A new Linux flaw called “Bad Epoll” (CVE-2026-46242) lets regular users get root access on Linux servers, desktops, and Android devices. They can do this by taking advantage of a race condition and a use-after-free (UAF) in the epoll system of the kernel. Bad Epoll is a UAF vulnerability in …
Read More »Singapore major data centres, cloud providers could incur fine up to $1m
Major data center and cloud service providers might have to pay a fine of up to $1 million or up to 10 percent of their yearly revenue in Singapore, whichever is more, if they do not follow cybersecurity, business continuity, and incident reporting rules in new proposed laws. The Digital …
Read More »Nepal Unveils First “Hall of Fame” for Ethical Hackers
Nepal has started a ‘Hall of Fame’ program to honor cybersecurity researchers who safely report security flaws in government digital systems. This is the first government-supported recognition for these researchers in Nepal. The project started with Devs.Nepal, a new online platform created by the Office of the Prime Minister and …
Read More »Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts
Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s Azure command-line interface (CLI), compromising dozens of accounts in the process. According to Huntress, the activity comes from an IPv6 address range (2a0a:d683::/32) managed by the internet provider LSHIY LLC (AS32167). “Between June 12 and …
Read More »Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem
The Linux Foundation said on Thursday that they are starting a new project to fix flaws in open source software (OSS) more effectively. Akrites sets up a shared Security Incident Response Team (SIRT) to work together on finding, fixing, and sharing OSS security problems. If it sounds familiar, it should. Less …
Read More »Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5
Anthropic said that Claude Mythos 5, its strongest AI security model, will be sent back to some U.S. orgs that manage and protect important systems. This comes after a government review that started on June 12, 2026. The model showed a unique skill to find software problems on its own, …
Read More »Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins
A complex phishing attack targets AWS console users by misusing Cloudflare-hosted websites to steal login details. Each domain had a nearly identical copy of the AWS login page. It used a server-driven process that switched to email, SMS, or authenticator-app MFA challenges, allowing for real-time collection of second factors. The phishing …
Read More »WhatsApp to Alert Users Before Chatting With New Numbers
WhatsApp is rolling a new security warning on Android and iOS. It shows up before users open a chat with an unknown number. WABetaInfo said this feature shows the country of the phone number, if it’s saved in contacts, and if any groups are shared. This helps users think twice …
Read More »OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
Test before going live is important for AI developers. But there’s a problem: testing usually uses fake scenarios that often do not reflect how AI models or agents act in real life. A new paper from OpenAI says that about 99% of the time, its models realized they were being …
Read More »Hacker suspected of sending alerts across Brazil
Brazil’s government suspects a hacking attack triggered an unauthorized alert sent to cell phones across parts of the country early on Saturday. In a statement, the National Protection and Civil Defense Secretariat said the country’s citizens’ notification system was taken offline at around 1:30 a.m. local time (0430 GMT) after …
Read More »
InfoSecBulletin Cybersecurity for mankind