Latest news as of 6/23/2026, 12:29:49 AM
The Register
Gov admits 'incident' as forum sellers boast of fresh haul covering up to a third of the population France's National Agency for "Secure" Documents is explaining a potential data spill just as crooks online claim they've nicked a third of the country's ID information.…
The Hacker News
On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API keys shared between agents,
The Hacker News
Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper, the novel file wiper has been used in a destructive campaign targeting the energy and utilities sector in Venezuela, per findings from Kaspersky. "Two batch scripts are responsible for initiating the
The Register
Judges say cops face-slurping not a problem under current human rights laws London's Metropolitan Police Service (MPS) has survived a legal challenge that attempted to curb its rollout of live facial recognition (LFR) technology across the capital.…
Bleeping Computer
Microsoft says that an ongoing Universal Print sharing issue that prevents users from creating some printer shares is due to a Microsoft Graph API code change. [...]
The Hacker News
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw. "Improper verification of cryptographic
Bleeping Computer
A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. [...]
The Register
Gartner sees accelerating growth in IT spending, powered by cloud and AI infrastructure investment A day after the International Energy Agency (IEA) said the US/Israel/Iran war was creating the by the world, Gartner increased its growth forecasts for global IT spending by nearly three percentage points.… worst energy crisis ever faced
The Hacker News
A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system. "Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal," according to
The Hacker News
Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that's distributed via a theme related to India's banking sector. "The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than