**
Ravie Lakshmanan **
Jun 27, 2026
Messaging Security / Cyber Espionage
The Security Service of Ukraine (SSU) said it, together with the U.S. Federal Bureau of Investigation (FBI), uncovered a …
OpenAI on Friday released three versions of GPT-5.6 , called Sol, Terra, and Luna , as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government.
While …
In a previous diary, I talked about stack strings[ 1 ] with a practical example of them. Since my SEC670 class, I’m even more interested in malware obfuscation techniques. I had a look at process …
[This is a Guest Diary by Nicole Phillips, an ISC intern as part of the SANS.edu BACS program]
" I was just sitting here enjoying the company. Plants got a lot to say, if you take the time to …
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London , the entity responsible for the public transport …
Anthropic’s Fable 5 Model Jailbroken Within Days Fable 5 is the supposed safe version of Anthropic’s Mythos Preview, with guardrails to ensure that it can’t be used to create cyberattacks.
Well, that …
Interesting Paper Exploring Prompt Injection This is a fascinating explotation of how LLMs fall for prompt injection attacks. It turns out that they learn to recognize the style of text in different …
Embedding Forbidden Text in Spyware to Discourage AI Analysis At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI …
AI and Liability Earlier this month, a German court ruled that Google is liable for its AI search summaries. Rejecting defenses like “users can check for themselves,” and that they generally know …
One Million Passports Leaked Online A database of almost a million passports from around the world was leaked online.
Note what happened. A high-value credential—a passport—was used in an ancillary …
The Chinese Control the Majority of Argentina’s Squid Fleet Chinese companies control nearly two-thirds of Argentina’s own squid fleet.
Tags: squid
Posted on June 26, 2026 at 4:57 PM • 1 Comments
Meta Is Testing Facial Recognition for Police and Military We know that ICE wants to deploy eyeglasses with facial recognition that can identify people in real time.
Turns out Meta is prototyping the …
AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to …
**
Swati Khandelwal **
Jun 26, 2026
Linux / Vulnerability
DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough …
**
Ravie Lakshmanan **
Jun 26, 2026
Vulnerability / Software Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability …
**
Swati Khandelwal **
Jun 26, 2026
Linux / Vulnerability
A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems.
CVE-2026-46331 , …
**
Swati Khandelwal **
Jun 26, 2026
AI Security / Vulnerability
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The …
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on …
A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in …
**
Swati Khandelwal **
Jun 26, 2026
Secure Messaging / Social Engineering
The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have …
**
Ravie Lakshmanan **
Jun 23, 2026
Supply Chain Attack / Developer Security
Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based …
Every weapon begins as an extension of the hand that holds it. The spear lengthened the reach of the arm. The bow sent the point flying without the throw. The rifle placed a man’s death a …
**
Swati Khandelwal **
Jun 23, 2026
Cryptography / Quantum Computing
President Trump signed an executive order on June 22 setting hard deadlines for federal agencies to move high-value assets and …