Cybersecurity

A Google engineer faces charges for allegedly making $2.75 million in insider trading bets on the Polymarket prediction platform.

US troops targeted with location data; senator warns adtech industry poses a national security threat.

Attackers exploit a critical FortiClient EMS flaw to deploy credential-stealing malware across managed endpoints, disguised as legitimate software.

Microsoft advocates for coordinated vulnerability disclosure, urging researchers to report zero-days privately before public release.

New threats include Claude security plugin issues, Azure privilege escalation, Kali365 MFA bypass, and FIFA scams, highlighting ongoing cybersecurity risks.

Enterprise AI risk is concentrated among a small group of "power users," according to LayerX Security's 2026 report.

New threat actor JINX-0164 targets crypto firms with fake recruiters and macOS malware to steal digital assets.

Kanye's label boss, Larry Jackson, sues to unmask anonymous figure behind allegedly defamatory websites aiming to destroy his reputation.

Google engineer charged with insider trading, allegedly profiting $1.2 million on wagers related to company's 2025 Year in Search campaign.

OpenAI's Frontier Governance Framework aligns AI safety, security, and risk practices with emerging EU and California regulations.

Google employee Michele Spagnuolo charged with fraud for allegedly using inside information to win $1.2 million on Polymarket bets.

A Google engineer is accused of insider trading on Polymarket using confidential search result information, marking a second major prediction market arrest.

FinCEN will not fine closing agents for reporting failures while appealing the overturned real estate anti-money-laundering rule.

Google engineer charged with insider trading on Polymarket, allegedly profiting over $1 million from betting on search trends.

Labour chair demands Nigel Farage report alleged Russian phone hacking to police within 24 hours or face action.

New FROST technique allows websites to monitor visitor activity by analyzing SSD interactions, revealing viewed sites and open apps.

UK visa portal's third-party site leaked thousands of applicant passports and selfies, then threatened legal action.

CrowdStrike and Google dismantled the Glassworm botnet, disrupting hackers targeting software developers via supply chain attacks.

FBI's 2025 report reveals over 1 million internet crime complaints daily, with losses exceeding $20 billion, a significant increase.

Grandoreiro and BTMOB malware campaigns are targeting Windows and Android users across Latin America and Europe, particularly Spain, Portugal, Mexico, and Brazil.

Malicious npm package 'mouse5212-super-formatter' stole files from Claude AI user directory via GitHub, researchers found.

Employees use an average of three to five unvetted AI tools daily, requiring IT to manage shadow AI without hindering productivity.

CrowdStrike, Google, and Shadowserver disrupted GlassWorm malware's command-and-control channels, targeting software developers' supply chains.

Security Operations Centers (SOCs) must shift from fortress defense to proactive risk mitigation to counter modern cyber threats effectively.

Krispy Kreme data breach settlement offers over $3,000 to affected U.S. employees who submit claims by June 22.

US law enforcement and intelligence agencies are increasingly monitoring "anti-tech extremists" amid growing AI job replacement fears and protests.

Gitea vulnerability CVE-2026-27771 allows unauthenticated attackers to access private container images without credentials.

Microsoft warns AI chatbot recommendations are now directing users to cryptojacking malware sites, a new social engineering tactic.