“Cyber warfare is as much about psychological strategy as technical prowess.”
― James Scott
-

OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards [email protected] (The Hacker News)
OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful, Terra strikes a balance between efficiency and power, and Luna is…
-
How agentic AI threat intelligence aids NGO cyber defense: Case study
NGOs often lack the resources and expertise to defend against modern threat actors. Learn how one nonprofit is harnessing agentic AI threat intelligence to flip the script.Read More
-

FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys [email protected] (The Hacker News)
The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can restore the account’s backup, read the private and group message history, and take over the…
-

New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks [email protected] (The Hacker News)
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the moniker StrikeShark, said the campaign has targeted a diplomatic organization in Indonesia, government organizations in Taiwan,Read More
-

Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign [email protected] (The Hacker News)
A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. The activity, particularly aimed at state-owned enterprises in the energy and government sectors, has been attributed to a threat actor called CL-STA-1062, which…
-
How to conduct a mobile app security audit
Mobile app security audits help IT identify weaknesses in code, APIs, authentication, data storage and third-party components throughout the app lifecycle.Read More
-

Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs [email protected] (The Hacker News)
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it. Tracked as CVE-2026-12957 (CVSS 8.5), the bug sat in how Amazon’s AI coding assistant handled Model…
-

New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries [email protected] (The Hacker News)
A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw asRead…
-
NO FAKES Act advances: What CISOs need to know
As the NO FAKES Act moves to the Senate, the country is closer to real protections against unauthorized AI replica use — a move that also has enterprise implications.Read More
-

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question isRead More
“Security used to be an inconvenience sometimes, but now it’s a necessity all the time.”
― Martina Navratilova
