Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account
On 1 June 2026, experts from multiple cybersecurity firms found a major supply chain compromise affecting software components used by Red Hat. Security firms Microsoft,…
Author: Cybernoz
Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)
A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To…
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to…
Interview: Michael Cole, chief technology officer, DP World Tour
Michael Cole, chief technology officer (CTO) at DP World Tour, the men’s professional golf tour that oversees 42 tournaments in 25 countries, wants to use…
Agile isn’t the problem: why projects still fail, and what’s missing
That stubborn statistic, cited at the outset of a recent iTnews webinar hosted in partnership with Lumify Work, framed a broader and more uncomfortable truth:…
In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA
SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader…
Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure
Silent Ransom Group (SRG): Switching To DNS Fast Flux Infrastructure Pierluigi Paganini June 05, 2026 Researchers exposed the Silent Ransom Group ‘s Fast Flux infrastructure…
Sprawling new House AI bill includes frontier model oversight, open-source security grants
The legislation has already drawn widespread criticism for its proposal to preempt state AI laws. Source link
Microsoft identifies seven new ways AI agents can be hacked
The seven new failure modes it has identified are: Agentic Supply Chain Compromise —agent behavior can be affected by natural language rather than malicious code;…
Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing
The cybersecurity industry has spent much of the last two years debating how attackers might use AI. That debate matters, but it misses a larger…
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash…
Microsoft 365 Service Degradation Bypassed Windows Driver Auto-Update Controls
Microsoft has resolved a Microsoft 365 service degradation issue that temporarily bypassed Windows driver auto-update controls, leading to unintended driver installations on managed devices. The…