Google’s Vertex AI SDK could allow RCE through bucket squatting
A design flaw in the Vertex AI software development kit (SDK) for Python, Google Cloud’s managed platform for building, training, and deploying AI agents, could…
Month: June 2026
Windows and Linux users: The deadline to update Secure Boot keys is near
In 2012, a new form of bootkit was demonstrated. Instead of targeting machines through the BIOS or master boot record, one such bootkit attacked Mac…
White House rolls out NSPM-12 to boost cybersecurity governance, oversight, accountability for national security systems
The White House issued National Security Presidential Memorandum 12 (NSPM-12), establishing a new cybersecurity governance framework for National Security Systems (NSS), including military, intelligence, and…
Resecurity details Anubis ransomware attack on Adriatic Port Authority, exposing maritime infrastructure risks
New cyber threat intelligence from Resecurity provided further details on the Anubis ransomware group, which targeted the Adriatic Port Authority in a cyberattack that disrupted…
Operationalizing Wiz at Scale: Foundation to Force
In our previous blog in this series, we walked you through a 90-day action plan to achieve complete visibility and start your path to Zero…
Microsoft confirms Office apps launch issues after June updates
Microsoft is investigating a new issue preventing third-party applications from launching Microsoft Office applications or opening documents on up-to-date Windows systems. This known issue affects…
CISA Warns of Oracle PeopleSoft 0-Day Vulnerability Exploited in Ransomware Attacks
CISA has added a critical Oracle PeopleSoft vulnerability, tracked as CVE-2026-35273, to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. The…
Hackers Target npm Ecosystem by Compromising 140+ Mastra Packages
A large-scale software supply chain attack has compromised more than 140 npm packages under the widely used Mastra namespace, exposing developers, CI/CD pipelines, and enterprise…
ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat
For small and mid-sized businesses comparing managed detection and response providers, ESET and Sophos almost always make the shortlist. Both run round-the-clock security operations, both…
What’s new in Android 17? Anti-theft tools, scam detection, and parental controls
The Android 17 rollout has started for supported Pixel devices, delivering new security and privacy capabilities before expanding to other devices later this year. Security…
Malwarebytes earns AV-TEST Top Product award, aces other third-party tests
Our job is to protect people from online threats, and independent testing is one of the best ways to measure how well we’re doing. Malwarebytes…
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial…