CYBERSECEXPLOIT

TTP-Chain Validation: Proving Exploitability Without an Exploit

A Picus Security engineer proposes TTP-chain validation to test CVE exploitability without live exploits, as the disclosure-to-exploit…

Jun 23, 2026views - 1.4k

CYBERSEC

LastPass Breached via Klue Supply-Chain Attack: Customer Data Stolen, Vaults Intact

LastPass confirms a supply-chain breach through market-intelligence vendor Klue: stolen OAuth tokens granted access to LastPass's Sale…

Jun 23, 2026views - 1.5k

openai

OpenAI Shifts the Remediation Paradox: From Finding Bugs to Patching Them

OpenAI releases GPT-5.5-Cyber and the Patch the Planet initiative. AI has solved vulnerability discovery, creating a larger problem: t…

Jun 23, 2026views - 1.2k

phishing

Xsolis Phishing Breach Exposes 1.4 Million PHI Records

Xsolis took five months to disclose the full scope of a January 2026 phishing attack. The HHS breach tracker revealed 1,396,519 affect…

Jun 23, 2026views - 975

CYBERSEC

SonicWall: CVE Patched, but Risk Persists Across All 14 Audited Firewalls

A SANS audit of 14 SonicWall Gen7 firewalls shows the CVE-2024-40766 firmware patch fixed the bug, but 12 of 14 devices retained stale…

Jun 23, 2026views - 1.2k

cloud

Unit 42: Cloud Buckets Hijackable via Delete-and-Recreate

Unit 42 research shows how globally unique bucket names enable silent redirection of logs and messages across cloud accounts. Cross-CS…

Jun 22, 2026views - 818

CYBERSEC

CSIS Secures First Threat-Reduction Warrant to Disinfect Domestic Botnet

Canada's spy agency obtains the first judicial warrant for active cyber threat-reduction operations on infected routers and IoT device…

Jun 22, 2026views - 1k

linux

systemd 261: Software TPM and Native Installer Rewrite the Rules

systemd 261 expands the project's scope well beyond its traditional init system role, introducing a software TPM based on IBM swtpm, a…

Jun 22, 2026views - 807

CYBERSEC

Attack Surface 2026: 42% of Companies Have Databases Exposed to the Internet

Intruder's report on 3,000 organizations reveals the midmarket paradox: growing companies with enterprise-scale attack surfaces and SM…

Jun 20, 2026views - 1.5k

CYBERSEC

Agentic AI Replaces Assistive AI in Threat Management

Agentic AI is turning Gartner's CTEM framework from a strategic document into a continuous operational cycle. The shift, documented Ju…

Jun 19, 2026views - 1.3k

CYBERSEC

Shadow AI: The Real Threat Is Access Control, Not Data Leakage

The shadow AI problem has shifted from browser-based chatbots to enterprise systems: autonomous agents running with live credentials,…

Jun 19, 2026views - 962

CYBERSEC

Log Discard: 86% of Security Logs End Up in the Trash

A Dynatrace survey of 450 senior IT leaders at large enterprises reveals that half of organizations discard or fail to collect an aver…

Jun 19, 2026views - 1.2k