-
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has patched it. Tracked as CVE-2026-12957 (CVSS 8.5), the bug sat in how Amazon’s AI coding assistant handled Model Context Protocol (MCP) servers. Wiz
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within a day of the CVE assignment on June 16. Red Hat rates the flaw as
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Water and wastewater systems have become strategic gray‑zone targets for Russia, China, and Iran, driven by chronic underinvestment and weak operational‑technology (OT) defenses that make these utilities easy to probe and exploit. Internet‑facing human‑machine interfaces (HMIs), exposed programmable logic controllers (PLCs), default credentials, and poor IT/OT segmentation create low‑cost access paths whose impact is disproportionately […]
The post Water and Wastewater Systems Become Strategic Targets for Russia, China, and Iran appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A macOS XPC flaw let regular users disable CrowdStrike and Kandji tools, exposing security gaps that vendors patched after XM Cyber reported the security issue.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Jun. 26, 2026The 2026 CISO Report from Cybersecurity Ventures in partnership with Sophos reports that in Jan. 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a new resource on “Assembling a Multi-Disciplinary Insider Threat Management Team.” The guidance is intended to assist critical infrastructure stakeholders, which includes private sector entities across various sectors, with implementing an insider threat mitigation program that combines physical security, cybersecurity, personnel awareness, and community partnerships.
Although framed for critical infrastructure, CISA’s guidance is relevant to a broader range of organizations, including those outside of critical infrastructure sectors — a point echoed by Inside Privacy, a resource for updates on developments in data privacy and cybersecurity, edited by Covington. In 2025, organizations allocated an average of 19 percent of IT security budgets to insider risk management, up from 8.2 percent in 2023, according to Help Net Security. Many organizations view agentic AI as important for early insider risk detection, but only a small share classify AI agents as equivalent to human insiders.
When it comes to detecting and protecting against insider risk, cybersecurity teams need to go above and beyond. Above Security has changed the game with an AI-native insider threat platform for proactive risk management. Specialized AI agents guide employees away from risk while building behavioral timelines of people and their agentic AI counterparts – inferring intent from signals traditional tools miss and delivering a full evidentiary timeline the moment activity becomes an incident.
Cybercrime Magazine caught up with Above’s co-founders Aviv Nahum, CEO, and Amir Boldo, CPTO, to get their take on the insider threat and what organizations can do to protect themselves from malicious employees, contractors, and others who may be lurking in their networks and systems.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post Insider Threat: Cybersecurity Needs To Go Above And Beyond appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it lets a local user corrupt file-backed memory through a cloned network packet and gain root. The patch landed in
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Japan’s defense infrastructure has faced scrutiny following an investigation that revealed members of the Japan Self-Defense Forces (JSDF) used counterfeit USB drives embedded with malware linked to China on systems handling classified information. According to findings reported by Nikkei, these compromised USB devices were acquired at significantly lower costs through unofficial channels. They were subsequently […]
The post China-Linked Malware Found in Counterfeit USB Drives Used on Japan Defense Force Classified Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn’t designed for autonomous actors, and the gap between what enterprises are deploying and what their governance programs actually cover is widening fast. This guide breaks
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical server-side template injection (SSTI) vulnerability in FOSSBilling, tracked as CVE-2026-28496, is exposing instances to potential full database compromise and remote code execution (RCE), with early signs of active exploitation appearing shortly after public disclosure. This flaw is documented under GitHub advisory GHSA-57mv-jm88-66jc and affects all versions up to 0.7.2. It has been patched […]
The post FOSSBilling Flaw Lets Admin Attackers Abuse DI Container for SQL Access and RCE appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
