Security Insights

Breaches, ransomware and regulation — analysed the day they break, with the practical lessons your team can act on. Free to read, no account required.

A photorealistic editorial scene of a dimly lit living room at night, a cheap plastic Android TV streaming box glowing w
Threats
5 min read
19 Jun 2026

Popa Botnet Tied to NASDAQ-Listed Residential Proxy Firm Alarum Technologies

Researchers from Synthient and Qurium traced four years of Android TV box traffic-relaying back to infrastructure connected to NetNut, the residential proxy service owned by Israel's Alarum Technologies — raising hard questions about where legitimate proxy networks end and silent botnets begin.

A photoreal editorial scene of a server rack in a dimly lit data center, with a single amber warning light casting a glo
Vulnerabilities
4 min read
18 Jun 2026

F5 Patches Two Critical NGINX Flaws That Allow Unauthenticated Remote Code Execution

A use-after-free in NGINX's HTTP/3 module earns a CVSS v4 score of 9.2 — and any deployment with QUIC enabled should treat the patch as same-day work.

Photoreal editorial scene: a dimly lit automotive workshop office at night, a single computer workstation glowing with a
Regulation
5 min read
18 Jun 2026

How a Junior Hacker Kept Access to a French Auto Firm Long After His C2 Server Went Dark

A commodity intrusion at a small French automotive business exposed a gap most incident-response playbooks still miss: killing the command-and-control beacon does not end the incident if the attacker already installed OpenSSH and Tailscale.

A photorealistic editorial scene of a dimly lit server room with rows of blinking network equipment, a large world map p
Regulation
5 min read
18 Jun 2026

Google Plans to Use UK and EU IP Addresses for Ad Targeting From August 2026 — and That Should Concern Your Security Team

A signal Google once condemned as a privacy circumvention becomes official ad infrastructure. The ICO is watching. So should your identity and threat-detection teams.

A photorealistic editorial scene of a glowing blue computer server rack in a dark enterprise data center, with a single
Vulnerabilities
5 min read
17 Jun 2026

CVE-2026-50656: Microsoft's Unpatched 'RoguePlanet' Flaw Puts Every Defender Install at Risk

A privilege-escalation zero-day in the Malware Protection Engine — the scanning core shared by every supported Defender variant — has been confirmed by Microsoft, with no patch yet shipped.

A photoreal close-up of a server rack in a dimly lit data center, one rack unit glowing amber with a warning indicator l
Vulnerabilities
5 min read
17 Jun 2026

CVSS 10.0: CISA Confirms Active Exploitation of Joomla Content Editor Flaw CVE-2026-48907

Widget Factory's JCE extension contains an unauthenticated arbitrary file-write vulnerability that attackers are already burning in the wild. Federal agencies have three weeks to patch. Everyone else should move faster.

A close-up photoreal editorial shot of a human hand hovering over a mechanical keyboard, fingers poised to press keys, w
Threats
5 min read
17 Jun 2026

ClickFix Goes Mainstream: Three Loader Families Exploit the Same Social-Engineering Trick

BabaDeda, Lorem Ipsum, and Potemkin loaders all use the same clipboard-paste attack pattern — and education and finance organizations absorbed the bulk of April 2026 hits.

A photoreal editorial close-up of a glass jar sealed with a metal lid sitting on a server rack inside a dimly lit data c
Threats
5 min read
16 Jun 2026

Pickle in the Middle: Google Vertex AI SDK Flaw Gave Attackers Code Execution Inside Google's Cloud

A bucket-squatting vulnerability in the Google Cloud Vertex AI Python SDK let an unauthenticated attacker intercept ML model uploads and run arbitrary code inside Google's managed serving infrastructure — no project credentials required.

A photorealistic editorial scene of a server rack in a dimly lit data center, shot from a low angle with shallow depth o
Vulnerabilities
5 min read
16 Jun 2026

CISA Flags LiteSpeed cPanel Plugin Flaw as Actively Exploited — Root Access at Stake

CVE-2026-54420 carries a CVSS score of 8.5 and hands attackers root-level control over shared hosting servers. Federal agencies must patch by June 18, 2026. Everyone else should move faster.

A wide-angle photoreal editorial scene showing a federal courthouse exterior at dusk, with the American flag lit by floo
Regulation
5 min read
16 Jun 2026

DOJ Seizes CFAKE and SOCFAKE in First TAKE IT DOWN Act Enforcement Action

Federal agents pulled two of the internet's busiest deepfake nude sites offline, marking the first publicly announced domain seizure under a law signed just weeks ago.

A software developer sits at a dual-monitor workstation in a dimly lit modern office at night, intensely reviewing code
Threats
5 min read
15 Jun 2026

North Korea's Contagious Interview Crew Targets Developers With Code-Review Phishing Bait

The DPRK-linked threat cluster known as Contagious Interview has added a deceptively simple new lure to its arsenal: a polite request to review some code.

A photorealistic close-up of a terminal screen glowing in a dark room showing lines of shell script code, with faint gre
Threats
5 min read
15 Jun 2026

400+ AUR Packages Hijacked to Drop Rust Credential Stealer and eBPF Rootkit

Attackers rewrote PKGBUILD scripts across more than 400 Arch User Repository packages, turning the normal build process into a credential-harvesting operation — with a kernel-level rootkit waiting for any build that ran as root.

Ready to Reduce Your Human Cyber Risk?

Sign up and start training your team in minutes. No sales calls, no demos — just pick a plan and go. Phishing simulations, video courses, and certificates from day one.

train2secure analytics dashboard showing training completion stats and user progress