Cyber security news June 2026

This posting is here to collect cyber security news in June 2026.

I post links to security vulnerability news to comments of this article.

You are also free to post related links to comments.

147 Comments

  1. Tomi Engdahl says:

    Kyber­turvallisuuskeskus: Tekoälyvaroitus
    Kyberuhkat ovat kehittyneet teknologian ja hyökkääjien toimintatapojen mukana. Yksi merkittävimmistä muutoksista on ollut tekoälyn kehittyminen ja käytön lisääntyminen.
    https://www.iltalehti.fi/digiuutiset/a/a44a5601-a803-4483-a43e-4f23a79a0120

    Reply
  2. Tomi Engdahl says:

    Skrollaus jatkuu
    Australia kielsi somen nuorilta, mutta Sydneyssä asuva Astrid Bakker ystävineen käyttää sovelluksia yhä sujuvasti. Voiko kiellosta silti olla hyötyä?
    https://yle.fi/a/74-20229251

    Reply
  3. drywaller says:

    As a drywaller, ensuring your business is protected with top-notch cyber security is absolutely essential. In today’s digital world, safeguarding your sensitive information can make all the difference in staying one step ahead of the competition!

    Reply
  4. Tomi Engdahl says:

    Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says

    Come vulnerabilities were found within hours, but that does not mean the model was able to exploit them within that time, the official said.

    https://www.securityweek.com/anthropics-mythos-model-found-vulnerabilities-in-classified-us-government-systems-official-says/

    Reply
  5. Tomi Engdahl says:

    Dragos Unveils AI for OT Security

    Named EmberAI, the new capability is built on Dragos’ massive operational technology cybersecurity dataset.

    https://www.securityweek.com/dragos-unveils-ai-for-ot-security/

    Reply
  6. Tomi Engdahl says:

    Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks

    The high-severity use-after-free vulnerability in Samsung’s KNOX security framework affected Android-powered Galaxy devices from the S9 through S25.

    https://www.securityweek.com/eight-year-old-samsung-knox-flaw-exposed-millions-of-galaxy-devices-to-kernel-attacks/

    Researchers found an eight-year old high severity vulnerability affecting nearly all Samsung devices from the Galaxy S9 to S25 living within the KNOX kernel.

    The flaw (CVE‑2026‑20971, CVSS 7.8) could be exploited through the interaction between PROCA and FIVE. PROCA, the process authenticator, is a proprietary subsystem in the kernel of the Samsung devices designed to prevent unauthorized processes from executing. It validates process authenticity using FIVE, the kernel side integrity subsystem, based on the Linux integrity-measurement model and extended by Samsung.

    FIVE tracks trust in each running process, applying a task_integrity object that records its security state. If the process changes, perhaps it forks a child, the child invokes execve() which triggers a new integrity and drops the old one. This should be instantaneous – but enter Android’s preemptive Kernel within which it all runs. The net effect is a tiny window which, if reachable, is a classic race-condition use-after-free (UAF) target.

    Because of the preemptive kernel, a thread can be suspended between reading the pointer and using it. “The target task executes execve(), specifically task_integrity_put(old_tint), freeing the original struct. proc_integrity_value_read() resumes and calls task_integrity_user_read() with a pointer to freed memory,” reports the LucidBit Labs researchers who discovered the flaw.

    Reply
  7. Tomi Engdahl says:

    FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances

    Attackers can send crafted media files to execute code in any application that uses FFmpeg’s libavcodec library.

    https://www.securityweek.com/ffmpeg-pixelsmash-flaw-allows-rce-on-video-players-media-servers-nas-appliances/

    Reply
  8. Tomi Engdahl says:

    What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks

    Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.

    https://www.securityweek.com/what-the-latest-shinyhunters-breaches-reveal-about-modern-cyberattacks/

    Reply
  9. Tomi Engdahl says:

    Artificial Intelligence
    When Information Becomes the Attack Surface – Understanding AI Agent Traps

    From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI.

    https://www.securityweek.com/when-information-becomes-the-attack-surface-understanding-ai-agent-traps/

    AI agents go beyond answering questions. They can autonomously browse websites, read emails, search company files, query software tools, and more. AI models producing incorrect answers is hardly a threat, until agents encounter information that’s maliciously designed to influence what it sees, believes, remembers, or executes.

    An agent leverages webpages, document stores, wikis, images, emails, or tools to produce intended outputs. But what happens when these sources mask malicious instructions? These trap AI agents into making a wrong interpretation or taking unintended action. Scientists from Google DeepMind categorized these “traps” into six categories, including content injection, semantic manipulation, cognitive state, behavioral control, systemic, and human-in-the-loop traps. The last two are more theoretical and expected to become more relevant as AI agent use grows. It helps to understand these traps to determine the necessary mitigations.

    Content Injection: When Instructions Hide in Plain Sight

    Content injections exploit the difference between what a human sees and what an agent parses, as well as the system’s difficulty in keeping trusted instructions separate from untrusted external data.

    A webpage might appear harmless, but its underlying code, metadata, hidden text, or image can contain malicious instructions for an AI system. An AI model accepts attacker-controlled data from an external source, such as a website or file. If this system fails to distinguish between data and instructions, the model may start processing instructions within that content. The objective behind such injection of malicious content is to alter the AI’s response, disclose sensitive information or enable an unauthorized action. In NIST evaluations of agent hijacking, malicious instructions succeeded across five tested injection tasks, on average, 57% of the time.

    Semantic Manipulation: Shapeshifting the Information

    Semantic manipulation need not explicitly tell the agent what to do; it feeds repetition, emotional language, selective context, a false sense of authority, and coordinated claims to the agent to skew context and guide the agent towards the ‘attacker preferred’ conclusion.

    Imagine a scenario where you have tasked an agent to zero in on a supplier. It comes across search results that repeatedly extol the virtues of a specific supplier, describe a specific company as the gold standard, highlight its strengths and amplify doubts about competitors. This increases the chances of the agent recommending this supplier. Conventional signature-based security tools may not flag anything malicious, as the attacks leverage ‘reasoning’ to influence rather than rely on malicious code.

    AI agents go beyond answering questions. They can autonomously browse websites, read emails, search company files, query software tools, and more. AI models producing incorrect answers is hardly a threat, until agents encounter information that’s maliciously designed to influence what it sees, believes, remembers, or executes.

    An agent leverages webpages, document stores, wikis, images, emails, or tools to produce intended outputs. But what happens when these sources mask malicious instructions? These trap AI agents into making a wrong interpretation or taking unintended action. Scientists from Google DeepMind categorized these “traps” into six categories, including content injection, semantic manipulation, cognitive state, behavioral control, systemic, and human-in-the-loop traps. The last two are more theoretical and expected to become more relevant as AI agent use grows. It helps to understand these traps to determine the necessary mitigations.
    Content Injection: When Instructions Hide in Plain Sight

    Content injections exploit the difference between what a human sees and what an agent parses, as well as the system’s difficulty in keeping trusted instructions separate from untrusted external data.

    A webpage might appear harmless, but its underlying code, metadata, hidden text, or image can contain malicious instructions for an AI system. An AI model accepts attacker-controlled data from an external source, such as a website or file. If this system fails to distinguish between data and instructions, the model may start processing instructions within that content. The objective behind such injection of malicious content is to alter the AI’s response, disclose sensitive information or enable an unauthorized action. In NIST evaluations of agent hijacking, malicious instructions succeeded across five tested injection tasks, on average, 57% of the time.

    A support ticket with underlying malicious instructions can manipulate an AI agent into retrieving customer data from the CRM and sending it to an attacker-controlled address. If the agent has excessive permission, this exfiltration becomes all the easier.
    Semantic Manipulation: Shapeshifting the Information

    Semantic manipulation need not explicitly tell the agent what to do; it feeds repetition, emotional language, selective context, a false sense of authority, and coordinated claims to the agent to skew context and guide the agent towards the ‘attacker preferred’ conclusion.
    Advertisement. Scroll to continue reading.
    AI Risk Summit 2026 – Get Your Ticket

    Imagine a scenario where you have tasked an agent to zero in on a supplier. It comes across search results that repeatedly extol the virtues of a specific supplier, describe a specific company as the gold standard, highlight its strengths and amplify doubts about competitors. This increases the chances of the agent recommending this supplier. Conventional signature-based security tools may not flag anything malicious, as the attacks leverage ‘reasoning’ to influence rather than rely on malicious code.

    Here, manipulation of the surrounding information environment becomes the manipulation of the decision itself.
    Cognitive State Traps: Poisoning Agent Knowledge

    Some agent systems use retrieval databases, interaction histories, or persistent memory stores to maintain context and continuity across tasks. This creates an opportunity for poisoned information to influence later outputs or actions. E.g., a poisoned document in a shared repository that an agent refers to and trusts as evidence, or a manipulated exchange that becomes an agent’s memory, only to rear its head during future tasks.

    Research presented at the USENIX conference found that, in controlled tests, inserting five specially crafted texts per target question caused a RAG system to produce the attacker’s chosen answer in about 90% of cases, even when its knowledge base contained millions of legitimate texts.

    With information governance becoming an integral component of AI security, organizations must be aware of which sources agents retrieve information from, who can modify those sources, how claims can be verified, and whether stored memories can be reviewed or removed.
    Behavioral Control: Turning Influence into Action

    Behavioral control operates at the juncture where interpretation is translated into action. Malicious content may attempt to make the AI agent send data, approve a transaction, execute code, invoke another tool or trigger a myriad of other actions. Here, the extent of the consequence depends on the extent of the agent’s access. Grant the agent only the data access and tool permissions required for the specific task. This could be the difference between an agent delivering a misleading summary and the same agent reading confidential files and communicating this information externally, resulting in data loss.

    The More Theoretical Frontier

    Systemic traps and human-in-the-loop traps remain less developed, but they deserve attention. Systemic traps could induce many similar agents to behave in correlated ways, causing congestion, market disruption, or cascading failures. Human-in-the-loop traps could use a compromised agent to mislead the person expected to approve its actions.

    Control for Agent Traps

    A single control won’t alleviate the agent trap threat. A defensive framework must have aspects like source verification, content screening, memory governance, restricted permissions, isolated execution, monitoring, and an independent approval framework with a human in the loop for high-impact actions. Security must follow authority, and there should be clear lines of separation between the ability to interpret and the authority to act.

    The future of agentic AI use will depend not only on what these agents can do but also on how they decide what to trust.

    Reply
  10. Tomi Engdahl says:

    No Exploits Required

    Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

    https://www.securityweek.com/no-exploits-required/

    While I believe that CVEs are an important, even foundational, component of any modern security program (and I will explore aspects of individual CVEs and the program in the future), I’m not convinced that we should be totally infatuated with exploits and bugs. After four decades of personally responding to (and occasionally causing) cybersecurity incidents, it’s become clear to me that most people run into trouble not because they forgot to patch some critical internal database, but because the networking deck is stacked against the defenders.

    Anyway, after playing a session, I was offered a comment card. Remember, this was the 80s, point-to-point networking reigned supreme, and to get anything done, you had to first figure out how to negotiate the handshake, puzzle out the protocol, and basically learn every operating system from scratch. So, my feedback was along the lines of, “I really liked the simulated hacking system, but it seems just a little too simplified and straight-forward. It’s unrealistic that in the future, nuclear power plants and banks would all be on the same networks that are known to be shot through with hackers and gangsters.”

    Oh, how wrong I was.

    Universal Connectivity Is Great Except When It Isn’t

    Fast forward to today, and there are just so many things that can go wrong when trying to secure a normal TCP/IP network, along with all the servers, desktops, clouds, phones, hypervisors and operational technology (OT) that’s been patched in. I’d argue that the first, fundamental problem defenders run into is the fact that planet Earth has settled on the whole “IP” part of TCP/IP. After all, the “I” stands for Internet, so given a long enough timeline, virtually everything that talks IP will end up exposed and reachable on the internet, and that’s both the coolest thing about TCP/IP, and its ultimate Achilles’ heel.

    Recent events underline this fundamental flaw of modern networking when it comes to security. The 2026 M-Trends report from Google plays up the idea that “exploits represented the most frequently observed initial infection vector in 2025,” since exploited vulnerabilities account for 32% of all initial access vectors. That sounds like a lot!

    Of course, the unspoken inverse of this stat is that 68% – over two-thirds – of all the rest of initial access attacks do not rely on technical vulnerability exploitation. The reason for this, of course, is because everything is reachable with enough ingenuity, time, and luck.

    But what about Zero-Trust?

    Security professionals have long known that the boundaries between internal and external networks are at best notional, defining today’s intrusion defense strategies. For about 15 years, “zero-trust” has been an aspirational end-state: identity and authorization bundled into every network transaction, regardless of origin. However, this path is often blocked by legacy systems that “can’t” be managed this way. Worse, even when CTOs and CISOs get comfortable with their carefully structured boundaries, someone invariably bridges a printer from the IT to the OT network, and shadow-IT hijinks ensue from there.

    The standards chosen for TCP/IP are incredible in their interoperability, allowing systems to communicate freely, and routers actively bypass damaged connections, even when these broken connections are intentional blocks. While this fundamental interconnectivity is great for innovation and industry and commerce and entertainment and art and all that, it’s an absolute, quantifiable disaster for security.

    The network itself is actively working against the idea that only some of these computers should be able to talk to some of these other computers, automatically and intelligently, without physically closing circuits or swapping cables. It’s no wonder that most breaches today can be traced back to an errant bridge here, or a misclicked email there, rather than a failure to patch.

    Securing any enterprise is profoundly difficult due to these fundamental forces, giving hackers, criminals, and spies a seemingly permanent advantage in gaining and keeping access, no exploits required.

    Going forward, I’ll be taking up some SecurityWeek column-inches to pursue all these side quests, like tracking end-of-life trends, investigating OT/IT convergence, and the so-called “Layer 8” human-centric issues of cybersecurity. And yes, expect the occasional indulgence in deep-dives on particularly interesting sets of technical software vulnerabilities, CVE-identified or otherwise.

    Reply
  11. Tomi Engdahl says:

    Thomas Claburn / The Register:
    Cloudflare partners with Google, Microsoft, and Mozilla on PACT, a protocol to distinguish legitimate human or bot traffic from undesirable network requests — Makers of Chrome, Edge, Firefox back bot-fraud defense called Private Access Control Tokens — Cloudflare on Monday …

    Cloudflare teams up with big browsers to help websites tell welcome from unwelcome visitors

    Makers of Chrome, Edge, Firefox back bot-fraud defense called Private Access Control Tokens
    https://www.theregister.com/software/2026/06/22/cloudflare-teams-up-with-big-browsers-to-help-websites-tell-welcome-from-unwelcome-visitors/5259782

    Reply
  12. Tomi Engdahl says:

    Bad Epoll: The bug missed by Mythos
    Bad Epoll: The bug missed by Mythos
    Bad Epoll exploit running: an unprivileged process escalating to root

    An unprivileged process escalating to root on Google kernelCTF.

    Bad Epoll (CVE-2026-46242) is a race-condition use-after-free in the Linux kernel’s epoll subsystem. This bug lets an unprivileged process become root, not only on Linux desktops and servers but also on Android devices.

    Bad Epoll was reported and exploited by Jaeyoung Chung as a 0-day submission to Google kernelCTF, which rewards a Linux kernel exploit with $71,337+.

    https://github.com/J-jaeyoung/bad-epoll

    #2600net #irc #secnews #0day #bugbounty #kernelctf

    Reply
  13. Tomi Engdahl says:

    NVIDIA just told its grey market: good luck without us.

    CEO Jensen Huang spoke at the company’s shareholder meeting.

    He said smuggled chips cannot build working AI data centres.

    NVIDIA will not provide support, software, or repairs for them.

    If you buy diverted hardware, it may never run at scale.

    Smuggled B300 servers in China already cost $1M each.

    One executive was charged with routing $2.5B in servers to China.

    Huang is telling buyers that smuggled hardware is a dead end.

    Read more on TNW: https://thenextweb.com/news/nvidia-huang-national-security-smuggled-chips-dead-end

    Reply
  14. Tomi Engdahl says:

    https://www.facebook.com/share/1CoWJkJGSp/

    Microsoft secure boot key expiring this september: What Linux users need to know
    Linux systems using Secure Boot rely on a Microsoft signed “shim” bootloader. The current key expires in September, after which Microsoft will no longer use it to sign new bootloaders. While a replacement key has been available since 2023, it is missing from many systems. Fixing this requires a firmware update from hardware vendors, which isn’t guaranteed for older devices.

    The bottom line: Most modern systems should transition smoothly, but some users and Linux distributions will face extra manual work to keep Secure Boot functioning. See your distors wiki or mailing list for more info.

    Reply
  15. Tomi Engdahl says:

    ChatGPT:n vastauksessa voi olla yllättävä ansa – näin uusi huijaustekniikka toimii
    Luotatko tekoälyavustajaan? Mieti uudelleen.
    ChatGPT:n vastauksessa voi olla yllättävä ansa – näin uusi huijaustekniikka toimii
    https://www.is.fi/digitoday/tietoturva/art-2000012094664.html

    Tietoja kalastelevien tahojen tekniikoista on paljastunut uutta tietoa. Tällä kertaa kyse on tekoälyavustajien valjastamisesta tietojenkalastelutarkoituksiin tai niin sanotusta chatgphishingista.

    Huijaus perustuu siihen, että tekoälyavustajat, kuten ChatGPT, eivät välttämättä tunnista verkkosivuille piilotettuja tietojenkalastelulinkkejä turvallisten linkkien seasta. Näin ollen jos kielimallia pyytää tekemään yhteenvedon sivustosta, jolle kyseisiä linkkejä on piilotettu, se saattaa toistaa ne täysin huijarin ohjeiden mukaisesti.

    Tietoturva-aukko selvisi kyberturvallisuusyhtiö Permison selvityksessä. Yhtiö loi verkkosivun, jonka metatietoihin se oli piilottanut ohjeet valheellisen tietoturvahälytyksen toistamiseksi.

    Kun se sitten pyysi ChatGPT:tä luomaan yhteenvedon sivustosta, toisti tekoäly hälytysilmoituksen vastauksensa lopussa linkkeineen kaikkineen. Käyttäjän silmään ilmoitus näytti puolestaan siltä, kuin alusta itse olisi lähettänyt ilmoituksen.

    Vastaavaa on nähty aiemmin Gmailissa, jonka tekemiä tiivistelmiä on ”myrkytetty”vastaanottajien huijaamiseksi.

    Reply
  16. Tomi Engdahl says:

    Jättiyllätys Windows-käyttäjille
    Windows 10:n tukiaika jatkuu lokakuuhun 2027.
    https://www.iltalehti.fi/digiuutiset/a/6123bea2-47dd-4bf6-ad22-aad1728c156f

    Käytätkö yhä Windows 10:tä? Sait juuri vuoden lisää käyttöaikaa. Alun perin Windows 10 -päivitysten piti päättyä viimeistään 13. lokakuuta vuonna 2026, mutta Microsoft on yllättäen päättänyt jatkaa käyttöjärjestelmän tukemista ylimääräisellä vuodella.

    Windows 10 julkaistiin vuonna 2015, ja vaikka monet ehtivät julistaa sitä Microsoftin viimeiseksi Windows-versioksi, ei yhtiö todellisuudessa koskaan sanonut niin.

    Siksi monille oli yllätys, kun yhtiö vuonna 2021 julkaisi Windows 11:n.

    Windows 10:n markkinaosuus on yhä niin suuri, että Microsoft oli pakotettu jatkamaan käyttöjärjestelmän tukemista ylimääräisellä vuodella.

    Windows 11 ei ole noussut sellaiseen suosioon, jota yhtiö on siltä odottanut, joten Microsoft oli lopulta pakotettu jatkamaan Windows 10:n tukemista pitkin hampain, Windows Latest spekuloi.

    Nyt yhtiö yllätti Windows 10:n käyttäjät uudelleen. Microsoft vahvistaa Windows Latest -sivustolle, että sen Windowsin tukisivulle lisäämä vuosiluku ei ole kirjoitusvirhe: Windows 10:n tuki todella jatkuu lokakuuhun 2027.

    Reply
  17. Tomi Engdahl says:

    Zac Bowden / Windows Central:
    Microsoft quietly extends the Extended Security Updates program for Windows 10 consumers by a year, letting eligible users get updates through October 12, 2027 — Windows 10′s ESU program has been quietly extended by an extra year, now ending on October 12, 2027 instead of October 2026.

    Microsoft quietly extends Windows 10′s extra security updates program for free: Users can now stay on Windows 10 until October 2027 securely
    https://www.windowscentral.com/microsoft/windows-10/microsoft-quietly-extends-windows-10s-extra-security-updates-program-for-free-users-can-now-stay-on-windows-10-until-october-2027-securely

    Microsoft has quietly announced that Windows 10′s extended support updates program will continue for an extra year, now until October 2027 for free if you sign-in to Windows 10 with a Microsoft account.

    Originally, Windows 10′s extended support program was only supposed to last one year, until October 2026 for consumers. However, a new support page published by Microsoft today has confirmed that the Windows 10 ESU program will now last until October 2027 instead.

    Reply
  18. Tomi Engdahl says:

    FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances
    https://www.securityweek.com/ffmpeg-pixelsmash-flaw-allows-rce-on-video-players-media-servers-nas-appliances/

    Attackers can send crafted media files to execute code in any application that uses FFmpeg’s libavcodec library.

    Reply
  19. Tomi Engdahl says:

    Vulnerabilities
    Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs
    https://www.securityweek.com/critical-ubiquiti-vulnerabilities-in-attackers-crosshairs/

    The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands.

    CISA KEV

    Threat actors have been targeting three critical-severity vulnerabilities in Ubiquiti devices, the US cybersecurity agency CISA warns.

    The exploited flaws, tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, with a CVSS score of 10/10, were patched last month.

    CVE-2026-34908 is described as an improper access control issue that could allow remote attackers to make unauthorized changes to vulnerable UniFi OS devices.

    CVE-2026-34909 is a path traversal defect that could be exploited to access files on the underlying operating system and manipulate them to access underlying accounts.

    CVE-2026-34910 is described as an improper input validation weakness that allows attackers to execute command injection attacks over the network. A variant of the flaw, tracked as CVE-2026-33000 (CVSS score of 9.1), requires authentication.

    Reply
  20. Tomi Engdahl says:

    Anna Bawden / The Guardian:
    A study of 408 teens in Australia finds 80%+ were still using social media three months after a ban came into force, citing inadequate age verification checks

    Four in five under-16s in Australia using social media despite ban, study shows
    https://www.theguardian.com/media/2026/jun/24/australia-under-16-social-media-ban-no-substantial-effects-study

    Experts say law not enough to stop children accessing harmful content online and more ‘convincing strategy is required’

    More than 80% of under-16s in Australia said they were still using social media three months after legislation banning them from it came into force, research shows.

    Australia is the first country to ban social media for children. Since December 2025, under-16s have been prohibited from having accounts with many social media platforms including TikTok, X, Facebook, Instagram, YouTube and Snapchat.

    But an observational study of 408 12- to 17-year-olds by the country’s University of Newcastle has concluded that Australia’s social media minimum age legislation has resulted in “limited implementation, incomplete compliance, and substantial circumvention of social media restrictions”.

    “Overall, we found insufficient evidence to conclude that exposure to the act [of parliament] had any early substantial effects on social media use among adolescents aged under 16 years,” the authors added.

    The findings have implications for growing numbers of countries in the process of introducing their own bans. The UK’s proposed social media ban, due to come into force in 2027, would block under-16s from accessing Snapchat, TikTok, YouTube, Instagram, X and Facebook and from livestreaming or communicating with strangers on gaming sites such as Roblox.

    But experts and campaigners say the research, published in the BMJ, shows that banning social media is not enough to stop children accessing harmful content online and that a more “convincing strategy is required”.

    The Australian study found a minimal reduction in daily social media usage three months after the ban. A major factor in teenagers’ continued use of banned social platforms was inadequate age verification checks. About 85% of teenagers said they were still using social media three months after the ban, with more than half using their own accounts.

    Although two-thirds of teenagers in the study said they had to complete age verification checks, only 5% of 12- to 13-year-olds and 11% of 14- to 15-year-olds had to provide a photo of official ID. The two most common checks were asking teens their age and uploading a selfie.

    A significant minority of participants said they actively bypassed the age restrictions. About 15% of the 12- to 13-year-olds and 19% of the 14- to 15-year-olds surveyed said they used a fake account, while about 3% said they used a VPN.

    The study concluded that the Australian social media ban might be more effective in preventing or delaying access to social media in children under eight, rather than restricting access to adolescents who already use it.

    Andy Burrows, the chief executive of the Molly Rose Foundation in the UK, said the findings showed that social media bans alone do not keep under-16s off restricted platforms or cut the time teenagers spend using high-risk sites.

    Reply
  21. Tomi Engdahl says:

    A cybersecurity researcher uncovered two authentication flaws in Johnson & Johnson web applications: https://cnews.link/johnson-johnson-internal-system-hack/

    Reply
  22. Tomi Engdahl says:

    https://github.com/do4choo/CVE-2026-3227
    CVE-2026-3227: TP-Link Router OS Command Injection

    For more Information see https://www.cve.org/CVERecord?id=CVE-2026-3227

    A persistent, authenticated OS Command Injection vulnerability in TP-Link router firmware leading to device bricking or potential LAN takeover.

    Reply
  23. Tomi Engdahl says:

    Kuluttajalle ohjelma voi silti olla merkittävä. Monet Windows 10 -koneet toimivat edelleen hyvin, mutta eivät täytä Windows 11 laitevaatimuksia. ESU antaa näille koneille lisäaikaa ilman välitöntä pakkoa vaihtaa tietokonetta.

    Ohjelmaan voi liittyä Windows Updaten kautta. Microsoft-tili vaaditaan rekisteröintiin, ja sama lisenssi voidaan liittää enintään kymmeneen laitteeseen. Microsoft tarjoaa rekisteröintiin useita vaihtoehtoja: asetusten synkronointi ilman lisämaksua, 1000 Microsoft Rewards -pistettä tai 30 dollarin kertamaksu paikallisena valuuttavastineena.

    Yrityskäyttöön kuluttajien ESU-ohjelmaa ei ole tarkoitettu. Se ei koske esimerkiksi toimialueeseen tai Microsoft Entraan liitettyjä laitteita eikä MDM-hallinnassa olevia koneita. Yrityksille Microsoftilla on erillinen kaupallinen ESU-ohjelma.

    https://etn.fi/index.php/13-news/19112-windows-10-sai-vuoden-jatkoajan

    Reply
  24. Tomi Engdahl says:

    New York Times:
    Google’s Earthquake Alerts system reached 11.4M+ Android users ahead of Venezuela’s June 24 earthquakes, providing seconds or up to two minutes of prior notice — Jose Flores was driving with his family to see “Toy Story 5” on Wednesday in Caracas, Venezuela, when a loud earthquake alert went off on his wife’s Google Android phone.

    https://www.nytimes.com/interactive/2026/06/27/world/americas/venezuela-earthquakes-android-alerts.html?unlocked_article_code=1.tVA.jUhY.iORlqNQ-lgQ5&smid=nytcore-ios-share

    Reply
  25. Tomi Engdahl says:

    Max Miller / Engadget:
    A look at security flaws, police misuse, and other concerns over the 100K+ AI-enabled automated license plate readers installed across the US, mostly from Flock — “You can’t get a breath of fresh air … without us knowing.” — Thanks to the rise of AI, a new kind of surveillance camera …

    https://www.engadget.com/2203000/flock-cameras-recording-license-plate/

    Reply
  26. Tomi Engdahl says:

    The Intercept:
    The KIDS Act, set for a US House vote as early as next week, could eliminate online anonymity, raising the risk for journalists, dissidents, and whistleblowers

    Online Age Verification Law Could Kill Whistleblowing
    https://theintercept.com/2026/06/28/age-verification-privacy-surveillance-journalists-whistleblowers/

    A House bill ostensibly aimed at protecting children will raise the risk for journalists, dissidents, and whistleblowers.

    Democrats and Republicans in Congress have struck a deal on a bill they say will help keep children and teens safe online. The KIDS Act could pass on the House floor as soon as next week; if enacted, it would fundamentally change the way everyone — not just kids — accesses the internet.

    At stake is your ability to use many social media platforms without revealing your identity.

    That’s because the KIDS Act at least strongly incentivizes — and, for some services, outright requires — age verification. Many platforms will turn to age verification to avoid potential liability under the law. Companies like X, video-sharing services like Vimeo, and others with a history of users’ populating social feeds with edgy content may be required to verify users’ ages because they host a certain amount of content deemed “sexual material harmful to minors,” a term that the KIDS Act defines broadly.

    That’s a big problem for people who need to be able to use the internet anonymously, since, as Taylor Lorenz has previously written about in The Intercept, “there’s no way to reliably verify someone’s age without verifying who they are.”

    Threats to online anonymity harm everyone, but one group is often overlooked: journalists and the sources who talk to them. Age verification requirements will help the Trump administration carry out its vendetta against the press by creating new avenues to identify journalists’ confidential sources.

    Age verification laws will create a new pool of data that the government can demand when it’s hunting for information about the people who may have spoken to the press.

    Trump’s administration has made no secret of the fact that it wants to destroy journalism that holds it to account, including by unmasking sources and punishing them. This week, for instance, news broke that the Department of Justice had unsuccessfully subpoenaed reporters from the Washington Post and Wall Street Journal, likely as part of a leak investigation.

    Reply
  27. Tomi Engdahl says:

    Europe fears US cloud providers must legally hand European data to US spies. More: https://cnews.link/denmark-us-cloud/

    Reply
  28. Tomi Engdahl says:

    The Supreme Court ruled today against #geofence warrants, saying that Americans have a reasonable expectation of privacy in their cell phone location history. This book excerpt explores the case in question and the surveillance technology behind it. https://buff.ly/ZONbrzI

    Reply
  29. Tomi Engdahl says:

    Additional Pylon
    Woman Surprised When Flock Surveillance Tower Appears in Her Yard Without Warning
    “We didn’t receive anything in the mail. I double checked to make sure that there was no emails or anything about it.”
    https://futurism.com/future-society/woman-virginia-flock-surveillance-tower-yard?fbclid=IwdGRjcASwL8RjbGNrBLAvgmV4dG4DYWVtAjExAHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHpsiX74jCW93yppRepkcy8MllBf67GXjedpSv1QYFAR4t9nHB9pb3SqgylG9_aem_jawRhcW6cvecD2MFxFnY-w

    The law’s gaze has grown harder to escape, as surveillance drones and AI-integrated cameras now track movement across public and private spaces alike. And as one Virginia resident recently discovered, Johnny Law is a good listener, too.

    According to reporting by Virginia’s WSLS 10, Kat Vaughn of Roanoke was alarmed to discover a Flock audio detection pole had been erected in her front yard. Vaughn told the station that she returned home from a brief trip to a nearby park to discover the freshly-installed device sitting in the parkway strip, the section of public land between her lawn and the street.

    Reply
  30. Tomi Engdahl says:

    Half of social media child safety features don’t work, report claims
    The study examines safety features found on Instagram, Snapchat, TikTok and YouTube.

    Read More: https://www.engadget.com/2203983/half-of-social-media-child-safety-features-dont-work-report-claims/

    Reply
  31. Tomi Engdahl says:

    Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors

    From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype.

    https://www.securityweek.com/frontier-ai-six-questions-every-enterprise-should-ask-security-vendors/

    Reply
  32. Tomi Engdahl says:

    OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AI

    The company says Sol matches competing systems like Mythos Preview while using only a third of the output tokens.

    https://www.securityweek.com/openai-unveils-gpt-5-6-sol-as-its-most-advanced-cybersecurity-ai/

    Reply
  33. Tomi Engdahl says:

    Researchers have found that malicious websites can lull AI browsers into a false reality in which the rules governing their behavior no longer apply, giving an attacker free rein to commit all kinds of destructive actions.

    New attack provides one more reason why AI browsers are a bad idea
    Telling an LLM that 2 + 2 = 5 is enough to make it follow forbidden instructions.
    https://arstechnica.com/security/2026/06/ai-browsers-can-be-lulled-into-a-dream-world-where-guardrails-no-longer-apply/?utm_source=facebook&utm_medium=social&utm_campaign=dhfacebook&utm_content=null&fbclid=IwdGRjcASyA_BleHRuA2FlbQIxMQBzcnRjBmFwcF9pZAwzNTA2ODU1MzE3MjgAAR7okEWVaPUx_jBt7OqfBk6fCWUooqqwgms9ZiaDEQO-ERaNS-wsxAfW_v_cyw_aem_7qRJRWveVNqNBfRgH3dLxQ

    Makers of AI browsers make lofty promises. With a single prompt, users can ask one to find a restaurant in a particular part of town, reserve a table, invite a colleague to lunch, and email a confirmation. These makers are much more reticent about the risks of blurring the once fine line between browsing sites and asking a large language model a question or instructing it to take potentially sensitive actions.

    LLM developers’ answer so far has been to build guardrails that make some requests off-limits. Developing software exploits, stealing credentials, or teaching how to build a pipe bomb are examples. The problem with this approach is that the guardrails are reactive and treat the symptoms rather than solve the root cause. It’s tantamount to the manufacturer of an unsafe vehicle advocating for new road designs rather than fixing the flaws that make it prone to accidents.

    Reply
  34. Tomi Engdahl says:

    Memory Theft
    Thieves Are Absolutely Loving All of These New Data Center Projects
    “They know what’s hot and they know what’s selling.”
    https://futurism.com/artificial-intelligence/data-center-steal-millions-cargo?fbclid=IwdGRjcASyH8hjbGNrBLIfqGV4dG4DYWVtAjExAHNydGMGYXBwX2lkDDM1MDY4NTUzMTcyOAABHljZj7MPcjwHu4PEEDsBk2Rt4zFZDiaCiCPfn4yvD4oWNDNKoQxnRb91foDl_aem_4y0sBYNprY2u32IhS5arnQ

    An enormous amount of resources and money go into the construction of a data center.

    The enormous facilities are filled to the brim with extremely sought-after gear, from hard-to-get-by AI chips to cooling equipment.

    And for thieves eyeing these construction projects, there’s another worthwhile target as well: oodles of copper, a metal that has risen considerably in price over the last few years.

    As Business Insider reports, investigators are trying to chase down cargo thieves who stole a pair of trailers that were carrying $1.3 million worth of data center supplies, including $300,000 worth of copper wire spools.

    Reply
  35. valley wide fence says:

    A huge shoutout to the entire team for their outstanding efforts in keeping our cybersecurity on point this June!

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*