Right here’s an outline of a few of final week’s most attention-grabbing information, articles, interviews and movies:
Encrypted DNS nonetheless tells an eavesdropper the place to look
Encrypted DNS runs throughout a lot of the Web. DNS over TLS, HTTPS, and QUIC hold the contents of a question away from anybody watching a community hyperlink. The encryption covers the message inside every packet. The packet nonetheless carries plaintext headers, and people values mark a movement as DNS.
Agent Beacon: Open-source telemetry layer for AI brokers
AI coding brokers akin to Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, cloud environments, the place they edit information, run instructions, and name exterior instruments. Beacon, an open-source undertaking from Asymptote Labs, configures telemetry for these runtimes and writes a normalized document of what every agent does throughout native, CI, and cloud-agent surfaces.
Who pays while you gate cyber-capable AI fashions?
On this interview with Assist Web Safety, Jaya Baloo, COO & CISO at Aisle, examines the controversy over proscribing entry to cyber-capable AI fashions. She lays out the strongest argument for gating these instruments, then explains the place it breaks down for safety groups who depend upon the identical capabilities for protection.
A $1,400 experiment in AI safety auditing outperformed OpenAI’s Codex Safety
A analysis group has constructed a system that teaches AI brokers to hunt for software program bugs by writing the audit technique down as plain textual content. The system, referred to as EVOHUNT, retains the underlying AI mannequin fastened and improves solely an exterior “playbook” that tells the agent the right way to work.
GTA 6 early entry affords are taking players’ crypto
Rip-off web sites are circulating throughout the web with a pitch geared toward thousands and thousands of players: a approach to play Grand Theft Auto VI earlier than its launch. The pages promise early entry for just a few hundred {dollars} in cryptocurrency, ask patrons to enter a fee code, and declare the sport will then unlock.
Praxen: Open-source AI agent conduct verification
Praxen is an open-source device with a easy job: it checks whether or not an AI agent does what it claims to do. The device takes an agent’s declared coverage, appears at how the agent operates, and factors out each spot the place the 2 drift aside.
The place IT meets OT and railway cybersecurity will get tougher
On this interview with Assist Web Safety, Jorge Aldegunde, World Head of Railway Companies at DNV, talks by way of what occurs when previous operational expertise meets newer IT in monorail techniques. He explains why open networks widened the assault floor, how groups determine whether or not to patch a signalling flaw with out stopping trains, and who carries the legal responsibility.
Scoring AI hackers when there isn’t a reply key
AI fashions are fixing an growing variety of offensive cybersecurity benchmarks, making these exams much less helpful for evaluating probably the most superior techniques. Many depend on vulnerabilities which have already been publicly documented, permitting fashions to attract on present information. FrontierCyber, a benchmark from AI safety lab Irregular, takes a distinct method. It locations fashions on actual techniques and measures how far they progress towards a safety goal.
The uptime questions each engineering chief ought to ask this week
On this interview with Assist Web Safety, Mattias Geniar, CTO at Oh Pricey, explains why most outages begin quietly, as creeping latency or a sluggish rise in errors. He argues groups alert on the improper issues: absolute numbers as an alternative of modifications, remoted endpoints as an alternative of actual person outcomes.
Healthcare leaders see a deadly cyber incident as inevitable
Healthcare practices run on a sequence of out of doors distributors. An EMR system holds scientific information, a billing platform processes claims, a telehealth device helps distant visits, and a cloud supplier shops information. Each a type of connections offers an out of doors firm a path into the apply, and any one among them can break. In keeping with Omega Programs’ 2026 Healthcare IT Panorama Report, the big majority of practices handled no less than one operational disruption that traced again to a vendor or a vendor’s personal provider.
Two CEOs on why safety and AI readiness belong collectively
SuperOps and Guardz are bundling PSA, RMM, MDM, and agentic SecOps into one providing for MSPs. On this Assist Web Safety Q&A, SuperOps CEO Arvind Parthiban and Guardz CEO Dor Eisner clarify how a related stack cuts the time and context misplaced to tool-switching, lowers prices towards multi-vendor setups, and helps shut the hole between common MSP margins of 8% and the 18% prime performers attain.
What the Fortibleed marketing campaign means for organizations operating FortiGate firewalls
A large credential-harvesting marketing campaign focusing on FortiGate firewalls has uncovered hundreds of organizations to potential community compromise, and a trove of attacker instruments, scripts, and credentials left inadvertently uncovered on a server has given researchers an unusually detailed have a look at how the operation labored.
Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)
CVE-2026-20230, a server-side request forgery (SSRF) vulnerability affecting Cisco’s Unified Communications Supervisor (Unified CM), is being exploited to drop webshells and obtain distant code execution functionality on the underlying server.
Legislation enforcement hits StealC and Amadey malware networks
Operation Endgame, the most important worldwide regulation enforcement operation geared toward disrupting ransomware and cybercrime infrastructure internationally, has claimed its newest targets: StealC and Amadey.
Thriller hackers use novel SharkLoader dropper towards governments, software program devs
Kaspersky researchers have uncovered a beforehand unknown cyberattack marketing campaign that has compromised authorities organizations and software program improvement firms in a number of nations.
Synology points vital repair for MailPlus Server vulnerabilities
Synology has has fastened vital vulnerabilities in MailPlus Server, a software program package deal used to run non-public e-mail infrastructure on Synology NAS units. Particulars in regards to the vulnerabilities are nonetheless underneath wraps.
Product showcase: How one can consider AI SOC platforms and the place Prophet AI leads
The agentic SOC market is crowded with distributors promising to automate alert triage, investigation, and response. The problem is separating measurable operational positive aspects from advertising claims. Prophet Safety is an agentic AI SOC platform that autonomously triages, investigates, and responds to safety alerts. It additionally helps strengthen detection and response packages by figuring out tuning alternatives, uncovering detection gaps, and enabling natural-language risk looking.
23 ClawHub plugins squatting official scopes expose AI registry safety gaps
On this Assist Web Safety video, Ax Sharma, Head of Analysis at Manifold Safety, breaks down how 23 code-executing plugins ended up underneath ClawHub’s official @openclaw and @clawhub scopes whereas owned by unrelated accounts, why an official-looking scope is a provide chain danger even when the code isn’t malicious, and what the registry modified after the disclosure.
What your subsequent cyber insurance coverage renewal will demand
On this Assist Web Safety video, Michael Loewy, co-founder, Tide Basis, explains how cyber insurance coverage is rewriting safety packages at renewal time.
Tons of of AI-powered iOS apps discovered exposing credentials
Cell app builders are packing AI options into every little thing from writing assistants to productiveness instruments and way of life apps. New analysis exhibits that securing entry to these providers stays a problem. Researchers from Wake Forest College analyzed 444 iOS functions with LLM options and located 282 that uncovered exploitable credentials or backend entry mechanisms.
Free, no-signup World Cup streams serve scams as an alternative of soccer
Researchers at Malwarebytes recognized dozens of internet sites claiming to supply free entry to FIFA World Cup matches. As an alternative of streaming video games, the websites directed guests by way of a sequence of promoting pages designed to generate income for his or her operators.
Phishing hides in routine Microsoft 365 workflows
Attackers are abusing Outlook Teams and Microsoft 365 collaboration options to make phishing campaigns seem routine, in keeping with Fortra. The assault begins when a goal is added to or invited into an attacker-controlled Microsoft 365 Group. The group’s title, description, or welcome message is designed to create urgency, typically utilizing themes akin to payroll updates, contract renewals, provider requests, or necessary coaching notices.
Two Scattered Spider hackers plead responsible over Transport for London cyberattack
Two members of the infamous hacker group Scattered Spider have pleaded responsible to prices associated to a 2024 cyberattack on Transport for London (TfL) that resulted in £29 million in loss and restoration prices.
Utilizing Reddit to govern AI search outcomes is surprisingly straightforward
A Reddit remark that takes just a few seconds to put in writing can find yourself influencing the solutions generated by AI analysis instruments. A Cornell Tech research discovered {that a} quick snippet of user-generated textual content, typically as little as 13 phrases, was sufficient to have an effect on the output of deep-research brokers, AI techniques that search the net, collect info from a number of sources, and generate stories with citations.
LastPass buyer information uncovered by way of Klue provide chain assault
LastPass disclosed that attackers used OAuth tokens compromised in a provide chain assault on Klue, a market intelligence platform that integrates with CRM and gross sales instruments throughout organizations, to entry buyer information saved in its Salesforce surroundings.
Phishing assault on healthcare agency Xsolis impacts 1.4 million individuals
Healthcare expertise firm Xsolis confirmed {that a} phishing assault resulted in unauthorized entry to its community. The corporate develops AI-powered software program for hospitals, well being techniques, and well being plans and serves greater than 600 hospitals and well being insurers.
Algerian nationwide accused of operating cybercrime marketplaces extradited to US
An Algerian nationwide accused of operating on-line marketplaces that bought phishing kits and fraud instruments has been extradited from Spain to america to face financial institution fraud conspiracy prices.
WhatsApp will warn customers earlier than they message a possible scammer
WhatsApp is rolling out a warning display screen on Android and iOS that seems earlier than customers open chats with unfamiliar cellphone numbers. Meta hopes that this new function will assist customers keep away from scammers.
Hacker will get 18 months for assault that compromised 60,000 betting accounts
A 21-year-old man recognized on-line as “Snoopy” was sentenced to 18 months in jail for his position in a scheme that hacked person accounts on a fantasy sports activities and betting web site and bought entry to them, inflicting a whole bunch of hundreds of {dollars} in losses.
Stealthy new backdoor surfaces in assaults on a number of sectors
A comparatively new backdoor referred to as Mistic has been deployed in a number of assaults since April 2026 focusing on organizations within the insurance coverage, training, IT, {and professional} providers sectors, in keeping with Symantec.
A privacy-first tackle native malware evaluation
Submitting a suspicious file to VirusTotal or MalwareBazaar uploads a replica to a searchable public repository. Whereas these platforms assist analysts shortly establish malicious information, additionally they enable risk actors to see when their instruments have been detected by monitoring for matching hashes. In focused assaults, uploaded samples may comprise delicate sufferer information, exposing it to third-party techniques. Burnyard, a analysis undertaking from The Ohio State College takes goal at this situation. It runs suspicious binaries on the analyst’s personal {hardware} and retains every pattern native at some point of the evaluation.
Microsoft offers Home windows 10 customers an sudden additional 12 months of free safety updates
Microsoft has given Home windows 10 customers one other 12 months of free safety updates, extending its client Prolonged Safety Updates (ESU) program till October 12, 2027.
SIM-swapping gang busted in worldwide police operation
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) arrested 4 suspected members of an organized cybercrime group accused of SIM swap assaults, cryptocurrency theft, and cash laundering.
Mirage2FA phishing equipment makes use of HTML smuggling to steal Microsoft 365 credentials
Mirage2FA, a phishing equipment that mixes short-lived HTML smuggling with obfuscated JavaScript loaders to ship pretend Microsoft 365 login pages and steal credentials throughout MFA prompts, has been recognized by researchers at Fortra.
The systemd 261 launch brings a software program TPM, new OS installer
Linux distributions that ship systemd as their init system now have a brand new model to trace. The systemd 261 replace provides a cloud metadata subsystem, carries course of state by way of kexec reboots, and continues a long-running effort to load exterior libraries on demand.
Product showcase: Avira Safety for iOS blends safety, privateness, and machine optimization
Avira Cell Safety for iOS combines safety, privateness, and machine optimization instruments in a single utility. The app can also be out there for Android, macOS, and Home windows units.
Solely 7% of firms are prepared for the AI brokers they deployed
Most organizations now run or pilot AI brokers that function on firm information with restricted human route at every step, a share that reaches 88% in Veeam Software program’s Information and AI Belief Hole report. The techniques which are imagined to regulate them haven’t caught up.
Residential proxy SDKs are hiding in LG and Samsung good TV apps
Good TVs in dwelling rooms run small apps that present fish tanks, clocks, solitaire video games, and slideshows of puppies. A share of these apps also can ship different individuals’s web site visitors out by way of the house connection. Spur Intelligence scanned 6,038 apps throughout LG webOS and Samsung Tizen and located 2,058 that comprise residential proxy software program.
OpenAI needs AI to repair vulnerabilities, not simply discover them
OpenAI expanded Dawn, its cybersecurity initiative that mixes AI fashions, Codex Safety, safety researchers, maintainers, business companions, and entry controls to help vulnerability discovery and remediation. Organizations can use the initiative to establish, validate, and repair software program vulnerabilities, whereas builders, maintainers, and safety groups can use its instruments to strengthen defensive safety capabilities.
Safety testing was constructed for a slower world
Software program groups are pushing code into manufacturing sooner than safety testing can sustain. AI is accelerating improvement cycles and including stress to safety packages that depend on periodic validation and guide penetration testing. The 2026 State of AI Safety Testing report from Aikido Safety discovered that 76% of organizations have needed to cease, limit, or roll again AI-driven conduct up to now 12 months.
Google Workspace expands password reset alerts to all admins
Google’s Alert Middle, a dashboard within the Google Admin console that shows safety and administrative alerts and helps directors establish, examine, and reply to points affecting their group, is increasing the “Tremendous Admin password reset” alert into the “Admin password reset” alert. The function is rolling out regularly and shall be out there to all Google Workspace prospects.
Anthropic’s Claude Tag offers AI brokers impartial identities
Anthropic launched an agent id mannequin for Claude Tag, its AI assistant designed for group collaboration in shared workspaces. The mannequin offers Claude its personal id, permissions, and gear entry, configured by directors and tied to a workspace or channel.
Most groups will ship AI-written infrastructure code with little evaluate
AI-assisted improvement has settled into on a regular basis apply throughout software program organizations, and builders utilizing it transfer from concept to working code in hours. That code doesn’t stick with the builders who immediate it. It flows downstream to the DevOps and platform groups who deploy and preserve it, and people groups will not be getting the identical pace enhance.
Greatest practices for AI in open-source work
Free and open supply software program builders us AI coding assistants akin to Claude Code, Copilot CLI, Antigravity, and OpenCode of their day by day work. The Software program Freedom Conservancy responded to that development with a set of suggestions for contributors who use these instruments, which it teams underneath the label LLM-gen-AI, that means generative AI techniques backed by LLMs.
LLM safety recommendation appears stable till you test the exhausting instances
Loads of individuals now sort their safety worries straight right into a chatbot. A hacked account, a suspicious e-mail, a stalker who is likely to be monitoring a cellphone, all of it lands in the identical window somebody would use to ask about dinner. A benchmark referred to as HelpBench exams how properly chatbots deal with these moments, and the outcomes give safety professionals one thing to observe in what their customers are being informed.
Google Pockets provides TSA Touchless ID for sooner airport screening
Google Pockets has joined the Transportation Safety Administration’s (TSA) PreCheck Touchless ID program, permitting vacationers to go by way of safety checkpoints utilizing the TSA’s facial comparability expertise. The system verifies id by matching a dwell photograph taken at a checkpoint with id and flight info, lowering the necessity to current a bodily ID.
Modelplane: Open-source management aircraft for AI inference
Organizations that run open-weight fashions on {hardware} they personal function GPU fleets unfold throughout clouds, neoclouds, and on-premise information facilities. Every fleet handles mannequin placement, reproduction scaling, infrastructure provisioning, weight distribution, and site visitors routing. Groups have constructed this coordination layer by hand, one operator at a time. Upbound, the corporate behind the Crossplane undertaking, launched Modelplane, an open-source management aircraft that manages fleet-wide coordination for AI inference.
Ransomware gangs discover Europe’s weakest hyperlink in third-party suppliers
Ransomware assaults towards European organizations elevated through the first months of 2026, with third-party suppliers turning into a significant entry level for attackers. Black Kite examined 2,066 ransomware incidents throughout 31 nations between January 2025 and April 2026 in its 2026 European Cyber Threat Report.
Important open-source initiatives get a brand new safety framework
Open supply software program initiatives are getting a brand new framework for dealing with safety vulnerabilities as AI shortens the time between flaw discovery and exploitation. The Linux Basis has launched Akrites, an business initiative that brings collectively expertise firms, monetary establishments, safety distributors, AI firms, and open supply initiatives to help the remediation and disclosure of vulnerabilities affecting extensively used open supply software program.
Cybersecurity jobs out there proper now: June 24, 2026
We’ve scoured the market to deliver you a number of roles that span varied ability ranges inside the cybersecurity subject. Take a look at this weekly number of cybersecurity jobs out there proper now.
New infosec merchandise of the month: June 2026
Right here’s a have a look at probably the most attention-grabbing merchandise from the previous month, that includes releases from AISLE, Asimily, Blue Planet, depthfirst, Diligent, Drata, Elastic, Filigran, Flip, Hyland, IDnow, Legit Safety, MazeBolt, Noma, Qodo, Ridge Safety, Tigera, and WitnessAI.