Security Issues, Vulnerabilities, Exploits & Government Alerts
View CSAF Summary Schneider Electric is aware of vulnerabilities in its PowerChute™ Serial Shutdown product. The [PowerChute Serial Shutdown](https://www.se.com/ww/en/product-range/137943580-powerchute-serial-shutdown/#products) product is a UPS management software enabling graceful system shutdown and energy management capabilities for desktop,…
The Hacker NewsJun 18, 2026AI Security / Data Security If an autonomous AI agent interacts with your company’s core intellectual property today, can your security team instantly name the person who authorized it? For most…
The Hacker NewsJun 18, 2026Payment Security / Compliance An independent PCI assessor tested Reflectiz against the new PCI DSS rules. Here is the verdict: See the full QSA assessment here → When a customer types…
Ravie LakshmananJun 17, 2026Malware / Social Engineering An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new findings from…
Ravie LakshmananJun 17, 2026Endpoint Security / Vulnerability Microsoft has formally disclosed that it’s working to release a patch to address a Defender zero-day codenamed RoguePlanet. The vulnerability has now been assigned the CVE identifier CVE-2026-50656…
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end. Before his command-and-control server went dark, he installed…
For security teams, the findings never stop, but confidence in knowing which ones matter is becoming harder to maintain. The problem is no longer visibility. It’s validation. Security teams must decide which findings warrant action…
The Hacker NewsJun 17, 2026Attack Surface Management Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop —…
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys. “Every plugin poses as an AI…
Ravie LakshmananJun 17, 2026Malware / Cryptocurrency As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as…