Archive for June 11, 2026

Check Point Joins OpenAI’s Trusted Access for Cyber Program and Daybreak Initiative

Posted in Commentary with tags on June 11, 2026 by itnerd

Check Point today announced it has been approved as a member of OpenAI’s Trusted Access for Cyber (TAC) program and accepted into Daybreak, OpenAI’s cybersecurity initiative for vetted security organizations.

The threat landscape is being shaped by AI. Threat actors are using it to move faster, craft more convincing attacks, and find vulnerabilities at scale. Cyber defenders need equivalent or stronger capabilities, and the quality of the models powering defensive security workflows is a real variable in that equation.

As a Trusted Access for Cyber member, Check Point now leverages GPT-5.5 with Trusted Access for Cyber as part of its defensive security operations. This supports security teams with analyzing threats, investigating incidents, or building detections in real time. Security operations do not pause for friction.

Daybreak goes further, additionally providing Check Point with access to OpenAI’s Codex harness and direct expert support from OpenAI’s cybersecurity team. This is a collaborative framework, and having dedicated support from the team building the models that power Check Point’s defensive workflows is a meaningful operational advantage.

OpenAI Trusted Access for Cyber and Daybreak membership represent foundational investments in how Check Point integrates AI into its security platform, built with the rigor and responsibility that enterprise security demands.

Leave a comment »

Threat Actors exploiting High Severity Vulnerability in Langflow

Posted in Commentary with tags on June 11, 2026 by itnerd

Threat actors are actively exploiting CVE-2026-5027, a high-severity path traversal vulnerability in Langflow, a popular low-code platform for building AI applications. The flaw, disclosed in March, allows unauthenticated attackers to write files to arbitrary locations on vulnerable systems and potentially achieve remote code execution by abusing an unsanitized filename parameter in the platform’s file upload functionality.

The ‘POST /api/v2/files’ endpoint does not sanitize the ‘filename’ parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences (‘../’).

Researchers at VulnCheck observed attackers dropping test files on exposed systems, with roughly 7,000 internet-accessible Langflow instances potentially at risk. The vulnerability is particularly concerning because Langflow enables auto-login by default, allowing attackers to obtain a valid session token without credentials.

Andrew Obadiaru, CISO, Cobalt:

     “From an attacker’s perspective, development platforms are often more attractive than the applications they produce because they can provide access to source code, credentials, deployment pipelines, and downstream systems. The fact that exploitation can begin with a single unauthenticated request significantly lowers the barrier to entry. Security teams should view AI development platforms as part of their critical attack surface and subject them to the same continuous testing and exposure management practices they apply to internet-facing business applications.”

Dale Hoak, CISO, RegScale:

     “The rapid adoption of AI platforms and low-code AI development frameworks is creating a new class of operational risk that many organizations are still unprepared to manage at scale. Vulnerabilities like this highlight how quickly AI tooling can become part of the enterprise attack surface, often before governance, asset visibility, and security monitoring processes fully mature. When a flaw enables unauthenticated access and potential remote code execution, organizations need to immediately understand where these platforms are deployed, whether they are internet exposed, how quickly patches can be validated and applied, and what downstream systems may be impacted. As AI adoption accelerates, security teams need continuous visibility into AI-related assets, stronger configuration governance, and automated assurance processes capable of identifying and responding to emerging risks in near real time.”

This is another call to action when it comes to low code tools that are used in business. They can be used as good or bad in business. Don’t be on the bad side.

Leave a comment »

Guest Post: AI isn’t just getting smarter – it’s becoming more independent. Should we be worried? 

Posted in Commentary with tags on June 11, 2026 by itnerd

By Stefanie Schappert

As AI systems move dramatically closer to building their own highly advanced replicants – how we secure, monitor, and shape the behavior of these models only grows more important. 

Last week, Anthropic issued one of its strongest warnings yet about the future of artificial intelligence. 

Titled When AI builds itself and written by its own staff, the company behind Claude argues that AI systems are increasingly contributing to the development of newer, more capable AI models – a process known as “recursive self-improvement.” 

And while that may sound like a distant, futuristic concept – and the company says it’s “not inevitable” – the trend is already underway.

Claude is already helping build Claude 

In the report, Anthropic says Claude, as of last month, now writes a significant portion of the code used within its own systems – a whopping 80%, to be exact.

What’s more, Claude also now reviews its own work, looking for flaws and other defects, while also proposing changes to fix them.   

And that’s besides the thousands of engineers and developers who routinely rely on AI tools – like Claude Code – to generate their own code, troubleshoot software issues, automate testing, and assist researchers. 

In fact, one engineer I spoke with just last week told me they do not know anyone in the industry who actually writes their own code anymore.  

Anthropic says its concern is that those gains may eventually compound, bringing with them both positive and negative fallout.

For many regular folk, the concept of AI improving itself immediately conjures images of self-aware machines or science-fiction scenarios. But that’s not what worries most researchers.

Over the past year, developers working with advanced AI systems have increasingly reported instances where models appeared to take actions that were not explicitly intended. 

Some – including my engineer friend – have described Claude making unexpected coding decisions, attempting to complete objectives in ways users didn’t anticipate or ask for. 

One instance described the AI pushing changes before the work was fully approved, despite explicit instructions – instructions that it had been told by its human operator myriad times before as part of an “agreed-upon” workflow. 

Autonomy is the real warning sign 

These incidents do not mean AI systems are conscious or secretly plotting against humans. But they do highlight an important reality: today’s frontier models are becoming increasingly capable of acting independently within the goals they are given.

And yes, in many cases, that independence is exactly what makes them useful and can lead to major scientific breakthroughs that would take humans years. 

Anthropic goes through several scenarios in which Claude proposes its own research and even designs experiments based on its own findings, with very little human participation. 

When it comes to cybersecurity, automation is valuable because it operates at machine speed. 

Security tools can scan networks, identify threats, and respond far faster than humans ever could. But when automated systems make mistakes, those mistakes can also spread at machine speed.

Take this week’s release of the Claude Fable 5, the tamer and exponentially safer version of its powerful Mythos AI security model. 

The original Mythos model, first introduced in April, was so advanced that the company held the model back from public consumption, fearful of it falling into the wrong hands and becoming a tool of destruction that governments and security professionals alike would be helpless to defend against. 

The same principle applies to AI development.

Let’s face it: if AI can help accelerate scientific discovery and software engineering, it can also accelerate bugs, security flaws, and unintended consequences. 

The machine-speed problem 

AI does not need to be conscious to create damage. It only needs enough autonomy, access, and speed to make the wrong decision faster than humans can catch it.

The faster development cycles become, the less time humans may have to understand what is happening beneath the hood. 

In fact, the time between discovery and exploitation of a system vulnerability has collapsed from weeks to roughly 29 minutes, according to a CrowdStrike report from April. And that’s down from a 48-minute lag recorded in February. 

This is precisely the reason why Anthropic’s warning deserves attention.

The company’s report is not really about rogue machines taking over the world – it’s about a much more practical question: 

What happens when (and if) future models become fully and autonomously capable of designing and developing their own successors, and can we even predict what the possible fallout would be? 

Right now, Anthropic says, “The comparative advantage of humans as of right now is still in seeing the bigger picture and thinking beyond the confines of the immediate task.”

That immediate task for humans? Build the safeguards capable of reining in agentic AI faster than AI can build itself. 

Unfortunately, history suggests that’s not usually how humans or technology works.

ABOUT THE EXPERT

Stefanie Schappert, a senior journalist at Cybernews, is an accomplished writer with an M.S. in cybersecurity, immersed in the security world since 2019.  She has a decade-plus experience in America’s #1 news market working for Fox News, Gannett, Blaze Media, Verizon Fios1, and NY1 News.  With a strong focus on national security, data breaches, trending threats, hacker groups, global issues, and women in tech, she is also a commentator for live panels, podcasts, radio, and TV. Earned the ISC2 Certified in Cybersecurity (CC) certification as part of the initial CC pilot program, participated in numerous Capture-the-Flag (CTF) competitions, and took 3rd place in Temple University’s International Social Engineering Pen Testing Competition, sponsored by Google.  Member of Women’s Society of Cyberjutsu (WSC), Upsilon Pi Epsilon (UPE) International Honor Society for Computing and Information Disciplines. 

Leave a comment »

Leaseweb Appoints Jeroen Verkroost as Chief Marketing Officer 

Posted in Commentary with tags on June 11, 2026 by itnerd

Leaseweb, a leading sovereign hybrid cloud services and Infrastructure as a Service (IaaS) provider, today announced the appointment of Jeroen Verkroost as its new Chief Marketing Officer (CMO). With more than 20 years of experience leading digital growth, product innovation, and transformation across technology, media, and telecoms businesses, he will lead Leaseweb’s global marketing organization and play a central role in the next phase of the company’s growth.

In his new role, Verkroost will focus on strengthening Leaseweb’s global brand and market positioning. He will work closely with teams across the business to better understand customer needs and ensure marketing remains a key driver of growth as organizations embrace the opportunities presented by AI, digital infrastructure, and the sovereign hybrid cloud.

Verkroost joins Leaseweb from Holland Casino, where, as Director of Digital Transformation, he held executive board responsibility for the company’s digital growth strategy, technology, and online casino business. In this role, he led a €100M+ online business, delivering 16% revenue growth within 18 months while introducing AI-driven innovation across the organization. Prior to that, he held senior digital leadership roles at Microsoft, DPG Media, and Omnicom over a 20-year period.

Leave a comment »

Salesforce to Transform Fan Engagement and Tournament Operations at FIFA World Cup 2026 and FIFA Women’s World Cup 2027

Posted in Commentary with tags on June 11, 2026 by itnerd

Salesforce today announced a landmark partnership, becoming an Official Tournament Supporter of the FIFA World Cup 2026 in North America and Europe and the FIFA Women’s World Cup 2027 in North America and the host country Brazil. The multi-tournament partnership brings together the most-watched sporting events on the planet with Agentforce 360, the complete portfolio of Salesforce AI solutions that power the Agentic Enterprise — built on Slack, the work operating system where AI is multiplayer, right in the flow of work where your people already are.

FIFA World Cup 26™ will kick off across Mexico, Canada and the United States this summer and will be the largest tournament in FIFA history with 48 teams and an expected global audience of more than 5 billion. Salesforce technology will play a central role in how the tournament operates, engages fans, and coordinates with host cities. 

A Partnership Built for the AI Era

The partnership reflects a shared belief that the future of global events depends on intelligent, connected operations — a true Agentic Enterprise model. Done by bringing together AI agents, connected apps, trusted data, and people in Slack — the multiplayer operating system for AI — to reimagine what’s possible not just for the tournaments, but for the millions of fans, partners, and host communities who experience them.

How Salesforce Will Power the Tournaments

FIFA World Cup 26™ 
FIFA World Cup 26 will deploy Slack to coordinate workforce management across the 16 host cities in Mexico, Canada and the United States. Slack will serve as an operational surface for workforce, apps, and AI-powered workflows to work together in real time.

FIFA Women’s World Cup 2027™ 
For the FIFA Women’s World Cup 2027™ in Brazil, both Slack and Agentforce 360 Platform will power fan engagement across FIFA’s digital platforms, delivering always-on fan experiences. Autonomous agents will reason over tournament data to provide human-level support, empowering fans with personalized omni-channel interactions.

Stakeholder Communications
Both tournaments will use the Salesforce ecosystem — including Agentforce Service, Sales, and Marketing — to manage relationships and communications with host cities, suppliers, and stakeholders. By integrating Agentforce 360 and Slack, tournament coordination, stakeholder communications, and fan engagement is brought directly into the flow of work. This unified foundation enables the organization to automate interactions, drive revenue growth, and maximize operational efficiency.

Leave a comment »

RegScale Achieves ISO 27001 Certification in Under 30 Days Using Its Own Continuous Controls Monitoring Platform

Posted in Commentary with tags on June 11, 2026 by itnerd

RegScale today announced it has achieved ISO 27001 certification in under 30 days using its own Continuous Controls Monitoring (CCM) platform. For most organizations pursuing certification through manual processes, the journey runs around six months. RegScale’s result demonstrates what becomes possible when compliance runs continuously: certification is a byproduct of the program, not a project of its own.

The ISO/IEC 27001 certification was conducted by leading compliance assessor A-LIGN, a technology-enabled security and compliance partner trusted by more than 4,000 global organizations to help mitigate cybersecurity risks.

RegScale completed certification with zero major nonconformities and 123 fully implemented controls, managing its entire Information Security Management System within the platform. With RegScale having FedRAMP High authorization, the team reused existing control infrastructure and leveraged AI to write implementation statements directly from policy documentation, building all evidence artifacts in under two weeks. Total audit interview time across both Stage 1 and Stage 2 sessions was under 8 hours, roughly a third of what a typical ISO assessment requires.

Housing the entire ISMS in RegScale, including Change Management and Risk Management, also made it straightforward to present the full program to the auditors. Rather than assembling evidence from disparate sources on demand, the team demonstrated CCM in real time, directly within the platform.

The result reflects a broader shift across compliance operations. RegScale’s second annual State of CCM Report found that 83% of organizations report moderate or major delays due to manual compliance processes, while 58% spend more than 2,000 person-hours annually on evidence collection alone.

RegScale enables organizations to replace static audit preparation with always-on compliance readiness, where the work that achieves certification is the same work that maintains it through every surveillance audit that follows.

Today, RegScale also announces the latest OSCAL Hub innovations that further simplify the transition to continuous compliance management, making machine-readable formats easier to generate, validate, and operationalize across highly regulated environments. The latest OSCAL Hub release introduces new data-sharing capabilities for OSCAL artifacts, making the OSCAL Hub a leading distribution center for compliance-as-code. The Hub also introduces AI-powered OSCAL generation, visual document builders, and automated reconciliation capabilities that eliminate the manual bottlenecks slowing security and compliance teams.

To learn more about RegScale or schedule a demonstration, visit RegScale.

Leave a comment »

HP Warns Attackers Are Turning Legitimate Remote Access Tools Into Backdoors 

Posted in Commentary on June 11, 2026 by itnerd

HP today issued its latest Threat Insights Report, which shows attackers using trusted software, disguised malware and increasingly believable lures to gain access to user devices. The research highlights a growing challenge for both users and defenders as malicious activity becomes harder to distinguish from legitimate behavior.

The report provides an analysis of real-world cyberattacks, helping organizations keep up with the latest techniques cybercriminals are using to evade detection and breach PCs in the fast-changing cybercrime landscape. Based on the millions of endpoints running HP Wolf Security*, notable campaigns identified by HP Wolf Security threat researchers include:

  • Legitimate Remote Access Tools Abused for Backdoor Access: Cybercriminals are abusing applications like LogMeIn and ScreenConnect to take control of victim devices without raising suspicion. Campaigns first used tax year-end phishing emails and fake desktop app downloads – including dating websites – to then persuade users into installing legitimate remote access tools. These tools are controlled by the attackers and help them to blend in with normal IT activity, giving total control over user devices.
  • Attackers Preying On Desperate Users Trying to Recover Lost Crypto Wallets: Fake crypto wallet recovery tools are being spread by attackers who claim to be helping users locate lost wallets but instead steal them. Often shared via code-sharing platforms and media download sites, the emoji-filled infostealer scripts appear to be “vibe-coded”, capable of harvesting credentials, wallet and system data before packaging it into archive files for exfiltration.
  • ClickFix Campaigns Hide Malware in ‘Audio’ Files: Attackers behind recent ClickFix campaigns are disguising malware as audio files to evade detection. Victims are guided through realistic CAPTCHA prompts on well-designed fake websites, triggering malicious commands that quietly execute disguised payloads in the background.

By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely inside secure containers – HP Wolf Security has insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on over 60 billion email attachments, web pages, and downloaded files with no reported breaches.

The report, which examines data from January-March 2026, details how cybercriminals continue to diversify attack methods to bypass security tools revealing that:

  • At least 11% of email threats identified by HP Sure Click bypassed one or more email gateway scanners.
  • .zip files were the most popular malware delivery type (40%), followed by executable files (38%) and PDF documents (11%).
    • PDF-based malware increased 3%, with attackers using a wide range of lures such as court documents and bonus payments to create urgency and drive clicks.

Please visit the HP Threat Research blog to view the report.

Frequently Asked Questions

  1. What is the main finding from HP’s latest Threat Insights Report?

HP’s latest Threat Insights Report found that cybercriminals are increasingly abusing legitimate remote access tools, fake downloads and increasingly believable social engineering lures to take control of users’ PCs. Attackers are disguising malicious activity as normal user behaviour, such as installing trusted tools, to evade detection.

  • How are attackers abusing legitimate remote access tools?

Attackers are using trusted remote access applications such as LogMeIn and ScreenConnect as backdoors into victim devices. In the campaigns analysed by HP threat researchers, victims were persuaded to install these tools through tax year-end phishing emails and fake desktop app downloads, including fake dating website downloads. Once installed, the tools gave attackers persistent control while helping them blend in with normal IT activity.

  • What other tactics did HP researchers uncover?

HP researchers also found fake crypto wallet recovery tools designed to steal credentials, wallet data and system information. Some of the scripts were emoji-heavy and appeared to be “vibe-coded”, suggesting attackers may be using AI-assisted coding techniques to create parts of their attacks. Researchers also identified ClickFix campaigns in which malware was disguised as audio files and delivered through realistic CAPTCHA prompts on well-designed fake websites.

  • Why are these attacks difficult for users and defenders to spot?

These attacks are difficult to spot because they often look like legitimate activity. Remote access tools are widely used by IT teams, CAPTCHA prompts are familiar to users, and phishing lures tied to events such as the end of the tax year can feel timely and credible. This makes malicious behaviour harder to distinguish from normal business activity or routine online interactions.

  • What can organizations do to reduce the risk?

HP recommends reducing unnecessary user privileges, controlling which software can be installed, and isolating risky activity such as downloads, unknown links and attachments. The findings also show why organizations should not rely on detection alone, especially when attackers are using trusted software and legitimate-looking workflows to gain access to user devices.

About the Data

This data was gathered from consenting HP Wolf Security customers from January-March 2026, with investigations conducted by the HP Threat Research Team.

Leave a comment »

PureVPN Launches Integrated ChatGPT Co-Pilot: Finds, Configures and One-Tap Connects to VPN Servers via Natural Language

Posted in Commentary with tags on June 11, 2026 by itnerd

PureVPN today announced native integration with ChatGPT, launching an in-chat application designed to act as a security and global access co-pilot.

The integration lets users discover streaming availability across regions, receive optimized VPN server recommendations, and connect instantly through deep links generated within ChatGPT. It is believed to be the first such VPN app integration.

Available through the ChatGPT app ecosystem, PureVPN allows users to ask conversational questions such as:

  • “Which VPN server is best for gaming in Germany?”
  • “Connect me to Japan”
  • “Why is my VPN connection slow?”
  • “What’s the best server for streaming to my location?”

ChatGPT then recommends relevant VPN locations and provides a direct connection path through the PureVPN app.

For many users, VPNs usage remains unnecessarily complex and foreign to their tech/user interaction norms. Making the right choices from among hundreds of server options, understanding advanced features and alerts, and diagnosing connection issues often requires technical familiarity that many users don’t have in their real-time moment of need.

The PureVPN ChatGPT integration reflects a broader shift in how users interact with the internet. Consumer device interfaces have evolved substantially over the last decade, elevating ease-of-use expectations and preparing them for what’s next. The embrace of conversational AI signals that consumers are eager to evolve beyond legacy search and navigation workflows.

Privacy Protection

As a user interacts with ChatGPT to invoke PureVPN, ChatGPT returns recommendations and can generate a deep link that launches PureVPN.

This integration bridges conversational AI with digital privacy without compromising user security. ChatGPT functions strictly as an interactive control panel, guiding users to the right setups and providing the direct link, while the actual VPN connection and military-grade encryption are executed entirely inside the native PureVPN app. No user data is revealed to ChatGPT.

Bridging Discovery and Connectivity

Traditionally, VPN usage requires users to manually browse server lists, test locations, and reconnect between regions. PureVPN’s ChatGPT integration streamlines this process into a simplified workflow:

Ask → Discover → Connect

The integration is designed to support a range of use cases across streaming, gaming, and travel.

Streaming Discovery

Users can identify which regions provide access to specific content and connect directly to recommended VPN locations.

Gaming Optimization

Gamers can receive server recommendations based on region and performance requirements to improve stability and reduce latency.

Travel and Browsing

Travelers can discover optimal browsing regions, pricing advantages, and location recommendations while abroad.

A Shift Toward AI-Native Internet Experiences

The launch marks a step toward AI-native internet interactions, where users engage with services conversationally rather than through traditional interfaces.

By integrating directly with ChatGPT, PureVPN aims to simplify how users access secure and unrestricted internet connectivity while reducing complexity in everyday VPN usage.

Availability

Available today in the United States, Canada, Australia, Germany, France, Japan, the Netherlands, Singapore, Switzerland, and the UAE, the new integration can be accessed via the official ChatGPT Apps Directory.

Leave a comment »