Prime Day 2026 has officially started. Save hundreds right now on smartphones, including the Google Pixel 10 Pro and Samsung Galaxy S26.

Read more →

We’ve tested dozens of Lenovo devices – here are the 10 best sales live now for Prime Day.

Read more →

LayerX tricked AI browsers including ChatGPT Atlas and Comet into bypassing their guardrails

Read more →

Apple’s iOS 27/macOS 27 cycle is revealing something new: AI is only as good as the operating system that supports it. The latest beta releases show that after two years in which the company has promised to become AI-native, testers finally believe it’s happening as Apple prioritizes improved system performance and Siri AI. For example, the second…

Read more →

The activities of AI agents inside OpenAI, Google and Anthropic offer a glimpse of what white-collar workers can expect in their own jobs.

Read more →

I’m a health and wearables editor, and these are some of the top smartwatch, smart ring, and wellness deals I’ve found for Prime Day.

Read more →

Operation Endgame seized around 50 domains and nearly 200 active IP-based servers associated with the infostealers

Read more →

Researchers warn GhostShell is using fake drone documents to target Ukrainian defence teams, stealing passwords and sensitive data in a new cyber campaign.

Read more →

Operation Endgame, the largest international law enforcement operation aimed at disrupting ransomware and cybercrime infrastructure across the world, has claimed its latest targets: StealC and Amadey. The notice on disrupted websites (Source: Microsoft) While developed by separate criminal groups, those two malware families work in tandem to compromise devices and harvest sensitive data. Law enforcement…

Read more →

Prime Day 2026 is here. Shop our experts’ hand-selected deals on AirPods Pro 3, Apple Watch 11, and AirPods Max 2 now.

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity UniFi OS and Lantronix serial-to-ethernet servers. […]

Read more →

Microsoft, Europol, and international partners have disrupted infrastructure used by the Amadey and StealC malware operations as part of Operation Endgame, which targets cybercriminal services and ransomware gangs. […]

Read more →

If you’re looking for an operating system that doesn’t play by the rules, Vendefoul Wolf is everything you need and nothing you don’t.

Read more →

Fake subscription renewal notices are doing the rounds again. Some of these scams impersonate Malwarebytes, and we’ve also seen them reach our customers. You’re more likely to trust the message if you’re already a customer of the company mentioned in the email. That’s what the scammers are counting on. So we want to make people…

Read more →

An Algerian national accused of running online marketplaces that sold phishing kits and fraud tools has been extradited from Spain to the United States to face bank fraud conspiracy charges. The post Algerian national accused of running cybercrime marketplaces extradited to US appeared first on Help Net Security.

Read more →

SentinelLabs found a North Korea-linked macOS backdoor using prompt injection on AI triage tools

Read more →

Anthropic introduced an agent identity model for Claude Tag, its AI assistant designed for team collaboration in shared workspaces. The model gives Claude its own identity, permissions, and tool access, configured by administrators and tied to a workspace or channel. Because Claude does not rely on individual user credentials, access remains separate from employees’ personal…

Read more →

Criminals are compromising legitimate Airbnb host accounts, which have accumulated years of positive reviews and high ratings, to conduct scams.

Read more →

Frontier AI could drive a 10x surge in vulnerabilities. CTEM helps organizations continuously identify, prioritize, and reduce real cyber risk. Your vulnerability management program was not designed for what is coming next. More than 40,000 CVEs were reported in 2025, breaking yet another record. Today, security experts anticipate that frontier AI-powered systems could drive a…

Read more →

A tool called FortigateSniffer abuses a diagnostic utility to continuously monitor network traffic.

Read more →

JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route.

Read more →

Attackers exploit Cisco Unified CM flaw (CVE-2026-20230) allowing unauth HTTP requests to trigger SSRF, write files, and gain root access Cisco Unified Communications Manager has a serious vulnerability, tracked as CVE-2026-20230 (CVSS score of 8.6), that attackers are already exploiting. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without…

Read more →

This is sponsored content. Kyle Yost, President of En-Net Services, discusses how working with Eaton has enabled his business to support the complex IT needs of its public sector customers. The conversation also shows how AI adoption is opening new opportunities for partners and vendors like Eaton to build successful outcomes for mutual customers. The…

Read more →

Cynomi has rolled out the largest platform expansion in its history, adding new vulnerability management integrations, scheduled scanning, compliance file management, and expanded AI capabilities designed to help MSPs and MSSPs scale cybersecurity services across more clients. The release, announced June 24, connects security findings, remediation planning, compliance evidence, and AI-assisted workflows inside Cynomi’s Security…

Read more →

Your emergency plan needs a bugout bag. Here’s what I’d pack first, as a wilderness surivival expert.

Read more →

Customers of the affected Japanese email services are “strongly advised” to change their email passwords

Read more →

In a novel maneuver for a disruption operation against cyber attackers, industry and law enforcement teamed up to conduct a court takedown of two widely-used criminal tools at once rather than individually, Microsoft said Tuesday. The takedown simultaneously went after Amadey, a botnet that can serve as a malware delivery system, and StealC, an infostealer.…

Read more →

China’s LineShine system won the No. 1 spot on the latest Top500 supercomputer ranking released this week.

Read more →

Attackers can exploit the issue to disable security and integrated browser tools without needing administrator privileges or kernel exploits.

Read more →

An NCC Group report warns state-backed hackers are attempting to hide activity by posing as ransomware groups and deploying commercially available malware

Read more →

A critical Cisco Unified CM vulnerability is now under active exploitation, weeks after the company issued patches warning it could allow attackers to gain root access. Threat intelligence firm Defused reported the exploitation on June 23. The company said it observed the activity over the weekend. “This is currently being exploited from a single source…

Read more →

We are standing at the end of an era we never thought to mourn: the era of human-speed threats. For years, cybersecurity moved to a rhythm organizations could follow. A researcher found a bug, a CVE was cataloged, a vendor navigated a patch cycle, and weeks or even months later, a fix was deployed. In…

Read more →

The AI IPO tsunami on the stock market has only recently gotten under way, with SpaceX’s more-than-$2 trillion IPO likely to be followed in several months by OpenAI’s and Anthropic’s IPOs — each of which is likely to hit $1 trillion. That will mint three new trillion-dollar AI companies in a matter of months, all…

Read more →

How AI agents extend a discipline once reserved for well-resourced teams to every security operations program.

Read more →

AI has created a tough job environment for entry-level workers and things aren’t getting better anytime soon — even those with AI capabilities now need “senior-level” skills to land a job. “AI-exposed entry-level roles are seven times more likely to require traditionally senior-level skills such as judgement and leadership,” consulting firm PwC said in a…

Read more →

At the moment, we’re seeing all kinds of sextortion emails. The scam is cheap to run, easy to automate, and apparently profitable enough that cybercriminals keep using it. Some criminals put more effort into their messages than others. Sextortion emails are messages claiming that scammers recorded you through your webcam while you watched pornography and…

Read more →

A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional services sectors. […]

Read more →

Traveling soon? Scoop up these nifty gadgets ahead of your travels for less.

Read more →

A fake AI agent skill that passed security checks reached over 26,000 users through Instagram, highlighting new risks as enterprises rely on AI-driven tools. Some of the agents involved were tied to corporate accounts, AIR said. The company said a similar attack could have exposed private conversations and internal systems. AIR said no agents were…

Read more →

LastPass disclosed that attackers used OAuth tokens compromised in a supply chain attack on Klue, a market intelligence platform that integrates with CRM and sales tools across organizations, to access customer data stored in its Salesforce environment. “On June 12th LastPass was made aware of an incident that occurred at Klue (klue.com), a third-party market…

Read more →

ZDNET’s editors are shopping for Prime Day just like you – and almost everything we’re buying is under $100.

Read more →

Amazon has an incumbent advantage, and Google stands out for some innovative approaches.

Read more →

New ReliaQuest study reveals the six ways AI is practically being used in attacks today

Read more →

Google’s Alert Center, a dashboard in the Google Admin console that displays security and administrative alerts and helps administrators identify, investigate, and respond to issues affecting their organization, is expanding the “Super Admin password reset” alert into the “Admin password reset” alert. The feature is rolling out gradually and will be available to all Google…

Read more →

An epidemic of cyberattacks on open-source software has mounted in recent months, making clear how uniquely difficult it is to protect the publicly available code, from both a policy and a technical perspective, that serves as the foundation for so much of the digital world. While open-source software security got a boost in attention under…

Read more →

The U.S. Department of Justice (DoJ) on Tuesday announced the seizure of a cloud computing account put to use by subsidiaries of Cambodia-based corporate conglomerate HuiOne Group, as the Treasury unveiled fresh sanctions against nine individuals and 26 entities linked to Prince Group. “These subsidiaries are alleged to have assisted individuals and organizations in transferring…

Read more →

A nationwide GSM-R outage stopped trains across Germany, exposing how one aging communications system can still bring an entire rail network to a halt At 10:30 PM on Tuesday June 23, Deutsche Bahn told passengers something that had never happened before for technical reasons: all trains across Germany were being held at their stations. The…

Read more →

Qodo has announced three new platform capabilities: Cross-Repo Code Review, Custom Rules Miner, and Skill Review Standards. These new capabilities address a set of governance gaps that have emerged as AI-generated code reaches enterprise scale. AI agents have fundamentally changed how software is built. Code that once required developers to write, test, and review is…

Read more →

A global cybersecurity and AI services firm has gone all-in on ServiceNow, governing 50+ of its own AI agents before pitching the same setup to everyone else. For Australian…

Read more →

Brinqa BYOAI (Bring Your Own AI), a capability that enables organizations to connect any AI agent, large language model (LLM), or automation platform to Brinqa’s exposure intelligence layer. As enterprises adopt AI, they need to ensure that AI systems use accurate, up-to-date risk data. BYOAI connects existing AI tools to a common source of exposure…

Read more →

Cequence Security has announced the launch of Intent Graph and Biometric Check, two new capabilities that extend the behavioral architecture Cequence has built since its inception. They provide enterprises with bot defense that works across web, mobile, API, and agentic AI traffic, without relying on the client-side signals that sophisticated bots have learned to defeat.…

Read more →

At Everpure’s Accelerate 2026 conference in Las Vegas last week, data intelligence and shifting from application-centric systems to data-centric governance and intelligence were key talking points throughout. In an interview, Shawn Hansen, VP Platforms, Everpure, emphasized the importance of the channel ecosystem to Everpure’s strategic shift and the need for intelligence. Everpure’s strategic shift follows…

Read more →

Secure Code Warrior has introduced its new SCW AI Adoption Model, a practical framework that maps the progression of AI use in software development, from minimal AI assistance to fully autonomous agentic orchestration. The framework helps CISOs assess their organization’s level of AI adoption, identify the training developers need at each stage, and determine the…

Read more →

DigiCert has announced it is bringing independent trust validation to confidential computing environments, in collaboration with Google Cloud. By applying the proven principles of Public Key Infrastructure (PKI) to cloud infrastructure, DigiCert will provide cryptographic verification that cloud-hosted systems and workloads are authentic, trusted, and untampered. As organizations move more sensitive applications, AI workloads, and…

Read more →

In this interview with Help Net Security, Jorge Aldegunde, Global Head of Railway Services at DNV, talks through what happens when old operational technology meets newer IT in monorail systems. He explains why open networks widened the attack surface, how teams decide whether to patch a signalling flaw without stopping trains, and who carries the…

Read more →

I know enough about home cinema audiovisual to know there’s a lot I don’t know. It’s conscious incompetence, if you like, which is different to the unconscious incompetence most people have on the topic. That’s not to sound derogatory (it’s spelled out that way in the competence model), rather it recognises that this is a…

Read more →

Software teams are pushing code into production faster than security testing can keep up. AI is accelerating development cycles and adding pressure to security programs that rely on periodic validation and manual penetration testing. The 2026 State of AI Security Testing report from Aikido Security found that 76% of organizations have had to stop, restrict,…

Read more →

Agility’s humanoid robot, Digit, is used at manufacturing facilities and warehouses by companies such as Amazon.

Read more →