Stay informed with today's critical security updates
Every organisation is different. The free "Daily Pulse" feed shows the broader threat landscape.
Want this specific and tailored to your organisation?
ThreatInsights – Click for more infoThe Daily Pulse is refreshed automatically every day at 9:00 AM GMT
Want to learn more about Cyber Threat Intelligence?
Check out our free online self-paced training course.
Start Learning NowThursday, June 18, 2026
‘Dangerous’ AI Models Are Coming No Matter What
The US government crackdown on Anthropic’s Claude Fable 5 and Mythos 5 hides a glaring truth: AI models with advanced hacking capabilities will soon be the norm.
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Thursday, June 18, 2026
Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack
The attackers deployed a new Go-based backdoor that uses Microsoft Teams servers for command-and-control. The post Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack appeared first on SecurityWeek.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Thursday, June 18, 2026
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Update threat detection rules, brief security team on TTPs, enhance monitoring for IoCs, and review defensive posture against similar attacks.
Thursday, June 18, 2026
Lawmakers leery about Trump administration’s Anthropic order
Some panned it, some said they needed more information, but caution figured into all of the responses. The post Lawmakers leery about Trump administration’s Anthropic order appeared first on CyberScoop.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Thursday, June 18, 2026
AI’s constant patching treadmill can be a security problem
The breakneck speed of model releases may be creating short, silent security gaps as developers must choose between performance and security, according to a new report. The post AI’s constant patching treadmill can be a security problem appeared first on CyberScoop.
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Thursday, June 18, 2026
Google exposes China espionage group that’s been lurking in networks undetected since 2023
The revelation mirrors an alarming pattern of Chinese espionage groups dropping backdoors into critical infrastructure to intercept research and steal data with national security implications. The post Google exposes China espionage group that’s been lurking in networks undetected since 2023 appe...
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Thursday, June 18, 2026
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub a...
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Thursday, June 18, 2026
FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
A newly discovered data leak dubbed "FortiBleed" has exposed what appears to be a collection of Fortinet and FortiGate VPN credentials for 73,932 firewall URLs at organizations worldwide.
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Thursday, June 18, 2026
Student Loan Breach Exposes 2.5M Records
5 million people were affected, in a breach that could spell more trouble down the line.
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Thursday, June 18, 2026
Why Account Takeovers Are Rising and How to Stop Them
Account takeovers are rising as attackers bypass traditional defenses through phishing, session hijacking, and MFA fatigue. Specops Software explores how device trust and continuous verification help reduce account takeover risk.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Monday, June 15, 2026
Chinese hackers hijack auth flow, spy on isolated network for a decade — Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. [...]
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. [...]
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
BBVA puts AI at the core of banking with OpenAI — Learn how BBVA scaled ChatGPT Enterprise to 100,000 employees and partnered with OpenAI to accelerate AI-powered banking transformation worldwide.
Learn how BBVA scaled ChatGPT Enterprise to 100,000 employees and partnered with OpenAI to accelerate AI-powered banking transformation worldwide.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Why AI Projects Stall and How CIOs Can Respond
Why AI Projects Stall and How CIOs Can Respond
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
FBI disrupts massive AI-powered phishing service using a million URLs — In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing we...
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. [...]
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Securing CI/CD in an agentic world: Claude Code Github action case — Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions. This research examines the attack...
Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions. This research examines the attack chain, responsible disclosure process, Anthropic's mitigation, and guidance for securing AI-powered CI/CD workflows. The post Securing CI/CD in an agentic world: Claude Code Github action case appeared first on Microsoft Security Blog. ]]>
Implement input validation, deploy prompt injection detection classifiers, limit AI agent permissions, and monitor for unusual API patterns.
Monday, June 15, 2026
AI Risk Worries Insurers & Businesses Alike — As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage?
As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage?
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Introducing the OpenAI Partner Network — OpenAI launches the Partner Network, investing $150M to help global partners accelerate enterprise AI adoption, deployment, and transformation.
OpenAI launches the Partner Network, investing $150M to help global partners accelerate enterprise AI adoption, deployment, and transformation.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Turn Blind Trust into Verified Control with Prompt Security for Agentic AI — Prompt for Agentic AI Security empowers organizations with proactive governance, meaning security teams can deploy agents with confidence.
Prompt for Agentic AI Security empowers organizations with proactive governance, meaning security teams can deploy agents with confidence.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.