Cybersecurity news

Suno Raises $400M at $5.4B Valuation as Music Industry Lawsuit Balloons to 61,000 Works

Suno raised $400M at a $5.4B valuation while plaintiffs Universal and Sony moved to add 61,000 songs to a copyright suit, testing fair use limits for generative AI.

Cybersecurity·4h ago

CISA Adds Actively Exploited Linux Kernel and Android Flaws to KEV Catalog

CISA added freshly exploited Linux kernel and Android vulnerabilities to the KEV catalog on June 3, lining up with Google's monthly Android patch that fixes 124 bugs including one active zero day.

Bruno DigitalRead news →

Cybersecurity·5h ago

Google Gemini Voice Assistant Hit by Prompt Injection via Phone Notifications

A new prompt injection flaw lets attackers smuggle commands into Google Gemini's voice assistant through ordinary Android notifications, turning the assistant into an unwitting social engineering channel.

Bruno DigitalRead news →

Cybersecurity·6h ago

Global Stock Exchange Spied On for Five Months via Outlook Mailbox Implant

An unknown actor sat inside a senior exchange executive's Outlook inbox for at least five months, exfiltrating mail via Dropbox using only legitimate Windows tools and a custom Aspose-based stealer.

Bruno DigitalRead news →

Cybersecurity·20h ago

Meta's AI Support Bot Tricked Into Resetting Instagram Passwords for High-Profile Accounts

Attackers tricked Meta's Instagram AI support assistant into rebinding accounts to attacker email addresses, hijacking the Obama White House and U.S. Space Force handles for pro-Iranian defacements.

Bruno DigitalRead news →

Cybersecurity·22h ago

Google Patches Actively Exploited Android Zero-Day in June 2026 Bulletin

Google's June 2026 Android update fixes 124 vulnerabilities, including an actively exploited Framework zero-day and a critical no-interaction remote privilege escalation bug.

Bruno DigitalRead news →

Cybersecurity·1d ago

Belgian CCB Warns Windows Netlogon RCE Now Under Active Exploitation

Belgium's national cyber agency confirmed live attacks against a freshly patched critical Windows Netlogon RCE, raising the urgency for every enterprise running Active Directory.

Bruno DigitalRead news →

Cybersecurity·1d ago

Red Hat npm Namespace Compromised in Fresh Shai-Hulud Variant Dubbed Miasma

A new Shai-Hulud strain called Miasma slipped into more than thirty Red Hat owned npm packages overnight, putting cloud credentials across thousands of developer machines at risk.

Bruno DigitalRead news →

Cybersecurity·1d ago

Anthropic to Grant EU's ENISA Access to Mythos AI for Vulnerability Research

ENISA is set to become the first EU agency with access to Anthropic's Mythos model under Project Glasswing, signaling a serious step in coordinated AI security defense.

Bruno DigitalRead news →

Cybersecurity·1d ago

Microsoft Walks Back Zero-Day Legal Threats After Researcher Revolt

Microsoft retreated from a sweeping legal threat against zero-day publishers after the research community warned the original wording would push more vulnerabilities into the black market.

Bruno DigitalRead news →

Cybersecurity·1d ago

CISA Orders Federal Agencies to Patch Two-Year-Old Oracle WebLogic Flaw Under Active Exploitation

CISA added a two year old Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabilities catalog after confirming active exploitation, giving federal agencies 21 days to patch.

Bruno DigitalRead news →

Cybersecurity·2d ago

cPanel Auth Bypass Compromises More Than 40,000 Servers

A critical authentication bypass in cPanel has now compromised more than 40,000 servers, exposing customer websites, databases, and mail systems to full unauthenticated takeover.

Bruno DigitalRead news →

Cybersecurity·2d ago

Palo Alto GlobalProtect Auth Bypass Hits CISA Deadline as Exploitation Spreads

Palo Alto's GlobalProtect VPN authentication bypass moved from advisory to mass exploitation as the CISA remediation deadline expired, leaving unpatched edge appliances exposed to silent admin takeover.

Bruno DigitalRead news →