CISA, researchers warn of escalating attacks using Cisco Catalyst SD-WAN flaws
Multiple vulnerabilities are being chained together to gain additional access to systems. Source link
Month: June 2026
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers
OpenAI’s threat intelligence team tracked what it believes are two distinct clusters of activity online from groups with ties to China and posting content seemingly…
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
That’s the backdrop against which the US Cybersecurity and Infrastructure Security Agency issued Binding Operational Directive 26-04. The directive reflects growing recognition that patching based…
CISA names winners of seventh annual President’s Cup cybersecurity competition
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced on Tuesday the winners of the seventh annual President’s Cup cybersecurity competition. The President’s Cup brings…
China’s Noncombatant Evacuation Operations: 2005–2025
Section K of the PDF attached to this blog post provides a summary of each NEO, organized chronologically by country. The other sections of the…
How Federal Agencies Can Activate a Risk Operations Center (ROC) to Meet CISA BOD 26-04
Executive Summary Recognizing the ability of Frontier AI models to discover and exploit vulnerabilities at unprecedented speed and scale, CISA’s Binding Operational Directive (BOD) 26-04…
Path traversal flaw in AI dev platform Langflow exploited in attacks
Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. Langflow is…
Hackers Use Tax Phishing Emails to Deploy In-Memory Malware on Windows Systems
Hackers are using fake tax notification emails to trick Windows users into downloading dangerous multi-stage malware that runs entirely in memory, leaving almost no trace…
CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
With new generations of AI models fueling both rapid software vulnerability discovery and the potential for faster exploitation by malicious hackers, the United States Cybersecurity…
73 Microsoft Packages Weaponized in Password Stealer Attack
GitHub disabled 73 repositories across four Microsoft organizations Azure, Azure-Samples, microsoft, and MicrosoftDocs inside a 105-second window. Each repo now shows GitHub’s “This repository has…
FBI Seizes China-Linked Fake Consulting Sites Targeting US Clearance Holders
US Federal authorities have seized 13 domains that officials say were used in a suspected Chinese intelligence linked effort to recruit Americans with access to…
Drata brings visibility, control and auditability to enterprise AI agents
Drata has introduced AI Agent Governance, a new security category focused on managing the risks and oversight requirements of AI agents, while extending its trust…