Overview Data Source: Amazon Best Sellers, PCMag, CNET, Good Housekeeping (June 2026) Valid Reviews: 2026-2025 Top 10 Robot Mowers – Amazon Reviews 2026-2025 Top Selling Robot Mowers (June 2026) 1. DREAME LiDAR 3500 Robot Lawn Mower A3 AWD Pro 2. Segway Navimow X390 3. Husqvarna Automower 450XH EPOS 4. EcoVacs GOAT A3000 5. Worx Landroid Vision…
All Fable 5 and Mythos 5 users have lost access after the Trump administration declared the models security risks.
Top 10 Best WiFi Routers 2026 – Ranked by Ratings Every home deserves a stable Wifi, and this lineup is right up our reader’s alleys, best wifi brands based on product reviews. Top Ten Best home Wifi Routers, right from the Geek himself.
The rocket company might never accomplish all it has told investors, but it has met the original goal of reigniting interest in space.
CISA’s newest binding operational directive imposes short deadlines for the most severe flaws.
Company subpoenaed for documents covering wide range of its activities and impact on users.
Elon Musk became the world’s first trillionaire as investors bought into the moonshot AI vision in a remarkably smooth IPO.
The FBI, along with Google and Lumen Technologies, took down a major cybercrime network based in China that was responsible for an estimated $1.9 billion in losses, officials said Friday. Outsider, which provided phishing kits and hosted infrastructure for cybercriminals since July 2023, facilitated a wave of phishing attacks against people and businesses in 55…
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit Thursday that promises to bypass BitLocker encryption on locked devices. A well respected security expert reported that the exploit doesn’t work as initially described, but the researcher is looking for ways to fix it. Dubbed…
Pro-Iran group Handala breached Cal Water via an exposed GPS tool, reaching billing data for 2M customers. 5GB leaked. On June 11, 2026, the Iran-linked threat group Handala posted a claim on its blog that it had compromised California Water Service, known as Cal Water, and published a 5GB proof-of-concept data dump to back it…
Extremely powerful large language models (LLMs) still operate as though they’re typing on a keyboard, processing workloads in a simple left-to-right fashion. But in locally-run, single-user scenarios, this sequential processing can leave graphics processing units (GPUs) and tensor processing units (TPUs) underutilized. Google is betting that DiffusionGemma can get around this bottleneck. The new experimental…
The House voted against renewing Section 702 of FISA, a law that allows U.S. intelligence agencies to collect vast amounts of information, including data on Americans, to identify foreign threats.
The initiative offers up to $15 million in Claude credits, which are usage-based units for Anthropic’s AI services.
Given plans to steer the California Department of Technology (CDT) towards incremental improvements with measurable returns, rather than large-scale, multi-year modernization projects, citing budget limitations.
The group’s operation, dubbed Operation Highland, involved backdooring the Pluggable Authentication Modules (PAM) and OpenSSH components, which are fundamental to user authentication on Linux systems.
A recent analysis by Mysterium VPN revealed that over 21,000 live cameras are accessible online without any login credentials or security barriers.
The domains specialized in creating explicit content, often targeting famous women, including politicians, royalty, and entertainers.
The vulnerability, introduced 10 years ago, affects all versions of the 3.x and 4.x release branches up to the specified versions.
Attackers gained access to Novo Nordisk’s internal IT systems, copying non-public data without authorization.
A major bug in Oracle’s ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.
The lawsuit targets Outsider Enterprise, a network believed to be based in China, for allegedly using AI to impersonate Google and other brands in scam text messages.
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state’s website, prompting a review of procedures to prevent abuse in the future. […]
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to…
Experts say that Handala has a history of overstating its capabilities and in this case the water systems was not disrupted.
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF rootkit to…
The order was a partial victory for Lively, but the judge ruled the actress can’t recover damages in connection with Baldoni’s countersuit against her.
Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a phishing-as-a-service (PhaaS) software kit called Outsider, per the tech giant. “The operation…
Argentina’s World Cup squad had their passport numbers leaked before a ball was kicked – not by hackers, but by someone who failed to redact a document properly. document. It’s a mistake that has been made many times in the past… Read more in my article on the Hot for Security blog.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Sentry flaw, tracked as CVE-2026-10520 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Ivanti Sentry is a secure gateway appliance that sits between an organization’s internal…
The U.S. Departments of Justice and Homeland Security seized multiple internet domains this week, accusing them of being used to publishing thousands of AI or digitally-altered images and videos of nude women. The domains, CFAKE.com and SOCFAKE.com, specialized in digital forgeries that “were made to appear to be sexual images of famous women, including politicians,…
A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. […]
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who is allowed to sign in, planting its access where…
Over 20 Linux packages were compromised in the Atomic Arch campaign, which abuses AUR ownership transfers to drop rootkit-like malware.
A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. […]
A longtime former member of Conti, a ransomware group that attacked more than 1,000 organizations globally before it disbanded in 2022, pleaded guilty to participating in some of those attacks in federal court Wednesday, the Justice Department said. Oleksii Oleksiyovych Lytvynenko, also known as Alexsey Alexseevich Litvinenko, admitted he joined the prolific cybercrime group in…
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. […]
## Critical Cybersecurity Developments: 2026-06-12 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources and real-time threat intelligence feeds. The following analysis integrates live search results with established security frameworks. — ### Live Search Results Analysis Based on current intelligence, the following threat vectors are active: #### 1. Emerging Threat Vectors…
Anthropic has come up with a neat way to combat those students who are booing AI at their universities. The company has launched Claude Corps, an endeavor that will pay selected young people to extol the benefits of AI to communities across the US. Anthropic is looking to recruit 1000 “fellows” and introduce them to…
When Pope Leo XIV wrote about the effect that AI is having on our world in his encyclical, Magnifica Humanitas, he may not have imagined the document being referenced in an HR environment. But, according to a report by Business Insider, Erin Maus, a software developer in North Carolina, used the Pope’s message about the…
Researchers are warning that cybercriminals exploited an Oracle PeopleSoft zero-day vulnerability and potentially infiltrated the networks of more than 100 organizations in an attack spree that largely impacted higher education. Mandiant and Google Threat Intelligence Group said it became aware of the attacks earlier this month as part of its ongoing monitoring of ShinyHunters operations.…
Lawmakers have failed to extend a surveillance law that allows US intelligence agencies to monitor targets abroad without a warrant. Congress rejected a vote to extend Section 702 of the Foreign Intelligence Surveillance Act to July 2, which means, for a few days at least, some surveillance will be put on hold, for the first…
Lawmakers have failed to extend a surveillance law that allows US intelligence agencies to monitor targets abroad without a warrant. Congress rejected a vote to extend Section 702 of the Foreign Intelligence Surveillance Act to July 2, which means, for a few days at least, some surveillance will be put on hold, for the first…
CEO Wendell Weeks remembers the dot-com crash and other hard times, and those lessons have taught him to hedge even the most optimistic data-center bets.
Plus, FIFA’s World Cup grass experiment and why Citigroup is rolling out tokenized shares.
An intruder has breached the French government’s encrypted messaging service, Tchap, showing once again that human error is a weak spot in any security system. Tchap was developed in France as an example of national sovereignty and was designed to be a more secure option than WhatsApp for communication between government employees. In this case,…
Microsoft’s president, Brad Smith, has reacted to student discontent with AI, telling today’s graduates that there is still a place for human creativity. Students across the US have booed speakers who talked up AI at their graduation ceremonies in recent months, including Google’s former CEO Eric Schmidt, the CEO of a record label, and a…
AI-powered DockSec helps developers prioritize, understand and fix software vulnerabilities.
The successful companies will build security into the workflows where the agents live.
Core Taxonomy of Artificial Intelligence Machine Learning (ML): The computational foundation of modern AI, focused on developing algorithms that analyze data, detect patterns, and make decisions with minimal human intervention. Sub-branches: Supervised Learning, Unsupervised Learning, Reinforcement Learning, and Deep Learning (Deep Neural Networks). Natural Language Processing (NLP): The domain dedicated to giving machines the ability…
Google says ShinyHunters exploited Oracle PeopleSoft zero-day to steal data from 100+ organisations, with universities making up most victims.
Major Threats & Vulnerabilities Zero-Days and Exploited CVEs A newly disclosed Microsoft Defender zero-day allows SYSTEM-level access on fully patched Windows 10 and 11 devices. The flaw, caused by a race condition, remains unpatched, and administrators are urged to restrict Defender privileges and monitor for exploitation attempts. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)…
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to software supply-chain risk. […]
Technology will continue to transform homes, from AI-enhanced security to disappearing appliances to the bathroom as health coach.
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others
SpaceX Pre-IPO demand is growing as crypto exchanges offer synthetic exposure to its reported $1.75T valuation without direct equity ownership.
Stay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos “made safe for general use,” Anthropic explained.
## Critical Cybersecurity Developments: 2026-06-12 ### Executive Summary This report synthesizes verified breaking developments from trusted industry sources. The following analysis integrates established security frameworks with current threat intelligence. — ### Threat Intelligence Analysis #### 1. Zero-Day Vulnerabilities Recent zero-day vulnerabilities have been identified in enterprise security platforms. These include: – Memory corruption in popular…
NPM, part of GitHub, announced a new version of the npm package manager with several security improvements, including disabling install scripts
Apple’s executives have been taking questions, hosting seminars, seemingly working around the clock to stress one very important thing: Apple is not using a white label version of Google Gemini to make Siri AI happen. They just pooled resources to get there. The new Siri AI is faster, more accurate, offers powerful contextual capabilities and shows how…
Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam infrastructure. The company said the operation has affected “hundreds of thousands of victims,” with losses estimated in the millions of dollars. It also links the group to more than 9,000 fake…
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attacks were limited, but with this information now public, a larger wave of opportunistic attacks may be expected. From…
Artificial Intelligence is revolutionizing cybersecurity threat detection, but it introduces new privacy concerns. Modern AI systems can analyze network traffic patterns, identify malicious behavior, and predict attack vectors in real-time. However, the data required to train these models often includes sensitive user information, raising questions about consent, data retention, and cross-border data transfers. This article…
Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer machines. Called Agentjacking by Tenet Security, the attack can be triggered by means of a fake error report crafted using Sentry, an open-source error-tracking and performance-monitoring platform. “The…
The digital battlefield is expanding and changing faster than ever before. Washington must confront mounting threats to critical networks and systems. But there’s one challenge that stands out above the rest: artificial intelligence. The nation’s cyber experts need to be ready to face this new reality. The CyberCorps: Scholarship for Service program is a federal…
Microsoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share. […]
For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn’t staff around the clock, couldn’t hire enough analysts, and needed someone else to handle the alert queue. MDR stepped in. It worked well enough. Until now. The threat landscape has changed faster than the MDR…
As the FIFA World Cup 2026 kicks off, a new Darktrace report warns that sports teams and bodies are a major target for cyber criminals
ShinyHunters exploited a critical Oracle PeopleSoft zero-day to breach over 100 organizations, mostly universities, before a patch was available. Mandiant and Google’s Threat Intelligence Group published an analysis of an active ShinyHunters campaign on June 11, one day after Oracle finally issued an advisory for the vulnerability being exploited. The gap matters: the activity ran…
Phishing activity declined by roughly 20% in both 2024 and 2025, according to research from Zscaler’s ThreatLabz team. The drop followed years of growth that pushed phishing activity above 2 billion hits in 2023. “Phishing volume measured by blocked emails is no longer a reliable proxy for phishing risk.” Researchers found greater use of targeted…
Danish pharmaceutical giant Novo Nordisk, the world’s largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. […]
Today’s AI web agents have no dependable defenses against prompt injection, according to new research showing that not a single attack scenario was consistently blocked across leading systems powered by GPT‑5 and Gemini. The findings come from StakeBench, a stakeholder-centric benchmark developed by researchers from Nanyang Technological University, ST Engineering, IBM Research, and the University of Illinois…
Feds seized AudiA6 and Dark2Web in a major crypto laundering case, arresting two suspects linked to over $389M in alleged illicit transactions.
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph is an open-source framework created by LangChain to build complex, stateful, and multi-agent artificial intelligence (AI) agentic applications. “An SQL injection in LangGraph’s function could
A newly disclosed Oracle PeopleSoft zero-day became the weapon of choice in a recent ShinyHunters extortion campaign that primarily targeted universities and other educational institutes. Attackers exploited the critical remote code execution (RCE) flaw in PeopleSoft’s Environment Management component that Oracle started warning customers about on June 10, 2026. In an advisory, the company urged…
For 30 years, cybersecurity has operated like an emergency room. Reactive. Crisis-driven. Always triaging. We are extraordinarily good at it — our detection is faster, our response playbooks are sharper, our incident teams are more capable than they have ever been. When something goes wrong, the modern security organization runs toward the fire with real…
Google sues swindlers accused in losses totaling $1.9 billion.
An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation Ramz, took place between October 2025 and February 2026, and saw authorities from 13 countries in the Middle East and North Africa (MENA) region making 201 arrests. Included among them was…
Optiv has sold its advisory, consulting, and transformation project-based services business to Vobis Ventures, creating a newly independent Optiv Consulting business focused on helping enterprises securely adopt agentic AI at scale. The deal closed on June 1, with Optiv Consulting initially operating under its current name and serving as Optiv’s priority services partner for the…
Reinvent Telecom has launched MyCloud Managed Security, a fully managed cybersecurity offering built to help MSPs, VARs, and resellers expand into security services without building their own infrastructure. The new service combines Guided Vulnerability Management and Managed XDR to provide continuous monitoring, threat detection and response, asset discovery, endpoint detection and response, SIEM, SOAR, dark…
21,786 live cameras stream with zero authentication. Cheap gear is the real risk, webcamXP open 46% of the time. Your home router is the broadcast tower. In May 2026, Mysterium VPN queried a public internet-wide device index to count every camera and recorder that answers the open internet. They found more than three million reachable…
Back in April, Zebra Technologies Corporation, a company specializing in digitizing and automating workflows to deliver intelligent operations, announced that Repco, the largest reseller and supplier in the automotive aftermarket parts sector across Australia and New Zealand (ANZ), had digitized its last-mile delivery operations with Zebra’s TC5 series mobile computers. The deployment highlights a broader…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by the newly issued Binding Operational Directive (BOD) 26-04. […]
At this year’s Pax8 Beyond 2026 conference, vendors across the channel unveiled new products, partnerships, and investments focused on helping managed service providers improve operations and scale more efficiently. Several announcements centered on security, documentation, and service delivery, reflecting the challenges MSPs continue to face as customer expectations rise and operational demands increase. Read our…
As enterprises accelerate AI adoption and face an increasingly complex web of cybersecurity and data protection requirements, managed service providers are finding new opportunities to expand beyond traditional IT support and into continuous compliance services. Brian Harmison, CEO of Corsica Technologies, says customers are no longer looking for occasional audit preparation or checkbox exercises. Instead,…
An international law enforcement operation has dismantled a cryptocurrency laundering service linked to ransomware groups and other cybercriminals that processed more than €336 million in illicit funds. The domain seizure notice (Source: Europol) Europol said the service, known as AudiA6, is suspected of laundering cryptocurrency obtained through ransomware attacks and other forms of cybercrime between…
Quantum technology may feel far off but certain risks are already with us in the form of “harvest now, decrypt later” — an attack vector in which malicious actors steal data now for a future in which they have access to quantum computational tools capable of breaking encryption deployed by most companies today to protect their data.…
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. […]
Several trends are now converging that threaten to pit tech companies against tech users. Miniaturization has finally enabled companies to build AI glasses that look and function like normal glasses, but with microphones and cameras. People are increasingly talking to AI, rather than typing. And multimodal input, especially video, is on the rise. Put all…
Authorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the dismantling of AudiA6 cut off a “key financial pipeline used to wash hundreds of millions in illicit profits.” The service is estimated to have been used to launder more than…
Comcast Business announced SecurityEdge Preferred, its most advanced network-native cybersecurity solution for small businesses. Because SecurityEdge Preferred is built directly into the Comcast Business network, security can be activated in minutes without deploying additional hardware, managing multiple vendors, or maintaining complex security tools. Rather than adding another layer on top of existing infrastructure, it lives…
Security leaders no longer need convincing that AI agents introduce risk. What’s missing is how to govern them once they move into production and begin operating autonomously across enterprise environments. AI agents already read sensitive documents, invoke internal APIs, trigger workflows, and make decisions that still require human judgment. From a security perspective, the most…
ZeroFox launched ZeroFox AI Analytics, a new platform capability that gives security teams real-time visibility into the signals, patterns, and trends shaping their external threat landscape. ZeroFox AI Analytics gives security teams the ability to move beyond static reports and query their data in real time. Rather than waiting on manual exports or scheduled summaries,…
Attackers registered roughly 1.5 million malicious domains during the first five months of 2026. The registration patterns resemble industrial output. Most of the domains were created by attackers, put to use within weeks, and concentrated among a small set of registrars, top-level domains, and hosting providers. New research examined more than 1.5 million unique domains…
Data centers built for frontier AI draw hundreds of megawatts of electricity and large volumes of cooling water from fixed locations with known addresses. Each one concentrates tens of thousands of graphics processors, liquid cooling systems, and high-density power equipment inside a single building. This physical footprint turns a nation’s AI capability into something an…
Avast One Free combines privacy, security, identity monitoring, and performance tools in a single platform. The app is available for Windows, macOS, Android, and iOS. Checking the device for security and privacy issues After installing it from the App Store, I ran Smart Scan, which reviews device and privacy settings and identifies areas that require…
People across the European Union already use their phones for banking, travel, and government services. The European Digital Identity Wallet will bring those activities into one application, and the European Telecommunications Standards Institute (ETSI) has released the first standards that support it. What the wallet does The wallet lets EU citizens and residents prove their…
Here’s a look at the most interesting products from the past week, featuring releases from AISLE, Drata, Elastic, Filigran, IDnow, and Ridge Security. RidgeBot 7.0 automates Active Directory attack simulations for security validation Ridge Security has announced the release of RidgeBot 7.0, an update to its automated security validation platform that introduces automated Windows Active…
Fastly and Skyfire Partner to Enable Trusted Agentic Commerce with Verified Identity at the Edge. Deals coverage from iTWire.