Updated Jun 24, 2026

Tech Trends

AI-aggregated emerging technology news from top sources. Updated daily via automated Python scraper + GitHub Actions.

AI Intelligence Summary

Executive Summary

Category Highlights

Cybersecurity

DoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering

The U.S. Department of Justice (DoJ) on Tuesday announced the seizure of a cloud computing account put to use by subsidiaries of Cambodia-based corporate conglomerate HuiOne Group, as the Treasury unveiled fresh sanctions against nine individuals and 26 entities linked to Prince Group. "These subsi

The Hacker NewsJun 24, 2026
Cybersecurity

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME). The vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a case of im

The Hacker NewsJun 24, 2026
Cybersecurity

Anthropic’s Fable 5 Model Jailbroken Within Days

Fable 5 is the supposed safe version of Anthropic’s Mythos Preview, with guardrails to ensure that it can’t be used to create cyberattacks. Well, that restriction was bypassed within days.

Schneier on SecurityJun 23, 2026
Cybersecurity

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

Cybersecurity researchers have discovered a set of malicious npm packages that are designed to deliver a Windows-based remote access trojan (RAT). The list of identified packages, is below - aes-decode-runner-pro (145 downloads) postcss-minify-selector (256 downloads) postcss-minify-selecto

The Hacker NewsJun 23, 2026
Cybersecurity

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Direct messages sent via WhatsApp are being used to distribute malicious Visual Basic Script (VBScript) files that lead to the installation of legitimate Remote Monitoring and Management (RMM) software. Per findings from Kaspersky, the active campaign is targeting users of WhatsApp Desktop and What

The Hacker NewsJun 23, 2026
Cybersecurity

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER. According to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidence

The Hacker NewsJun 22, 2026
Cybersecurity

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries

Google has set September 30, 2026, as the day it begins enforcing Android developer verification in the first four countries, and the major device-maker app stores are in from the start. On that date, certified Android phones in Brazil, Indonesia, Singapore, and Thailand will block normal

The Hacker NewsJun 22, 2026
Cybersecurity

Professional Athletes and Wearables

I haven’t thought about the privacy issues surrounding professional athletes and wearables. Wearables present serious privacy issues for “Average Joe” consumers, who are entrusting tech companies to safely store and protect their biometric data. Imagine the stakes for a professiona

Schneier on SecurityJun 22, 2026
Cybersecurity

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS score: 5.3), is a medium-severity information disclosure flaw that can allow unauthenticated attackers

The Hacker NewsJun 20, 2026
Cybersecurity

Friday Squid Blogging: Victims of Unregulated Squid Fishing

Dolphins, sharks, turtles, and human workers are all victims of unregulated squid fishing fleets. Another news article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

Schneier on SecurityJun 19, 2026
Cybersecurity

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected devices

The Hacker NewsJun 19, 2026
Cybersecurity

Anthropic’s Fable and the State of AI

On June 9th, Anthropic released its Fable generative AI model. Three days later, the US government classified it as a dangerous munition, and used its export-control authority to prohibit any foreign nationals from accessing it. Unable to differentiate between Americans and foreigners, the company s

Schneier on SecurityJun 19, 2026
Cybersecurity

Forget Data Leakage: Shadow AI's Real Threat Is Access Control

The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, domain blocks, and data loss prevention rules. That response made sense at the time. It doesn't fit the problem anymore. S

The Hacker NewsJun 19, 2026
Cybersecurity

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026. To that end, organizations will be unable to connect to Salesforce via the app until further notice,

The Hacker NewsJun 19, 2026
Cybersecurity

Embedding Forbidden Text in Spyware to Discourage AI Analysis

At least one malware developer is adding text about nuclear and biological weapons to their spyware, in an effort to stop automatic AI analysis. Details: The _index.js payload begins with a large JavaScript block comment containing fake system instructions and policy-triggering content. Because it i

Schneier on SecurityJun 18, 2026
Cybersecurity

The Scripts on Your Checkout Page Are Now a PCI DSS Problem

An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types their card number into your checkout, their browser is running far more than your code. Analytics tags, a tag manager, a support widget, a paymen

The Hacker NewsJun 18, 2026
Cybersecurity

Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments

An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from Check Point Research. The threat actor also has at their disposal a dedicated WordPress phishing page that acts as the central hub,

The Hacker NewsJun 17, 2026
Cybersecurity

Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization

For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It's validation. Security teams must decide which findings warrant action while operating under constant pressure and incomplete information.

The Hacker NewsJun 17, 2026
Cybersecurity

AI Use by the US Government

On 14 April, the Trump administration quietly acknowledged the widespread use of AI to automate government processes. The office of management and budget (OMB) disclosed a staggering 3,611 active or planned use cases for AI across the federal government. The list has ballooned by 70% from the one pu

Schneier on SecurityJun 17, 2026
Cybersecurity

The Top 10 Attack Surface Exposures in 2026

Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentic

The Hacker NewsJun 17, 2026
Cybersecurity

Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem of vendors and platforms. Yet despite this abundance of information, many organizations continu

The Hacker NewsJun 16, 2026
Cybersecurity

Flock Cameras Are Being Used for Stalking

There are over a dozen cases around the country where police officers are using the Flock surveillance camera system to obsessively and illegally stalk people. Alternate link.

Schneier on SecurityJun 16, 2026
Cybersecurity

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours. CVE-2026-398

The Hacker NewsJun 16, 2026
Cybersecurity

The Onboarding Password Mistake That Creates Unnecessary Risk

Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe. That usually means sharing a temporary "first-day" password so employees can access systems for the first time. The issue is that these pa

The Hacker NewsJun 15, 2026
Cybersecurity

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program (PUP) family. The cluster spans 38 separate Chrome Web Store publisher accounts and three brand backends: tabplugins[.]com, yow

The Hacker NewsJun 15, 2026
Cybersecurity

The FCC Wants to Eliminate Burner Phones

A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person. The FCC plans to do this by legally forcing the country’s telecoms to store a wealth of personal information about essentially all phone customers, including a government issued identif

Schneier on SecurityJun 15, 2026
Cybersecurity

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving a keynote at Cybernation 2026 in Berlin, Germany, on June 24, 2026. I’m speaking at the Potsdam Conference on National Cybersecurity at the Hasso Plattner Institut in Potsdam, Germany. The event runs June 24–25, 2026, and

Schneier on SecurityJun 14, 2026
Cybersecurity

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253, is rated 9.8 on the CVSS scoring system. "In Splunk Enterpr

The Hacker NewsJun 13, 2026
Cybersecurity

U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals

Anthropic said on Friday it will "abruptly disable" its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national securi

The Hacker NewsJun 13, 2026
Cybersecurity

Friday Squid Blogging: Squid-Inspired Fluid Pump

This fluid pump was inspired by the way squids propel themselves through the water. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.

Schneier on SecurityJun 12, 2026
Cybersecurity

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it lands with root, it can also load an eBPF r

The Hacker NewsJun 12, 2026
Cybersecurity

Bernie Sanders’ AI Sovereign Wealth Fund Plan

Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful of billionaires who have promoted and developed AI, with virtually no democratic input, who stand to become even ri

Schneier on SecurityJun 12, 2026
Cybersecurity

Rethinking MDR as Attackers and Defenders Embrace AI

For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and needed someone else to handle the alert queue. MDR stepped in. It worked well enough. Until now. The threat landscape has

The Hacker NewsJun 12, 2026
Cybersecurity

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph is an open-source framework created by LangChain to build complex, stateful, and multi-agent artif

The Hacker NewsJun 12, 2026
Cybersecurity

AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.

For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was straightforward enough; triage by severity, schedule the fix, validate, and move on. The buffer was what made that wor

The Hacker NewsJun 11, 2026
Cybersecurity

Enhanced License Plate Tracking

The surveillance company Leonardo wants more data: A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices, as well as capture the license plate of passing vehicles, would also sweep up unique identifiers of mobile phones, wearables, and oth

Schneier on SecurityJun 11, 2026
Cybersecurity

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a prolonged cyber espionage operation aimed at a Vietnamese infrastructure and transpo

The Hacker NewsJun 11, 2026
Cybersecurity

NSO Group Hacking WhatsApp Despite Court Order

WhatsApp has caught the NSO Group phishing its users, in violation of a court order.

Schneier on SecurityJun 10, 2026
Cybersecurity

Your Automated Pentest Looks Clean. See What It Missed in This Expert Webinar

Your pentest report looks clean. That might be the problem. Run automated pentesting long enough, and the new findings start to dry up. By the third or fourth run, fewer issues appear. The report looks stable. Leadership reads "stable" as "secure." It usually isn't. The work slows down. The risk do

The Hacker NewsJun 10, 2026
Cybersecurity

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63 privileg

The Hacker NewsJun 10, 2026
Cybersecurity

GPS As a Key Distribution Platform

This is interesting: The U.S. military has likely been quietly broadcasting codes for its global encryption network using public GPS for nearly 20 years, turning each satellite into a hidden “numbers station,” according to Steven Murdoch… That means every device that uses GPS has b

Schneier on SecurityJun 9, 2026
Cybersecurity

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt. You open the page, leave the tab sitting there, and it watches the drive f

The Hacker NewsJun 9, 2026
Cybersecurity

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems. "

The Hacker NewsJun 9, 2026
Cybersecurity

Critical Zcash Vulnerability Found and Fixed

If you’re a user—owner?—of this cryptocurrency, this is important: On May 29, the security researcher Taylor Hornby found a critical vulnerability in Zcash Orchard privacy pool using Claude Opus 4.8. The Zcash team hired Hornby specifically to look for this kind of issue. He found

Schneier on SecurityJun 8, 2026
Cybersecurity

Anthropic’s Project Glasswing Update

In April, Anthropic initated Project Glasswing. The idea was to let companies use their new model to find and fix vulnerabilities in their own software. It was a fantastic PR move, and so many press outlets have uncritically parroted Anthropic’s claims that it’s now common wisdom that My

Schneier on SecurityJun 8, 2026
Cybersecurity

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

A China-nexus cyber espionage group has been observed deploying a BSD variant of a known backdoor called BRICKSTORM, as well as two other malware families codenamed PLENET (aka GRIMBOLT) and AGENTPSD to target Linux systems. The activity has been attributed by Volexity to a threat cluster it tracks

The Hacker NewsJun 8, 2026
Cybersecurity

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and Go

The Hacker NewsJun 8, 2026
Cybersecurity

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarant

The Hacker NewsJun 6, 2026
Cybersecurity

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

A researcher has reverse-engineered the iOS SDK that Bright Data embeds in consumer apps and documented how it turns devices, including always-on smart TVs, into exit nodes that relay web-scraping traffic for a data business Bright Data markets heavily to the AI industry. The company, the successor

The Hacker NewsJun 6, 2026
Cybersecurity

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2

The Hacker NewsJun 6, 2026

Peter's AI Agents

Portfolio · Tech · DoD Policy · Notes

🤖

Agent Hub

Hi! I have 4 specialized agents — Portfolio 💼, Tech Trends 📡, DoD Policy 🏛️, and Notes 📝. I'll automatically route your question to the right one. What would you like to know?