惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

小众软件
小众软件
IT之家
IT之家
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Security Archives - TechRepublic
Security Archives - TechRepublic
P
Proofpoint News Feed
C
CERT Recently Published Vulnerability Notes
阮一峰的网络日志
阮一峰的网络日志
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Cloudflare Blog
P
Palo Alto Networks Blog
Know Your Adversary
Know Your Adversary
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Cisco Talos Blog
Cisco Talos Blog
L
Lohrmann on Cybersecurity
AWS News Blog
AWS News Blog
J
Java Code Geeks
博客园_首页
Scott Helme
Scott Helme
WordPress大学
WordPress大学
有赞技术团队
有赞技术团队
T
The Exploit Database - CXSecurity.com
Security Latest
Security Latest
V
Visual Studio Blog
Cloudbric
Cloudbric
Jina AI
Jina AI
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
博客园 - 叶小钗
Apple Machine Learning Research
Apple Machine Learning Research
博客园 - 聂微东
人人都是产品经理
人人都是产品经理
A
Arctic Wolf
C
Cybersecurity and Infrastructure Security Agency CISA
S
SegmentFault 最新的问题
The Last Watchdog
The Last Watchdog
SecWiki News
SecWiki News
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
W
WeLiveSecurity
K
Kaspersky official blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Hacker News: Ask HN
Hacker News: Ask HN
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
宝玉的分享
宝玉的分享
Hugging Face - Blog
Hugging Face - Blog
量子位
Google Online Security Blog
Google Online Security Blog
博客园 - Franky
Simon Willison's Weblog
Simon Willison's Weblog
博客园 - 三生石上(FineUI控件)
Recent Commits to openclaw:main
Recent Commits to openclaw:main

Help Net Security

ChatGPT advanced account security adds passkeys and hardware keys Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for months Automating Pentest Delivery: A Step-by-Step Guide - PlexTrac Open-source privacy proxy masks PII before prompts reach external AI services Shadow AI risks deepen as 31% of users get no employer training Identity is the control plane for distributed infrastructure AI traffic is getting bigger, louder, and less predictable New infosec products of the month: April 2026 cPanel zero-day exploited for months before patch release (CVE-2026-41940) Cisco releases open-source toolkit for verifying AI model lineage Met Police face criticism for using AI to spy on their own officers Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) Hacker with a special interest in breaching sports institutions ends behind bars - Help Net Security IP Fabric MCP server adds governance and control to enterprise AIOps workflows - Help Net Security Aqua Compass MCP server enables real-time investigation and containment of runtime threats - Help Net Security Google brings instant email verification to Android, no OTP needed - Help Net Security If cyber espionage via HDMI worries you, NCSC built a device to stop it - Help Net Security Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950) - Help Net Security GopherWhisper APT group hides command and control traffic in Slack and Discord - Help Net Security OpenAI tackles a bad habit people have when interacting with AI - Help Net Security A year in, Zoom's CISO reflects on balancing security and business - Help Net Security Scenario: Open-source framework for automated AI app red-teaming - Help Net Security GDPR works, but only where someone enforces it - Help Net Security Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks - Help Net Security Google’s Workspace Intelligence promises privacy while running on your data - Help Net Security Cyberattack on French government agency triggers phishing alert - Help Net Security Claude Mythos finds 271 Firefox flaws, Mozilla believes zero-days are numbered - Help Net Security Prove Identity Platform connects verification, authentication, and fraud prevention - Help Net Security New Mirai variants target routers and DVRs in parallel campaigns - Help Net Security Acronis GenAI Protection gives MSPs control over AI usage and data risks - Help Net Security Elastic MCP Apps bring security and observability workflows into AI tools - Help Net Security Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876) - Help Net Security Tencent's QClaw AI agent app arrives on Windows and macOS - Help Net Security Phishing reclaims the top initial access spot, attackers experiment with AI tools - Help Net Security OneDrive updates focus on AI, access control, and compliance - Help Net Security PentAGI: Open-source autonomous AI penetration testing system - Help Net Security Apple Intelligence flaw kept stolen tokens reusable on another device - Help Net Security Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook - Help Net Security Thunderbird 150 arrives with encrypted message search and OpenPGP improvements - Help Net Security VirtualBox 7.2.8 is out with Linux kernel 7.0 support and crash fixes - Help Net Security Ransomware negotiator admits role in attacks he was hired to resolve - Help Net Security Scattered Spider hacker pleads guilty to stealing $8 million in cryptocurrency Ivanti Neurons AI automates IT operations, reducing manual work and security risk Silobreaker Mimir adds agentic AI to intelligence workflows with governance and transparency - Help Net Security OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) A single platform powers SIM farm proxy networks across 17 countries - Help Net Security NGate NFC malware targets Android users through trojanized payment app - Help Net Security Meta and PortSwigger drive offensive security further to find what others miss - Help Net Security EU pushes for stronger cloud sovereignty, awards €180 million to four providers - Help Net Security SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines - Help Net Security How to spot a North Korean fake in a job interview - Help Net Security Product showcase: Syncthing for secure, private file synchronization - Help Net Security Week in review: Acrobat Reader flaw exploited, Claude Mythos offensive capabilities and limits Google wipes out 602 million scam ads with Gemini on duty Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild GitLab 18.11 brings agentic AI to security fixes, CI pipelines, and delivery analytics Liongard upgrades LiongardIQ with AI access, live asset data, and deeper discovery Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control Codex can now operate between apps. Where are the boundaries? Android 17 Beta 4 arrives with post-quantum cryptography and new memory limits Apple AirTag tracking can be misled by replayed Bluetooth signals Social media bans might steer kids into riskier corners of the internet Workplace stress in 2026 is still worse than before the pandemic New infosec products of the week: April 17, 2026 - Help Net Security ImmuniWeb brings AI upgrades, post-quantum detection and more in Q1 2026 NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward Anthropic releases Claude Opus 4.7 with automated cybersecurity safeguards - Help Net Security Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808) - Help Net Security Google Play is changing how Android apps access your contacts and location Tails 7.6.2 patches vulnerability that could expose saved files Cargo theft malware actor spent a month inside a decoy network before researchers pulled the plug Two US nationals jailed over scheme that generated $5 million for the North Korean regime Product showcase: Ente Auth encrypts, backs up, and syncs 2FA Wi-Fi roaming security practices for access network providers and identity providers European AI spending set to hit $290 billion by 2029 Windows is getting stronger RDP file protections to fight phishing attacks Capsule Security debuts with $7 million funding to secure AI agent behavior Hackers hijacked CPUID downloads, served STX RAT to victims $12 million frozen, 20,000 victims identified in crypto scam crackdown Rockstar Games receives “pay or leak” warning after cyberattack Google makes it harder to exploit Pixel 10 modem firmware Siemens expands Industrial Automation DataCenter with edge AI and cybersecurity Adobe issues emergency fix for Acrobat Reader flaw exploited in the wild (CVE-2026-34621) Seized VerifTools servers expose 915,655 fake IDs, 8 arrested Fixing vulnerability data quality requires fixing the architecture first ZeroID: Open-source identity platform for autonomous AI agents MITRE releases a shared fraud-cyber framework built from real attack data The fully free Linux OS Trisquel gets a major update with version 12.0 Ecne Week in review: Windows zero-day exploit leaked, Patch Tuesday forecast ClickFix campaign delivers Mac malware via fake Apple page Poisoned “Office 365” search results lead to stolen paychecks Gmail’s end-to-end encryption comes to mobile, no extra apps required To counter cookie theft, Chrome ships device-bound session credentials Product showcase: Session, a messenger without phone numbers or metadata Little Snitch for Linux shows what your apps are connecting to - Help Net Security Apiiro CLI turns AI coding assistants into full-stack security engineers - Help Net Security April 2026 Patch Tuesday forecast: Spring-cleaning of a preview - Help Net Security What vibe hunting gets right about AI threat hunting, and where it breaks down - Help Net Security Health insurance lead sites sell personal data within seconds of form submission - Help Net Security
Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack - Help Net Security
Help Net Security · 2026-06-21 · via Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Week in review

A hardware neural network backdoor that hides in plain sight
Deep learning systems on edge devices often rely on third-party-designed FPGAs and ASICs for performance and efficiency, creating supply chain risks. Researchers from the University of Tennessee and the University of Florida developed HAMLOCK, a backdoor attack that splits malicious functionality between hardware and software, making detection more difficult.

Onspring CISO on where automated GRC systems fall short
In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their tools, and which risks resist measurement, such as insider behavior and vendor concentration.

AI vulnerability discovery is pushing 2026 CVEs toward 66,000
Vulnerability disclosures are piling up faster in 2026 than anyone expected at the start of the year. The running count for the first few months sits well above the original projection, and the Forum of Incident Response and Security Teams (FIRST) now expects the year to land near 66,000 CVEs.

Reachability makes AI threat modeling worth the trust
In this interview with Help Net Security, Oscar Andersson, CTO at Oplane, explains why most scanning tools fail. They cry wolf, flagging threats that cannot run in real code. The argument centers on reachability. A finding counts only when someone walks the path to impact on a working build.

The SOC’s visibility gap comes down to staffing
AI has settled into security operations centers faster than any earlier wave of technology. Around four in five practitioners report reaching for AI or machine learning tools in their daily work. The catch shows up one layer down. Roughly a third of those same teams have built these tools into a defined workflow with structure, governance, and consistent validation. The rest pick up AI on their own, case by case, with no shared playbook for how it gets used or checked.

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects
Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY, Chainguard, Cisco, Cloudflare, Corridor, DepthFirst, Docker, JPMorganChase, Kyndryl, LTIMindtree, and PwC.

What happens to oversight when AI agents write a lab’s own code
Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between steps, and they reach into production infrastructure, research pipelines, and potentially the systems that train and evaluate future models.

Securing digital keys when your phone unlocks the car
In this interview with Help Net Security, Alysia Johnson, President of the Car Connectivity Consortium (CCC), explains how the CCC Digital Key has grown from a single-brand feature into a standard meant to work across phones, automakers, and suppliers.

Your browser tab could become encrypted storage for someone else’s files
Decentralized storage networks already hand pieces of people’s data to strangers’ machines. The lasting question across these networks is whether the machine holding the data can read it. A research paper by Gregory Magarshak, a professor at IENYC, describes a system called Safecloud built on one design rule: the nodes that store data see only ciphertext, and the nodes that route data hold no keys.

PhishLumos: Exposing phishing campaigns that evade detection by hiding content
Phishing remains one of the most stubbornly persistent threats in cybersecurity: humans are tired, distracted, trusting, and susceptible to urgency and authority in ways that no amount of awareness training can completely overcome. The security community has largely accepted this reality and shifted focus toward automated detection systems that can intercept and block phishing threats before users see them.

China-linked spies backdoored authentication stack to stay hidden for years
A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the results of a forensic investigation published by cybersecurity firm Sygnia.

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated security advisory also states that “the vulnerability was found during internal security testing”, raising the question of how attackers came to exploit it before Cisco had disclosed it publicly.

SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)
A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to create a new “Technician” account and use it to remote into managed endpoints, execute scripts, and more.

Attackers are exploiting FortiSandbox vulnerabilities
Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products depend on for threat verdicts to enforce blocking decisions and trigger automated responses. The warning came on Monday from threat intelligence company Defused, which said that the exploit for one of the flaws is vibecoded, and likely faulty.

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)
Microsoft has acknowledged the local elevation of privilege issue in Microsoft Defender that can be triggered via the “RoguePlanet” exploit, and is “working to provide a high quality security update that addresses this vulnerability.” The vulnerability, which has been assigned the CVE-2026-50656 identifier, stems from improper link resolution before file access, and can be exploited in low complexity attacks by authenticated attackers, with no user interaction required.

Low-skilled attacker used Claude, Codex to breach 14 companies
Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that out. After recovering and analyzing over 1,000 agent sessions from a compromised server on which an attacker deployed Anthropic’s Claude Code and OpenAI’s Codex agents, the researchers discovered how easily the attacker was able to bypass most of the agents’ guardrails, and how little he actually needed to know and do himself.

74,000 Fortinet firewall credentials exposed in FortiBleed data leak
A Russian-speaking cybercriminal group has stolen credentials contained in the configuration files of nearly 74,000 Fortinet firewalls and VPN gateways around the world. The data was accidentally exposed by the group on a server, along with other artifacts and tools, and the exposure was noticed by security researcher Volodymyr “Bob” Diachenko.

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
SocGholish, an operation that’s been delivering malware to users via fake software updates, has suffered a major blow: the international law enforcement coalition behind Operation Endgame has taken down 106 of its servers and domains, and cleaned up nearly 15,000 websites compromised to serve their malicious payloads. The result of this most recent multinational law enforcement action was announced today by the Dutch National Police and on the operation’s website.

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)
CISA has added CVE-2026-20253, a critical, remotely exploitable vulnerability in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog, and ordered US federal civilian agencies to apply mitigations by June 21, 2026.

EU Cybersecurity Act 2.0: When good regulation goes bad
Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain attacks targeting our critical infrastructure, that seriousness is welcome. But good intentions and good policy are not the same thing, and the proposed EU Cybersecurity Act 2.0 is starting to look a lot more like the former than the latter.

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure
In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident.

Proving what a military AI model will do is the real problem
Defense contractors build AI systems that task drones automatically and propose kill-chains to support soldiers. Several of these contractors have partnered with frontier AI companies to put advanced models into military tools. The systems coming out of these partnerships carry a security problem that sits outside the methods of arms control diplomacy: confirming what an AI model will do.

Open-source CI/CD abuse detector guards against stolen credential attacks
CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure DevOps.

Ukrainian national pleads guilty in connection with Conti ransomware
A Ukrainian national pleaded guilty to conspiracy to commit wire fraud in connection with the deployment of Conti ransomware, which targeted more than 1,000 victims worldwide.

Chinese hackers breached North American research institutions via REDCap servers
A China-linked cyber espionage operation targeted North American medical research institutions through compromised REDCap servers, using custom malware to gain persistent access and collect sensitive information, Google’s Threat Intelligence Group (GTIG) researchers found.

Planning a trip? Fake travel sites are multiplying this summer
Cyberattacks against hospitality, travel, and recreation organizations rose 24% year over year, reaching an average of 2,291 incidents per organization each week in May 2026, according to Check Point.

Crypto scammers are sending couriers to victims’ homes to collect cash
Scammers behind cryptocurrency investment schemes are dispatching couriers to pick up cash from victims in person, the FBI warns. According to the agency, scammers usually approach victims through social media, text messages, or fake investment personas, luring them into cryptocurrency schemes that use fraudulent trading platforms and fabricated returns to encourage additional deposits.

Cybercriminals mask malicious communications through Microsoft Teams relays
The DragonForce ransomware group used a custom malware called Backdoor.Turn to hide command-and-control traffic inside Microsoft Teams relay infrastructure during an intrusion at a U.S. services company, according to Symantec.

Apple is bringing Hide My Email and Sign in with Apple under one domain
Apple will unify the email domains used by Sign in with Apple and iCloud+ Hide My Email under a shared domain, private.icloud.com, later this summer. Hide My Email is a service included with iCloud+, Apple’s subscription service. It allows users to generate one-time-use or reusable email addresses that forward messages to their personal inbox without revealing their actual email address.

Rokarolla Android trojan targets banking and crypto users, enables device takeover
A newly discovered Android banking trojan, dubbed Rokarolla, targets 217 banking and cryptocurrency applications and can execute 137 commands on infected devices, according to researchers at Zimperium. Named after its command-and-control (C2) infrastructure, Rokarolla is primarily distributed through malicious websites that impersonate popular applications such as TikTok and Google Chrome, fooling users into downloading what appears to be a legitimate app.

Another healthcare firm attacked days after Novo Nordisk breach
Medical technology company iRhythm Holdings disclosed a cyberattack involving certain third-party-hosted business applications that resulted in the theft of patient protected health information, proprietary data, and other personal data. The company discovered unauthorized activity on June 8, 2026, and launched an investigation with the assistance of external cybersecurity experts.

AWS Continuum brings AI models to code vulnerability management
AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It reasons over a customer’s environment, confirms which findings are real, and works toward resolution. It is model agnostic and draws on multiple frontier models, assigning each to the work where it performs best. AWS designed it to take in newer models as they become available.

Malware attacks strip Roblox developers of entire games
Hackers who once focused on stealing valuable Roblox items are now taking over entire games. Although Roblox operates the service, users can create and publish their own games on it. Successful games can generate substantial revenue through in-game purchases. Some developers have earned millions of dollars and built dedicated studios around their creations.

Klue breach lead to Salesforce data theft, Huntress affected
Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sales data across various business tools.

Senior engineers are spending their week cleaning up AI-generated code
At most U.S. technology companies, machines now write the bulk of the code that ships each week. The engineer’s job has shifted toward reviewing what the AI produces, and that review gives the code high marks. Leaders rate AI-generated code as higher quality than the code their own people write, praising its clean structure, consistent style, and low count of obvious bugs at submission time.

Microsoft’s workplace check-in via Wi-Fi tracks who’s in the office, and not everyone’s happy
Microsoft is rolling out workplace check-in via Wi-Fi for Teams and Microsoft Places. Connect to your office network and your in-office presence updates automatically, no manual status change needed.

A $2 trillion revenue shift hinges on AI data governance
Across large enterprises, a single question keeps surfacing when teams want to put customer data to work. Can this record be used for a given purpose, and does the consent behind it still hold? The data sits in warehouses and customer databases, and the ability to answer that question often lags behind. That delay carries a cost.

GitHub releases an open dataset for multilingual developer content
Developers coordinate code across README files, issue threads, and pull request discussions. Much of that exchange happens in English, and a large share happens in other languages. GitHub has released a dataset built to help researchers and developers locate public repositories that carry non-English natural-language content.

Software supply chains are heading for a transparency test
Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM Adoption State of Play 2026 shows organizations preparing for CRA obligations through SBOM tooling, automation, and changes to software development practices.

The checklist problem behind critical infrastructure cyber safety
An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from George Mason University examines how United States cyber policy defines reasonable care for systems that control physical processes, and it finds that compliance has become a stand-in for safety.

Product showcase: From phishing texts to risky Wi-Fi, Norton 360 Deluxe watches the gaps
Norton 360 Deluxe combines device security, scam detection, web protection, and VPN privacy in a single subscription that covers up to five devices. It is available for Windows, macOS, Android, and iOS.

Microsoft AntiSSRF open-source library helps block server-side request forgery
AntiSSRF is an open-source code library from Microsoft that validates URLs and network connections to reduce server-side request forgery (SSRF) risks in web applications. It supports .NET and Node.js applications and is distributed under the MIT license. The library works as a drop-in component, giving developers a way to check untrusted input before their applications make outbound requests.

Ukraine can now tap EU cyber support during major attacks
Ukraine can now call on emergency cyber support from the European Union during large-scale cybersecurity incidents. The move follows a decision by the Council of the European Union to add the country to the EU Cybersecurity Reserve.

What’s new in Android 17? Anti-theft tools, scam detection, and parental controls
The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year.

Most agentic AI projects in production have stalled over data problems
Enterprises are connecting AI agents to live data feeds and putting them to work on tasks that once required human review, from IT operations to software development. The number doing this in production reached 32 percent in 2026, up from 29 percent the year before, according to Confluent’s annual Data Streaming Report, which surveyed 4,625 IT leaders across 14 countries.

Homebrew tightens tap security, begins work on its interface
Anyone who installs software through a third-party Homebrew tap runs Ruby code written by people outside the project, and that code runs without a sandbox. That risk sits at the center of Homebrew 6.0.0. It now requires a tap, along with any tap-qualified formula or cask, to be trusted before its code is evaluated or run.

Google’s open standard for AI agents to discover and verify tools
AI agents rely on tools, services, and other agents distributed across different teams, organizations, and platforms. Because these resources are often isolated in separate systems, agents have limited ability to discover and connect to capabilities outside their own environment. Google aims to solve this with Agentic Resource Discovery, an open specification for publishing, discovering, and verifying AI capabilities across the web, regardless of framework, protocol, or provider.

GentleKiller targets more than 400 security processes across 48 products
Most ransomware operations leave the work of disabling endpoint security software to their affiliates. The ransomware-as-a-service gang Gentlemen runs a different model. Its operators develop and maintain a set of tools for shutting down endpoint detection and response (EDR) products, then provide these tools directly to the affiliates who rent the gang’s encryptors.

Asia-Pacific scam networks generate nearly $40 billion a year
Cybercrime is taking a larger share of criminal activity in Asia and the Pacific. More than half of surveyed jurisdictions reported that cybercrime accounts for over 30% of all crimes recorded nationally, according to INTERPOL’s 2025/2026 Asia and South Pacific Cyberthreat Assessment Report.

Companies are discarding the logs they need to catch a breach
Many large enterprises discard most of the log data their systems generate, and they do it on purpose to keep costs down. A Dynatrace survey of 450 senior IT leaders at large enterprises found that half of organizations drop or never collect an average of 86 percent of their logs, even after filtering and aggregation. Many also limit how long they retain the logs they do keep.

The rise of machine identities and agentic AI: Securing trust in the next era of digital autonomy
For years, identity security has been centered on humans, ensuring that the right person has the right level of access to the right resources. But now, the same principle applies to non-human entities: machines, APIs, bots, and increasingly, AI agents. These new “digital actors” authenticate, access sensitive information, execute workflows, and even make decisions, often faster and at greater scale than any human ever could.

How security teams are getting credential visibility into developer endpoints
Attackers increasingly target developer machines to steal credentials. Recent supply chain attacks, including Megalodon, TrapDoor, and Miasma, focused on compromising developer environments where secrets often reside in shell histories, .env files, cloud CLI configs, local caches, and AI agent directories. To address this risk, GitGuardian has introduced Developer Endpoint Protection in ggshield, enabling organizations to discover credentials on developer workstations.

Google sets timeline for Android developer verification enforcement
Android’s developer verification protections will take effect on September 30, 2026, starting with users in Brazil, Indonesia, Singapore, and Thailand. Developers distributing apps through participating stores in those markets must complete the verification process by the deadline.

Mastodon 4.6 adds profile Collections and two-factor controls
People who run accounts on the open source social network Mastodon can now group profiles together and share those groups across the web. The 4.6 release centers on a feature called Collections, along with reworked profiles, email newsletters, server administration controls, and a set of accessibility changes.

Forget traffic lights, Google’s reCAPTCHA may ask for hand gestures
Google has introduced hand gesture verification for reCAPTCHA, a new method for verifying that a user is human. Google’s reCAPTCHA is part of Google Cloud Fraud Defense, a fraud and abuse prevention platform for bot, account, and transaction protection. It uses risk analysis and challenge-based verification to help organizations identify automated activity and suspicious behavior.

Cybersecurity jobs available right now: June 16, 2026
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.

New infosec products of the week: June 19, 2026
Here’s a look at the most interesting products from the past week, featuring releases from ArmorCode, Barracuda Networks, Blue Planet, Flip, Fortinet, Legit Security, Tigera, and WitnessAI.