Vulnerability News

After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. The post After AI Reaches Production: 12 Ways Security Teams Can Take Control appeared first on SecurityWeek. https://www.securityweek.com/after-ai-reaches-production-12-ways-security-teams-can-take-control/

New Windows Zero-Day Exploit ‘RoguePlanet’ Released Exploiting a race condition in Microsoft Defender, the exploit leads to local privilege escalation to SYSTEM. The post New Windows Zero-Day Exploit ‘RoguePlanet’ Released appeared first on SecurityWeek. https://www.securityweek.com/new-windows-zero-day-exploit-rogueplanet-released/

CISO Forum Webinar Today: 2026 Mid-Year Review Learn more about protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks. The post CISO Forum Webinar Today: 2026 Mid-Year Review appeared first on SecurityWeek. https://www.securityweek.com/ciso-forum-webinar-today-2026-mid-year-review/

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers Claroty researchers have analyzed the security of Vertiv UPS network cards and the Trane Tracer SC+ HVAC controller. The post Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers appeared first on SecurityWeek. https://www.securityweek.com/critical-hvac-and-ups-vulnerabilities-could-let-hackers-disrupt-data-centers/

Aryon Security Raises $29 Million in Series A Funding In the post-Mythos era, the company’s platform helps organizations enforce security controls across environments. The post Aryon Security Raises $29 Million in Series A Funding appeared first on SecurityWeek. https://www.securityweek.com/aryon-security-raises-29-million-in-series-a-funding/

Cyera Raises $600 Million at $12 Billion Valuation Cyera is positioned as one of the most valuable privately held cybersecurity firms in the world with total funding topping $2 billion. The post Cyera Raises $600 Million at $12 Billion Valuation appeared first on SecurityWeek. https://www.securityweek.com/cyera-raises-600-million-at-12-billion-valuation/

Infostealers Turn Millions of Devices Into Credential Theft Machines As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime operations. The post Infostealers Turn Millions of Devices Into Credential Theft Machines appeared first on SecurityWeek. https://www.securityweek.com/infostealers-turn-millions-of-devices-into-credential-theft-machines/

Who Runs the Ransomware Group ‘The Gentlemen?’ A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group. https://krebsonsecurity.com/2026/06/who-runs-the-ransomware-group-the-gentlemen/

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft fixed two previously disclosed flaws during June 2026 Patch Tuesday. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-rogueplanet-zero-day-grants-system-privileges/

Anthropic rolls out Claude Fable 5, but it's available for a limited time Anthropic has begun rolling out a new model called "Fable," which is based on the same underlying model as Mythos, its most powerful AI model class. [...] https://www.bleepingcomputer.com/news/artificial-intelligence/anthropic-rolls-out-claude-fable-5-but-its-available-for-a-limited-time/

Ivanti: Max severity Sentry flaw allows code execution as root Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that enables remote attackers to execute code with root privileges. [...] https://www.bleepingcomputer.com/news/security/new-max-severity-ivanti-sentry-flaw-allows-code-execution-as-root/

Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days On Tuesday, Microsoft patched two zero-day vulnerabilities that let attackers gain SYSTEM privileges on fully patched Windows systems, and a third one that grants access to BitLocker-protected drives. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-yellowkey-greenplasma-miniplasma-zero-days/

Microsoft: Some Windows PCs fail to install latest monthly updates Microsoft warned customers on Tuesday that they may have issues installing the latest monthly updates on some Windows devices that were upgraded to Windows 11 24H2 or 25H2. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-some-upgraded-windows-pcs-fail-to-install-monthly-updates/

Microsoft patches Exchange Server zero-day exploited in attacks Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web Access users. [...] https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-exchange-server-zero-day-exploited-in-attacks/

The 5 Best Practices for Secure Identity Verification Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down five best practices for stronger identity verification and access security. [...] https://www.bleepingcomputer.com/news/security/the-5-best-practices-for-secure-identity-verification/

China-linked JDY botnet expands targeting of U.S. military networks The JDY botnet, a malware network previously associated with Chinese threat actors like Volt Typhoon, has significantly expanded its targeting scope and reconnaissance efforts. [...] https://www.bleepingcomputer.com/news/security/china-linked-jdy-botnet-expands-targeting-of-us-military-networks/

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks Oracle PeopleSoft servers are being targeted in ongoing data theft attacks by the ShinyHunters extortion gang, which claims to have stolen data from over 100 organizations. [...] https://www.bleepingcomputer.com/news/security/oracle-peoplesoft-servers-hacked-in-shinyhunters-data-theft-attacks/

GitHub announces npm security changes to tackle supply-chain attacks GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behaviors triggered by the 'npm install' command. [...] https://www.bleepingcomputer.com/news/security/github-announces-npm-security-changes-to-tackle-supply-chain-attacks/

The ‘Miasma’ worm source code briefly leaked on GitHub The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. [...] https://www.bleepingcomputer.com/news/security/the-miasma-worm-source-code-briefly-leaked-on-github/

Path traversal flaw in AI dev platform Langflow exploited in attacks Attackers are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in the AI development platform Langflow, to write arbitrary files on exposed servers. [...] https://www.bleepingcomputer.com/news/security/path-traversal-flaw-in-ai-dev-platform-langflow-exploited-in-attacks/