NEW: malware developers added nuclear & biological weapons text to to their spyware.
Goal? To trigger LLM safety refusals... so that their spyware wouldn't be analyzed by an AI security scanner.
Cleanest practical example I can think of for why over-indexing on first order "safety" is risky. 1/
NEW: Google and the FBI say they have seen a ransomware gang send people pretending to be IT support to victims' offices, where they use USB drives to steal data.
The hackers mix this tactic with traditional email and voice phishing to pilfer information and then threaten and extort victims.
John Scott-Railton
Cybercriminals, part of a gang known as Silent Ransom Group, have sent people pretending to be IT support employees to law firms' offices, where the criminals have stolen data using USB drives or remo...
Excellent vid on running down mystery GPS/GNSS signals over Europe. The collection and pivoting tradecraft here is brilliant. I don't think any of us in the cyber domain will be surprised by the results, but an exciting process nonetheless.
www.youtube.com/watch?v=tz23...
Lorenzo Franceschi-Bicchierai
Exclusive: #Israel sent troops to #Azerbaijan during Iran war as part of secret network across region, sources say edition.cnn.com/2026/06/05/m...
Hungary has lifted its longtime opposition to Ukraine opening formal talks to join the European Union.
But even as Hungary lowered the roadblock, Prime Minister Peter Magyar said the country would continue to oppose a fast-track accession process.
⚡️St. Petersburg Oil Terminal hit in major Ukrainian attack day after Russia's mass strike on Kyiv.
The attack began the morning of the 2026 St. Petersburg International Economic Forum, an annual conference of business leaders and government officials hosted by Russian President Vladimir Putin.
Join me on a little 30-second rabbit hole... 🕳️🐇
There’s something weird about the Chinese Ministry of Foreign Affairs’ statement in response to the Five Eyes security bulletin, as shared below.
Have a close read, if you can see it. I myself didn't until I added the statement to my copy. [1/11]
Compromised npm packages ([email protected], [email protected]) are abusing Hugging Face repos as exfiltration infrastructure. The packages deploy a remote access trojan (RAT) that captures keystrokes, screenshots, and crypto wallet credentials.
The attack coincided with the beginning of the 2026 St. Petersburg International Economic Forum, an annual conference of business leaders and government officials hosted by Russian President Vladimir ...
Bundesregierung gründet Sicherheitsinstitut für KI: Der Nationale Sicherheitsrat der Bundesregierung hat die Einrichtung eines Sicherheitsinstituts für Künstliche Intelligenz beschlossen.
www.deutschlandfunk.de/bundesregier...
🚨 New threat research: Proofpoint identified a likely North Korea-aligned threat cluster, UNK_DeadDrop, targeting software developers through trusted development platforms and workflows.
Read the blog: www.proofpoint.com/us/blog/thre....
By Saher Naumaan, Carlos Rubio, and the Proofpoint Threat Research Team Key Findings Between April and May 2026, Proofpoint Threat Research observed a likely North Korean threat actor
Hungary agreed to drop its opposition to opening the formal access talks but is still opposed to the fast-track membership process that Ukraine says it needs as protection from Russia.
