New SilabRAT Trojan Hijacks Sessions to Steal Crypto

MaaS trojan SilabRAT uses HVNC and browser cloning to hijack sessions and steal crypto

Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks

Menlo Security research warns that as enterprise applications become increasingly browser based, traditional cybersecurity tools leave them vulnerable to cyber threats

New Fable 5 Is a "Mythos-Class" LLM Available to All, Anthropic Announces

Anthropic unveils Claude Mythos 5 and Fable 5, a restricted-access frontier AI model and guardrailed version for everyone to use

Over a Quarter of Identity Crime Victims Hit by Multiple Incidents, ITRC Data Shows

Nearly 26% of identity crime victims faced multiple incidents in the past year, as ITRC warns of a growing "multi-layered crisis"

Microsoft Fixes 200 CVEs in June Patch Tuesday

Microsoft has patched 200 vulnerabilities including three zero-days

75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds

Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip

AI Coding Adoption Hits 97% but Governance Lags Behind

Most dev teams use AI coding assistants but only 30% have full governance in place

Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request

Critical phpBB authentication bypass lets attackers hijack any account with one request

Google Releases Patch for Chrome Vulnerability Exploited in the Wild

The flaw, CVE-2026-11645, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page

Check Point Warns Critical Auth Bypass Bug Exploited in the Wild

Check Point says a critical vulnerability in its Remote Access VPN and Mobile Access solutions has been exploited by Qilin

Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack

Speaking at Infosecurity Europe, Ashish Shrestha, former CISO at Jaguar Land Rover revealed why he wanted over 30,000 employees to change their passwords in the immediate aftermath of the incident

WhatsApp Discovers NSO Group-Linked Spearphishing Attempts

Meta’s WhatsApp demands contempt ruling after users report NSO Group-linked phishing

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

North Korean actor UNK_DeadDrop targeted developers with fake coding tasks to steal crypto

OpenAI Unveils ChatGPT Account Security Controls

OpenAI brings Lockdown Mode and Active Sessions to ChatGPT to curb prompt injection data theft

Infosecurity Europe: Prompt Injection Remains Unsolved, OWASP Researcher Warns

At Infosecurity Europe 2026, OWASP’s Ariel Fogel warned that prompt injection remains an “unresolved problem” within generative AI architecture

Two-Thirds of Open Source Community Unaware of Cyber Resilience Act

Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities

The Department of Science, Innovation and Technology details how a combination of hands-on human advice and technology systems keeps government agencies safe

Meta AI Bug Exposes Over 20,000 Instagram Accounts

Meta confirms an AI tool vulnerability led to unauthorized access to Instagram accounts after a failure in email verification during password reset

Infosecurity Europe: Practical Lessons From Lloyds' Agentic AI Security Playbook

Lloyds Banking Group shared its approach for securing agentic AI workflows, with a mix of hands on experimentation and cross functional governance

Infosecurity Europe: OWASP Introduces Agentic AI Security Maturity Framework

The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed