Cyber security news June 2026

This posting is here to collect cyber security news in June 2026.

I post links to security vulnerability news to comments of this article.

You are also free to post related links to comments.

79 Comments

  1. Tomi Engdahl says:

    https://cybersecuritynews.com/linux-kernel-improper-authentication-vulnerability/

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel vulnerability, tracked as CVE-2022-0492, to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively leveraged in real-world attacks. Linux& Unix

    The issue, categorized as improper authentication, affects Linux systems using the cgroups v1 release_agent feature and may allow attackers to achieve privilege escalation.

    CVE-2022-0492 stems from insufficient validation and authentication controls within the Linux kernel’s control groups (cgroups) mechanism.

    Reply
  2. Tomi Engdahl says:

    Vain 22 sekuntia aikaa: kun hyökkäykset nopeutuvat, puolustuksen on muututtava
    Tekoäly on muuttanut tietoturvaa nopeammin ja perusteellisemmin kuin moni vielä ymmärtää. Google Cloud Next -tapahtumassa kävi selväksi, ettei perinteinen, ihmisvetoinen malli pysy enää hyökkäysten vauhdissa. DNA:n Kaapro Kanto kertoo, miten puolustuksen on muututtava nyt – ja mitä yritysten pitäisi tehdä seuraavaksi.
    https://www.dna.fi/yrityksille/blogi/-/blogs/vain-22-sekuntia-aikaa-kun-hyokkaykset-nopeutuvat-puolustuksen-on-muututtava

    Reply
  3. Tomi Engdahl says:

    https://arstechnica.com/security/2026/06/dashlane-explains-how-attackers-managed-to-download-encrypted-password-vaults/

    Reply
  4. Tomi Engdahl says:

    https://thehackernews.com/2026/06/autonomous-ai-tool-finds-2-year-old-rce.html

    Reply
  5. Tomi Engdahl says:

    https://thehackernews.com/2026/06/new-http2-bomb-vulnerability-allows.html

    Reply
  6. Tomi Engdahl says:

    https://cybersecuritynews.com/21-0-day-vulnerabilities-in-ffmpeg/

    Reply
  7. Tomi Engdahl says:

    https://thehackernews.com/2026/06/new-greatxml-exploit-bypasses-windows.html

    Reply
  8. Tomi Engdahl says:

    Supply Chain Security
    NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

    By default, npm install will no longer execute scripts from dependencies, unless explicitly allowed.

    https://www.securityweek.com/npm-12-will-change-script-execution-behavior-to-prevent-supply-chain-attacks/

    Reply
  9. Tomi Engdahl says:

    https://www.securityweek.com/anthropic-says-it-has-taken-its-latest-ai-models-offline-to-comply-with-new-export-controls/

    Reply
  10. Tomi Engdahl says:

    https://www.securityweek.com/in-other-news-google-security-layoffs-audia6-takedown-400-million-coupang-fine/

    Reply
  11. Tomi Engdahl says:

    Artificial Intelligence
    Industry Reactions to Claude Fable 5: Feedback Friday

    Industry professionals comment on various aspects of Fable 5, including dual-use capabilities, safeguards, and tiered access.
    https://www.securityweek.com/industry-reactions-to-claude-fable-5-feedback-friday/

    Reply
  12. Tomi Engdahl says:

    https://www.securityweek.com/onyxc2-stealer-offers-cybercriminals-enterprise-grade-theft-for-250-a-month/

    Reply
  13. Tomi Engdahl says:

    https://www.securityweek.com/anthropic-disputes-fable-5-ai-jailbreak/

    Reply
  14. Tomi Engdahl says:

    ICS/OT
    Iranian Cyber Group Handala Claims Cal Water Hack

    The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform.

    https://www.securityweek.com/iranian-cyber-group-handala-claims-cal-water-hack/

    Reply
  15. Tomi Engdahl says:

    The Guardian:
    Sources: UK plans to announce an “Australia plus” under-16 social media ban, including restrictions on chats with strangers on gaming apps and under-18 curfews

    Starmer to announce ‘Australia plus’ ban on social media for under-16s

    Sources say hardline measures will also prevent young users from being able to talk to strangers on gaming apps

    https://www.theguardian.com/uk-news/2026/jun/14/starmer-to-announce-australia-plus-ban-on-social-media-for-under-16s

    Reply
  16. Tomi Engdahl says:

    Andrew Osborn / Reuters:
    Since Russia ratcheted up control over the internet this year, some Russians are turning to solutions like using multiple phones and VPNs to evade restrictions

    https://www.reuters.com/world/europe/two-phones-an-app-how-russians-skirt-putins-digital-iron-curtain-2026-06-13/

    Reply
  17. Tomi Engdahl says:

    https://www.idrive.com/idrive/signup/c2c_landing

    Safeguard Your Cloud Applications data

    Microsoft Office 365
    Google Workspace
    Salesforce
    Backup for Dropbox
    Box

    Reply
  18. Tomi Engdahl says:

    UK PM Keir Starmer says the UK will ban social media for under-16s and restrict gaming and livestreaming platforms, aiming for regulation by the end of 2026 — British Prime Minister Keir Starmer said on Monday he would ban social media sites for under-16s and impose restrictions on gaming …

    Britain announces sweeping social media ban for under-16s
    https://www.reuters.com/business/media-telecom/britain-expected-set-out-under-16s-social-media-restrictions-2026-06-14/

    Reply
  19. Tomi Engdahl says:

    Platforms including Instagram, TikTok, Snapchat and Facebook are set to be banned for under-16s

    Full list of social media platforms included in Starmer’s under-16s ban
    Platforms such as Instagram, TikTok, Snapchat and Facebook are set to be banned
    https://www.independent.co.uk/news/uk/home-news/social-media-ban-uk-full-list-apps-whatsapp-snapchat-youtube-b2995731.html?fbclid=IwdGRjcAScv_djbGNrBJy_3GV4dG4DYWVtAjExAHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHgvGrCSTt0BixncCmwGc4yhhSA4jRFOKtaRzajAYxB7xDMgUxG4KjXqDDWwM_aem_myQAL23cOSiZNodFKULUYg

    Social media platforms will be blocked for children under the age of 16 in a historic move from Sir Keir Starmer, as he said a “total ban is the right choice”.

    The prime minister announced the restriction in a Downing Street press conference on Monday morning as he warned social media was impacting children’s happiness and mental health.

    The social media platforms to be affected include:

    Facebook
    Instagram
    X
    Snapchat
    TikTok
    YouTube

    Messaging services like WhatsApp and Signal are not set to be included in the ban.

    Restrictions will also be enforced on gaming sites which will include world-leading blocks on harmful functions such as livestreaming and stranger communication with children under-16

    AI “romantic companion” chatbots, which are designed to simulate sexual relationships or roleplay with users, will also enforce a minimum age of 18.

    The prime minister said he was confident the ban would be effective but acknowledged some children would find their way around it. The measure is expected to come into force by early next year.

    The government is also looking at potential overnight curfews and breaks in infinite scrolling for under-18s.

    Sir Keir, a father-of-two, said: “This is not something I do lightly, and I will not present it as cost-free, as if social media has brought no benefits to young people, because clearly that is wrong.

    “But government is always about choices, and it’s clear to me that a full ban is the right choice.

    I ask the question now: Do we truly believe that social media creates a happy environment for our children?

    “Do we truly believe that it’s a place where they can feel safe? I don’t think I even need to answer those questions, do I?

    “Every parent can see it with their own eyes. Social media is making children unhappy.”

    There has been resistance from the Trump administration to action against social media sites, which are largely based in the US.

    many countries around the world were “grappling” with the issue of children’s safety online.

    Reply
  20. Tomi Engdahl says:

    https://www.independent.co.uk/news/uk/home-news/social-media-ban-uk-starmer-children-response-b2995757.html?fbclid=IwdGRjcASc1K1jbGNrBJzUoWV4dG4DYWVtAjExAHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHnTdkjEQOGMvkiJvDEt3PmIUfoH3oX01jTmputQ79zvgU39d5x93zMOn46VO_aem_SotYK0DwMax4Kf_6i4FNCQ

    Reply
  21. Tomi Engdahl says:

    Jokainen laite voi olla seuraava kohde – tutkijat puhuvat uudenlaisesta kyberuhasta – Muropaketti.com https://share.google/SJlMpfVWdPCBHwowE

    Tutkijat ovat luoneet avoimen lähdekoodin kielimallilla toimivan tekoälyagentin, joka käyttäytyy kuin ”mato”, eli itsenäisesti toimiva, tietoturva-aukkoja hyödyntävä ja itsestään monistuva haittaohjelma.

    Vielä vertaisarvioimattomassa ennakkotutkimuksessa osoitetaan, kuinka itseään monistava tekoälyagentti voi vallata tietoverkon lähes olemattomin kustannuksin. Asiasta uutisoi Gizmodo.

    Tutkijoiden mukaan kyseessä on ”perustavanlaatuisesti uusi uhka: mato, joka luo kohteelleen räätälöityjä hyökkäysstrategioita jokaisessa kohtaamassaan järjestelmässä”.

    Tutkimuksessa tekoälyagentti toimi matona eristetyssä testiverkossa, joka koostui Linux-, Windows- ja IoT-laitteista. Verkossa oli yleisiä yritysverkkojen haavoittuvuuksia, kuten uudelleenkäytettyjä salasanoja. Agentti perustui nimeämättömään avoimen lähdekoodin suureen kielimalliin.

    Perinteisestä tietokoneviruksesta poiketen mato ei tarvitse käyttäjältä toimia, kuten haittaohjelman sisältävän tiedoston avaamista levitäkseen, vaan se hyödyntää tietoturva-aukkoja ja kopioi itseään uusiin laitteisiin.

    Se pystyy tunnistamaan kunkin laitteen yksilöllisiä tietoturva-aukkoja ja muuttamaan toimintatapaansa niiden perusteella.

    Tutkijoiden mukaan mato hyödyntää myös tartuttamiensa laitteiden laskentatehoa. Tämä korostuu erityisesti aikana, jolloin yhä useammat älypuhelimet ja kannettavat tietokoneet suunnitellaan suorittamaan suuria kielimalleja paikallisesti.

    ”Jokainen internetiin yhdistetty laite on mahdollinen kohde – ellei sen sisältämän datan vuoksi, niin ainakin seuraavan hyökkäyksen laukaisualustana”, tutkijat kirjoittavat blogissaan.

    Reply
  22. Tomi Engdahl says:

    AI Agents Enable Adaptive Computer Worms
    In our pursuit of new knowledge to enhance the security of artificial intelligence, we uncovered a cybersecurity threat with implications across society.
    https://cleverhans.io/worm.html

    ‘A Fundamentally New Threat’: Researchers Develop New AI-Powered Worm That Might Be Unstoppable
    A team of cybersecurity experts have shown how a self-replicating AI agent can take over a computer network at almost no cost.
    https://gizmodo.com/a-fundamentally-new-threat-researchers-develop-new-ai-powered-worm-that-might-be-unstoppable-2000766975

    Reply
  23. Tomi Engdahl says:

    https://www.independent.co.uk/news/world/americas/us-politics/trump-ufc-white-house-targeted-attacks-fbi-b2996596.html?fbclid=IwdGRjcASeJQRjbGNrBJ4lAGV4dG4DYWVtAjExAHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHickSf24hOYqjoUOhOh-ZZEyPpDDTWs7f5UhNMilijmnAmmSKP-ln1IZDVU0_aem_4i1PcKYzxdJAqByOnEN1MQ

    Reply
  24. Tomi Engdahl says:

    https://etn.fi/index.php/13-news/19061-linuxista-loeytyi-19-vuotta-vanha-aukko

    Linux-ytimestä on löytynyt 19 vuotta vanha haavoittuvuus, jonka avulla perusoikeuksilla varustettu paikallinen käyttäjä voi saada järjestelmässä root-oikeudet. CIFSwitchiksi nimetty haavoittuvuus koskee Linuxin CIFS/SMB-asiakaspuolta ja siihen liittyvää cifs-utils-apuohjelmistoa.

    Haavoittuvuudelle on annettu tunniste CVE-2026-46243. Se ei ole verkon yli suoraan hyödynnettävä SMB-palvelinaukko, vaan paikallinen käyttöoikeuksien korotus. Riskissä ovat etenkin järjestelmät, joissa käyttäjillä on paikallinen pääsy, käytössä on cifs-utils ja järjestelmä sallii hyökkäysketjun vaatimat nimiavaruudet.

    Reply
  25. Tomi Engdahl says:

    Hackers claim they stole Novo Nordisk’s drug and AI secrets
    “Among the categories of data FulcrumSec says it obtained are source code, proprietary drug information covering both marketed and pipeline compounds, clinical trial records, data on employees, doctors, and patients, details tied to manufacturing operations, and internal AI model files.”

    https://qz.com/novo-nordisk-hack-fulcrumsec-extortion-data-theft-061726

    Reply
  26. Tomi Engdahl says:

    Attacking UPS Network Cards to Take Down Data Centers → https://claroty.com/team82/research/attacking-ups-network-cards-to-take-down-data-centers

    #welcometothepartypalgif #2600net #irc #secnews

    Reply
  27. Tomi Engdahl says:

    AMD silently removes memory encryption from consumer Ryzen CPUs, leaving users unaware that they may be vulnerable — security feature vanishes after newer AGESA firmware, AMD engineers go radio silent when pressed about the change → https://www.tomshardware.com/pc-components/cpus/amd-silently-removes-memory-encryption-from-consumer-ryzen-cpus-leaving-users-unaware-that-they-may-be-vulnerable-security-feature-vanishes-after-newer-agesa-firmware-amd-engineers-go-radio-silent-when-pressed-about-the-change

    #2600net #irc #secnews #encryption #memory

    Reply
  28. Tomi Engdahl says:

    Jos puhelimesi tekee tämän, pysähdy heti – ”Todellinen vaaran merkki”
    https://www.is.fi/digitoday/tietoturva/art-2000012089011.html

    Reply
  29. Tomi Engdahl says:

    ⚠️ Some Apple chips now have a flaw no software update can remove.

    Researchers released usbliter8, a SecureROM exploit for A12 and A13 chips that enables code execution via USB in DFU mode.

    Read details here: https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*