| Maintained by | Phil Massyn |
๐น BleepingComputer
Microsoft's Coreutils project brings Linux commands to Windows
Microsoft announced today at its Build 2026 developer conference the release of Coreutils for Windows, bringing many commonly used Linux command-line utilities to Windows as native applications. [...]
๐น Security News | TechCrunch
Cyera eyes $12B valuation at 80x ARR multiple despite operating losses
The cybersecurity company is nearing a $300 million round led by Evolution Equity Partners.
๐น BleepingComputer
OpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT models
OpenAI says it's rolling out a new update that improves the existing GPT-5.5 Instant model, and this move comes ahead of the scheduled retirement of multiple legacy models, including o3. [...]
๐ Security News Digest - 2026-06-02
๐ 19 updates from 9 sources:
๐น SecurityWeek: Two New Reports Offer Competing Explanations for Cybersecurityโs Growing Crisis
https://www.securityweek.com/two-new-reports-offer-competing-explanations-for-cybersecuritys-growing-crisis/
๐น BleepingComputer: Microsoft Exchange Online outage causes email delays, failures
https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-outage-causes-email-delays-failures/
๐น Unit 42: The npm Threat Landscape: Attack Surface and Mitigations (Updated June 2)
https://unit42.paloaltonetworks.com/monitoring-npm-supply-chain-attacks/
๐น The Hacker News: Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
https://thehackernews.com/2026/06/oracle-weblogic-cve-2024-21182-added-to.html
๐น The Hacker News: Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
https://thehackernews.com/2026/06/gamaredon-exploits-winrar-to-deliver.html
๐ฆ Malwarebytes: These convincing copyright notices are designed to steal Google logins
https://www.malwarebytes.com/blog/threat-intel/2026/06/these-convincing-copyright-notices-are-designed-to-steal-google-logins
๐น The Record from Recorded Future News: White House unveils pared-back AI executive order
https://therecord.media/white-house-unveils-ai-executive-order
๐น The Hacker News: Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
https://thehackernews.com/2026/06/google-june-2026-android-update-patches.html
๐น darkreading: Securing AI Agents Before They Go Rogue Is Next to Impossible
https://www.darkreading.com/cyber-risk/securing-ai-agents-rogue
๐น Latest Bulletins: CVE-2026-10584 - HTTPS Fallback to HTTP in Graph Explorer
https://aws.amazon.com/security/security-bulletins/rss/2026-038-aws/
๐น darkreading: China Uses Dual-Method Cyberattack on Czech Orgs
https://www.darkreading.com/threat-intelligence/china-uses-dual-method-attack-czech-taiwan-orgs
๐น BleepingComputer: AI-built ransomware toolkit automates EDR evasion, AD discovery
https://www.bleepingcomputer.com/news/security/ai-built-ransomware-toolkit-automates-edr-evasion-ad-discovery/
๐น SecurityWeek: Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks
https://www.securityweek.com/trump-signs-executive-order-that-invites-vetting-of-top-ai-models-for-national-security-risks/
๐น darkreading: DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks
https://www.darkreading.com/cyberattacks-data-breaches/drivesurge-hijacks-thousands-sites-clickfix-fakeupdate-attacks
๐น iTnews - Security: Trump administration to ask US AI firms to voluntarily submit models for cyber security tests
https://www.itnews.com.au/news/trump-administration-to-ask-us-ai-firms-to-voluntarily-submit-models-for-cyber-security-tests-626371?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed
๐น darkreading: FBI-Flagged Phishing Kit Kali365 Expands Its Reach
https://www.darkreading.com/cyber-risk/fbi-flagged-phishing-kit-kali365-expands-its-reach
๐น darkreading: Zoom CISO: AI as Security Enabler, Not Role-Replacer
https://www.darkreading.com/cybersecurity-operations/zoom-ciso-ai-security-enabler-role-replacer
๐น BleepingComputer: Over 116,000 Mincraft systems infected in WeedHack malware campaign
https://www.bleepingcomputer.com/news/security/over-116-000-mincraft-systems-infected-in-weedhack-malware-campaign/
๐น BleepingComputer: Critical Kirki flaw exploited to hijack WordPress admin accounts
https://www.bleepingcomputer.com/news/security/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts/
๐ Security News Digest - 2026-06-02
๐ 24 updates from 9 sources:
๐ฆ Malwarebytes: Fake virus alerts are invading mobile games
https://www.malwarebytes.com/blog/mobile/2026/06/fake-virus-alerts-are-invading-mobile-games
๐น The Hacker News: Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
https://thehackernews.com/2026/06/pakistan-linked-sidecopy-targets.html
๐น SecurityWeek: Supply Chain Attack Hits 32 Red Hat NPM Packages
https://www.securityweek.com/supply-chain-attack-hits-32-red-hat-npm-packages/
๐ฆ Malwarebytes: 23andMe exposed genetic information of millions, lawsuit says
https://www.malwarebytes.com/blog/data-breaches/2026/06/23andme-exposed-genetic-information-of-millions-lawsuit-says
๐น Unit 42: Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
https://unit42.paloaltonetworks.com/flutterbridge-new-fluttershell-backdoor/
๐น The Hacker News: How Leading Organizations Are Turning EDR Into Operational Resilience
https://thehackernews.com/2026/06/how-leading-organizations-are-turning.html
๐น SecurityWeek: Meta AI Hands Over High-Profile Instagram Accounts to Hackers
https://www.securityweek.com/meta-ai-hands-over-high-profile-instagram-accounts-to-hackers/
๐น BleepingComputer: Google fixes one actively exploited Android zero-day, 124 flaws
https://www.bleepingcomputer.com/news/security/google-fixes-one-actively-exploited-android-zero-day-124-flaws/
๐น SecurityWeek: Oracle WebLogic Vulnerability Exploited in the Wild
https://www.securityweek.com/oracle-weblogic-vulnerability-exploited-in-the-wild/
๐น The Hacker News: AI-Driven Exploitation is Destroying Vulnerability Management. Hereโs How to Handle It.
https://thehackernews.com/2026/06/ai-driven-exploitation-is-destroying.html
๐น darkreading: Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise Defense
https://www.darkreading.com/cyber-risk/assume-breach-ai-native-security-reshape-enterprise-defense
๐น SecurityWeek: Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches
https://www.securityweek.com/critical-vulnerability-in-hp-voip-phones-enables-enterprise-network-breaches/
๐น SecurityWeek: The Zero-Knowledge Threat Actor and the End of Responsible Disclosure
https://www.securityweek.com/the-zero-knowledge-threat-actor-and-the-end-of-responsible-disclosure/
๐น BleepingComputer: CISA flags two-year-old Oracle flaw as actively exploited in attacks
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-oracle-weblogic-flaw/
๐น The Record from Recorded Future News: Red Hat removes tainted packages after software pipeline compromise
https://therecord.media/red-hat-removes-tainted-packages-after-software-pipeline-compromise
๐น SecurityWeek: Anthropic Expanding Mythos Access to 150 New Organizations
https://www.securityweek.com/anthropic-expanding-mythos-access-to-150-new-organizations/
๐น BleepingComputer: Why the browser is now the front line for AI security
https://www.bleepingcomputer.com/news/security/why-the-browser-is-now-the-front-line-for-ai-security/
๐น SecurityWeek: Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities
https://www.securityweek.com/android-update-patches-exploited-zero-day-123-other-vulnerabilities/
๐น Security News | TechCrunch: Anthropic scales Claude Mythos to critical infrastructure in 15+ countries
https://techcrunch.com/2026/06/02/anthropic-scales-claude-mythos-to-critical-infrastructure-in-15-countries/
๐น SecurityWeek: Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk
https://www.securityweek.com/exclusive-how-one-line-of-code-put-billions-of-microsoft-android-app-downloads-at-risk/
๐น Latest Bulletins: CVE-2026-10591 - Kiro IDE Insufficient File Write Restrictions to Execution-Sensitive Paths
https://aws.amazon.com/security/security-bulletins/rss/2026-037-aws/
๐น Security News | TechCrunch: Password manager Dashlane says hackers stole some customersโ password vaults
https://techcrunch.com/2026/06/02/password-manager-dashlane-says-hackers-stole-some-customers-password-vaults/
๐น BleepingComputer: Instagram users locked out after Meta AI abused to steal accounts
https://www.bleepingcomputer.com/news/security/instagram-users-locked-out-after-meta-ai-abused-to-steal-accounts/
๐น The Record from Recorded Future News: Russia claims foreign spy agencies hacked officials' phones
https://therecord.media/russia-claims-foreign-spy-agencies-hacked-gov-officials
๐น SecurityWeek
Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads
Dashlaneโs security systems automatically locked accounts to protect them against the hacking attempts. The post Dashlane Brute-Force Attack Leads to Limited Encrypted Vault Downloads appeared first on SecurityWeek.
๐ https://www.securityweek.com/dashlane-brute-force-attack-leads-to-limited-encrypted-vault-downloads/
๐น SecurityWeek
Oracleโs First Monthly Patches Resolve 77 Vulnerabilities
Oracleโs monthly Critical Security Patch Update (CSPU) rollouts are meant to deliver critical fixes faster. The post Oracle’s First Monthly Patches Resolve 77 Vulnerabilities appeared first on SecurityWeek.
๐ https://www.securityweek.com/oracles-first-monthly-patches-resolve-77-vulnerabilities/
๐น The Hacker News
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an "external" threat actor launched a brute-force attack against certain Dashlane user accounts with the aim of breaking two-factor authentication (2FA)
๐ https://thehackernews.com/2026/06/dashlane-discloses-brute-force-attack.html
๐น iTnews - Security
'Miasma' worm infests Red Hat npm packages
Trusted publishing defence mechanism side-stepped with compromised token.
๐ Security News Digest - 2026-06-01
๐ 12 updates from 7 sources:
๐น The Hacker News: Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
https://thehackernews.com/2026/06/miasma-supply-chain-attack-compromises.html
๐น SecurityWeek: Dutch Police Dismantle Massive 17-Million-Device Botnet
https://www.securityweek.com/dutch-police-dismantle-massive-17-million-device-botnet/
๐น BleepingComputer: Dashlane password manager users locked out by brute force attacks
https://www.bleepingcomputer.com/news/security/dashlane-password-manager-users-locked-out-by-brute-force-attacks/
๐น SecurityWeek: WP Maps Pro Vulnerability Exploited to Take Over WordPress Sites
https://www.securityweek.com/wp-maps-pro-vulnerability-exploited-to-take-over-wordpress-sites/
๐น The Record from Recorded Future News: NSA selects new leads for key cybersecurity posts
https://therecord.media/nsa-selects-new-leads-for-cyber-posts
๐น Security News | TechCrunch: Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access
https://techcrunch.com/2026/06/01/hackers-hijacked-instagram-accounts-by-tricking-meta-ai-support-chatbot-into-granting-access/
๐น Red Canary: Red Canary CFP tracker: May 2026
https://redcanary.com/blog/news-events/red-canary-cfp-tracker-june-2026/
๐น The Record from Recorded Future News: Inspector general finds NIST mistakes have made vulnerability database ineffective
https://therecord.media/nist-mistakes-vulnerability-database-inspector-general
๐น iTnews - Security: Microsoft backs down on legal threats against 0day disclosing researchers
https://www.itnews.com.au/news/microsoft-backs-down-on-legal-threats-against-0day-disclosing-researchers-626325?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed
๐น BleepingComputer: Spain arrests doxer leaking sensitive data of govt employees
https://www.bleepingcomputer.com/news/security/spain-arrests-doxer-leaking-sensitive-data-of-govt-employees/
๐น BleepingComputer: Red Hat npm packages compromised to steal developer credentials
https://www.bleepingcomputer.com/news/security/red-hat-npm-packages-compromised-to-steal-developer-credentials/
๐น BleepingComputer: Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks
https://www.bleepingcomputer.com/news/security/hackers-hijack-thousands-of-sites-for-clickfix-and-fakeupdate-attacks/
