International

A new Android banking trojan called Rokarolla is hitting 217 banking and cryptocurrency apps with a wide range of 137 commands. The harmful software spreads through bad websites pretending to offer the Google Chrome or TikTok app and can gain full control over a hacked device. Its abilities include stealing …

A serious pre-authentication remote code execution (RCE) flaw in Splunk Enterprise has been revealed, earning a very high CVSS score of 9.8. Tracked as CVE-2026-20253, Splunk shared the flaw on June 10, 2026. It impacts the PostgreSQL Sidecar Service that came with Splunk version 10. The root cause of CVE-2026-20253 lies …

Oracle PeopleSoft servers are under attack in ongoing data theft by the ShinyHunters gang, which claim to have stolen data from over 100 organizations. BleepingComputer reported a big data theft attack hitting both cloud and on-site Oracle PeopleSoft customers. These customers got demands for money that were signed by the …

GitHub disabled 73 repositories in four Microsoft groups: Azure, Azure-Samples, Microsoft, and MicrosoftDocs. Each repo now shows GitHub’s “This repository has been disabled. Access to this repository has been disabled by GitHub Staff due to a violation of GitHub’s terms of service” banner. The size and timing suggest that abuse …

Anthropic has released a tool that acts like a careful assistant in your terminal. This new security plugin for Claude Code checks code as it’s being made or changed, pointing out common problems before they reach production. The plugin is already included in the Anthropic marketplace. It uses pattern matching …

The Indian Computer Emergency Response Team (CERT-In) has released new rules. Organizations must fix serious security problems in online systems within 12 hours if possible. This is to protect against threats from bad actors using artificial intelligence (AI) tools and large language models (LLMs) to find and exploit vulnerabilities quickly …

Hackers are using Middle East phone and internet networks more often to run big command-and-control systems. The results show a change from temporary signs to tracking at the infrastructure level, helping defenders find ongoing patterns in cyber attacks instead of just responding to changing signs of trouble. The data shows …

The newly launched of Microsoft MDASH, OpenAI Daybreak, and Anthropic Mythos shows a big change in cybersecurity. These tools go beyond basic chat functions by using groups of special models to find, discuss, and fix serious problems in important systems. MDASH and Daybreak aim to make security stronger during development, …

Google detects for the first time a zero-day exploit which is thought to be developed using artificial intelligence.  The company shared a new report on Monday. It gives a summary of its findings on how AI is used in cyber threats. This information comes from recent data collected by Gemini, …

Amazon’s cloud unit said on Thursday (May 7) it was actively working to restore temperatures to normal levels at a data center in North Virginia after overheating disrupted some services, though progress has been slower than anticipated. Amazon Web Services said it had made “incremental progress” in restoring cooling systems, …