Latest news as of 6/23/2026, 2:37:19 PM
Graham Cluley
Have you ever taken a look at your Microsoft 365 mailbox rules? If not, it might be worth a few minutes of your time. Because newly released research reveals that hackers may already have beaten you to it. Read more in my article on the Fortra blog.
Graham Cluley
If you hold cryptocurrency, there's a very simple golden rule that you should always follow. Never hand over your seed phrase. Garrett Dutton, better known as G. Love - the front man of blues-hip-hop outfit G. Love & Special Sauce - has learnt that lesson the hard way. Read more in my article on the Hot for Security blog.
The Register
University student says he plans to move to Android, but concedes iOS engineers acting fast Apple is finally working on a fix for a bug that has locked some users out of their iPhones for months, understands.… The Register
Bleeping Computer
CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 years. [...]
Bleeping Computer
Microsoft warns that some Windows domain controllers are entering restart loops after installing the April 2026 security updates. [...]
The Hacker News
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. "CVEs that do not meet those criteria will still be listed in the NVD but will not
Bleeping Computer
23-year-old Kamerin Stokes of Memphis, Tennessee, was sentenced to 30 months in prison for selling access to tens of thousands of hacked DraftKings accounts. [...]
The Register
Pause your Mythos panic because mainstream models anyone can use already pick holes in popular software Anthropic withheld its bug-finding model from public release due to concerns that it would enable attackers to find and exploit vulnerabilities before anyone could react.… Mythos
The Hacker News
An international law enforcement operation has taken down 53 domains and arrested four people in connection with commercial distributed denial-of-service (DDoS) operations that were used by more than 75,000 cybercriminals. The ongoing effort, dubbed Operation PowerOFF, disrupted access to the DDoS-for-hire services, took down the technical infrastructure supporting them, and obtained access to
Bleeping Computer
Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions. [...]