<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Security on IT News</title>
    <link>https://it-news.uk/tags/security/</link>
    <description>Recent content in Security on IT News</description>
    <generator>Hugo</generator>
    <language>en-us</language>
    <lastBuildDate>Tue, 07 Jul 2026 00:00:00 +0800</lastBuildDate>
    <atom:link href="https://it-news.uk/tags/security/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>A ChatGPT Prompt Injection Trick Let Researchers Leak Internal File Paths</title>
      <link>https://it-news.uk/posts/chatgpt-prompt-injection-file-leak-vulnerability/</link>
      <pubDate>Tue, 07 Jul 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/chatgpt-prompt-injection-file-leak-vulnerability/</guid>
      <description>&lt;p&gt;There&amp;rsquo;s a quiet tension in how chatbots handle the files you upload. You can ask ChatGPT to summarize a PDF, edit a spreadsheet, or analyze an image, but you can&amp;rsquo;t download the original file back. That&amp;rsquo;s by design. But a security researcher figured out how to bypass that restriction, and the trick reveals more than just a missing download button.&lt;/p&gt;</description>
    </item>
    <item>
      <title>How Attackers Turned Microsoft&#39;s Own Login Pages Into Phishing Bait</title>
      <link>https://it-news.uk/posts/microsoft-login-phishing-kaspersky/</link>
      <pubDate>Tue, 07 Jul 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/microsoft-login-phishing-kaspersky/</guid>
      <description>&lt;p&gt;There&amp;rsquo;s a kind of phishing that&amp;rsquo;s nearly impossible to spot at first glance — because you&amp;rsquo;re logging into the real website. Kaspersky researchers have documented a campaign that weaponized Microsoft&amp;rsquo;s own identity platform, tricking victims into completing a legitimate OAuth authentication flow on microsoft.com while attackers pocketed the access tokens behind the scenes.&lt;/p&gt;</description>
    </item>
    <item>
      <title>A security team found a way to break out of Claude Desktop&#39;s sandbox — and get root on its VM</title>
      <link>https://it-news.uk/posts/claude-desktop-sandbox-security-flaw-windows/</link>
      <pubDate>Mon, 06 Jul 2026 22:35:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/claude-desktop-sandbox-security-flaw-windows/</guid>
      <description>&lt;p&gt;A security research team called Armadin has found a way to punch through the sandbox isolation in Anthropic&amp;rsquo;s Claude Desktop app for Windows. The flaw lets an attacker gain root access inside the Ubuntu virtual machine that powers Claude Cowork — and then send data past the network boundaries Anthropic put in place.&lt;/p&gt;</description>
    </item>
    <item>
      <title>&#39;Bad Epoll&#39; Linux Vulnerability Gives Attackers Root Access — Android Phones Are Affected Too</title>
      <link>https://it-news.uk/posts/bad-epoll-linux-vulnerability-root-access-android/</link>
      <pubDate>Sun, 05 Jul 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/bad-epoll-linux-vulnerability-root-access-android/</guid>
      <description>&lt;p&gt;Jaeyoung Chung, a security researcher at Seoul National University, found something worrying in the Linux kernel earlier this year. The vulnerability, now tracked as CVE-2026-46242 and nicknamed &amp;ldquo;Bad Epoll,&amp;rdquo; lives in the epoll subsystem, a core piece of the Linux kernel that handles how applications respond to I/O events. It earned a CVSS score of 7.8, putting it in the high-severity bucket, and its reach extends well beyond desktop Linux.&lt;/p&gt;</description>
    </item>
    <item>
      <title>Linux Had 2,308 CVEs in the First Half of 2026 — More Than Any Other Platform</title>
      <link>https://it-news.uk/posts/linux-2308-cves-h1-2026-ranking/</link>
      <pubDate>Sat, 04 Jul 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/linux-2308-cves-h1-2026-ranking/</guid>
      <description>&lt;p&gt;Greg Kroah-Hartman, one of Linux&amp;rsquo;s most active maintainers, posted the first-half 2026 vulnerability stats on his social feed Thursday. The numbers are striking — and they tell a story that goes well beyond which vendor had the worst quarter.&lt;/p&gt;&#xA;&lt;p style=&#34;text-align: center;&#34;&gt;&lt;img src=&#34;https://it-news.uk/images/itnews-972498-0.jpg&#34; alt=&#34;Linux kernel led H1 2026 with 2,308 CVEs, followed by Google at 1,752. Chrome ha — Image 1&#34; style=&#34;text-align: center;&#34;&gt;&lt;/p&gt;</description>
    </item>
    <item>
      <title>Anthropic&#39;s Claude Code Was Secretly Fingerprinting Users in China</title>
      <link>https://it-news.uk/posts/anthropic-claude-code-china-detection-secret/</link>
      <pubDate>Wed, 01 Jul 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/anthropic-claude-code-china-detection-secret/</guid>
      <description>&lt;p&gt;A Reddit user pulled apart Claude Code version 2.1.196 and found something that wasn&amp;rsquo;t in the release notes: a detection system that checks whether you&amp;rsquo;re in China.&lt;/p&gt;&#xA;&lt;p&gt;The tool, which has been running since April 2, inspects the system timezone for Asia/Shanghai or Asia/Urumqi, then cross-references URLs against a list of 147 domains. That list includes major Chinese tech companies (Baidu, Alibaba, ByteDance) and AI labs like Moonshot AI, MiniMax, and Stepfun, plus a long tail of Claude API relay services.&lt;/p&gt;</description>
    </item>
    <item>
      <title>Apple&#39;s iOS 26.5.2 Patches Critical Kernel Bug Found by Baidu Security Team</title>
      <link>https://it-news.uk/posts/apple-ios-26-5-2-security-patch-kernel-cve/</link>
      <pubDate>Tue, 30 Jun 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/apple-ios-26-5-2-security-patch-kernel-cve/</guid>
      <description>&lt;p&gt;Apple dropped iOS and iPadOS 26.5.2 on Tuesday, a security-focused update that patches nearly 30 vulnerabilities — including a kernel-level bug that could let attackers corrupt memory and crash devices.&lt;/p&gt;&#xA;&lt;p&gt;The update (build 23F84) arrives 28 days after the last point release. Apple&amp;rsquo;s release notes are characteristically terse: &amp;ldquo;This update provides security fixes for your iPhone.&amp;rdquo; The full disclosure tells a bigger story.&lt;/p&gt;</description>
    </item>
    <item>
      <title>Hackers are using OpenAI&#39;s own invitation system to phish employees</title>
      <link>https://it-news.uk/posts/hackers-openai-invitation-phishing-attack/</link>
      <pubDate>Tue, 30 Jun 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/hackers-openai-invitation-phishing-attack/</guid>
      <description>&lt;p&gt;There&amp;rsquo;s a new phishing technique making the rounds, and this one is hard to spot because the emails come from OpenAI itself.&lt;/p&gt;&#xA;&lt;p&gt;Security firm Push Security revealed Monday that hackers created a fake &amp;ldquo;Push Security Inc&amp;rdquo; organization on OpenAI&amp;rsquo;s platform and used the company&amp;rsquo;s own notification system to send invitation emails to Push Security employees. The emails arrive from &lt;a href=&#34;mailto:noreply@tm.openai.com&#34;&gt;noreply@tm.openai.com&lt;/a&gt; — a legitimate OpenAI address that passes standard email authentication checks.&lt;/p&gt;</description>
    </item>
    <item>
      <title>New &#39;DirtyClone&#39; Linux Vulnerability Lets Attackers Gain Root Access — CVSS 8.8</title>
      <link>https://it-news.uk/posts/dirtyclone-linux-vulnerability-root-access-cve-2026/</link>
      <pubDate>Sat, 27 Jun 2026 00:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/dirtyclone-linux-vulnerability-root-access-cve-2026/</guid>
      <description>&lt;p&gt;Another week, another Linux kernel bug with roots in how the system handles memory. This time it&amp;rsquo;s DirtyClone, tracked as CVE-2026-43503 and carrying a CVSS score of 8.8 — high severity, local privilege escalation, and potentially worse.&lt;/p&gt;</description>
    </item>
    <item>
      <title>Microsoft&#39;s 2011 Secure Boot Certificates Begin Expiring — What It Means for Windows Users</title>
      <link>https://it-news.uk/posts/windows-secure-boot-certificates-expire-2026/</link>
      <pubDate>Wed, 24 Jun 2026 18:00:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/windows-secure-boot-certificates-expire-2026/</guid>
      <description>&lt;p&gt;Microsoft&amp;rsquo;s three core certificates underpinning the Windows Secure Boot mechanism are entering their expiration phase, with the first certificate reaching end-of-life on June 24, 2026. These certificates, issued in 2011, have served as the trust anchors for verifying the digital signatures of every firmware and software component during the PC boot process. The transition requires migrating the trust chain in system firmware from the 2011-era certificates to a new set issued in 2023.&lt;/p&gt;</description>
    </item>
    <item>
      <title>LastPass Discloses Third-Party Supply Chain Attack Exposing Customer Data</title>
      <link>https://it-news.uk/posts/lastpass-klue-supply-chain-attack-data-leak/</link>
      <pubDate>Wed, 24 Jun 2026 05:24:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/lastpass-klue-supply-chain-attack-data-leak/</guid>
      <description>&lt;p&gt;Password management giant LastPass has disclosed yet another security incident, this time stemming from a supply chain attack that leveraged a compromised third-party integration to gain access to sensitive customer data.&lt;/p&gt;</description>
    </item>
    <item>
      <title>Critical FFmpeg Vulnerability Lets Attackers Hijack Systems via Malicious Video Files</title>
      <link>https://it-news.uk/posts/ffmpeg-critical-vulnerability-cve-2026-8461/</link>
      <pubDate>Tue, 23 Jun 2026 20:48:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/ffmpeg-critical-vulnerability-cve-2026-8461/</guid>
      <description>&lt;p&gt;A critical security vulnerability has been discovered in FFmpeg, the world&amp;rsquo;s most widely deployed open-source multimedia framework, that allows attackers to hijack systems simply by getting them to process a maliciously crafted video file. The vulnerability, tracked as CVE-2026-8461 with a CVSS severity score of 8.8 out of 10, has already been patched in an emergency release.&lt;/p&gt;</description>
    </item>
    <item>
      <title>Ubuntu 26.04 LTS Livepatch Brings Zero-Downtime Kernel Patching to Arm64</title>
      <link>https://it-news.uk/posts/ubuntu-livepatch-arm64/</link>
      <pubDate>Tue, 23 Jun 2026 15:28:00 +0800</pubDate>
      <guid>https://it-news.uk/posts/ubuntu-livepatch-arm64/</guid>
      <description>&lt;p&gt;Canonical announced today that its Canonical Livepatch zero-downtime kernel hot-patching technology now supports the Arm64 architecture. For the first time, Ubuntu systems running on Arm64 processors can apply critical kernel security updates without interrupting services or requiring a reboot — a significant milestone for the rapidly expanding Arm server and edge computing ecosystem.&lt;/p&gt;</description>
    </item>
  </channel>
</rss>
