[ { "title": "GreatXML zero-day BitLocker bypass doesn’t seem to work, yet", "link": "https://www.csoonline.com/article/4184678/greatxml-zero-day-bitlocker-bypass-doesnt-seem-to-work-yet.html", "description": "A new exploit claims to bypass BitLocker encryption, but experts say it doesn’t work yet. As your On-Demand CIO, we advise staying alert and ensuring all systems are up to date. Update your devices now to stay protected.", "source": "CSO Online", "date": "Jun 12, 2026" }, { "title": "Friday Squid Blogging: Squid-Inspired Fluid Pump", "link": "https://www.schneier.com/blog/archives/2026/06/friday-squid-blogging-squid-inspired-fluid-pump.html", "description": "This week’s cybersecurity news highlights how nature inspires innovation—just as squids use fluid dynamics to move, attackers use clever tactics to breach systems. SMBs must stay alert to evolving threats and act now: audit your current security measures and update them if needed", "source": "Schneier on Security", "date": "Jun 12, 2026" }, { "title": "ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed", "link": "https://www.darkreading.com/vulnerabilities-threats/shinyhunters-oracle-zero-day-higher-ed", "description": "A major bug in Oracle's ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.", "source": "Dark Reading", "date": "Jun 12, 2026" }, { "title": "Maine disables data breach notification portal after fake disclosures", "link": "https://www.bleepingcomputer.com/news/security/maine-disables-data-breach-notification-portal-after-fake-disclosures/", "description": "Maine’s breach portal shutdown highlights how fraud can disrupt operations — protect your data by reviewing access controls and monitoring for suspicious activity now.", "source": "BleepingComputer", "date": "Jun 12, 2026" }, { "title": "Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit", "link": "https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html", "description": "Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it c...", "source": "The Hacker News", "date": "Jun 13, 2026" }, { "title": "PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data", "link": "https://arstechnica.com/security/2026/06/peoplesoft-0-day-affecting-hundreds-of-organizations-steals-gigabytes-of-data/", "description": "Vulnerability in the Oracle-owned PeopleSoft software is about as critical as they come.", "source": "Ars Technica", "date": "Jun 12, 2026" }, { "title": "Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing", "link": "https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html", "description": "Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and management of a ph...", "source": "The Hacker News", "date": "Jun 13, 2026" }, { "title": "phpBB forum fixes auth bypass bug lurking for a decade", "link": "https://www.bleepingcomputer.com/news/security/phpbb-forum-fixes-auth-bypass-bug-lurking-for-a-decade/", "description": "A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. [...]", "source": "BleepingComputer", "date": "Jun 12, 2026" }, { "title": "China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade", "link": "https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html", "description": "Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components that decide who i...", "source": "The Hacker News", "date": "Jun 12, 2026" }, { "title": "Ukrainian national pleads guilty to role in Conti ransomware operation", "link": "https://www.bleepingcomputer.com/news/security/ukrainian-national-pleads-guilty-to-role-in-conti-ransomware-operation/", "description": "A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. [...]", "source": "BleepingComputer", "date": "Jun 12, 2026" }, { "title": "Over 400 Arch Linux packages compromised to push rootkit, infostealer", "link": "https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/", "description": "More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. [...]", "source": "BleepingComputer", "date": "Jun 12, 2026" }, { "title": "In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine", "link": "https://www.securityweek.com/in-other-news-google-security-layoffs-audia6-takedown-400-million-coupang-fine/", "description": "Other noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook for AI, IBM and AT&T accused of hack cover-ups. The post In Other News: Google Security Layoffs, AudiA6...", "source": "SecurityWeek", "date": "Jun 12, 2026" } ]