이 32명이 귀국함에 따라 지역사회 안전에 대한 우려가 제기되고 있습니다. 위험군 대상자에 대한 ‘폭력적 극단주의 예방(CVE)' 의무 프로그램 시행을 둘러싼 논의가 진행되고 있습니다.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - 32名與自稱「伊斯蘭國」組織有關聯的婦孺從敘利亞返回澳洲,此事引發了社群對社區安全的擔憂,並引發了關於針對高風險人士實施強制性「反暴力極端主義」(CVE) 措施的討論。
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - بازگشت ۳۲ زن و کودک از سوریه که با گروه موسوم به «دولت اسلامی» (داعش) ارتباط داشتهاند، نگرانیهایی را درباره امنیت جامعه برانگیخته و بحثهایی را پیرامون اجباری شدن برنامههای «مقابله با افراطگرایی خشونتآمیز» (CVE) برای افراد در معرض خطر ایجاد کرده است.
Google faces liability for AI-generated claims. Washington pauses public AI model assessments. Anthropic ships a safer AI model. OpenAI disrupts influence operations. Ransomware operators get a powerful new backdoor. Urgent patches land for Ivanti and Veeam. PyPI supply chain attacks evolve. And a massive data breach triggers a record fine in South Korea. Our guest is Peter Barker, Chief Product Officer at Ping Identity, sharing how identity increasingly becomes the control plane for how work gets done. AI analyzes the FIFA World cup, one cliché at a time. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices, we are joined by Peter Barker, Chief Product Officer at Ping Identity, sharing how identity increasingly becomes the control plane for how work gets done across humans, automation, and AI agents. You can read more from Ping Identity here. If you enjoyed this conversation, be sure to check out the full interview here. Selected Reading Landmark German ruling declares Google's AI Overviews are Google's own words and makes it liable for false answers (The Decoder) White House Reins In AI-Testing Unit as National-Security Concerns Grow (Wall Street Journal) Anthropic Releases ‘Safe' Version of Its Mythos A.I. Technology (The New York Times) PRC-linked influence operations are targeting AI debates in the US (OpenAI) Technical Analysis of MLTBackdoor (ThreatLabz) CVE-2026-10520, CVE-2026-10523 - Multiple critical vulnerabilities affecting Ivanti Sentry (Rapid7) Mini Shai-Hulud, Miasma, and Hades Worms Target Bioinformatics and MCP Developers via Malicious PyPI Wheels (Socket) Veeam Patches Critical RCE Vulnerability in Backup & Replication published: yesterday (Beyond Machines) ‘Amazon.com of South Korea' Is Fined a Record $409 Million (The New York Times) The 2026 big soccer tournament, in clichés. (Sinch) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
CISA's BOD 26-04 replaces severity-based patching with an exploit-evidence model and remediation clocks as short as three days, fleet-wide, no exceptions. Peter Pflaster and Jason Kikta unpack the four urgency signals, the 16-row decision tree, and the shift from "justify the patch" to "justify why you can't." They also cover what it means for contractors, cyber insurance, and the future of Patch Tuesday. If you own patching or vulnerability management, start here.
Instagram AI Support Hack Hits 20,225 Accounts; AI Worm 'Hades' Lies to Security Tools; Chrome Zero-Day Patch Host David Shipley reports Meta says 20,225 Instagram accounts were hijacked after an AI support tool was tricked into sending reset links to attacker-controlled emails, with only MFA-protected accounts resisting. Step Security details a new Miasma-derived worm wave called Hades that targets config files for 14 AI coding tools, can inject instructions to hijack assistants, lies to AI security tools, and includes a "dead man switch" wipe if stolen GitHub tokens are revoked; Microsoft also removed some GitHub repos after 73 open-source projects were compromised to inject an info stealer. University of Toronto and Vector Institute researchers demonstrated an AI worm using a free local model that spread across a simulated network via known flaws and misconfigurations. Google issued an emergency Chrome patch for actively exploited CVE-2026-11645 in V8, and insurers are tightening claims scrutiny and increasingly excluding AI-related liabilities. 00:00 Instagram AI Hack Fallout 01:36 AI Worm Hades Evolves 02:55 Microsoft Repo Compromise 03:54 Lab Built AI Worm Demo 05:27 Emergency Chrome Zero Day 07:07 Cyber Insurance Tightens Up 08:02 AI Liability Coverage Shrinks 09:16 Wrap Up and Sign Off
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - シリアの収容所から、武装組織イスラム国(IS)と関係のあるオーストラリア人の女性と子ども32人が帰国しました。地域社会の安全を懸念する声のほか、リスクを持つ個人にCVE(暴力的過激主義対策)プログラムへの参加を義務付けるべきだとの声が上がっています。SBSの日本語放送は火木金の午後1時からSBS3で生放送!火木土の夜10時からはおやすみ前にSBS1で再放送が聞けます。SBS日本語放送ポッドキャストから過去のストーリーを聞くこともできます。無料でダウンロードできるSBS Audio Appもどうぞ。SBS 日本語放送のFacebookとInstagramもお忘れなく。
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - 32 phụ nữ và trẻ em từ Syria, có liên hệ với nhóm tự xưng Nhà nước Hồi giáo (IS), vừa hồi hương, đã làm dấy lên lo ngại về an ninh cộng đồng và mở màn các cuộc thảo luận về hoạt động chống chủ nghĩa cực đoan bạo lực (CVE) bắt buộc đối với những cá nhân có nguy cơ cao.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - Die Rückkehr von 32 Frauen und Kindern aus Syrien, die der selbsternannten Gruppe des Islamischen Staates angehören, hat in der Gemeinschaft Sicherheitsbedenken und Diskussionen über verpflichtende Aktivitäten zur Bekämpfung des gewalttätigen Extremismus (Countering Violent Extremisms, CVE) für gefährdete Personen ausgelöst.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - Powrót 32 kobiet i dzieci z Syrii, którzy są powiązani z samozwańczą grupą Państwa Islamskiego, wywołał obawy dotyczące bezpieczeństwa społeczności i wiele dyskusji na temat obowiązkowych działań przeciwdziałania brutalnemu ekstremizmowi (CVE) dla osób zagrożonych.Posłuchaj audycji radiowej w dowolnym czasie, naciśnij tutajSłuchaj audycji radia SBS Polish na żywo w poniedziałki, środy, czwartki, piątki i niedziele o godz. 14.00 (czasu wschodnioaustralijskiego) na paśmie SBS Radio 1 (Audycja czwartkowa jest powtarzana w niedzielę o godz. 14.00)Aby słuchać w radiu analogowym znajdź pasmo SBS Radio 1 naciskając link: Pasmo nadawania audycji w Twoim mieścieAby słuchać w radiu cyfrowym DAB znajdź 'SBS Radio1'Aby słuchać w telewizji cyfrowej znajdź: SBS Radio 1 na kanale 301Aby słuchać w internecie wejdź na stronę: SBS Polishalbo naciśnij: Polskie Radio SBS i PodcastyAby sluchać w Twoim telefonie przez aplikację - zainstaluj bezpłatną aplikację SBS Audio App
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - 32名与“伊斯兰国”组织有关联的女性和儿童从叙利亚返回澳大利亚,引发了外界对社区安全的担忧,并围绕是否应对高风险个体实施强制性的反暴力极端主义项目(CVE)展开讨论。(点击上方收听音频)
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - Повернення 32 жінок та дітей із Сирії, пов'язаних із самопроголошеним угрупованням "Ісламська держава", викликало занепокоєння щодо безпеки громади та дискусії щодо обов'язкових заходів із протидії насильницькому екстремізму (CVE) для осіб, які перебувають у групі ризику.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - Kendini İslam Devleti olarak ilan eden grupla bağlantılı 32 kadın ve çocuğun Suriye'den dönüşü, toplum güvenliği konusunda endişelere ve risk altındaki bireyler için zorunlu Şiddet İçeren Aşırılıkla Mücadele (CVE) faaliyetleri konusunda tartışmalara yol açtı.
Podcast: Industrial Cybersecurity InsiderEpisode: Is Your IIoT Strategy Creating More Security Risks?Pub date: 2026-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino address one of the most overlooked problems in OT security: the IIoT devices your security tools don't automatically detect.Most OT intrusion detection platforms do a reasonable job of identifying core control-layer assets such as PLCs, drives, and motor control centers. The problem is everything else. Laptops plugged into the network, third-party devices brought in by contractors, and a growing range of connected IIoT equipment often go completely undetected. Those are the gaps where risk accumulates.Craig and Dino explain why the belief that machines are air-gapped is a dangerous myth, how PLCs acting as gateways prevent intrusion detection platforms from seeing the devices behind them, and why an asset inventory is not the same as knowing your real risk and CVE exposure in multi-vendor environments.They reframe OT cybersecurity as a process-integrity problem and show how unmanaged network activity, third-party remote access, and even routine IT security scans can quietly degrade OEE and trigger unplanned downtime that costs millions.Using predictive-maintenance analogies such as thermal, harmonics, and vibration sensing, they make the case for treating digital anomalies the same way mature plants already treat mechanical ones.They close by examining why so many OT detection tools become shelfware, how to escape alert fatigue, and the two practical paths to real IT/OT convergence: building the right relationships with OEMs, system integrators, and AEC partners, and designing security-ready facilities from the ground up.It's a practical listen for CISOs, plant and engineering leaders, and OT/IT teams responsible for securing manufacturing and critical infrastructure.Chapters:(00:00:00) - Why No Industrial Asset Is Truly Air-Gapped(00:01:08) - IoT vs. IIoT: How OT Assets Get Classified(00:03:15) - The Control-Layer Blind Spot: Drives, Robots, and Motor Controls(00:05:25) - How PLC Gateways Hide Assets From Intrusion Detection(00:07:30) - Asset Inventory Isn't Risk: The CVE Gap in Multi-Vendor Plants(00:08:55) - When Cyber Blind Spots Become Costly Downtime(00:10:05) - Process Integrity: How Security Scans Disrupt Production(00:11:35) - Predictive Maintenance Meets Digital Anomaly Detection(00:17:45) - Avoiding OT Shelfware and Alert Fatigue(00:19:45) - IT/OT Convergence: Choosing a Partner and Building Secure-by-DesignLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Meta exposes 20,000 Instagram accounts through a support tool bug. CISA warns of active attacks on SolarWinds Serv-U. WordPress sites face takeover through a widely used plugin. A new Gafgyt variant broadens its reach. Pink extortionists steal cloud data with vishing and legitimate tools. Plus, allegations against IBM and AT&T, a dark web drug dealer gets 26 years, and the Monday business brief. Tim Starks from CyberScoop discusses the ongoing debate over staffing and budget cuts at CISA. NATO lets Ukraine play the bad guy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We are joined by Tim Starks from CyberScoop, who is discussing the ongoing debate over staffing and budget cuts at CISA, the political battles surrounding the agency's future, and what the Trump administration's plans could mean for U.S. cybersecurity efforts. Selected Reading Meta AI Bug Exposes Over 20,000 Instagram Accounts (Infosecurity Magazine) NSO Group back in Meta's crosshairs after alleged WhatsApp targeting (The Register) CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) (Help Net Security) Everest Forms Vulnerability Exploited to Hack WordPress Sites (SecurityWeek) C0XMO botnet spreads via DD-WRT router flaw, kills rival malware (Bleeping Computer) New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams (Hackread) Ex-Threat Intel Exec Accuses IBM and AT&T of Hiding Hacks (GovInfo Security) California man sentenced to over 26 years for dark web drug trafficking (SC Media) AI observability platform Coralogix raises $200 million in a Series F round. (N2K Pro Business Briefing) Nato narrowly beats Russia-style enemy in cyber attack simulation (Financial Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - Le retour de 32 femmes et enfants de Syrie, liés au groupe autoproclamé « État islamique », a suscité des inquiétudes quant à la sécurité de la communauté et donné lieu à des débats sur les mesures obligatoires de lutte contre l'extrémisme violent (CVE) destinées aux personnes à risque.
The return of 32 women and children from Syria, who are linked to the self-proclaimed Islamic State group, has prompted concerns around community safety and discussions around mandatory Countering Violent Extremism (CVE) activities for at-risk individuals. - أثارت عودة 32 امرأة وطفلاً من سوريا إلى أستراليا، ممن يرتبطون بتنظيم الدولة الإسلامية المعروف بـ "داعش"، مخاوف واسعة النطاق حول سلامة المجتمع، وفتحت الباب مجدداً أمام مناقشات مكثفة بشأن إلزامية أنشطة مكافحة التطرف العنيف (CVE) للأفراد المصنفين كمعرضين للخطر.
Puntata 618 con Marco e Giuliana in conduzione.Iniziamo dalla scoperta del mesone Bc*+ , stato eccitato del mesone Bc da parte dell'esperimento ATLAS al CERN.Per approfondire:- REFERENCE PAPER: https://arxiv.org/pdf/2605.16228- https://koppenburg.ch/particles.htmlUna canzone può davvero mandare in crash un computer? Ian parte da un brano “Rythm Nation” di Janet Jackson del 1989 e, insieme a Leonardo, fa un deep dive tra frequenze di risonanza, hardware e fenomeni un po' inaspettati.Per approfondire:- CASO NIST - CVE-2022-38392: https://nvd.nist.gov/vuln/detail/CVE-2022-38392- BRANO: Janet Jackson - Rhythm Nation https://www.youtube.com/watch?v=OAwaNWGLM0c&list=RDOAwaNWGLM0c&start_radio=1- REFERENCE PAPER: https://eng.sut.ac.th/me/JRAME/images/Document/06paper4.pdf- ADAM NEELY: https://www.youtube.com/watch?v=-y3RGeaxksY&t=109sLast but not least, continuiamo con un po' di fisica e domande esistenziali che partono dall'equazione di Dirac.Diventa un supporter di questo podcast: https://www.spreaker.com/podcast/scientificast-la-scienza-come-non-l-hai-mai-sentita--1762253/support.
Today's brief leads with Orange County, where Garden Grove's GKN Aerospace hazmat emergency de-escalates and all evacuation orders lift, returning the final 16,000 residents home with no injuries. New Mexico's Seven Cabins Fire reaches 64 percent containment and Lincoln County rescinds all evacuations. CISA adds an actively exploited vulnerability to its KEV catalog, the central United States faces a multi-day severe-weather threat, Kilauea holds at ADVISORY, and FEMA assistance deadlines approach in Washington and Hawaii. EM Morning Brief is your concise daily update on national and state-by-state emergency management news. Produced by Sitch Radio, an EOC Voices podcast.Key Takeaways• California hazmat: All Garden Grove GKN Aerospace evacuation orders lifted June 4; about 16,000 residents returned, no injuries, but tank cleanup remains delayed.• New Mexico wildfire: Seven Cabins Fire at ~31,867 acres and 64% contained; all evacuations rescinded June 4; Capitan Mountain forest closure still in effect.• Cyber / CISA: CISA added CVE-2026-45247 (Mirasvit) to the KEV catalog June 3 with an active-exploitation flag and a federal remediation deadline.• Severe weather: NWS and SPC flag a multi-day large-hail, wind, tornado, and flash-flood threat across the central Plains and mid-Mississippi Valley through the weekend.• Volcano: Kilauea remains at ADVISORY / Aviation Color Code YELLOW; eruption paused, episode 49 possible within ~10 to 15 days of June 1.• FEMA deadlines: Washington December-storm applications close June 10; Hawaii Kona Low Individual Assistance closes June 14.• Lifelines: City of Aiken, SC water main break June 4 affected ~60 connections; precautionary boil-water advisory to follow restoration.SponsorsThe NIMS Store - https://thenimsstore.com/SourcesNIFC / Wildfire• NIFC Incident Management Situation Report — National daily wildfire situation report and preparedness level• NIFC National Fire News — National wildland fire activity summaryCISA• CISA Adds One Known Exploited Vulnerability to Catalog (June 3, 2026) — CVE-2026-45247 Mirasvit deserialization flaw added to KEV• CISA Known Exploited Vulnerabilities Catalog — Authoritative KEV catalog and remediation deadlinesUSGS — Volcano• USGS Kilauea Volcano Updates — Hawaiian Volcano Observatory status and alert level for KilaueaSevere Weather• NWS National Forecast — National Weather Service hazards and severe-weather summary• SPC Day 1 Convective Outlook — Storm Prediction Center severe-weather outlook for the central U.S.Tropical / NHC• National Hurricane Center — Atlantic and Eastern Pacific tropical weather outlooksFEMA• FEMA — Hawaii Kona Low deadline extended to June 14 — Individual Assistance deadline for Maui and Honolulu counties• FEMA — One month remains to apply in Washington — June 10 deadline for December storms and floodingUSGS — Earthquakes• USGS Significant Earthquakes — 2026 — No significant U.S. seismic events in the last 24 hoursCalifornia• ABC7 — Garden Grove chemical tank updates — OCFA lifts all evacuation orders June 4; residents return• City of Garden Grove — Hazardous Materials Incident — Official municipal incident information pageNew Mexico• NM Fire Info — Lincoln County rescinds Seven Cabins evacuations (June 4) — Evacuation orders rescinded; acreage and containment update• Lincoln National Forest — Fire — Forest Service fire and closure informationSouth Carolina• City of Aiken — Water Main Break Advisory (June 4) — York Street NE main break affecting ~60 connections This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit emnetwork.substack.com/subscribe
A bi-weekly news show informing you on the latest in Bitcoin, privacy and open source tech hosted by Ungovernables, Max and Q. AOBFTF with ZachQ eurotripNew Foundation websiteNEWSU.S. Treasury seizes nearly 1B in Iran-linked crypto, Tether freezes 344M USDT on Tron https://bitcoinmagazine.com/news/u-s-treasury-the-united-states-iranThe Mined in America Act would put the Bitcoin network at riskhttps://www.therage.co/mined-in-america-act-bitcoin-at-risk/CVE in Core Lightning: Optech #407 disclosurehttps://bitcoinops.org/en/newsletters/2026/05/29/Introducing Cube: Burak unveils a trustless Bitcoin smart contract L2https://medium.com/cube-bitcoin/introducing-cube-8b3702e470a5Published: May 2026Anonymous plaintiff sues for title to $293 billion in dormant Bitcoinhttps://bitcoinmagazine.com/news/anonymous-plaintiff-seeks-legal-bitcoinPublished: 2026-05-28The U.S. Constitution inscribed on the Bitcoin blockchain via expanded OP_RETURN https://bitcoinmagazine.com/news/someone-inscribed-the-constitution-bitcoinPublished: 2026-05-29RELEASESBitcoin Protocol, Core, Knots, SecurityCore Lightning v26.06rc2 — 2026-05-22Release candidate 2 for CLN 26.06. Documentation and gRPC interface refinements on top of rc1's graceful command, sendamount RPC, and BOLT12 payer-proof support. Routing-node operators should test on a non-production node before adopting.Eclair 0.14.0 — 2026-05-21Significant Lightning release from ACINQ. Final versions of channel splicing, simple taproot channels, and zero-fee commitments all ship in this version. This is the Eclair side of the same protocol work showing up in CLN and LDK. If you run an Eclair routing node, this is the upgrade to track.Hardware Signers and Hardware-Wallet AppsColdcard MK5 launch — 2026-05-29New flagship hardware. Larger Gorilla Glass screen, redesigned buttons, improved NFC, dual secure element architecture retained. Already supported in Bitcoin Safe 2.0.0rc0 from earlier this fortnight.Frostsnap 0.3.0 — 2026-05-27Headline change: deterministic firmware build with cryptographic digest verification. So end users can independently verify the firmware binary matches the source. That is the right direction for any hardware signer carrying real money.Keystone 3 v2.4.4 — 2026-05-26Wallet connection removal, Zcash SLIP39 support added, device verification fixes.Trezor Suite v26.5.1 — 2026-05-27 (FTD re-surfacing)Adds ERC-681 QR code support in the send form. Show editorial: only relevant if you use Trezor for Ethereum-side workflows, not a Bitcoin-only change.Ledger Live Desktop 4.5.0 — 2026-05-21Bridge integration refactoring across desktop and mobile.Ledger Live Mobile 4.6.0 — 2026-05-28Async API updates and bridge resolution improvements.Software WalletsSparrow Wallet 2.5.0 — 2026-05-21Headline feature: Silent Payments receiving wallets, including support for airgapped hardware wallet signers. Adds frigate.2140.dev as a Silent Payments capable public Electrum server, auto-selected when required. Plus a BIP32 derivation fallback when retrieving signing nodes for high-index inputs. This is the biggest privacy upgrade of the fortnight in any consumer-facing Bitcoin wallet, and the airgapped-signer support means Coldcard and similar users get it without going hot.Sparrow Frigate 1.5.3 — 2026-05-30Adds a privacy-preserving hourly aggregate of historical scan stats, locally generated server.features response when the backend returns a method-not-found error, improvements to the hosts field in server.features.Bitcoin Seed Tool 2.3.0 — 2026-05-19 (borderline, in grace)Educational interface redesign with violet accent color and integrated learning features.Nunchuk Android 2.5.2 — 2026-05-27"Bug fixes and improvements," nothing detailed publicly.Liana Business v0.1 — 2026-05-20First alpha of Liana's business product line. Environment variable support for signet testing. New product tier from Wizard Sardine for business-focused multisig with timelocked recovery.Peach Bitcoin 0.69.0 (build 350) — 2026-05-19Encrypted backup of custom payout addresses, restoration guidance, camera permission fix, push notification translations.Lightning, L2, ScalingPhoenix 2.8.0 — 2026-05-22UI fixes on Android: scanning inverted QR codes, a button to use the entire available balance when paying Lightning.Phoenixd 0.8.0 — 2026-05-20Upgraded lightning-kmp dependency to 1.12.0.ZEUS 13.0.2 — 2026-05-21Stable release of the RC chain we previewed last fortnight. New default RGS server at rgs.zeusln.com with 15-minute graph updates instead of 3-hour. Improved clipboard, NFC, UI improvements.Arkade arkd v0.9.6 — 2026-05-26Package and component renaming, CI workflow improvements, golang version bump.Arkade TS SDK @arkade-os/sdk 0.4.32 — 2026-05-29Maintenance bump.Arkade TS SDK @arkade-os/boltz-swap 0.3.37 — 2026-05-29Maintenance bump on the Boltz-swap helper.ThunderHub v0.18.4 — 2026-05-29Native display formatting for trading distribution, better CLTV headroom in route building.Blink Mobile 2.4.49 — 2026-05-30Bug fix: removes ABI-prefixed versionCode overrides.LNbits v1.5.5-rc1 — 2026-05-24Release candidate.Mostro v0.17.4 — 2026-05-22Payout confirmation to winner, solver-directed dispute slash, concurrent taker bonds with first-to-lock wins, MOSTRO_NSEC_PRIVKEY environment variable, Yadio price tolerance fix.Bisq v1.10.1 — 2026-05-30Raises trade amount limits to 0.250 BTC after the v1.10.0 post-exploit reset. Adjusts risk-based reduction factors. Fixes a BSQ swap validation bug.Bisq v1.10.0 — 2026-05-17 (carries over from last fortnight as final tag on cutoff day)The post-incident hardening release we covered last fortnight: trade protocol validation, PGP supply-chain verification, 0.125 BTC initial cap, macOS Apple Silicon support.EcashCashu TS v4.5.1 — 2026-05-23Deprecates the current checkProofsStates method in favour of a v5-compatible one. Wallet builders should plan the migration.Fedimint SDK canary release — 2026-05-27React Native transport: flattened RPC payload, persistent callback. Rolling canary channel.Bitcoin Dev InfrastructureBDK FFI 3.0.0 — 2026-05-29Major version of the BDK language bindings. Anyone shipping a wallet on top of BDK should read the migration notes carefully.Liquid GDK 0.77.4 — 2026-05-27Rate-limiting error handling, Rust dependency updates, UTXO retrieval fixes, build improvements.Self-Hosting and Sovereignty InfraJoinMarket-NG 0.31.1 — 2026-05-30Privacy-critical fix: prevents a Sybil DoS where relayed !hp2 floods could starve a maker's own post-ioauth commitment broadcasts. Also installs whiptail in maker and taker container images so the jm-ng TUI works out of the box. JoinMarket-NG continues to ship hardening on a tight cadence.Tor Browser 15.0.14 — 2026-05-19 (borderline, in grace)Important Firefox security updates rolled in.Mullvad Browser 15.0.14 — 2026-05-19 (borderline, in grace)Firefox 140.11.0esr base, NoScript 13.6.19.1984.Nostr (Bitcoin-relevant)Amethyst 1.11.0 — 2026-05-20Restores Lightning Address and LNURL fields in Edit Profile. Useful: those fields were missing for a stretch and creators relying on zaps as a revenue stream were getting cut off in profile edits.EDUCATIONTFTC retrospective: Why Keonne Rodriguez is in prison for building Samourai Wallet — 2026-05-28Bitcoin Optech Newsletter #407 — 2026-05-29CLN vulnerability disclosure (already in news), transcripts from a May Bitcoin Core developer meeting covering SwiftSync, cluster mempool, Erlay redesign, package relay. Eclair 0.14.0 and CLN 26.06rc2 release context.Bitcoin Optech Newsletter #406 — 2026-05-22BIP322 advances to Complete status with human-readable prefixes and PSBT support. TCP hole punching for Bitcoin nodes behind NATs (we flagged this Delving Bitcoin thread last fortnight). Services section highlights Ibis Wallet (BDK-based with coin control and Tor), LDK Server, Mempool.space taproot visualization.Bitcoin Optech #406 recap podcast — 2026-05-26Discussion of BIP322 updates, TCP hole punching, Ibis Wallet, LDK Server, Mempool.space v3.3.0, peer-observer infrastructure.Bitcoin Optech #405 recap podcast — 2026-05-19Bitcoin Core CVE-2024-52911 discussion and the UTXO-set P2P sharing draft BIP with Fabian Jahr.Rainey's book on financial censorshipMentioned by Gladstein on 2026-05-21 as quoting his work on the war on cash and the blocksize war. Plug in education / further reading.TO DONATE TO ROMAN'S DEFENSE FUND: https://freeromanstorm.com/donateHELP GET SAMOURAI A PARDONSIGN THE PETITION ----> https://www.change.org/p/stand-up-for-freedom-pardon-the-innocent-coders-jailed-for-building-privacy-tools DONATE TO THE FAMILIES ----> https://www.givesendgo.com/billandkeonneSUPPORT ON SOCIAL MEDIA ---> https://billandkeonne.org/VALUE…
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Announcing Bitskrieg https://deadeclipse666.blogspot.com/2026/05/announcing-bitskrieg.html Vulnerability in Gogs https://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/ Oracle Critical Security Patch Update Advisory - May 2026 https://www.oracle.com/security-alerts/cspumay2026.html GlobalProtect Authentication Bypass Vulnerabilities CVE-2026-0257 https://security.paloaltonetworks.com/CVE-2026-0257
Topics covered in this episode: CVE-2026-48710: A Maintainer's Perspective daily-stars-explorer Markdown to pdf with pandoc and typst postman2pytest Extras Joke Watch on YouTube About the show Brian #1: CVE-2026-48710: A Maintainer's Perspective Marcelo Trylesinski suggested by Lee Luocks Short version: users of Starlette: upgrade to Starlette 1.0.1 security professionals: we can't treat open source projects like corporations This top link is a Starlette security advisory with the title Missing Host header validation poisons request.url.path, bypassing path-based security checks The CVE apparently caused some negative press targeting starlette. However, “the vulnerability came from the application pattern and the deployment, never from something Starlette intended.” A quote from an OSTIF article: “This bug is a classic “responsibility gap” where if this maintainer didn't patch, thousands of exposed projects would have to individually secure their projects. In doing this work, they've voluntarily taken on the responsibility to protect the ecosystem from long-term systemic harm. As with all open source projects, they owed us nothing and could have left this to be everyone else's problem and took the extraordinary steps of helping the ecosystem.” Both X40 D-Sec and Ars Technica expected immediate fixes and responses from Starlette. That's not good. We can do better. Michael #2: daily-stars-explorer Explore the full history of any GitHub repository.
Originally recorded: Friday May 29, 2026In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.A large-scale software supply chain attack dubbed “Megalodon” infected thousands of GitHub repositories with credential-stealing malware in a highly automated campaign that unfolded over a six-hour period on May 18, 2026.Researchers from OX Security have identified a malicious npm package named “mouse5212-super-formatter” that was designed to steal files from Anthropic Claude AI environments by targeting the “/mnt/user-data” directory.Convenience store giant 7-Eleven disclosed a data breach tied to an attack that occurred on April 8, 2026, involving systems that contained franchise-related documents. SecurityWeek article Matt references.CISA has issued an urgent warning about a critical vulnerability in the LiteSpeed cPanel Plugin, tracked as CVE-2026-48172, which is already being actively exploited in the wild.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform.This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io.
Microsoft's dispute with a former security researcher takes a dramatic turn as the company raises the possibility of criminal action over the publication of proof-of-concept code for unpatched zero-day vulnerabilities. David Shipley examines the escalating conflict between Microsoft and "Nightmare Eclipse," the criticism from prominent security researchers including Kevin Beaumont and Katie Moussouris, and what the controversy could mean for the future of vulnerability disclosure. Cybersecurity Today would like to thank Material Security for sponsoring this podcast. Material Security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. You can contact them at material[dot]security. The episode also explores a new category of insider risk after U.S. prosecutors charged Google security engineer Michael Spagnuolo with allegedly using confidential Google search trend data to earn more than $1.2 million on the prediction market Polymarket. The case highlights how prediction markets may create unexpected incentives around non-financial corporate information. Also covered: active exploitation of Palo Alto Networks' GlobalProtect VPN authentication bypass vulnerability CVE-2026-0257, now added to CISA's Known Exploited Vulnerabilities (KEV) catalogue, and a malware campaign that abuses legitimate ChatGPT sharing pages and Google Ads to trick users into downloading malicious software. Researchers also report similar abuse of Anthropic's Claude Artifacts feature. Chapters 00:00 Top Headlines Rundown 00:26 Microsoft vs Zero-Day Researcher 01:28 Responsible Disclosure Fallout 03:32 Why This Dispute Matters 04:32 Polymarket Insider Trading Case 06:07 Prediction Markets Create New Insider Risks 06:55 Palo Alto VPN Authentication Bypass 08:25 ChatGPT Pages Used to Deliver Malware 09:51 Wrap Up and Sign Off Cybersecurity Today is Canada's leading daily cybersecurity news podcast, covering ransomware, vulnerabilities, nation-state threats, cybercrime, security research, privacy, and critical infrastructure security. #Cybersecurity #Microsoft #PaloAltoNetworks #ChatGPT #OpenAI #Google #Polymarket #ThreatIntelligence #InfoSec #CyberSecurityToday
The latest In Touch With iOS Dave Ginsburg is joined by Jeff Gamet, Guy Serle, Marty Jencius, Jill McKinley, and Eric Bolden to talk Apple's latest beta releases, Vision Pro gaming with Steam Link and PS5 Remote Play, Siri and AI rumors for iOS 27, Mac hardware news, CarPlay customization tips, Apple Wallet IDs, Thunderbolt 5 docks, and much more as WWDC 2026 gets closer. The show notes are at InTouchwithiOS.com Direct Link to Audio Links to our Show Give us a review on Apple Podcasts! CLICK HERE we would really appreciate it! Click this link Buy me a Coffee to support the show we would really appreciate it. intouchwithios.com/coffee Another way to support the show is to become a Patreon member patreon.com/intouchwithios Website: In Touch With iOS YouTube Channel In Touch with iOS Magazine on Flipboard Facebook Page BlueSky Mastodon X Instagram Threads Summary In this episode of In Touch With iOS, Dave Ginsburg is joined by Jeff Gamet, Guy Serle, Marty Jencius, Jill McKinley, and Eric Bolden for a fun and wide-ranging discussion covering the latest Apple news, rumors, tips, and plenty of laughs as WWDC 2026 quickly approaches. The show kicks off with discussion around Apple's latest beta releases for iOS, iPadOS, macOS, visionOS, watchOS, and tvOS. While the updates appear mostly focused on bug fixes and stability improvements, the panel speculates Apple may already be quietly laying groundwork for major WWDC announcements behind the scenes. Vision Pro continues to dominate conversation this week with the arrival of the native Steam Link app, giving users a new way to stream PC games directly into Apple's headset. The panel discusses the growing gaming possibilities for Vision Pro, including PS5 remote play support and whether Apple's expensive headset could eventually become a more serious entertainment and gaming platform. Leaked images of black Vision Pro components also spark speculation about possible future hardware revisions or prototype devices Apple may still be testing internally. Security and messaging updates are another major focus this week. The crew discusses Apple's expanded transparency around CVE security reporting, encrypted RCS messaging support in Messages, and how users can verify end-to-end encryption is active. The conversation quickly turns humorous as the group debates Apple's new alerts for users who max out blocked contacts, leading to stories about spam texts, political messages, and the endless battle against robocalls. On the Mac side, the panel covers the M5 MacBook Air reaching one of its lowest prices yet, making it an especially attractive option for Apple users looking to upgrade. Dave also shares excitement about the massive Virtual OS Museum project, which allows users to explore and run classic operating systems from decades past, including older versions of macOS, Windows, Linux, Atari, and more. The discussion then shifts into AI and Apple's future plans. OWC's upcoming Stack AI hardware generates interest as the panel explores how local AI processing and large language models may shape the future of Mac hardware. From there, the conversation moves into new rumors surrounding iOS 27, including reports of a redesigned Siri experience, a standalone chatbot-style Siri app, Dynamic Island integration ideas, and Apple's ongoing effort to compete in the rapidly evolving AI space. The panel debates whether Apple is truly behind competitors like ChatGPT and Gemini, or simply pursuing a more privacy-focused and ecosystem-driven approach. The crew also spends time discussing Apple's redesigned app icons and the growing confusion surrounding Creative Studio apps like Final Cut Pro and Logic Pro. Jeff Gamet passionately argues Apple has "completely lost the plot" with icon design, while Marty Jencius defends the idea of evolving aesthetics, leading to one of the funniest debates of the episode. Practical user tips round out the show, including how to customize CarPlay layouts, manage widgets and apps, enable 120Hz ProMotion refresh rates on iPhone, and use Apple Wallet driver's licenses in supported states. The panel shares real-world experiences using digital IDs and Apple Pay, including a hilarious story about a cashier insisting Apple Pay users still needed to "pay with money." Finally, the crew previews Macstock 2026 and Creator Camp, encouraging listeners to join the Apple community event this summer. With discussions covering Vision Pro gaming, Siri rumors, AI strategy, CarPlay, Mac hardware, Apple Wallet, and much more, Episode 425 delivers another packed week of Apple news, insight, and entertaining conversation from the In Touch With iOS team. Topics and Links In Touch With Vision Pro this week. visionOS 26.6 Beta Release Notes | Apple Developer Documentation The native Steam Link app for Apple Vision Pro is now available More All-Black Apple Vision Pro Parts Surface Online Apple Vision Pro & PlayStation 5 are the perfect combo with Portal Remote Play app Beta this week. iOS 26.6 Beta 1 was released this week Apple Seeds First iOS 26.6 and iPadOS 26.6 Betas to Developers Apple Releases First watchOS 26.6, tvOS 26.6 and visionOS 26.6 Betas Apple adds new CVE details to several macOS, iOS, iPadOS, visionOS, and watchOS updates iOS 26.5 gave Messages app encrypted RCS, here's how to check it's working iOS 26.6 Will Alert You When You've Maxed Out Blocked Contacts Apple Releases New Firmware for AirTag 2 In Touch With Mac this week First macOS Tahoe 26.6 Beta Now Available for Developers Apple's M5 MacBook Air Hits New Low Price of $899.99 The Virtual OS Museum is a fantastic project that lets you run Mac OS, A/UX, NeXTSTEP, more We have many questions about OWC's new Stack AI speed booster Add multiple high-res screens to your Mac with these new Thunderbolt 5 docks Other Topics Apple Updates Trade-In Values for iPhone, iPad, Mac, and Apple Watch Apple Publishes Document to Help Users Tell Creator Studio Apps Apart Leaks: iOS 27 leak reveals new Siri design, Camera app, more Detailed iOS 27 renders show Siri's big makeover iPadOS 26.5 has convenient upgrade when using Magic Keyboard, more Tips Time Permitting Tips to customize CarPlay for your vehicle How to Activate 120Hz Refresh Rate on iPhone News Apple Just Expanded iPhone Driver's License Feature to 14th U.S. State After the Whistle with Brendan Hunt and Rebecca Lowe returns Announcements Macstock X is here celebrating its 10th anniversary ! Dave, Chuck, Jeff, Marty, and Jill are all speaking this year!. With Three Full Days of expert-led Presentations and Workshops, Macstock's sessions are crammed full of productivity-enhancing content. NEW this year is a partnership with sponsor Ecamm. Ecamm Creator Camp: Mac Edition on July 9, 2026 there are only 100 tickets available for the bundle. There are 2 passes available: Macstock weekend pass July 10,11,12, 2026 or the Macstock Ecamm Bundle starting July 9 (only 100 tickets available) Come join us. Register HERE and use our offer code INTOUCH to save $50 Our Host Dave Ginsburg is an IT professional supporting Mac, iOS and Windows users and shares his wealth of knowledge of iPhone, iPad, Apple Watch, Apple TV and related technologies. Visit the YouTube channel https://youtube.com/intouchwithios follow him on Mastodon @daveg65, , BlueSky @daveg65 and the show @intouchwithios Our Regular Contributors Jeff Gamet is a podcaster, technology blogger, artist, and author. Previously, he was The Mac Observer's managing editor, and Smile's TextExpander Evangelist. You can find him on Mastadon @jgamet Pixelfed @jgamet@pixelfed.social and Bluesky @jgamet.bsky.social Podcasts The Context Machine Podcast Retro Rewatch Retro Rewatch His YouTube channel https://youtube.com/jgamet Website: https://jeffgamet.com Marty Jencius, Ph.D., is a professor of counselor education at Kent State University, where he researches, writes, and trains about using technology in teaching and mental health practice. His podcasts include Vision Pro Files, The Tech Savvy Professor and Circular Firing Squad Podcast. Find him at jencius@mastodon.social https://thepodtalk.net Eric Bolden is into macOS, plants, sci-fi, food, and is a rural internet supporter. You can connect with him by email at eabolden@mac.com, on Mastodon at @eabolden@techhub.social, on his blog, Trending At Work, and as co-host on The Vision ProFiles podcast. Jill McKinley works in enterprise software, server administration, and IT A lifelong tech enthusiast, she started her career with Windows but is now an avid Apple fan. Beyond technology, she shares her insights on nature, faith, and personal growth through her podcasts—Buzz Blossom & Squeak, Start with Small Steps, and The Bible in Small Steps. Watch her content on YouTube at @startwithsmallsteps and follow her on X @schmern. Find all her work at http://jillfromthenorthwoods.com Chuck Joiner is the host of MacVoices and hosts video podcasts with influential members of the Apple community. Make sure to visit macvoices.com and subscribe to his podcast. You can follow him on Twitter @chuckjoiner and join his MacVoices Facebook group. Guy Serle is one of the hosts of the new The Gmen Show along with GazMaz and email GMenshow@icloud.com @MacParrot and @VertShark on X Vertshark on YouTube, Google Voice +1 Area code 703-828-4677
This episode covers a CISA contractor's accidental exposure of AWS GovCloud credentials and internal system details on GitHub, the FBI's efforts to patch vulnerable routers, and a critical NGINX vulnerability with public proof-of-concept code. The team also discusses Microsoft's handling of a disputed Azure Backup security finding, the challenges of vulnerability disclosure and CVE assignment, and GitHub's ban of security researcher Nightmare Eclipse following the publication of unpatched Windows vulnerability research.Join us LIVE on Mondays, 4:30pm EST.A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.https://www.youtube.com/@BlackHillsInformationSecurityChat with us on Discord! - https://discord.gg/bhis
This week we have a technical segment focused on Linux! Paul released a script that helps you get a handle on Linux supply chain security, and new features allow you to assess the state of Secure Boot on your Linux systems (that also use MS certificates, ironically). The script is in his Git repo: https://github.com/pasadoorian/Linux_Hacks. In the security news: The CVE chase The new security basics Enterprises are lacking more than AI Detections are falling behind Why DOOM!?! Chromium vulnerability The ambitious Flipper One I'm still curious who was behind these leaks Mitre moves Caldera to Apache foundation Wind cybersecurity PQC updates YellowKey Bitlocker Bypass updates The software supply chain is in deep trouble Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-928
Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Possible ACR Stealer From Page Impersonating Claude https://isc.sans.edu/diary/Possible%20ACR%20Stealer%20From%20Page%20Impersonating%20Claude/33018 Microsoft SharePoint Remote Code Execution Vulnerability CVE-2026-45659 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 Multiple Vulnerabilities in Angular Language Service VS Code Extension https://github.com/angular/angular/security/advisories/GHSA-ccq4-xmxr-8hcq
Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com
Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com
Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com
Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com
Mozilla found 271 unknown Firefox vulnerabilities in days using AI—bugs that millions of automated test runs had missed for years. Steve Gibson argues this isn't a crisis. It's the industry finally paying down decades of security debt, and for the first time, defenders may have the advantage. Cisco meets Mythos Can the aging CVE system survive AI Patch deployment latency in the AI age MSFT's official YellowKey BitLocker bypass mitigation Ubiquiti patches 5 serious vulnerabilities Drupal attacked by a PostgreSQL injection Microsoft terminates SMS as a second factor GitHub hacked - all of its source code exfiltrated Russia is using very old Western software Why to get a no-charge AI chatbot account New Sci-Fi on Netflix What we learn from Mozilla's use of Mythos Show Notes - https://www.grc.com/sn/SN-1080-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free audio and video feeds, a members-only Discord, and exclusive content. Join today: https://twit.tv/clubtwit Sponsors: guardsquare.com doppel.com cyberhoot.com/securitynow trustedtech.team/securitynow365 XBOW.com
CISA has ordered U.S. federal civilian agencies to urgently patch an actively exploited critical Drupal SQL injection vulnerability (CVE-2026-9082) affecting PostgreSQL-backed Drupal deployments, after Imperva reported more than 15,000 attack attempts across 65 countries. Microsoft has confirmed a strange Windows Server 2016 update issue where KB5087537 can break domain controller discovery when server hostnames are exactly 15 characters long, raising more questions about patch reliability as update complexity grows. Google has joined a coalition opposing Canada's proposed lawful access legislation, Bill C-22, warning that secret ministerial orders, possible encryption risks, and mandatory metadata retention could weaken security rather than improve it. Critics point to the Salt Typhoon telecom espionage campaign as evidence that lawful intercept systems themselves can become prime targets. Also in this episode: Check Point says Iran-linked threat group Nimbus Manticore has deployed new malware tools including MiniFast and MiniJunk V2, with researchers noting signs that MiniFast may have been developed with AI-assisted coding techniques. The campaign used SEO poisoning and fake Oracle SQL Developer downloads to lure victims. Timestamps: 00:00 Top Headlines Rundown 00:27 Emergency Drupal Patch Order 02:22 Microsoft Server Update Bug 04:02 Canada Lawful Access Battle 05:18 Google's Security Concerns 06:25 Salt Typhoon Lessons 07:35 Iran-Linked AI Malware 09:26 SEO Poisoning Attack 10:09 Wrap Up and Sign Off
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Selective HTTP Proxying in Linux https://isc.sans.edu/diary/Selective%20HTTP%20Proxying%20in%20Linux/33002 Megalodon: Mass GitHub Repo Backdooring via CI Workflows https://safedep.io/megalodon-mass-github-repo-backdooring-ci-workflows/ MSFT Patches Recent Windows Defender Flaws CVE-2026-41091, CVE-2026-45498, CVE-2026-45584 https://x.com/fabian_bader/status/2057198207243804881 Cisco Secure Workload Unauthorized API Access Vulnerability CVE-2026-20223 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
GitHub Breach https://x.com/github/status/2056949168208552080 Agentic Threat Intelligence Feed - VS Code Extensions https://agentmesh.knostic.ai/extensions More NGINX Vulnerabilities https://x.com/nebusecurity/status/2057071579876753643 https://my.f5.com/manage/s/article/K000161307 Microsoft Publishes YellowKey Mitigation CVE-2026-45585 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585 Incomplete Sonicwall Patch CVE-2024-12802 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0001
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
New Malware Libraries means New Signatures https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20%20New%20Malware%20Libraries%20means%20New%20Signatures/32986 Addressing Exchange Server May 2026 vulnerability CVE-2026-42897 https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498 Microsoft Authenticator Update CVE-2026-41615 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41615 ssh-keysign-pwn (CVE-2026-46333) Patches Released https://almalinux.org/blog/2026-05-15-ssh-keysign-pwn-cve-2026-46333/