IT Security Weekend Catch Up – June 12, 2026

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

1. [PL] Polish government approves National Digitalization Strategy
2. [PL] Is transparency a threat to national security?
3. [PL][VIDEO] Secret Department No. 4: What Russian intelligence agents study?
4. [PL] Expert warns there’s no such thing as a risk-free investment. A “safe” profit offer online could be a scam
5. [PL] The World Cup “guaranteed win” that drains your account: An analysis of a deepfake campaign ahead of the FIFA World Cup
6. [PL] Mandatory age checks for porn sites
7. [PL][AUDIO] Meta and Google in court. Will the verdicts change the internet?
8. [PL] Americans united in opposition to AI data centers
9. [PL] AI enables coordinated disinformation campaigns
10. [PL] Poland’s data protection chief appeals the closure of an investigation into AI-generated nude images of a student
11. Aviva detects record £230m in bogus insurance claims as use of AI rises
12. Pokémon Go data trained AI that could assist military drones in war zones
13. [VIDEO] Something is jamming GPS over Europe. Here's what we found
14. French govt messaging service breached in account hijacking attack
15. Spyware firm targeted WhatsApp users in defiance of US court order, Meta says

For the more technical

1. [PL][VIDEO] MCP – the hot topic in the world of app security
2. [PL] Signal rolls out new anti-phishing features
3. UNC1151/Ghostwriter phishing campaign targeting Gmail accounts
4. Active exploitation of Check Point VPN authentication bypass (CVE-2026-50751)
5. Inside the cross-platform propagation of a new Gafgyt variant C0XMO
6. June 2026 Patch Tuesday: Microsoft patches 206 vulnerabilities including three publicly disclosed zero-days
7. When "moderate" means "sometimes"
8. Google patches new Chrome zero-day flaw exploited in the wild
9. [VIDEO] The only Open Redirect that scares me
10. Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
11. Off by !: Exploiting a use-after-free in the Linux kernel
12. FSB’s matryoshka – Gamaredon’s gifts that keeps unpacking – GammaPhish and GammaWorm
13. FSB’s matryoshka #2/3 – Gamaredon’s gifts that keeps unpacking – GammaLoad
14. FSB’s matryoshka #3/3 – Gamaredon’s gifts that keeps unpacking – GammaSteel
15. Threat actors weaponize AI hype to deliver AsyncRAT
16. IronWorm: Shai-Hulud's rustier cousin
17. Miasma npm supply chain attack: Self-spreading worm via Phantom Gyp
18. Inside the Miasma software supply chain attack toolkit
19. The blight reaches Microsoft: 73 repos disabled in 105 seconds
20. You do surprise me.exe: An unexpected executable in Hola Browser
21. AI brands as bait: How threat actors are using the AI hype in social engineering
22. Don't fear the repo: UNK_DeadDrop phishing campaign targets developers to steal cryptocurrency
23. GoFlateLoader: A widespread Golang loader delivering multiple infostealers
24. Blinding the watchmen: Abusing cloud logging services for defense evasion and visibility
25. Technical analysis of MLTBackdoor
26. From fiscal lures to remote access, a previously undocumented NinjaOne RMM abuse chain
27. OceanLotus: From external espionage to domestic targeting
28. VerdantBamboo: Just another BRICKSTORM in the firewall
29. APT28, an evolution of tradecraft
30. Old WinRAR flaw fuels attacks on Ukraine: How unmanaged software keeps the door open
31. Seeking counsel: Ongoing targeted campaign against US law firms
32. Behind Khmer Shadow: Targeted espionage against Cambodian government entities

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.