Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women

Both CFAKE and SOCFAKE CFAKE.com and SOCFAKE.com were seized after prosecutors said they hosted nonconsensual nude digital forgeries of famous women...

The FCC Wants to Eliminate Burner Phones

A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person. The FCC plans to do this by legally forcing the country's telecoms to store a wealth of personal information about essentially all phone customers, including a government issued...

The FCC Wants to Kill Burner Phones

Plus: AI bug hunting fuels Microsoft’s biggest-ever Patch Tuesday, ShinyHunters ransomware gang exploits an Oracle zero-day, and more...

Navigating the New Federal Logging Mandate | OMB Memorandum M-26-14

The White House Memorandum puts in place an “adaptive framework,” where agencies make risk-based, prioritized logging decisions...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-35273link is external Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability This type of vulnerability is a...

Feds Seize AudiA6 and Dark2Web in $389M Crypto Laundering Case

Feds seized AudiA6 and Dark2Web in a major crypto laundering case, arresting two suspects linked to over $389M in alleged illicit transactions...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-10520link is external Ivanti Sentry OS Command Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and...

CVE-2026-44487 vulnerabilities

Vulnerabilities for packages: wazuh-dashboard, wazuh-dashboard-fips, opensearch-dashboards-fips, opensearch-dashboards...

FBI Seizes China-Linked Fake Consulting Sites Targeting US Clearance Holders

The Justice Department and FBI seized 13 fake consulting websites that officials say targeted US clearance holders with paid research work designed to obtain sensitive government information...

How Federal Agencies Can Activate a Risk Operations Center (ROC) to Meet CISA BOD 26-04

Executive Summary Recognizing the ability of Frontier AI models to discover and exploit vulnerabilities at unprecedented speed and scale, CISA 's Binding Operational Directive BOD 26-04 marks a significant shift in federal vulnerability management. The directive introduces aggressive mandates,...

GHSA-2VQW-3MP8-CGMX vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce, gitlab-cng, gitlab-rails-ce-fips...

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-42271link is external BerriAI LiteLLM Command Injection Vulnerability CVE-2026-50751link is external Check Point Security Gateway Improper Authentication...

PT-2026-49127

This crate provides Rust bindings to ML-DSA FIPS 204 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-21182link is external Oracle WebLogic Server Unspecified Vulnerability This type of vulnerability is a frequent attack vectors for malicious cyber actors and...

PT-2026-45209

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description An out-of-bounds read can occur in the iavb parse key data function within avb rsa.c due to improper input validation. This issue allows for local information...

CVE-2026-5386

creationtimestamp| type| source ---|---|--- 2026-05-28 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-06 2026-05-29 19:01:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmz7wtzwag27 2026-05-29 20:38:47+00:00| seen|...

Company bragged phone mics could listen to conversations. They couldn’t.

A media company and two of its marketing partners have been fined for selling a service which, they said, listened in to people's conversations through their phones. Actually they did nothing of the sort. Most people have worried at some point that their phone has been listening to them through t...

US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows

As Americans stew over the looming risk of job-stealing AI and data centers in their back yards, the feds are raising the alarm about a new category of threat, documents obtained by WIRED show...

PT-2026-43390

CISA added an actively exploited Drupal SQL injection to its KEV catalog and gave federal agencies until Wednesday evening to patch. If you're running Drupal in production and haven't patched CVE-2025-50329, you're exposed to trivial database compromise. No auth required. cybersecurity infosec...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-9082link is external Drupal Core SQL Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses...