Mastodawn

🔒 Security News Digest - 2026-06-12

📊 8 updates from 5 sources:

🔹 The Hacker News: China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html

🔹 BleepingComputer: phpBB forum fixes auth bypass bug lurking for a decade
https://www.bleepingcomputer.com/news/security/phpbb-forum-fixes-auth-bypass-bug-lurking-for-a-decade/

🔹 Latest Bulletins: CVE-2026-12043 - Heap double-free in AWS Common Runtime aws-c-http
https://aws.amazon.com/security/security-bulletins/rss/2026-043-aws/

🔹 The Hacker News: Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html

🔹 The Hacker News: Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html

🔹 BleepingComputer: Maine disables data breach notification portal after fake disclosures
https://www.bleepingcomputer.com/news/security/maine-disables-data-breach-notification-portal-after-fake-disclosures/

🔹 darkreading: ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
https://www.darkreading.com/vulnerabilities-threats/shinyhunters-oracle-zero-day-higher-ed

🔹 Security News | TechCrunch: Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
https://techcrunch.com/2026/06/12/chinese-cybercrime-operation-that-used-ai-to-scam-hundreds-of-thousands-of-victims-sued-by-google/

#InfoSec #SecurityNews

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

Sygnia says Velvet Ant modified Linux PAM and OpenSSH components to steal credentials and maintain stealthy access since 2016.

The Hacker News

Healthcare IT Security Robot 3h ago

DATE: June 12, 2026 at 05:01PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

#Ozempic Drug Maker Loses Clinical Trial Data in Hack https://t.co/VFXolx5Rrv

Here are any URLs found in the article text:

https://t.co/VFXolx5Rrv

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Healthcare IT Security Robot 3h ago

DATE: June 12, 2026 at 04:54PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

#VAHealth #AI Chat Tools Lack Oversight, Agency Warns https://t.co/mCQrEcYXfM

Here are any URLs found in the article text:

https://t.co/mCQrEcYXfM

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

Healthcare Privacy & HIPAA Bot 8h ago

DATE: June 12, 2026 at 12:04PM
SOURCE: HIPAA JOURNAL

Direct article link at end of text block below.

Labcorp Agrees to $35M Settlement to Resolve AMCA Data Breach Litigation https://t.co/LykTgiYZCC

Here are any URLs found in the article text:

https://t.co/LykTgiYZCC

Articles can be found by scrolling down the page at https://www.hipaajournal.com/ .

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

#security #healthcare #doctors #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #HIPAA #privacy #healthcaresecurity #BAA #patientrecords #telehealth #socialengineering

Healthcare Privacy & HIPAA Bot 8h ago

DATE: June 12, 2026 at 12:04PM
SOURCE: HIPAA JOURNAL

Direct article link at end of text block below.

Labcorp Agrees to $35M Settlement to Resolve AMCA Data Breach Litigation https://t.co/LykTgiYZCC

Articles can be found by scrolling down the page at https://www.hipaajournal.com/ .

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

Security Feed 9h ago

🔒 Security News Digest - 2026-06-12

📊 17 updates from 6 sources:

🔹 BleepingComputer: CISA orders feds to patch actively exploited Ivanti flaw by Sunday
https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/

🔹 SecurityWeek: Anthropic Disputes Fable 5 AI Jailbreak
https://www.securityweek.com/anthropic-disputes-fable-5-ai-jailbreak/

🔹 The Hacker News: INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html

🔹 SecurityWeek: Chrome 149 Update Patches 28 Vulnerabilities
https://www.securityweek.com/chrome-149-update-patches-28-vulnerabilities/

🦠 Malwarebytes: Fake verification pages are stealing Steam accounts from players
https://www.malwarebytes.com/blog/threat-intel/2026/06/fake-verification-pages-are-stealing-steam-accounts-from-players

🔹 SecurityWeek: Ivanti Sentry Exploitation Attempts Hitting Honeypots
https://www.securityweek.com/ivanti-sentry-exploitation-attempts-hitting-honeypots/

🔹 The Hacker News: LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
https://thehackernews.com/2026/06/langgraph-flaw-chain-exposes-self.html

🔹 BleepingComputer: Pharma giant Novo Nordisk discloses breach of clinical trials data
https://www.bleepingcomputer.com/news/security/pharmaceutical-giant-novo-nordisk-discloses-security-breach/

🔹 The Hacker News: Rethinking MDR as Attackers and Defenders Embrace AI
https://thehackernews.com/2026/06/rethinking-mdr-as-attackers-and.html

🔹 SecurityWeek: Iranian Cyber Group Handala Claims Cal Water Hack
https://www.securityweek.com/iranian-cyber-group-handala-claims-cal-water-hack/

🔹 Security News | TechCrunch: US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies
https://techcrunch.com/2026/06/12/us-spy-law-to-expire-for-first-time-after-lawmakers-reject-trumps-controversial-pick-to-lead-spy-agencies/

🔹 BleepingComputer: Microsoft fixes Windows update failures linked to WUSA installer
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-update-failures-linked-to-wusa-installer/

🔹 The Hacker News: Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html

🔹 SecurityWeek: Industry Reactions to Claude Fable 5: Feedback Friday
https://www.securityweek.com/industry-reactions-to-claude-fable-5-feedback-friday/

🔹 darkreading: Claude Fable 5 Doesn't Change the Mythos Security Story
https://www.darkreading.com/vulnerabilities-threats/claude-fable-5-doesnt-change-mythos-security-story

🔹 BleepingComputer: Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
https://www.bleepingcomputer.com/news/security/early-warning-signs-of-supply-chain-attacks-live-in-the-dark-web/

🦠 Malwarebytes: Stolen iPhones could soon be worth a lot less to thieves
https://www.malwarebytes.com/blog/mobile/2026/06/stolen-iphones-could-soon-be-worth-a-lot-less-to-thieves

#InfoSec #SecurityNews

CISA orders feds to patch actively exploited Ivanti flaw by Sunday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04.

BleepingComputer

Cyberwald 16h ago

🎙️ Cyberwald - Cybersecurity-News - 12.06.2026

Heute im Podcast:
• AudiA6 Krypto-Geldwäschedienst zerschlagen
• Kyushu Electric Power 10,9 Mio. Kunden
• Tchap Messenger Breach 73.000 Konten
• Microsoft Exchange Outlook RCE aktiv ausgenutzt
• ShinyHunters/Oracle PeopleSoft Zero-Day Update

🔗 Podcast anhören: https://cyberwald.com/podcast/2026-06-12.podcast.ogg

#Cybersecurity #Podcast #Cyberwald #SecurityNews #ITSecurity

Cyberwald 18h ago

🎙️ Cyberwald - Cybersecurity-News - 12.06.2026

Heute im Podcast:
• The Gentlemen Ransomware — 478 Opfer, Wurm-Fähigkeit, RaaS-Affiliate-Modell
• KI-Agenten Angriffe — OpenClaw und Fedora Sabotage
• Bitlocker-Chaos Update — GreatXML Exploit und Windows Server 2025 Recovery-Bug
• CISA Binding Operational Directive 26-04 — Drei-Tage-Patchfrist
• ShinyHunters PeopleSoft Update — Mandiant UNC6240 Attribution

🔗 Podcast anhören: https://cyberwald.com/podcast/2026-06-12.podcast.ogg

#Cybersecurity #Podcast #Cyberwald #SecurityNews #ITSecurity