The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

/in

The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection and response (EDR) killers that it hands out to affiliates for impairing system defenses before deploying the encryptor.

This mature portfolio of EDR-terminating tools is centered around a framework that’s known as GentleKiller.

“They also incorporate third-party or

The Hacker News – ​Read More

Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

/in

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips.

That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry this flaw for as long as they stay in use.

This is not a remote attack. It requires

The Hacker News – ​Read More

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

/in

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution.

Steer the agent to load an attacker’s web page, and that page’s JavaScript can reach a privileged local service on the same machine and spawn a process on the host.

No credentials, no sign-in screen, and no further user interaction once

The Hacker News – ​Read More

Meteor 3.0 Migration Helped Rocket.Chat Move Off End-of-Life Node.js Runtime

/in

Meteor 3.0 helped Rocket.Chat move from Node.js 14 to Node.js 20, cutting runtime debt after Fibers removal and reducing supply-chain risk across federal users.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices.

The sweeping campaign, believed to be the work of Russian-speaking threat actors, has been codenamed FortiBleed. The number of compromised devices stands at

The Hacker News – ​Read More

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

/in

Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish and cleaned up nearly 15,000 infected WordPress websites.

“With these actions we deprive cybercriminals of access to infected computer systems,” Maikel Rollman of the Netherlands National High Tech Crime Unit said.

“This prevents

The Hacker News – ​Read More

Gcore Helps Ucom Safeguard Public Live Broadcast Infrastructure During Armenia’s Parliamentary Elections

/in

Luxembourg, Luxembourg, 19th June 2026, CyberNewswire

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

/in

Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched GCP Config Connector flaw enables takeover.

The post In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum appeared first on SecurityWeek.

SecurityWeek – ​Read More

The Ninja Creami just dropped to an all time low price for Prime Day – and I recommend one

/in

Make your own ice cream, gelato, sorbet, and smoothie bowls with the Ninja Creami, now 22% off for Amazon Prime Day.

Latest news – ​Read More

Police raid malware network tied to Russia’s Evil Corp hacker group

/in

An international operation targeted the SocGholish botnet, which has been linked to the Russia-based cybercrime group Evil Corp.

The Record from Recorded Future News – ​Read More