Breaking News – Cyber Threats (last 6h)
Generated: 2026-06-19 08:00 PDT
- CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices
The Hacker News • 2026-06-19 07:00 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices.The sweeping campaign, believed to be the work of Russian-speaking threat actors, has been codenamed FortiBleed. The number of compromised devices stands at
https://thehackernews.com/2026/06/cisa-warns-fortinet-customers-as.html - Imposter scams cost Americans $3.5 billion in 2025 – and it’s getting worse
Graham Cluley • 2026-06-19 06:51 • www.fortra.com
Someone is pretending to be your bank, your government, or your local planning office. And according to the FTC, they’re making billions doing it.Read more in my article on the Fortra blog.
https://www.fortra.com/blog/imposter-scams-cost-americans-35-billion-2025-and-its-getting-worse - Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way
BleepingComputer • 2026-06-19 06:10 • www.bleepingcomputer.com
AI agents can access data, trigger workflows, deploy code, and interact with critical business systems, often with little oversight. Token Security breaks down why AI agents are becoming a new identity and governance challenge. […]
https://www.bleepingcomputer.com/news/security/every-ai-agent-is-an-identity-most-organizations-dont-treat-them-that-way/ - Webinar: How attackers bypass MFA and how defenders can respond
BleepingComputer • 2026-06-19 05:12 • www.bleepingcomputer.com
Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing passwords. This webinar explores how behavioral AI can help security teams detect compromised accounts faster and automate response workflows. […]
https://www.bleepingcomputer.com/news/security/webinar-how-attackers-bypass-mfa-and-how-defenders-can-respond/ - From Assistive to Agentic: The AI Shift That's Redefining Threat Management
The Hacker News • 2026-06-19 04:58 • thehackernews.com
IntroductionThe average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping) alerts and data. And yet, breach dwell times remain stubbornly long (~43 days), response windows keep closing before teams can act, and analysts burn out triaging noise instead
https://thehackernews.com/2026/06/from-assistive-to-agentic-ai-shift.html - Microsoft: June 2026 Windows updates break Recycle Bin prompts
BleepingComputer • 2026-06-19 04:32 • www.bleepingcomputer.com
Microsoft has confirmed a confusing Windows bug that causes different filenames to appear in the confirmation dialog when deleting a file from the Recycle Bin. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-recycle-bin-bug-on-all-supported-windows-releases/ - Anthropic’s Fable and the State of AI
Schneier on Security • 2026-06-19 04:03 • www.schneier.comOn June 9th, Anthropic released its Fable generative AI model. Three days later, the US government classified it as a dangerous munition, and used its export-control authority to prohibit any foreign nationals from accessing it. Unable to differentiate between Americans and foreigners, the com…
https://www.schneier.com/blog/archives/2026/06/anthropics-fable-and-the-state-of-ai.html - CISA: Splunk Enterprise flaw actively exploited, patch by Sunday
BleepingComputer • 2026-06-19 03:39 • www.bleepingcomputer.com
CISA has urged U.S. federal agencies to secure their systems by Sunday against a critical Splunk Enterprise vulnerability that is being exploited in attacks. […]
https://www.bleepingcomputer.com/news/security/cisa-splunk-enterprise-flaw-actively-exploited-patch-by-sunday/ - Forget Data Leakage: Shadow AI's Real Threat Is Access Control
The Hacker News • 2026-06-19 03:30 • thehackernews.com
The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with usage policies, domain blocks, and data loss prevention rules. That response made sense at the time.It doesn’t fit the problem anymore.
Shadow AI has shifted from a data leakage concern to an access control problem. The threat isn’t
https://thehackernews.com/2026/06/forget-data-leakage-shadow-ais-real.html - Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data
The Hacker News • 2026-06-19 02:03 • thehackernews.com
Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security incident impacting the competitive intelligence company on June 11, 2026.To that end, organizations will be unable to connect to Salesforce via the app until further notice, the American cloud-based software company noted in an alert published this week.
“Salesforce took
https://thehackernews.com/2026/06/salesforce-disables-klue-app.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
