An unpatched command injection vulnerability in SD-WAN Manager is being actively exploited, requiring immediate measures to close authentication gaps and monitor logs.
Cybercriminals increasingly employ professionalized automated standard methods and are becoming faster at exploiting vulnerabilities, while phishing and invisible attacks using legitimate tools are becoming the norm.
Anthropic releases its AI model Mythos with built-in restrictions for cybersecurity and biotech use, while a separate government program continues to enable unrestricted access for security testing.
A PHP object injection in Mirasvit Cache Warmer (CVE-2026-45247) enables unauthenticated remote code execution on Magento 2 and Adobe Commerce systems and is already being actively exploited.
Multi-turn reasoning models can maintain safe surface metrics while their internal states are compromised across conversation turns or their secure internal logic is ignored in harmful outputs.
Operational Technology in factories presents attackers with significantly lower barriers than modern IT infrastructure, while cyber outages in production have existential consequences.
Official NIS2 compliance audits begin on June 30, 2024, and will verify the actual implementation of cybersecurity measures at critical infrastructures and important digital services.