Security Tech News.

AMD developed a Linux DRM ioctl that is being disabled due to an ongoing security issue. The ioctl is being disabled to prevent potential security risks. The security issue is ongoing and has not been resolved. AMD is taking steps to address the issue.

Zcash prices drop following disclosure of a 2022 vulnerability in its Orchard shielded pool. The flaw could have enabled undetectable ZEC counterfeiting. The vulnerability affects the Orchard shielded pool specifically. This impacts ZEC holders and blockchain security protocols.

Google's cybersecurity organizations warn that data theft extortion groups are targeting professional and financial services organizations by impersonating IT support. These groups pose as IT technicians remotely and in person, convincing targets to download remote management and monitoring utilities or steal data using USB storage media. Between January and May, dozens of organizations were targeted with these kinds of attacks. The FBI reports that the Silent Ransom Group has victimized companies in various sectors, including law firms, since Spring 2023.

OpenAI will voluntarily comply with President Trump's new AI executive order, which requests access to the latest AI models 30 days before their release. The order was originally drafted to require 90-day submissions. OpenAI will submit its next-gen AI models to a benchmarking process to assess advanced cyber capabilities. The company has also suggested ways for governments to track AI safety and security issues globally.

ETH price crashed below $1,600 after a vulnerability in Zcash emerged and Bitcoin sold off below $60,000. Ether (ETH) plummeted to a 13-month low of $1,540. The Ether futures annualized funding rate flipped negative, indicating increased demand for short positions. Demand for downside price protection surged as the Deribit ETH options put-to-call premium spiked to 3.7 times. Ethereum network Total Value Locked (TVL) declined to its lowest since February 2024.

The White House plans to regulate artificial intelligence before it is widely used. The US government previously adopted a hands-off approach, allowing AI development to proceed without oversight. This shift in policy aims to address concerns about AI's potential impact. The government's new stance prioritizes safety and security over concerns about slowing down American companies.

Trump signed a national security memorandum directing accelerated AI use in U.S. intelligence and warfighting operations. The directive emphasizes alignment with American values. The move targets AI integration in defense and intelligence domains. It reflects a formal policy push for AI in military and security functions.

Bitcoin briefly fell below $60,000 on Friday, extending its weekly loss to nearly 20%. A 40%-plus plunge in Zcash occurred after Shielded Labs disclosed a years-old bug that could have allowed undetected counterfeit ZEC creation. Bitcoin is now perfectly correlated with stocks, which were down nearly 4% on Friday. The bug's disclosure has caused market volatility, with some investors describing Bitcoin as 'swallowing broken glass'.

Wyze has issued a recall of its Solar Cam Pan security cameras due to incorrect installation instructions. The US Consumer Product Safety Commission lists over 321,360 units affected in the US, with 2,560 units sold in Canada. There have been 13 reports of security cameras overheating, six incidents involving explosions and fires, and six reports of consumers suffering minor burns. Wyze is offering a free replacement camera, a full refund, or a gift card for the original purchase price.

The Sound Blaster Katana V2X speaker, sold by Creative Technologies for $283, can be hacked over the air to infect connected devices. Researcher Rasmus Moorats discovered the vulnerability by accident while trying to create a Linux tool to communicate with the speaker. The speaker's proprietary Creative Transport Protocol allows devices to send commands and receive responses, and Moorats found that his Bluetooth device could connect to the speaker without authentication.

William Barlow, former IBM vice president of threat intelligence, alleges IBM covered up three data breaches by foreign governments between 2013 and 2016. The breaches involved IBM's core network and at least two subsidiaries, with data stolen and government agencies never notified. Barlow claims the attacks were carried out by APT 10, a Chinese government-linked group targeted by the FBI in 2018. IBM declined to comment, stating the lawsuit was filed in 2020 and the U.S.

The Learn Repo offers 260 free blog posts on marketing strategies, ordered by HackerNoon reader engagement data. The posts cover various topics, including growth marketing vs performance marketing and AI statistics. The content is available at LearnRepo.com. Marketing is emphasized as crucial in today's business landscape. The posts aim to provide readers with the best strategies for their companies and customers. The content is free and accessible online.

The American Business Software Alliance opposes mandatory open-source licensing in Europe. BSA argues that sovereignty is protected by governance, audit and risk mitigation. Thomas Boue stated that such criteria raise costs and threaten EU trade commitments. The stance is part of a direct message sent to the French government during a closed consultation.

OpenAI has begun rolling out Lockdown Mode, an optional security setting designed to protect users from prompt injection attacks. Lockdown Mode limits some features, including Deep Research and Agent Mode, but still allows image generation and file uploads. It is intended for people and organizations handling sensitive data. Enabling Lockdown Mode does not change memory or file uploads. OpenAI notes that Lockdown Mode won't stop prompt injections from appearing in content ChatGPT processes.

IronWorm malware infects 36 npm packages with Rust-based infostealer. It targets 86 environment variables and 20 credential files including OpenAI, AWS, Anthropic, npm, SSH keys, and Exodus wallet files. The malware hides behind an eBPF kernel rootkit and communicates via Tor. Researchers at JFrog identified the attack in npm supply-chain.

Anthropic embedded engineers at the NSA for offensive cyber operations. The company published a report warning AI could build itself without human oversight. This capability could emerge within the next few years. The report urges global pause on AI development to prevent autonomous systems from acting without human control.

Hackers exploit CVE-2026-28318 flaw in SolarWinds Serv-U to crash servers. The vulnerability allows remote attackers to trigger denial-of-service via specially crafted POST requests without authentication. SolarWinds released Serv-U 15.5.4 Hotfix 1 to patch the issue. CISA added the flaw to its Known Exploited Vulnerabilities Catalog and mandated federal agencies to patch by June 19 under BOD 22-01. Shodan tracks 12,000 exposed Serv-U servers, Shadowserver tracks 3,100.

Amazon Bedrock releases a new console experience optimized for Anthropic and OpenAI-compatible APIs. The console supports GPT, Claude, and open-weight models via bedrock-mantle endpoint with OpenAI Responses, Chat Completions, and Anthropic Messages APIs. Users can compare up to three models side by side and view token usage, inference requests, and pricing per model. The project dashboard shows real-time inference metrics and model distribution by date and usage.

Cloudflare acquired VoidZero, a company that provides a service for caching and optimizing web content. The acquisition aims to improve the performance and security of the open web. VoidZero's technology will be integrated into Cloudflare's platform to enhance its caching and content delivery capabilities. This move is expected to benefit developers and users by reducing latency and improving overall web experience. Cloudflare's acquisition of VoidZero is a strategic step towards stabilizing the open web.