The Chinese Control the Majority of Argentina’s Squid Fleet
Chinese companies control nearly two-thirds of Argentina’s own squid fleet.
FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can restore the account’s backup, read the private and group messageRead More »FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the moniker StrikeShark, said the campaign has targeted a diplomatic organization in Indonesia,Read More »New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
Meta Is Testing Facial Recognition for Police and Military
We know that ICE wants to deploy eyeglasses with facial recognition that can identify people in real time. Turns out Meta is prototyping the feature with a Pentagon supplier. (Alternate news story.)
Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
A Chinese-speaking advanced persistent threat (APT) actor has been linked to a new custom backdoor called TinyRCT as part of cyber attacks aimed at government entities and critical infrastructure in Southeast Asia. The activity, particularly aimed at state-owned enterprises in the energy and government sectors, has been attributed to aRead More »Chinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
Security Leaders Discuss Texas Hunting, Fishing License Data Breach
The Texas Parks and Wildlife Department reported that the personal information of more than three million Texas hunting and fishing license customers may have been affected by a recent data breech.
Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories
AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact. The post Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories appeared first on SecurityWeek.
More Klue Breach Victims Identified as Hackers Get Hacked
Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact. The post More Klue Breach Victims Identified as Hackers Get Hacked appeared first on SecurityWeek.
In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs
Other noteworthy stories that might have slipped under the radar: Russia used Cellebrite to hack activist’s phone, Five Eyes issue urgent AI threat warning, macOS Gaslight backdoor, Scattered Spider guilty pleas. The post In Other News: Chinese Mythos-Like AI, Tata Electronics Breach, Snyk Layoffs appeared first on SecurityWeek.
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16.Read More »New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries