Suspected North Korean actors use fake ‘coding assignments’ to steal crypto

Laura FrenchJune 9, 2026

Targets are encouraged to clone Git repositories to their VS Code or Cursor code editors.

RESOURCES

Identity
How to Build an AI Governance Framework for Identity
Identity
How to Evaluate and Select Identity and Access Management Tools
Identity
Identity-based attacks: how they work and how to defend against them
AI/ML
Guardrails for agents: How to secure AI at runtime
Identity
Laying the groundwork: A practical path to identity security for AI agents

PODCASTS

Application security
Scanner Results Are a Starting Point. Here’s What Comes Next. – Federico Kirschbaum – ASW #386
Critical Infrastructure Security
Critical Infrastructure: The Risk Hiding in Plain Sight – Jason Manar – CSP #225
Vulnerability Management
The State of AI in SecOps, the Unintended Consequences of Vulnmaxxing, and the News – Filip Stojkovski – ESW #462
Vulnerability Management
Local AI, Salesforce, Fluttershell, Aspose, http/2, Cisco, Used Tech, Josh Marpet – SWN #587
Vulnerability Management
Security Researchers Are Threat Actors – PSW #929

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

businessman putting a flash drive in his pocket

Silent Ransom Group moves to in-person method if vishing attempt fails

Steve ZurierJune 8, 2026

Mandiant warns Silent Ransom Group uses vishing and even in-person visits to steal data.

IronWorm malware, similar to Shai-Hulud, hits 57 projects across 9 organizations

Laura FrenchJune 5, 2026

The malware targets developer credentials and cryptocurrency and self-propagates on npm.

Network Security

Another Cisco Catalyst SD-WAN Manager bug actively exploited

Steve ZurierJune 5, 2026

Cisco warns of an exploited SD-WAN flaw that can enable remote code execution and network compromise.

Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware

Laura FrenchJune 5, 2026

FlutterShell is linked to previous malvertising campaigns including TamperedChef.

(Adobe Stock)

Vulnerability Management

9.8 Mirasvit bug actively exploited on Magento servers

Steve ZurierJune 4, 2026

CISA warns of an actively exploited Magento extension flaw that enables remote code execution.

Stock exchange executive’s Outlook mailbox stolen over course of 5 months

Laura FrenchJune 4, 2026

The approximately 150-day espionage campaign incrementally exfiltrated emails to cloud services.

(Adobe Stock)

Trump executive order on AI calls for voluntary 30-day review period

Steve ZurierJune 3, 2026

Trump AI order proposes a 30-day voluntary review of frontier models before public release.

(Credit: prima91 – stock.adobe.com)

Anthropic grants Mythos access to 150 more organizations, plans wider release

Laura FrenchJune 3, 2026

Project Glasswing partners discovered more than 10,000 vulnerabilities in its first month.

EVENTS