Britain's privacy watchdog quits after 'poor judgment' admission
John Edwards says his position had become 'untenable' following investigation into conduct including inappropriate attempts at humor
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Webinar: How attackers bypass MFA and how defenders can respond
Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar exp…
Microsoft: June 2026 Windows updates break Recycle Bin prompts
Microsoft has confirmed a confusing Windows bug that causes different filenames to appear in the confirmation dialog when deleting a file from the Recycle Bin. [...]
CryptoBandits Malware Doubles as a Backdoor, Abuses Tor
CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution. The post CryptoBandits Malware Doubles as a Backdoor, Abuses Tor appear…
Anthropic’s Fable and the State of AI
On June 9th, Anthropic released its Fable generative AI model. Three days later, the US government classified it as a dangerous munition, and used its export-control authority to p…
Rights groups brand Home Office's AI age guesser for asylum-seekers as biased and inaccurate
Campaigners say tech is unable to reliably distinguish between kids and adults at the boundary where use is planned
FortiBleed: 86,000 Fortinet Device Credentials Compromised
The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs. The post FortiBleed: 86,000 Fortinet Device Credentials Compromis…
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks. [...]
Forget Data Leakage: Shadow AI's Real Threat Is Access Control
The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, doma…
Geopolitical jitters push Europe's internet registry away from cloud-first strategy
Members aren't RIPE for a new charging scheme, though
Devs in the trenches are stressed from the mandate to automate everything, but Render thinks it can help
San Francisco plays host to hosting company's Localhost conference
Cybersecurity Firms Impacted by Klue Supply Chain Attack
The hackers exfiltrated data from Salesforce instances of Klue customers, such as Huntress and Recorded Future. The post Cybersecurity Firms Impacted by Klue Supply Chain Attack ap…
Rockstar Games faces full hearing over alleged union busting
Tribunal rejects bid to strike blacklisting claims, with proceedings due to conclude shortly before GTA VI launches
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data
Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company …
NY man charged after harassing college student with AI-generated nudes
A New York man faces cyberstalking charges after allegedly sharing AI-generated nude images and fabricated racist messages using fake social media profiles to harass a Georgia coll…
Nutanix's Tech Day London 2026 offers infrastructure insights
SPONSORED POST: Come join this working afternoon for infrastructure teams
Use of HMRC's taxing IR35 status tool drops 71% in two years
Data suggests firms are turning away from CEST as critics say it fails to reflect recent court rulings
Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC
WideField will accelerate Agentic SOC capabilities by expanding the lens on threat investigation to include identity, credentials, sessions, and blast radius. The post Cisco to Acq…
CISA warns Fortinet users to secure devices after FortiBleed leak
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a…
15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown
Law enforcement and private partners took down 106 SocGholish C&C servers and domains as part of Operation Endgame. The post 15,000 WordPress Websites Cleaned Up in SocGholish Botn…
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. The vulnerability,…
Users claimed they’d never seen a spell checker and panicked at the sight of red squiggles
Techie couldn’t help but be a little blunt when the support call came in – but has no regrets!
Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure
CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability …
Gentlemen ransomware uses multiple EDR killers to disable defenses
The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliates evade detection in a…
2,000 retired Google Pixel phones get a second life as a private cloud
You might say the system packs two kilapixels of compute
Novo Nordisk Breach Exposes Software Development Pipeline Risk
A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem.
Operation Escaneo Signals Shift in LatAm Threat Landscape
The threat group's curious business model may combine opportunistic monetization alongside intel collection, without much coordination between the two.
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromi…
FIFA Bug Exposes World Cup Streams to Remote Takeover
A hacker could have "Rickrolled" the World Cup — or worse — thanks to FIFA's unenforced Entra access controls.
Midjourney pivots from AI image generation to body scanning medical spa where patients bathe in 'golden light'
The underlying technology is real...and borrowed from a partner the company failed to mention