Palantir's NHS data deal called in for a second opinion
Experts welcome contract review after claims NHS England missed chance to grow UK health tech market
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites
An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites.…
FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service
The platform used more than 9,000 phishing sites, stealing nearly 4 million credit cards and causing roughly $1.9 billion in losses. The post FBI, Google Dismantle ‘Outsider Enterp…
Britain plots digital bedtime after kicking under-16s off social media
UK plans to go further than Australia, while also targeting stranger contact, livestreaming, and addictive platform features
Maine Disables Data Breach Portal Due to Fake Submissions
Someone posted fake VRChat and Discord data breach reports on the system, prompting the Maine AG to take action. The post Maine Disables Data Breach Portal Due to Fake Submissions …
Google found liable for bad AI Overview results. Let’s play Truth Or Consequences
Hush. children, what’s that sound? Has the flood gates’ key been found?
Munch Museum Windows display gives visitors something to scream about
When art reflects modern realities
Chinese e-tailer claimed 14-inch box stretched the size of a 9-inch tablet
This is why you don’t let junior staff ‘save the company a few dollars’
Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts
Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudulent Facebook accounts im…
Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw
Palo Alto Networks has revealed that it has observed "active exploitation" of a recently disclosed PAN-OS vulnerability by an unknown threat actor to obtain unauthorized access to …
Curl will not accept vulnerability reports during July 2026
Article URL: https://daniel.haxx.se/blog/2026/06/15/curl-summer-of-bliss/ Comments URL: https://news.ycombinator.com/item?id=48537165 Points: 783 # Comments: 316
Fire burns Google Cloud India’s network, which remains slow a week later
PLUS: Japan’s space truck is back in business; Zoho's DIY servers; Record tech exports for Korea, and more!
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m giving a keynote at Cybernation 2026 in Berlin, Germany, on June 24, 2026. I’m speaking at the Potsdam Confer…
FBI disrupts massive AI-powered phishing service using a million URLs
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousan…
US Army picks out Vampire to fill a gap in its layered drone defenses
L3Harris supplies system that can down incoming drones with laser-guided rockets
AI is code – and can't be prompted into being smarter
From Java tests to Shai-Hulud, bots keep proving they'll swallow anything you feed them
EU sovereignty push gives tech buyers a new alphabet soup to swallow
Brussels presses on despite US fury as it looks to enforce cloud autonomy and bolster open source
Scientists pour cold water on claims phones are rewiring kids' brains
MPs told that while concerns over handsets and social media grows, evidence they're changing children's brains is limited
Ex-school district employee jailed for hacks on former employer
A former IT employee at an Iowa school district was sentenced to 21 months in prison after conducting a prolonged cyberattack against the former employer that disrupted classroom …
NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks
By default, npm install will no longer execute scripts from dependencies, unless explicitly allowed. The post NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain A…
Chinese hackers hijack auth flow, spy on isolated network for a decade
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. [...]
World Cup AI predictor now lets users ask daft what-ifs
Spoiler: It doesn't end well for Team Register
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote cod…
AWS rolls the dice for faster, more efficient networking
Honey, I flattened the datacenter network
US Gov asks Anthropic to ban 'foreign national' access to Fable, Mythos
The US government has ordered Anthropic to block all foreign nationals from accessing Fable 5 and Mythos 5, forcing the company to suspend both models worldwide. Anthropic is compl…
NHS patients can't opt out of Palantir's data platform – but their hospital can
Minister says trusts can go it alone on procurement as Parliament mulls February 2027 FDP contract renewal
XP-era Windows spotted haunting London's driverless railway
A blast from the past greets commuters
Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls
Anthropic takes Fable 5 and Mythos 5 offline to comply with a directive from the Trump administration to prevent use by foreign nationals. The post Anthropic Says It Has Taken Its …
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
Anthropic said on Friday it will "abruptly disable" its most advanced artificial intelligence (AI) models, Claude Fable 5 and Mythos 5, for all users after the U.S. government orde…
NanoClaw now armed with JFrog for safer packages
AI agents can't be trusted, so don't give them dangerous powers