CyberSecurity Updates

16 Jun

iRhythm Confirms Data Stolen in Hack

Data Breaches, Information, News

iRhythm, a health company specializing in wearable cardiac monitoring technology, has been targeted in a cyberattack that resulted in the theft of information. The data breach was disclosed by iRhythm, known for its Zio wearable ECG monitor, in a Monday filing with the SEC. The company said it detected “unauthorized activity involving data maintained on certain third-party-hosted business applications” on June 8. iRhythm noted that the attack involved social engineering, but the targeted application has…

Read More
16 Jun

EvilTokens: A phishing attack that doesn’t steal your password

Information

Cybercrime A phishing kit subverting Microsoft’s legitimate authentication flow lets attackers break into accounts without stealing passwords or creating fake login pages Christian Ali Bravo 15 Jun 2026  •  , 5 min. read Much has been written about how the days of phishing emails laden with broken grammar and crude design are numbered, largely thanks to AI. Meanwhile, EvilTokens offers a somewhat different example of how far the phishing craft has moved. EvilTokens is a…

Read More
15 Jun

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Information, News

Mackay Sugar, a major Australian sugar producer, has been targeted in a ransomware attack that forced it to shut down some of its mills. The hacker attack came to light on June 10, when Mackay Sugar announced it was responding to a cybersecurity incident affecting some of its operations. “Interim processes are in place to support critical business functions and minimise disruption where possible,” the company said at the time. Mackay Sugar operates three cane-processing…

Read More
13 Jun

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

Information, News

In response to a recent wave of supply chain attacks targeting the NPM ecosystem, GitHub announced that scripts from dependencies will no longer be executed by default. Multiple major incidents that occurred over the past several months, mainly associated with TeamPCP and the Shai-Hulud self-replicating worm, have been abusing the default, automatic execution of scripts from dependencies during npm install to infect thousands of developers with malware. To better protect users, starting with NPM version…

Read More
13 Jun

Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls

Information, News

AI giant Anthropic said Friday it has taken its latest artificial intelligence models, known as Fable 5 and Mythos 5, offline to comply with a directive from the Trump administration to prevent their use by foreign nationals. The export controls mark the U.S. government’s most significant step to date to restrict access to the most advanced AI models. Anthropic released Fable widely this week. That model is a limited version of the even more advanced…

Read More
12 Jun

What makes or breaks cyber-readiness for SMBs

Information

“Fix the roof while the sun is shining.” – proverb Cybersecurity has a familiar way of saying the storm will come: “a breach is a matter of when, not if.” While the industry’s sternest maxim has probably never been more true, it sometimes feels as though it’s also lost some of its edge over the years. Everyone agrees that there could be a ‘cloud on the horizon,’ but is it enough to get them to …

Read More
12 Jun

OceanLotus: From external espionage to domestic targeting

Information

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations while placing increasing emphasis on domestic espionage. We identified two distinct campaigns involving the SPECTRALVIPER backdoor: a supply-chain attack targeting stock investors in Vietnam and a prolonged espionage operation against a Vietnamese infrastructure and transport construction company. Whether the shift represents a temporary adjustment or a long-term strategic…

Read More
12 Jun

In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine

Information, News

SecurityWeek’s weekly cybersecurity news roundup offers a concise overview of important developments that may not receive full standalone coverage but remain relevant to the broader threat landscape. This curated summary highlights key stories across vulnerability disclosures, emerging attack methods, policy updates, industry reports, and other noteworthy events to help readers maintain a well-rounded awareness of the evolving cybersecurity environment. Here are this week’s highlights: IBM and AT&T accused of hack cover-ups A former IBM cybersecurity…

Read More
11 Jun

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Information, News

Oracle on Thursday released an out-of-band advisory addressing a PeopleSoft vulnerability that can be exploited by an unauthenticated attacker for remote code execution. The security alert comes amid reports that the notorious ShinyHunters hacker group has been targeting organizations that use PeopleSoft. PeopleSoft is an integrated enterprise resource planning (ERP) software suite widely used by large organizations for managing core business functions, including HR, payroll, finance, supply chain, and campus operations. The newly disclosed vulnerability…

Read More
10 Jun

Who Runs the Ransomware Group ‘The Gentlemen?’

Information, Insights

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group. A graphic created and shared by The Gentlemen ransomware group administrator Hastalamuerte on Breachforums in…

Read More