Microsoft: June 2026 Windows updates break Recycle Bin prompts
Microsoft has confirmed a confusing Windows bug that causes different filenames to appear in the confirmation dialog when deleting a file from the Recycle Bin.
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks.
NIS 2, la scadenza del 30 giugno e lo stato reale della compliance nelle aziende italiane
NIS 2 compliance: entro il 30 giugno le aziende devono classificare attività e servizi critici secondo il modello ACN. Scopri obblighi, difficoltà e rischi
NY man charged after harassing college student with AI-generated nudes
A New York man faces cyberstalking charges after allegedly sharing AI-generated nude images and fabricated racist messages using fake social media profiles to harass a Georgia college student.
Ridurre le analisi, comprimere le verifiche e rinviare le valutazioni può apparire come la scelta più conveniente, per accelerare i processi decisionali. Ma l'esperienza sul campo svela l'importanza della Governance by design. Ecco perché le scorciatoie si trasformano in costi dilatati, asimmetrici e imprevedibili
CISA warns Fortinet users to secure devices after FortiBleed leak
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed "FortiBleed."
In June 2026, fashion retailer Ralph Lauren was targeted in a ShinyHunters "pay or leak" extortion campaign. The group subsequently published hundreds of gigabytes of data they claimed was obtained from the organisation's Salesforce instance, including 140k unique email addresses along with names, phone numbers, genders and age groups.
Gentlemen ransomware uses multiple EDR killers to disable defenses
The Gentlemen ransomware-as-a-service (RaaS) is actively developing and maintaining a suite of endpoint detection and response (EDR) killers to help affiliates evade detection in attacks.
On 18 June 2026, the latest phase of Operation Endgame targeted the SocGholish malware operation, a prolific malware distribution network used to compromise systems and facilitate further cybercrime. Coordinated by international law enforcement agencies with support from Europol and Eurojust, the operation remediated almost 15,000 compromised websites and disrupted more than 100 servers and domains used to distribute malware. Authorities also provided HIBP with 154k impacted email addresses and more than half a million previously unseen passwords.
FlipCTL — our GUI framework for embedded Linux systems
Do you know why Flipper Zero is so popular? Not because of the little cute dolphin, but because you can use it right out of the box. If we made Flipper Zero in a Proxmark3-like form factor without a screen (no offense, Iceman), it would only be used by a small group of hardcore professionals. We all love simple, clear things: press a button and get results.
Before Flipper Zero, no one really cared about intuitive interfaces of niche devices for geeks. Everyone was building separate hardware and
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised.
In the latest Threat Source, Hazel channels her inner Spielberg to explore why humans are delightfully irrational, reminding us that while security best practices are simple in theory, they’re a lot harder to pull off when you’re busy dealing with real life.
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded…
USB worm spreads crypto-stealing malware via Windows shortcut files
Threat actors targeting cryptocurrency wallets have been distributing clipboard-stealing malware with self-spreading capabilities and using the Tor network to conceal communication.
Lock-in tecnologico cyber: come pianificare la strategia di uscita
Il lock-in tecnologico è uno dei rischi più sottovalutati nella governance IT: invisibile finché non diventa urgente, costoso da gestire quando si materializza. Questa guida analizza le quattro forme del lock-in, introduce il Vendor Dependency Index come strumento di misurazione e illustra le strategie di exit per proteggere la continuità operativa
The deterministic work is moving to agents, which is good, because that's where most of the burnout was coming from. The judgment work is staying with humans, which is also good, because that's where the value is. The deterministic work is moving to agents, which is good, because that's where most of the burnout was coming from. The judgment work is staying with humans, which is also good, because that's where the value is. What's leaving the analyst's queue If you walk through a typical Tier 1 day from 2022, most of it is deterministic work. That work is leaving the queue. The remaining tier-1 work in 2027 isn't pre-processing alerts. The work that's moving is the work analysts were burning out on. The work that's staying, and growing, is the work analysts wanted to do in the first place. It's a redistribution within it, with the boring 80 percent of the work moving off the human side. They're the ones whose training, hiring, and metrics still treat queue throughput as the primary signal. Three new responsibilities are landing on the analyst's desk The work moving onto the analyst's desk has three identifiable shapes. In the 2022 model, hunting was an aspirational activity that senior analysts did when the queue was clear, which was approximately never. This is judgment work, and it requires the analyst to read the agent output critically, not deferentially. Stop training on Speed at queue clicking Individual log interpretation in isolation Tickets-per-shift as the throughput metric Start training on Hypothesis construction for hunting Critical evaluation of AI output Decision-provenance discipline Cross-system timeline construction Hiring for ambiguity tolerance If your reviews still anchor on tickets-per-shift, you are training for the old job. Stop training analysts to be fast at queue clicking. The training time you are spending on queue speed is training time you are not spending on the new work. Reading a single firewall log and deciding what it means is exactly the deterministic pattern-matching work that agents handle better. With it, the agent layer gets better, the audit trail gets stronger, and new analysts ramp faster. Building a real training program requires senior analysts with curriculum-design time, leadership that is willing to invest before payoff, and a hiring pipeline that filters for the right traits rather than the legacy ones. The replacement narrative assumes the work is fungible and the agent does it cheaper. The deterministic work is fungible and the agent does that part cheaper, yes. The judgment work isn't fungible, and the agent doesn't do it at all.
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Market intelligence platform Klue suffered a OAuth breach that enabled the "Icarus" threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign.
FortiBleed: 73.000 firewall Fortinet compromessi in 194 Paesi, anche in Italia. Cosa fare adesso
Un dump massiccio di credenziali ha esposto decine di migliaia di dispositivi Fortinet in tutto il mondo. L'attacco sfrutta vulnerabilità già note, ma la superficie colpita racconta di un'igiene digitale ancora troppo fragile