Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Today’s signal The Hacker News recently reported Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints. Published context: June 30, 2026. Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026-33017 (CVSS score: 9.3), an unauthenticated remote code execution (RCE) vulnerability in Langflow, indicating threat actors are scanning and targeting exposed a ...

July 1, 2026 · 3 min · David Gomez

AWS Security Hub CSPM launches AI Security Best Practices standard with 31 automated controls

Today’s signal AWS What’s New recently reported AWS Security Hub CSPM launches AI Security Best Practices standard with 31 automated controls. Published context: June 30, 2026. Today, AWS Security Hub CSPM announces the AI Security Best Practices standard, a set of 31 automated security controls that detect when your deployed AI resources do not align with security best practices. Developed by AWS security experts, this standard helps you continuously evaluate your Amazon Bedrock, Amazon Bedrock AgentCore, and Amazon SageMaker work ...

July 1, 2026 · 2 min · David Gomez

Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

Today’s signal The Hacker News recently reported Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer. Published context: June 30, 2026. An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Stealer. The intrusion involves the exploitation of CVE-2026-48558 (CVSS score: 10.0), a critical authentication bypass vulnerability impacting the OpenID Connect (O The reason this matters is simple: buyers are paying attention to speed, operational resilience, and credible technical execution. A trending story can create awareness, but the business question is what a team should do with that attention. ...

June 30, 2026 · 3 min · David Gomez

AWS WAF adds support for Amazon Bedrock AgentCore Gateway

Today’s signal AWS What’s New recently reported AWS WAF adds support for Amazon Bedrock AgentCore Gateway. Published context: June 29, 2026. Today, AWS announces general availability of AWS Web Application Firewall (AWS WAF) protection for Amazon Bedrock AgentCore Gateway, enabling you to protect your agentic AI workloads from common web exploits and abuse. As enterprises move agentic applications from prototype to production, this launch gives security and platform teams ability to apply consist ...

June 30, 2026 · 2 min · David Gomez

Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

Today’s signal The Hacker News recently reported Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse. Published context: June 29, 2026. A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity company ESET said it observed 35 distinct spear-phishing campaigns mounted by Gamaredon against new targets, with most of them taking place in the second half o ...

June 29, 2026 · 3 min · David Gomez

Amazon EC2 M8a instances now available in the Asia Pacific (Mumbai) region

Today’s signal AWS What’s New recently reported Amazon EC2 M8a instances now available in the Asia Pacific (Mumbai) region. Published context: June 25, 2026. Starting today, the general-purpose Amazon EC2 M8a instances are available in AWS Asia Pacific (Mumbai) region. M8a instances are powered by 5th Gen AMD EPYC processors (formerly code named Turin) with a maximum frequency of 4.5 GHz, deliver up to 30% higher performance, and up to 19% better price-performance compared to M7a instances. M8a instances deliver ...

June 29, 2026 · 2 min · David Gomez

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

Today’s signal The Hacker News recently reported New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets. Published context: June 26, 2026. DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it lets a local user corrupt file-backed memory through a cloned network packet and gain root. The patch ...

June 28, 2026 · 3 min · David Gomez

Amazon EC2 C8in instances are now available in additional regions

Today’s signal AWS What’s New recently reported Amazon EC2 C8in instances are now available in additional regions. Published context: June 25, 2026. Starting today, Amazon Elastic Compute Cloud (Amazon EC2) C8in instances are available in the AWS US East (Ohio) and Europe (Ireland) regions. C8in instances are powered by custom, sixth generation Intel Xeon Scalable processors, available only on AWS. These instances feature the latest sixth generation AWS Nitro cards, delivering up to 43% higher performanc ...

June 28, 2026 · 2 min · David Gomez

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

Today’s signal The Hacker News recently reported CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue. Published context: June 26, 2026. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. ...

June 27, 2026 · 3 min · David Gomez

Amazon EC2 R8g instances now available in additional regions

Today’s signal AWS What’s New recently reported Amazon EC2 R8g instances now available in additional regions. Published context: June 26, 2026. Starting today, Amazon Elastic Compute Cloud (Amazon EC2) R8g instances are available in AWS Asia Pacific (Thailand, New Zealand), AWS Africa (Cape Town), AWS Europe (Milan), and AWS Canada West (Calgary) regions. These instances are powered by AWS Graviton4 processors and deliver up to 30% better performance compared to AWS Graviton3-based instances. Amazon ...

June 27, 2026 · 2 min · David Gomez

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited

Today’s signal The Hacker News recently reported CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited. Published context: June 24, 2026. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday warned of active exploitation of a critical security flaw impacting Lantronix EDS5000 Series devices, urging Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 26, 2026. The vulnerability in question is CVE-2025-67038 (CVSS score: 9.8), a code injection flaw ...

June 26, 2026 · 3 min · David Gomez

Kiro achieves FedRAMP High and DoD IL-4/5 authorization in AWS GovCloud (US)

Today’s signal AWS What’s New recently reported Kiro achieves FedRAMP High and DoD IL-4/5 authorization in AWS GovCloud (US). Published context: June 25, 2026. Kiro is now FedRAMP High and Department of Defense Cloud Computing Security Requirements Guide (DoD CC SRG) Impact Level (IL) 4 and 5 authorized in the AWS GovCloud (US) Regions. Federal agencies, public sector organizations, and other enterprises with FedRAMP High and DoD CC SRG IL-4/5 compliance requirements can now use Kiro as their agentic engineering pa ...

June 26, 2026 · 2 min · David Gomez