https://youritpeeps.com/tech-security-news.html Plain-English technology and cybersecurity updates for small businesses. Thu, 04 Jun 2026 17:58:46 GMT https://youritpeeps.com/news/2026-05-26-from-poisoned-search-results-to-gpu-mining-a-cryptojacking-campaign-abusing-f439cae.html https://youritpeeps.com/news/2026-05-26-from-poisoned-search-results-to-gpu-mining-a-cryptojacking-campaign-abusing-f439cae.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity Microsoft Security Blog published research on From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities. The report describes attackers using poisoned search results and remote access tools to run unauthorized cryptocurrency mining on compromised systems. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed. https://youritpeeps.com/news/2026-05-30-malicious-npm-packages-abuse-dependency-confusion-to-profile-developer-envi-e8ee2f7.html https://youritpeeps.com/news/2026-05-30-malicious-npm-packages-abuse-dependency-confusion-to-profile-developer-envi-e8ee2f7.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity Microsoft Threat Intelligence has uncovered an active supply chain attack involving malicious npm packages registered under organizational scopes that mirror real internal corporate namespaces, employing dependency confusion technique to deploy an obfuscated reconnaissance payload. On May 28 and May 29, 2026, an attacker operating under three maintainer aliases mr. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed. https://youritpeeps.com/news/2026-05-28-the-gentlemen-ransomware-dissecting-a-self-propagating-go-encryptor-b4fdbd2.html https://youritpeeps.com/news/2026-05-28-the-gentlemen-ransomware-dissecting-a-self-propagating-go-encryptor-b4fdbd2.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity Microsoft Security Blog published research on The Gentlemen ransomware: Dissecting a self-propagating Go encryptor. The report describes ransomware behavior that can spread inside a network and encrypt business files, increasing the impact of a compromise. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed. https://youritpeeps.com/news/2026-05-26-abb-ability-zenon-remote-transport-vulnerability-update-a-a8f6960.html https://youritpeeps.com/news/2026-05-26-abb-ability-zenon-remote-transport-vulnerability-update-a-a8f6960.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity CISA published an advisory for ABB Ability Zenon Remote Transport Vulnerability (Update A). ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed. https://youritpeeps.com/news/2026-06-04-navtor-navbox-7d50cfa.html https://youritpeeps.com/news/2026-06-04-navtor-navbox-7d50cfa.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity CISA published an advisory for NAVTOR NavBox. Successful exploitation of this vulnerability could allow a local attacker to gain unauthorized access to SOAP methods, resulting in a disruption of operations. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed. https://youritpeeps.com/news/2026-05-28-cp-plus-8-ch-network-video-recorder-ea816d6.html https://youritpeeps.com/news/2026-05-28-cp-plus-8-ch-network-video-recorder-ea816d6.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity CISA published an advisory for CP Plus 8 Ch. Network Video Recorder. Successful exploitation of this vulnerability allows an attacker's malicious script to execute in the browser of any authenticated user or administrator who accesses the affected interface. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed. https://youritpeeps.com/news/2026-05-26-well-architected-best-practices-for-software-supply-chain-security-a0b5688.html https://youritpeeps.com/news/2026-05-26-well-architected-best-practices-for-software-supply-chain-security-a0b5688.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity There have been multiple notable supply chain attacks using the npm Registry since September: Shai-Hulud, Chalk/Debug, one abusing tea. xyz tokens, and recently axios. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed. https://youritpeeps.com/news/2026-05-22-from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-vi-6ecdf90.html https://youritpeeps.com/news/2026-05-22-from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-vi-6ecdf90.html Thu, 04 Jun 2026 17:58:46 GMT Cybersecurity A growing trend in modern intrusions is the compromise of internet-facing edge appliances such as firewalls and VPN gateways. Systems traditionally deployed as security boundaries are increasingly becoming first way into a system points due to the continued discovery and exploitation of critical vulnerabilities. This could affect real business systems quickly, especially if updates, access controls, or vendor guidance are delayed.