SoFi confirms third-party data breach at Hong Kong subsidiary
SoFi Hong Kong is warning that it suffered a data breach after hackers gained access to a database at a third-party vendor containing customer information. The company is a U.S.-based financial technology company that offers banking, investing, loans, and other personal finance services. The company also operates SoFi Hong Kong, which provides investment and securities services to customers in the region. READ MORE...
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
A financially motivated threat group is targeting US legal, professional and financial services firms in a data theft extortion campaign using a combination of phishing, voice impersonation tactics, and legitimate remote access tools. Google's Mandiant division attributed the activity to UNC3753, a threat cluster associated with the Silent Ransom group, which is known for stealing high-value data from victims and then extorting ransoms from them under the threat of public disclosure. READ MORE...
Tests suggest Russian satellites can jam GPS on a continental scale
Russian satellites have been identified as the cause of mysterious, seconds-long bursts of GPS interference across Europe-a rare example of human-made GPS interference coming from space. But uncertainty still hangs over whether such interference is intentional and if it could be more powerfully weaponized as GPS jamming with continental reach in the future. The discovery came from an investigation detailed in a June 2 preprint paper by researchers at UT Austin and Stanford University. READ MORE...
Companies aren't prepared for how AI is accelerating impersonation attacks
The cybersecurity industry devotes a lot of attention to how AI helps hackers analyze vulnerabilities more quickly and craft better malware, but a new report argues that AI's improved impersonation of corporate leaders is proving just as consequential. Impersonation attacks have targeted either executives or lower-level employees at more than half (53%) of organizations this year, the security firm Outtake said in a report published on June 4. READ MORE...
Americans lost nearly $900 million to AI-powered scams, FBI says
The 2025 Federal Bureau of Investigation (FBI) Internet Crime Report shows that Americans reported $893,346,472 in AI-related scam losses. Those losses stem from 22,364 AI-related complaints. And these figures represent only the reported losses, which may well be the proverbial tip of the iceberg. The main drivers behind the rise in AI-powered scams are voice cloning, deepfake images and videos, and AI-generated scripts. READ MORE...
Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)
Google has fixed 74 vulnerabilities in Chrome, including a high-severity zero-day (CVE-2026-11645) that has been exploited in the wild. "Google is aware that an exploit for CVE-2026-11645 exists in the wild," the company said in a Monday security advisory. The fix has been shipped in Chrome 149.0.7827.102/.103 for Windows and macOS and Chrome 149.0.7827.102 for Linux, with the update rolling out to users over the coming days and weeks. READ MORE...
Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
New iterations of the Shai-Hulud supply chain attack have hit over 100 packages across the NPM and PyPI ecosystems, security researchers warn. Since September 2025, the self-replicating worm has been used in multiple campaigns targeting the open source software (OSS) community, with a surge in attacks observed over the past several months, following the Trivy vulnerability scanner incident. In mid-May, TeamPCP released the worm's source code, and the first clones emerged shortly after. READ MORE...
Scammers love Meta, according to Lloyds Bank
Scammers go phishing wherever the victims are. In the UK, that means Facebook, Instagram, and WhatsApp, according to Lloyds Bank. It just revealed that Meta platforms account for over two thirds of fraud reports made by its customers. Writing in The Sunday Times, Lloyds Bank's fraud prevention director Liz Ziegler said that 68% of fraud reports from its customers start on a Meta-owned platform. READ MORE...
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
A command injection vulnerability (CVE-2026-42271) in BerryAI's LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. LiteLLM is an open-source library that provides a unified interface for calling many different large language model APIs using a single (OpenAI) format. READ MORE...
Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks
Check Point on Monday warned that a critical-severity authentication bypass vulnerability affecting its VPN and firewall products has been exploited in the wild as a zero-day. Tracked as CVE-2026-50751 (CVSS score of 9.3), the security defect is described as a logic flow weakness in the validation process of Remote Access and Mobile Access certificates. It exists in the deprecated IKEv1 key exchange and allows remote attackers to establish VPN sessions without a valid password. READ MORE...
- ...in 1915, Lester Polsfuss AKA Les Paul, the pioneering guitarist and engineer who designed one of the earliest solid-body electric guitars, is born in Waukesha, WI.
- ...in 1934, Donald Duck makes his onscreen debut in the Disney short "The Wise Little Hen".
- ...in 1964, the Central Intelligence Agency (CIA) submits a memo that effectively challenges the "domino theory" backbone of the Johnson administration policies
- ...in 1973, Secretariat wins the coveted Triple Crown.
