Security News Feed Aggregated from trusted cybersecurity sources

1695

Total Articles

Security News

Latest cybersecurity news from CISA, Krebs on Security, and other trusted sources

1695

CVE Mentions

4

Sources

Filter by source: All Sources darkreading hackernews krebs sans

sans Jun 09, 2026 at 17:34

Microsoft June 2026 Patch Tuesday, (Tue, Jun 9th)

Microsoft today released patches for 204 vulnerabilities. 38 of these vulnerabilities are considered critical, and three have been disclosed before today. Six of the vulnerabilities affect Microsoft cloud solutions and do not require any user action. In addition, Microsoft incorporated 360 different vulnerabilities affecting Chromium into its Edge browser.

sans Jun 09, 2026 at 02:00

ISC Stormcast For Tuesday, June 9th, 2026 https://isc.sans.edu/podcastdetail/9964, (Tue, Jun 9th)

sans Jun 08, 2026 at 17:07

TeamPCP Supply Chain Campaign: Activity Through 2026-06-07, (Mon, Jun 8th)

This diary continues the Internet Storm Center&&#x23;x26;&#x23;39;s tracking of the TeamPCP supply chain campaign, first documented in the SANS white paper When the Security Scanner Became the Weapon and most recently in the handler diary Activity Through 2026-05-24. Since that update, the story moved into two new places: the United States government, which formally caught up to the campaign, and the wider population of attackers now wielding the Mini Shai-Hulud framework that TeamPCP open-sourced last month.

sans Jun 08, 2026 at 02:00

ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)

sans Jun 05, 2026 at 06:47

The Evil MSI Background is Back!, (Fri, Jun 5th)

A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1]. Yesterday, I spotted another one! It seems that the technic is getting more and more popular. This time, it started with a mail containing a WeTransfer link.

sans Jun 05, 2026 at 02:00

ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)

sans Jun 04, 2026 at 06:10

Microsoft's Coreutils for Windows, (Thu, Jun 4th)

I&&#x23;x26;&#x23;39;ve been using the GnuWin32 CoreUtils for Windows for many years now (it gives you many *nix core commands on Windows).

sans Jun 04, 2026 at 02:00

ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)

sans Jun 03, 2026 at 13:40

Continuing Scans for swagger.json, (Wed, Jun 3rd)

Enterprise applications often still use complex standards like SOAP for web services. The big advantage of SOAP is its tight and extensive standards, which enable interoperability across an enterprise governed by web services. The disadvantage of SOAP: First, while it is de facto usually used over HTTP, it does not leverage HTTP, leading to unnecessary complexity. Secondly, kids don&&#x23;x26;&#x23;39;t RTFM, and developers these days tend not to appreciate the art of careful system design; they rather throw code at an IDE to see what sticks, if they don&&#x23;x26;&#x23;39;t vibe code it anyway. 

sans Jun 03, 2026 at 02:00

ISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd)

sans Jun 02, 2026 at 07:29

New Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)

For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. No URL in the body, just â€œan imageâ€, that&#x27s the perfect way to deliver some malicious content. This isn&#x27t the first time that we see this technique used by threat actors[1].

sans Jun 02, 2026 at 02:00

ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)

sans Jun 01, 2026 at 02:00

ISC Stormcast For Monday, June 1st, 2026 https://isc.sans.edu/podcastdetail/9952, (Mon, Jun 1st)

sans Jun 01, 2026 at 00:02

Unidentified RAT pushes NetSupport RAT, (Mon, Jun 1st)

Introduction

sans May 31, 2026 at 16:01

YARA-X 1.17.0 Release, (Sun, May 31st)

YARA-X&&#x23;x26;&#x23;39;s 1.17.0 release brings 5 improvements (several performance improvements) and 1 bugfix.

sans May 29, 2026 at 02:00

ISC Stormcast For Friday, May 29th, 2026 https://isc.sans.edu/podcastdetail/9950, (Fri, May 29th)

sans May 28, 2026 at 19:41

Analysis of a Year of Files Uploaded to DShield Sensors, (Wed, May 27th)

Using the data collected over the past year and using Kibana these two ES|QL query to summarize the data, this shows the list of the most uploaded threat to two DShield sensors (local and cloud) over the past year. I have sorted the activity by months that shows the evolution of files uploaded to the sensors each month. The activity peaked during the winter months (Dec 2025 - Feb 2026) and started decreasing in March 2026 for each sensor.

sans May 28, 2026 at 02:00

ISC Stormcast For Thursday, May 28th, 2026 https://isc.sans.edu/podcastdetail/9948, (Thu, May 28th)

sans May 27, 2026 at 21:14

Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs, (Wed, May 27th)

Most Akira write-ups focus on the ransom note or the encryption routine. By the time those show up the interesting forensic work is over. The questions that matter to defenders sit earlier. How did they get in. When did they get domain admin. What did they touch before the binary fired. Those answers live in the days before impact. They sit in two log sources that almost never get joined. The perimeter firewall and the Windows event channel.

sans May 27, 2026 at 02:00

ISC Stormcast For Wednesday, May 27th, 2026 https://isc.sans.edu/podcastdetail/9946, (Wed, May 27th)

About Security News

This feed aggregates the latest cybersecurity news from trusted sources to help you stay informed about emerging threats, vulnerabilities, and security trends.

Our Sources

CISA Alerts - Official US Gov
Krebs on Security
BleepingComputer
The Hacker News
Dark Reading
SANS ISC

Security Hub