Security Insights

Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

A photoreal close-up of a glowing computer screen in a darkened server room showing lines of YAML pipeline code, with a
Vulnerabilities
5 min read
23 Jun 2026

GitHub Hardens actions/checkout to Kill 'Pwn Request' Attacks Dead

A new default in actions/checkout v7, announced June 18, automatically blocks unreviewed fork code from running inside privileged workflows — closing an exploit path that attackers had used for years to steal secrets and poison packages.

A photorealistic editorial scene of a software engineer in a dimly lit server room staring at a monitor displaying a pip
Threats
5 min read
22 Jun 2026

ShapedPlugin Pro Plugins Shipped Backdoor Code Through the Vendor's Own Update Channel

Attackers compromised ShapedPlugin's build and distribution pipeline, silently delivering malicious code to paying customers who did everything right.

Photoreal editorial scene: a dimly lit operations center in a Southeast Asian city at night, multiple large monitors dis
Threats
5 min read
22 Jun 2026

INTERPOL's 2025/2026 Assessment: Phishing, Ransomware, and AI Fraud Are Overwhelming Asia-Pacific Defenses

A new INTERPOL threat report finds cybercrime accelerating across Asia and the South Pacific, with phishing driving initial access, ransomware hitting under-resourced nations hardest, and generative AI removing the last natural barriers to mass fraud.

A photoreal editorial scene of a modern open-plan office at dusk, warm overhead lights, several professionals wearing wi
Vulnerabilities
6 min read
22 Jun 2026

Four Security Stories You Shouldn't Ignore: Beats Eavesdropping, a GCP Privilege-Escalation Flaw, and a Threat Actor Who Lived Inside a Network for a Decade

Apple quietly patched a Bluetooth vulnerability in Beats firmware, Google Cloud's Config Connector carries an unpatched privilege-escalation bug, and the threat group Velvet Ant spent roughly ten years undetected inside a target network. Here is what defenders need to know — and do — right now.

Photoreal editorial scene: a dimly lit server room with blue-tinted rack lighting, a law enforcement officer in dark tac
Regulation
5 min read
21 Jun 2026

Operation Endgame Dismantles SocGholish Infrastructure, Cleans 14,971 Hacked WordPress Sites

A Dutch-led coalition spanning four countries has taken down command-and-control servers powering the SocGholish malware loader and force-remediated nearly 15,000 compromised websites — marking the latest phase of the largest coordinated botnet-disruption effort in history.

A dramatic low-angle shot of a server room corridor at night, rows of blinking rack-mounted servers fading into darkness
Ransomware
5 min read
21 Jun 2026

The Gentlemen Ransomware Group Ships a Centralized EDR Killer to Every Affiliate

GentleKiller blends signed-driver abuse with a hardcoded hit list of roughly 400 security processes — and every Gentlemen affiliate gets it as standard kit.

A wide-angle photoreal editorial scene of a modern international summit chamber, empty leather chairs arranged in a circ
Regulation
4 min read
21 Jun 2026

Macron Calls for G7 Nations to Unify AI Oversight — and Wants Washington in the Room

France's president is urging wealthy democracies to treat advanced AI governance as a shared responsibility, not a domestic footnote. The gap between political will and enforceable policy remains dangerously wide.

A photoreal close-up of a physical server rack in a dimly lit data center, with a single open padlock resting on a cable
Vulnerabilities
5 min read
20 Jun 2026

Gravity SMTP Vulnerability CVE-2026-4020 Is Being Actively Exploited — Patch and Rotate Now

An unauthenticated information-disclosure flaw in the popular WordPress mailer plugin is already under active attack, putting API keys, OAuth tokens, and SMTP credentials at risk on up to 100,000 websites.

A close-up macro photograph of a modern mobile processor chip on a circuit board, with a thin beam of ultraviolet light
Vulnerabilities
5 min read
20 Jun 2026

usbliter8: Researchers Crack Apple A12 and A13 SecureROM in an Exploit That Cannot Be Patched

A working tethered exploit from Paradigm Shift reaches code burned into the chip at fabrication — and no software update on earth can fix it.

Photoreal editorial scene: a glowing digital key dissolving into streams of data inside a dark server room, shallow dept
Breaches
5 min read
20 Jun 2026

Klue Confirms OAuth Token Theft: Icarus Extortion Group Claims the Attack

The Vancouver-based competitive intelligence platform says attackers stole OAuth tokens and used them to reach customer Salesforce tenants — adding another entry to a growing list of SaaS-to-CRM supply-chain breaches.

A dramatic close-up photoreal editorial scene inside a dark server room bathed in blue and red lighting. In the foregrou
Ransomware
5 min read
19 Jun 2026

GentleKiller: How The Gentlemen RaaS Group Handed Affiliates a Ready-Made EDR Termination Kit

A May 2024 breach of The Gentlemen ransomware-as-a-service platform exposed the group's 'GentleKiller' framework — a pre-packaged tool that lets low-skill affiliates disable enterprise endpoint detection and response software at the kernel level.

A pair of sleek white wireless earbuds resting on a dark matte surface, soft blue Bluetooth signal waves glowing faintly
Vulnerabilities
4 min read
19 Jun 2026

Beats Studio Buds Firmware Patch Closes Bluetooth Flaw That Could Turn Earbuds Into a Listening Device

A CVSS 8.8 authorization bug in the Airoha Bluetooth audio SDK let any attacker within radio range pair with Studio Buds without the owner's knowledge — and potentially capture microphone audio.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress