Attack exploiting SimpleHelp vulnerability deploys novel loader, infostealer

Laura FrenchJune 30, 2026

The TaskWeaver loader delivers Djinn Stealer, which targets dev credentials and AI tokens.

RESOURCES

Identity
How to Build an AI Governance Framework for Identity
Identity
How to Evaluate and Select Identity and Access Management Tools
Identity
Identity-based attacks: how they work and how to defend against them
Identiverse
From M2M to A2A: Why your identity stack wasn’t built for what’s coming
SOC
Stay ahead in the SOC: Contain threats with confidence and control

PODCASTS

Application security
Reducing Attack Surface & Evaluating Efficiency in Agents – Itamar Apelblat, David Goldschlag – ASW #389
AI/ML
Fixing pentesting, Meta is destroying its engineering org, the weekly news – Adriel Desautels – ESW #465
Vulnerability Management
AI Brain Harvest, Fortibleed, Win 10, Blacksite, Windchill, Cisco, BB-8, Josh Marpet – SWN #593
Cloud Security
Cloud Visibility, Fortibleed, hacking things the easy way – Sandy Bird – PSW #932
Leadership
The Strategic Human Firewall as AI Impacts Regulations, Cyber Pros, and Employees – Robert Siciliano – BSW #453

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Critical Infrastructure Security

ICIT founder on AI, quantum and critical infrastructure

SC StaffJune 30, 2026

Parham Eftekhari discusses AI, quantum and the future of critical infrastructure trust.

Quantum computing the future of technology illuminated on a circuit board

Trump signs executive order to accelerate US quantum computing strategy

SC StaffJune 29, 2026

Trump order accelerates U.S. quantum strategy, boosting post-quantum security.

Linux source code with a binary background. 3D rendered Illustration.

Vulnerability Management

2 Linux kernel flaw PoCs published, enabling local privilege escalation

Laura FrenchJune 26, 2026

One of the flaws, DirtyClone, is a variant of the DirtyFrag vulnerability class.

Investing and stock market concept gain and profits with faded candlestick charts.

Critical Infrastructure Security

Think tank warns US markets face hidden infrastructure risks

SC StaffJune 26, 2026

ICIT: Hidden infrastructure concentration threatens U.S. market resilience.

New ‘Blacksite’ phishing kit bundles AiTM with scanner evasion

Laura FrenchJune 25, 2026

The kit includes Cloaked.gg, which displays benign sites to detected scanners and sandboxes.

(Credit: Microsoft)

StealC infrastructure takedown assisted by AI analysis, C2 infiltration

Laura FrenchJune 25, 2026

Microsoft, Proofpoint, IBM, Europol and other partners took aim the StealC and Amadey “assembly line.”

(Credit: Ralf – stock.adobe.com)

Network Security

FortiBleed campaign steals 110M credentials from FortiGate targets

Laura FrenchJune 24, 2026

A tool called FortigateSniffer abuses a diagnostic utility to continuously monitor network traffic.

Vulnerability Management

FFmpeg vulnerability ‘PixelSmash’ could enable RCE via video file

Laura FrenchJune 23, 2026

An attacker can use a crafted file to trigger a heap buffer overflow and overwrite a function pointer.

Events