Microsoft addressed 206 vulnerabilities in its June 2026 Patch Tuesday update, marking the vendor's largest monthly batch of security patches on record.
A financially motivated threat actor called Storm-2755 is redirecting Canadian employees' salary payments by stealing session tokens through adversary-in-the-middle phishing attacks that bypass MFA protections.
US agencies CISA and the FBI warned that Iran-affiliated threat actors are actively targeting internet-exposed industrial control systems in water, energy, and government sectors, prompting urgent guidance from security professionals across the industry.
Hackers compromised a secondary API on the CPUID website for roughly six hours, redirecting download links for CPU-Z and HWMonitor to trojanized malware. The breach was discovered and remediated, but users who downloaded either tool during that window may be infected.
Juniper Networks has issued fixes for close to three dozen vulnerabilities across Junos OS and related products, including a critical 9.8-severity default password flaw that could hand attackers full control of affected devices.
New Qualys research analyzing over one billion CISA KEV remediation records from 10,000 organizations finds that 88% of tracked weaponized vulnerabilities were remediated slower than they were exploited, exposing a structural ceiling that staffing alone cannot fix.
Florida Attorney General James Uthmeier is probing OpenAI after the gunman behind a deadly Florida State University shooting allegedly communicated with ChatGPT in the days before the attack.
MITRE has released the Fight Fraud Framework (F3), a free, open knowledge base mapping the tactics, techniques, and procedures used by fraudsters across cyber channels to steal money, assets, and information.
Google has shipped Chrome 147 with fixes for 60 security vulnerabilities, including two critical heap and integer overflow bugs in the WebML component that together earned anonymous researchers $86,000.
Britain's Ministry of Defence says it tracked and exposed a covert Russian submarine mission near pipelines and cables north of the UK, forcing the vessels to abandon their operation and return home.