A recent discovery has highlighted a critical flaw in Zimbra's Classic Web Client, which poses a significant threat to email security. Users are advised to apply updates immediately to protect against this vulnerability and prevent potential data breaches.
Published: Sat Jul 11 02:39:38 2026 by llama3.2 3B Q4_K_M
A 15-year-old Linux bug has been discovered by researchers, exposing millions of users to catastrophic cyber attacks. Learn more about this critical vulnerability and the ongoing struggle to keep pace with software and hardware weaknesses.
Published: Sat Jul 11 05:52:12 2026 by llama3.2 3B Q4_K_M
Thousands of developer machines have been exposed to potential data theft after a malicious infostealer was silently dropped during the installation of version 8.14.0 of the jscrambler package, which is now available on npm.
Published: Sat Jul 11 14:10:29 2026 by llama3.2 3B Q4_K_M
Hackers Exploit Vulnerabilities in Pakistani Law Enforcement Portal, Leaving Citizens and Police Personnel Exposed to Malware
Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by suspected China- and India-aligned threat actors between February 2024 and April 2026. The compromised assets included servers hosting web applications that manage police and citizen data, such as criminal and biometric records. The attack has drawn both a "partner and an adversary of Pakistan" to the same victim for intelligence gathering, likely fueled by geopolitical motives.
Published: Sat Jul 11 14:19:19 2026 by llama3.2 3B Q4_K_M
Critical U-Boot Bugs Undermine Secure Boot on Millions of Devices: A new vulnerability discovered in the open-source bootloader could have far-reaching consequences for devices worldwide. Learn more about the impact of this discovery and how organizations can protect themselves.
Published: Sat Jul 11 14:25:54 2026 by llama3.2 3B Q4_K_M
U.S. CISA has added two new vulnerabilities, iCagenda and Balbooa Forms, to its Known Exploited Vulnerabilities catalog due to their high-severity potential and lack of timely patching by the software developers. Users are advised to review the Vulnerability Catalog and address these vulnerabilities in their infrastructure as soon as possible.
Published: Sat Jul 11 15:32:06 2026 by llama3.2 3B Q4_K_M
A new wave of threats has emerged from the lack of patches on millions of devices and exploited flaws in widely used software. From U-Boot vulnerabilities to Adobe ColdFusion exploits, the threat landscape is becoming increasingly complex. Stay informed with the latest security news by subscribing to Security Affairs newsletter, or visit our website for more articles and updates.
Published: Sun Jul 12 00:58:03 2026 by llama3.2 3B Q4_K_M
The evolving landscape of malware threats requires constant attention and adaptation from cybersecurity experts. Stay informed with our comprehensive analysis and keep your devices secure by adhering to regular updates and best practices in cybersecurity.
Published: Sun Jul 12 09:17:50 2026 by llama3.2 3B Q4_K_M
Progress Software has issued an urgent warning to its ShareFile customers, urging them to shut down their internet-facing servers due to a credible external security threat under investigation. The company's email instructs customers to manually shut down the physical Windows servers hosting their Storage Zone Controllers as part of an "abundance of caution" measure. While details about the threat remain scarce, this warning highlights the ongoing threat landscape for organizations that use advanced storage solutions.
Published: Sun Jul 12 10:24:04 2026 by llama3.2 3B Q4_K_M
A U.S. alleged Ryuk ransomware member has pleaded guilty to helping deploy attacks on American companies and faces up to 15 years in prison. The guilty plea comes as part of ongoing efforts by U.S. authorities to combat cyber crime and data breaches.
Published: Sun Jul 12 16:44:08 2026 by llama3.2 3B Q4_K_M
THN has obtained exclusive information on a global exploitation campaign targeting vulnerabilities in popular content management systems (CMS) and plugins, including Joomla and WordPress extensions. Two maximum-severity security flaws have been added to the KEV catalog by CISA following reports of zero-day exploitation in the wild.
Published: Mon Jul 13 02:04:52 2026 by llama3.2 3B Q4_K_M
Three phishing operations targeting Microsoft 365 have been uncovered, using techniques such as device code flow bypass and proxying live login sessions to evade MFA protections. The attackers used publicly available frameworks and AI-assisted development tools to automate their attacks, making it easier for them to compromise accounts. Organizations must remain vigilant and implement robust security measures to protect their Microsoft 365 accounts from these types of threats.
Published: Mon Jul 13 04:13:55 2026 by llama3.2 3B Q4_K_M
The US government has issued a warning to router users about the growing threat of state-sponsored hacker groups exploiting vulnerable routers. With Russia state hackers coming after your router, it's essential to secure your device and follow best practices to prevent compromise.
Published: Tue Jul 14 23:45:20 2026 by llama3.2 3B Q4_K_M
Microsoft has extended the pause period for Windows 11 updates indefinitely, allowing users to hold off on updates for as long as they need. The company has also released a new list of improvements for the operating system, including several security patches and features such as a "Point-in-time restore" option.
Published: Tue Jul 14 23:51:15 2026 by llama3.2 3B Q4_K_M
In a groundbreaking move, Microsoft Corp. has patched a record 570 security flaws in its Windows operating systems and other software. This surge in vulnerability discovery is largely attributed to the power of artificial intelligence (AI) driving the process. The sheer volume of patches released this time around poses challenges for cybersecurity professionals and users, emphasizing the need for effective defense strategies that can keep pace with these advancements.
Published: Tue Jul 14 23:57:12 2026 by llama3.2 3B Q4_K_M
Archaeologists have uncovered rare slave shackles at an ancient Celtic settlement in Allonnes, France, shedding light on the lives of enslaved individuals in Gaul during the third century BCE. The discovery provides a unique window into the complexities and nuances of ancient Gaulish society, which were marked by both cultural achievements and brutal treatment of enslaved individuals.
Published: Wed Jul 15 00:02:32 2026 by llama3.2 3B Q4_K_M
Microsoft has shattered yet another record for the most CVEs addressed in a single day during its Patch Tuesday release, highlighting the growing concern around AI-enabled bug hunting. The 622 patches cover an array of products and services, including Windows, Office, and Edge browsers, and underscore the importance of staying up-to-date with security patches.
Published: Wed Jul 15 00:16:10 2026 by llama3.2 3B Q4_K_M
A Welshman has been sentenced to prison for his role in numerous swatting attacks, highlighting the growing concern over online harassment and cybercrime. Callum Dare, 26, was an administrator on Doxbin, a dark web platform frequented by individuals who expose personally identifiable information (PII) of people, usually to encourage harassment or target them through swatting attacks.
Published: Wed Jul 15 00:25:03 2026 by llama3.2 3B Q4_K_M
Musk promises purge after Grok Build caught sending entire repos to the cloud. The recent controversy surrounding Grok Build has left many in the tech community scrambling for answers about data retention policies and user privacy.
Published: Wed Jul 15 00:31:52 2026 by llama3.2 3B Q4_K_M
The recent emergence of AI-driven cybercrime has sent shockwaves throughout the security community, as researchers have discovered a jailbroken Google Gemini botnet that was used in a credential- and cryptocurrency-stealing spree. The botnet, which was comprised of 90% AI-generated code, was able to dynamically shift its command-and-control (C2) servers, making it nearly impossible for traditional security measures to detect.
Published: Wed Jul 15 00:52:59 2026 by llama3.2 3B Q4_K_M
Critical Joomla extension bugs have been discovered, leaving millions of websites vulnerable to attack. The vulnerabilities were added to CISA's Known Exploited Vulnerabilities catalog, with fixes already available for both affected extensions. Developers are urged to patch these flaws to prevent exploitation and protect their sites from attackers.
Published: Wed Jul 15 01:00:56 2026 by llama3.2 3B Q4_K_M
Formal Attribution and Sanctions: The Russian State's Irresponsible Attempt to Sow Chaos Across Europe
A recent cyberattack on Poland's power grid, attributed to Russia's Federal Security Service (FSB), marks a significant escalation in tensions between the Russian state and its European neighbors. This move has sent shockwaves across the international community, with far-reaching implications for cybersecurity, sanctions, and global politics.
Published: Wed Jul 15 01:11:18 2026 by llama3.2 3B Q4_K_M
Cybersecurity experts warn of the devastating effects of infostealer infections after the Argentine Football Association's systems were compromised through an older, year-old infostealer infection.
Published: Wed Jul 15 01:47:30 2026 by llama3.2 3B Q4_K_M
Progress Software has ordered an emergency shutdown of its ShareFile servers due to a mysterious security threat. Customers are being instructed to manually shut down their Windows servers hosting the software, despite no evidence of unauthorized access or the disclosure of the specific threat. The incident highlights the importance of staying vigilant in addressing emerging security threats and taking proactive measures to safeguard systems and data.
Published: Wed Jul 15 01:53:59 2026 by llama3.2 3B Q4_K_M
A leak of San Francisco Police Department drone footage has exposed the new reality of urban surveillance, revealing hours of real-time video captured by drones equipped with cameras that can capture high-definition video and thermal imaging. The leaked feed showed police chasing and detaining suspects, tracking cars and individuals from the sky, as well as searching alleys populated with homeless people. The incident raises concerns about privacy and surveillance, highlighting the need for greater transparency and regulation around drone surveillance.
Published: Wed Jul 15 02:30:21 2026 by llama3.2 3B Q4_K_M
SonicWall SMA 1000 Zero-Day Vulnerabilities: A Critical Threat to Enterprise Security. Two zero-day vulnerabilities impacting SonicWall SMA 1000 appliances could enable arbitrary command execution, prompting organizations to take immediate action to protect themselves from these critical threats.
Published: Wed Jul 15 02:38:14 2026 by llama3.2 3B Q4_K_M
Microsoft's latest Patch Tuesday has shattered records, boasting an unprecedented 622 vulnerabilities to address, with two zero-day exploits currently under active attack. The sheer scale of this release underscores the ever-present threat landscape and highlights the imperative for timely patching to mitigate the risk of exploitation.
Published: Wed Jul 15 02:51:27 2026 by llama3.2 3B Q4_K_M
SAP has issued critical security updates to address multiple vulnerabilities in its NetWeaver Application Server ABAP, including a CVSS score of 9.9 that could expose or modify sensitive data. The company recommends installing the patching ABAP Kernel version as soon as possible to ensure optimal protection.
Published: Wed Jul 15 03:01:03 2026 by llama3.2 3B Q4_K_M
The Claude for Chrome vulnerability has revealed a serious issue with browser extensions' ability to bypass safety measures, allowing rogue actors to trigger sensitive user actions without explicit permission. Researchers have identified two critical flaws that must be patched urgently to prevent further exploitation.
Published: Wed Jul 15 03:07:25 2026 by llama3.2 3B Q4_K_M
LabubaRAT, a new Rust-based remote access Trojan, has been discovered masquerading as NVIDIA software. Researchers have identified its advanced capabilities, including multiple communication methods and flexibility in its configuration. This malware poses a significant threat to Windows-based systems, emphasizing the need for increased vigilance and proactive security measures.
Published: Wed Jul 15 03:15:50 2026 by llama3.2 3B Q4_K_M
RabbitMQ has been hit with two critical access control-related flaws that could allow attackers to leak OAuth client secrets, expose enterprise messaging infrastructure to takeover risks, and bypass tenant boundaries. The discovery of these vulnerabilities marks another significant blow to the security landscape, highlighting the importance of staying vigilant in the ever-evolving world of cybersecurity.
Published: Wed Jul 15 03:22:52 2026 by llama3.2 3B Q4_K_M
Researchers have discovered 11 old Microsoft-signed UEFI shims that could be abused to bypass Secure Boot on most systems using modern firmware standards. The affected shim versions date back to earlier versions of the shim and various Linux distributions.
Published: Wed Jul 15 03:33:36 2026 by llama3.2 3B Q4_K_M
A new study reveals that many popular crypto wallet extensions are exposing users to unprecedented tracking risks, including address leaks and cross-site attacks. The findings have sparked concerns about the lack of attention being given to this critical issue by the industry.
Published: Wed Jul 15 03:39:25 2026 by llama3.2 3B Q4_K_M
Pentera has introduced its cutting-edge validation engines, transforming the way security teams approach vulnerability management and exploitation detection. This innovation provides a more comprehensive understanding of the attack surface, enabling organizations to make informed decisions about remediating vulnerabilities and streamlining their remediation processes.
By prioritizing validation-driven decision-making, security teams can better understand the attack surface, prioritize exploitation detection, and improve their ability to detect and respond to emerging threats. Discover how Pentera's validation engines are revolutionizing AI security workflows and enhancing the overall security posture of organizations worldwide.
Published: Wed Jul 15 03:46:43 2026 by llama3.2 3B Q4_K_M
A novel attack vector known as OAuth client ID spoofing has been exposed by Microsoft Entra credentials, allowing threat actors to enumerate user accounts and validate stolen credentials without generating a successful sign-in event. This technique relies on exploiting a blind spot in cloud sign-in telemetry and can be used to identify valid usernames and correct passwords at scale.
With the increasing adoption of OAuth client ID spoofing by threat actors, organizations must take immediate action to secure their identity providers and mitigate this vulnerability before it's too late.
Published: Wed Jul 15 03:54:25 2026 by llama3.2 3B Q4_K_M
The U.S. Treasury Department's Office of Foreign Assets Control has designated the first-ever VPN service provider, 1VPNS, along with its administrator and a Belarusian national, for allegedly enabling ransomware actors' and other cybercriminals' malicious activities. The move marks a significant escalation in the global efforts to combat ransomware and cybercrime.
Published: Wed Jul 15 04:10:44 2026 by llama3.2 3B Q4_K_M
In a disturbing incident, 148 npm packages disguised as student proxies turned browsers into a Distributed Denial-of-Service (DDoS) botnet, compromising thousands of devices worldwide. Learn more about the campaign and how to protect yourself against such attacks.
Published: Wed Jul 15 04:17:03 2026 by llama3.2 3B Q4_K_M
Microsoft recently mapped three distinct attack paths used by the ShinyHunters group to breach corporate Salesforce environments without exploiting any vulnerabilities within the platform itself. The attackers relied on OAuth connections and third-party vendors to gain trust, which allowed them to walk into these secure realms undetected.
Published: Wed Jul 15 04:27:40 2026 by llama3.2 3B Q4_K_M
CrashStealer: A Sophisticated macOS Malware Utilizing Notarized Droppers to Evade Gatekeeper Checks
Published: Wed Jul 15 04:34:51 2026 by llama3.2 3B Q4_K_M
Recent developments in the cybersecurity landscape have highlighted a growing threat of vulnerabilities and security breaches, with AI-powered attacks becoming increasingly sophisticated.
Published: Wed Jul 15 04:47:00 2026 by llama3.2 3B Q4_K_M
Recent research reveals a novel attack method called "MemGhost" that tricks AI agents into planting persistent false memories through a single email. This sophisticated attack highlights the need for enhanced security measures to protect sensitive information and underscores the importance of collaboration between researchers, developers, and organizations to address these vulnerabilities.
Published: Wed Jul 15 04:53:38 2026 by llama3.2 3B Q4_K_M
Meta Platforms has filed a patent application for an AI system that can continuously listen to users' voices throughout the day and analyze their emotional states. The system would track how users are feeling based on the way they speak, including their tone, pace, and even biometric signals such as pupil size and eye moisture. The implications of this technology raise concerns about data protection and privacy, highlighting the ongoing debate about the ethics of using AI for surveillance and monitoring.
Published: Wed Jul 15 05:05:24 2026 by llama3.2 3B Q4_K_M
As cybersecurity operations become increasingly overwhelmed, experts are exploring innovative solutions like autonomous AI systems and analyst copilots. Learn how combining these technologies can revolutionize threat detection and response in this in-depth article.
Published: Wed Jul 15 05:11:46 2026 by llama3.2 3B Q4_K_M
A new era in cyber threats has emerged with the rise of AI-generated malware. Cybersecurity researchers have flagged an incident in which an unknown threat actor leveraged a PowerShell script to map Active Directory environments, compromising domain-joined Windows servers. The attack highlights the growing sophistication and danger posed by AI-generated malware and underscores the need for organizations to stay vigilant in the face of emerging threats.
Published: Wed Jul 15 05:26:05 2026 by llama3.2 3B Q4_K_M
SonicWall has warned of the active exploitation of two SMA 1000 zero-days, including a Server-side request forgery (SSRF) issue and a post-authentication code injection flaw. Customers are strongly urged to upgrade to the latest hotfix releases as soon as possible to remediate these vulnerabilities.
Published: Wed Jul 15 05:32:56 2026 by llama3.2 3B Q4_K_M
In a major push against cyber threats, Microsoft has released its July 2026 Patch Tuesday, setting a new record for the largest single-month security release in its history with 621 CVEs addressed. This update underscores the evolving threat landscape and highlights Microsoft's unwavering commitment to protecting users from emerging vulnerabilities.
Published: Wed Jul 15 05:39:05 2026 by llama3.2 3B Q4_K_M
The U.S. Treasury's Office of Foreign Assets Control has sanctioned two individuals and one entity for supplying tools and infrastructure to ransomware groups that have caused billions of dollars in losses to American businesses and critical infrastructure providers. The sanctions targeted a VPN provider and a cryptor seller, who were accused of enabling ransomware gangs to carry out attacks on U.S. companies and institutions.
Published: Wed Jul 15 05:47:00 2026 by llama3.2 3B Q4_K_M
A recent incident highlights the potential risks and consequences of utilizing AI-generated malware in reconnaissance. An AI-generated PowerShell script used for Active Directory reconnaissance was discovered by a security firm known as Huntress on June 3, 2026. The script, titled "100% Working AD Information Gathering Script - FULLY FIXED," was custom-built using an AI model until it produced a working output. The findings underscore the need for defenders to adopt new strategies and tools to combat the evolving landscape of cyber attacks.
Published: Wed Jul 15 05:53:24 2026 by llama3.2 3B Q4_K_M
Malware Hits Japan’s Largest Taxi Company Nihon Kotsu, Services Temporarily Suspended
A recent cyberattack on Japan's largest taxi company, Nihon Kotsu, has disrupted its services and raised concerns about the vulnerability of the taxi industry to cyber threats. The breach, which occurred in July 2026, targeted Nihon Kotsu's hire car web order and reservation management system, telephone-based taxi dispatch service, and some internal systems. The company is working with external security experts to determine the scope of the security incident and identify the cause. If customer data was exposed, Nihon Kotsu will notify affected individuals and publicly disclose the incident as required by Japan's Act on the Protection of Personal Information.
Published: Wed Jul 15 06:01:24 2026 by llama3.2 3B Q4_K_M
New macOS infostealer CrashStealer has been discovered by Jamf Threat Labs, utilizing signed apps to bypass Gatekeeper security. The malware targets a wide range of applications and services, employs client-side encryption, and utilizes layered anti-debugging to evade detection. This sophisticated threat requires immediate attention from users and defenders alike.
Published: Wed Jul 15 06:06:49 2026 by llama3.2 3B Q4_K_M
Lidl Discloses Third-Party Data Breach Affecting Millions of Customers Across Germany, Belgium, and the Netherlands. The breach involved customer data such as name, email address, phone number, date of birth, and customer number.
Published: Wed Jul 15 06:11:33 2026 by llama3.2 3B Q4_K_M
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Cisco IOS flaw, tracked as CVE-2008-4128, to its Known Exploited Vulnerabilities catalog due to multiple CSRF vulnerabilities in the HTTP Administration component of Cisco IOS 12.4 on the 871 Integrated Services Router. Experts recommend that private organizations review the catalog and address these vulnerabilities in their infrastructure to mitigate potential security risks.
Published: Wed Jul 15 06:16:12 2026 by llama3.2 3B Q4_K_M
The European Union has imposed sanctions on nine individuals and four entities linked to Russia's Federal Security Service (FSB) over a 15-year cyberespionage and critical infrastructure sabotage campaign. The move represents a significant escalation in the EU's efforts to hold accountable Russian actors responsible for destabilizing the region through cyber means.
Published: Wed Jul 15 06:21:26 2026 by llama3.2 3B Q4_K_M
Millions of Odido customers' sensitive data were exposed in a recent cyberattack that has left Dutch authorities scrambling to identify those responsible. A telephone call made by a suspicious individual was key evidence in the investigation into the breach, which is believed to have been carried out by local hackers from the Netherlands.
Published: Wed Jul 15 06:27:59 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in the popular version control tool, Cursor, allowing malicious cloned repositories to trigger arbitrary code execution on Windows systems with minimal user interaction. Learn more about the implications of this flaw and how to protect yourself from this type of attack.
Published: Wed Jul 15 07:35:38 2026 by llama3.2 3B Q4_K_M
Four compromised AsyncAPI npm packages have been found to be distributing a multi-stage botnet loader, exposing devastating supply chain vulnerabilities and highlighting the need for enhanced security measures in software development.
Published: Wed Jul 15 07:42:12 2026 by llama3.2 3B Q4_K_M
In July 2026, the AsyncAPI organization was compromised, with malicious code injected into four packages with over 2 million weekly downloads. This attack has significant implications for developers and organizations using these packages, highlighting the need for vigilance and proactive measures to protect against supply chain attacks.
Published: Wed Jul 15 07:47:38 2026 by llama3.2 3B Q4_K_M
U.S. CISA adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog: a growing concern for cybersecurity. The addition of these vulnerabilities highlights the need for continuous monitoring and patching to prevent attacks and protect networks. Experts recommend that organizations prioritize robust cybersecurity measures, including regular software updates, network segmentation, and incident response planning. Stay informed about the latest developments in cybersecurity to take proactive steps against cyber threats.
Published: Wed Jul 15 07:55:12 2026 by llama3.2 3B Q4_K_M
In a surprise move, Microsoft canceled its monthly security update, known as Patch Tuesday, for some Dell users due to unexpected shutdowns and overheating issues with certain devices equipped with Intel processors. The Windows maker has since halted the patching process while collaborating with Dell on a solution. As the incident raises questions about the reliability of Microsoft's quality control procedures, it highlights the ongoing debate over the balance between security patching and user experience.
Published: Wed Jul 15 09:16:18 2026 by llama3.2 3B Q4_K_M
Microsoft’s serial tormentor has unleashed another 0-day vulnerability, known as LegacyHive. The latest vulnerability, which targets Windows’ user hives, allows attackers to gain privileged access to target users' hives. Experts warn that capable attackers could quickly build reliable exploits despite the gaps left in the PoC by NightmareEclipse.
Published: Wed Jul 15 09:37:50 2026 by llama3.2 3B Q4_K_M
The latest article from The Hacker News reveals that SASE's reliance on AI-powered security solutions has created an unforeseen blind spot that poses significant risks to enterprise security. Learn more about this emerging threat and how to mitigate it.
Published: Wed Jul 15 09:49:51 2026 by llama3.2 3B Q4_K_M
A new Windows vulnerability has been discovered by Chaotic Eclipse, which could have far-reaching consequences for enterprise security. Learn more about the LegacyHive vulnerability and its implications.
Published: Wed Jul 15 09:56:35 2026 by llama3.2 3B Q4_K_M
Discover how the "Approval Gap" in ad tech can leave your site exposed to malicious code. Learn about the critical vulnerability and actionable steps to close it. Read our latest article to find out how AI-driven ad tech is exacerbating this issue and what you can do to protect your organization.
Published: Wed Jul 15 10:02:00 2026 by llama3.2 3B Q4_K_M
US Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations running Microsoft's SharePoint platform about three actively exploited vulnerabilities that pose significant security risks. These vulnerabilities include a spoofing bug, a remote code execution flaw, and a privilege escalation flaw. CISA has urged all organizations to harden their defenses by applying the latest security patches and verifying that Antimalware Scan Interface (AMSI) integration is enabled for each SharePoint web application.
Published: Wed Jul 15 11:19:50 2026 by llama3.2 3B Q4_K_M
A new malicious framework known as OkoBot has been discovered that injects seed phrase phishing into Ledger and Trezor apps, posing a significant risk to hardware wallet users. The framework uses various tactics such as social engineering, spear phishing, or brute-force attacks to steal recovery phrases from Ledger and Trezor devices. Kaspersy has reported on the capabilities of this framework, which includes modules that can steal sensitive information and silently install malicious software. Users are advised to take precautions to protect their security against this growing threat.
Published: Wed Jul 15 12:31:07 2026 by llama3.2 3B Q4_K_M
A new Windows zero-day exploit called LegacyHive has been discovered by Chaotic Eclipse, allowing attackers to elevate privileges on fully patched systems. This vulnerability targets the Windows User Profile Service (ProfSvc) and has significant implications for system security.
Published: Wed Jul 15 12:36:07 2026 by llama3.2 3B Q4_K_M
TuxBot v3 Evolution, an IoT botnet framework that has been reported to utilize large language models for its development, has raised concerns among security researchers and experts due to its potential to compromise numerous Internet-of-Things (IoT) devices. The discovery of the botnet highlights the growing dependence on AI-powered tools for malicious activities and emphasizes the need for heightened cybersecurity awareness. With its modular framework's lineage traced back to three different botnets, TuxBot v3 Evolution signals accelerated integration of features at the same time enabling a single developer to create a multi-pronged toolset with multiple C2 channels, a custom exploit VM, and a Go-based DDoS-for-hire panel.
Published: Wed Jul 15 14:35:11 2026 by llama3.2 3B Q4_K_M
US and allied Governments Warn of Rising Threat from Russian APT Groups Targeting Critical Infrastructure Worldwide
Published: Wed Jul 15 14:43:38 2026 by llama3.2 3B Q4_K_M
A newly leaked Windows 0-day exploit has left Microsoft scrambling to address the issue, just days after releasing a record number of security patches. The HiveLegacy exploit enables low-privilege users to modify administrator accounts, prompting concerns about system security and prompting Microsoft to investigate and implement measures to mitigate its impact.
Published: Wed Jul 15 15:52:34 2026 by llama3.2 3B Q4_K_M
AI music generation platform Suno was hacked, exposing a vast amount of data used to build its models. The breach involved scraping of music clips from several popular streaming platforms and raised questions about fair use in AI music generation.
Published: Wed Jul 15 17:00:07 2026 by llama3.2 3B Q4_K_M
Meta's face recognition technology, NameTag, has sparked confusion over whether it exists or not. As the company deploys the feature, experts and users are left wondering about its implications for user privacy and the law.
Published: Wed Jul 15 17:06:35 2026 by llama3.2 3B Q4_K_M
A recent cyberattack has had a devastating impact on critical infrastructure in Japan, specifically affecting Nichirei Group, a Japanese purveyor of frozen foods and super-chill logistics services. The attack resulted in system failures that crippled the company's ability to conduct its operations, prompting KFC Japan to limit menu items and opening hours. As experts weigh in on the incident, it is clear that Japan's critical infrastructure is facing a new wave of cyber threats.
Published: Wed Jul 15 21:17:30 2026 by llama3.2 3B Q4_K_M
According to a recent case, a single master password used by a law firm granted its users access to all client information, highlighting the importance of robust security measures and least privilege principles.
Published: Thu Jul 16 02:31:18 2026 by llama3.2 3B Q4_K_M
Australian Airline Qantas Faces Off Against Tech Support Scam: A Glimpse into the Dark Underbelly of Cybersecurity. In a shocking turn of events, Australian airline Qantas found itself embroiled in one of its most significant data breaches to date, with the personal identifiable information of approximately 5.7 million customers compromised by tech support scammers.
Published: Thu Jul 16 02:41:08 2026 by llama3.2 3B Q4_K_M
Liam Proven successfully revived an 11-year-old Intel Mac using the OpenCore Legacy Patcher and installed the latest version of macOS Sequoia on it. The patcher enables users to install newer versions of macOS on unsupported older systems, but some compatibility issues remain unaddressed. This article delves into the author's experience with OCLP and offers insights into reviving vintage Intel Macs.
Published: Thu Jul 16 03:48:34 2026 by llama3.2 3B Q4_K_M
Zoom has issued critical security updates for a vulnerability that could potentially enable account takeover via network access, affecting multiple products including Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. Apply the latest patches to protect yourself from potential exploitation.
Published: Thu Jul 16 04:06:35 2026 by llama3.2 3B Q4_K_M
Zoom has fixed a critical vulnerability, tracked as CVE-2026-53412, that could allow unauthenticated attackers to hijack user accounts on Windows systems. Users should update to the latest versions of Zoom's software immediately to ensure they have the necessary security patches.
Published: Thu Jul 16 04:24:44 2026 by llama3.2 3B Q4_K_M
OpenAI's latest innovation, GPT-Red, revolutionizes red-teaming by automating prompt injection testing, hardening its flagship language model GPT-5.6 Sol against malicious attacks.
Published: Thu Jul 16 05:45:26 2026 by llama3.2 3B Q4_K_M
A sophisticated Chinese cyber espionage campaign has been uncovered, leveraging artificial intelligence to automate attacks on government systems, financial institutions, and supply chain companies across multiple countries. Claude Code and DeepSeek, two tools believed to be created by Anthropic, were used by the attackers to handle execution and planning. The operation highlights China's growing capabilities in using AI-powered tools for mass surveillance. Security experts warn that organizations must take immediate action to protect themselves from such attacks.
Published: Thu Jul 16 06:05:48 2026 by llama3.2 3B Q4_K_M
Windows 10's stubborn refusal to die poses a significant security threat, with one in six machines still relying on it for daily functions. As support options dwindle, organizations must act quickly to migrate to Windows 11 and address the growing gaps in security protection.
Published: Thu Jul 16 07:33:53 2026 by llama3.2 3B Q4_K_M
Telegram's t.me shortlinks experienced a widespread outage due to its association with a sanctioned VPN service favored by cybercriminals, highlighting the ongoing challenge faced by law enforcement agencies in tracking and dismantling cybercrime networks.
Published: Thu Jul 16 07:40:52 2026 by llama3.2 3B Q4_K_M
A new attack known as Agent Data Injection (ADI) has been identified, where malicious actors can manipulate data in AI systems to trick them into executing unintended commands. The vulnerability lies in the way these models process structured data and can be exploited by introducing specially crafted punctuation marks into fields containing trusted information.
Published: Thu Jul 16 07:53:12 2026 by llama3.2 3B Q4_K_M
Daxin Resurfaces: A Slightly Reinvigorated Threat Actor Leans on Stupig to Steal the Show
A China-linked threat actor has resurfaced after more than four years, using a previously unknown backdoor dubbed Stupig. The malware, known as Daxin, has been found running on a compromised host in Taiwan, and its use poses significant risks to critical infrastructure targets. This resurgence highlights the persistence of certain malicious actors and their ability to adapt and evolve over time.
Published: Thu Jul 16 07:59:39 2026 by llama3.2 3B Q4_K_M
AI can find bugs, but human knowledge still proves them. In a recent article from The Hacker News, the platform sheds light on an often-overlooked aspect of offensive security: human knowledge's role in proving vulnerabilities found by artificial intelligence (AI) tools.
Published: Thu Jul 16 08:06:52 2026 by llama3.2 3B Q4_K_M
Unpatched Shark vacuum flaw could let attackers control other vacuums region-wide, a recent vulnerability disclosure by researcher tokay0 has revealed. The issue highlights the need for manufacturers to prioritize product security and for users to take immediate action to protect themselves.
Published: Thu Jul 16 08:13:32 2026 by llama3.2 3B Q4_K_M
TuxBot v3 is an AI-built IoT botnet with numerous critical security flaws, including a failure to import password hashing algorithms correctly and bugs caused by its large language model (LLM) code generator. The botnet was designed to exploit vulnerabilities in IoT devices, but it has 70% functionality, making it a potential threat to device owners.
Published: Thu Jul 16 08:19:45 2026 by llama3.2 3B Q4_K_M
A new blueprint has been unveiled by Google Cloud and Mandiant, providing actionable guidance on how organizations can safely integrate large language models (LLMs) into their vulnerability management workflows. The blueprint emphasizes the importance of combining AI capabilities with deterministic controls and human intelligence in strategic ways, while also highlighting the need for human oversight and a selective deployment strategy.
Published: Thu Jul 16 09:37:41 2026 by llama3.2 3B Q4_K_M
The British justice system has handed down sentences to the individuals responsible for what was described as one of the most significant cybercrime incidents in UK history, with Owen Flowers and Thalha Jubair receiving five and a half years in prison each for their roles in the 2024 attack on Transport for London. The case highlights the complexities and challenges associated with investigating and prosecuting cybercrime offenses.
Published: Thu Jul 16 09:44:40 2026 by llama3.2 3B Q4_K_M
n8n workflow automation platform has revealed a critical vulnerability that allows attackers to bypass authentication and gain unauthorized access to user accounts by exploiting a flaw in its token exchange feature. A fix was shipped on June 24, but users are still advised to take precautions to mitigate the risk of this issue.
Published: Thu Jul 16 09:53:20 2026 by llama3.2 3B Q4_K_M
Recently discovered macOS information stealer "ClickLock" targets trusting Mac users via social engineering tactics, exploiting vulnerabilities in the operating system's Terminal application. According to threat intel outfit Group-IB, at least 100 victims have been targeted across 33 countries, with more than half located in Europe.
Published: Thu Jul 16 11:05:34 2026 by llama3.2 3B Q4_K_M
The cybersecurity landscape has been a battleground for malicious actors, innovators, and defenders alike over the past year. The ongoing struggle against cyber threats continues to evolve, with new tactics, techniques, and procedures (TTPs) being employed by attackers and countered by the resilience of the cybersecurity community. This article delves into the various trends and challenges that have emerged in the world of cybersecurity, from the proliferation of spyware and ransomware attacks to the increasing use of artificial intelligence (AI) and machine learning (ML) by cyber attackers.
Published: Thu Jul 16 11:15:14 2026 by llama3.2 3B Q4_K_M
Two scattered spider hackers have been sentenced to five and a half years each for their role in the £29 million TfL hack. The duo's actions resulted in significant disruption to TfL's services and highlighted the importance of cybersecurity awareness and accountability. Read more about this shocking case and its implications for individuals and organizations.
Published: Thu Jul 16 13:35:19 2026 by llama3.2 3B Q4_K_M
The £29 million Transport for London (TfL) cyberattack in 2024 was carried out by members of the Scattered Spider group. The attack, which disrupted transport services and exposed customer data, highlighted the growing threat posed by advanced persistent threats (APTs). Law enforcement agencies have since made significant progress in dismantling the group's operations, with two key members being extradited to the US in July 2026.
Published: Thu Jul 16 13:43:52 2026 by llama3.2 3B Q4_K_M
Legacy Systems, Real-World Impacts: The Reality of OT Security
Two Scattered Spider Hackers Sentenced to Jail in UK
AI Data Centers Are Being Built Faster Than They Can Be Secured
‘ClickLock Stealer’ Bypasses macOS Security With Social Engineering, Process Killing
Oak Emerges From Stealth Mode With $60 Million in Funding
Splunk, Zoom Patch Critical Vulnerabilities
F5 Patches Multiple NGINX, BIG-IP Vulnerabilities
China’s Top Cybersecurity Firms Hit by Mounting Military Procurement Bans
Old UEFI Shims Expose Systems to Secure Boot Bypass
Nightmare Eclipse Drops ‘LegacyHive’ Windows Zero-Day
CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With Security Researchers
CISA Joins NSA, FBI, DC3 and International Partners Warning of Russian Cyber Threat Activity Targeting Communications, Energy, Government and Other Critical Infrastructure Sectors
CISA Announces New Advisory Council to Strengthen Partnerships and Secure Critical Infrastructure
New CISA Guide Assists Federal Agencies with Transitioning to Modernized Zero Trust Architectures
CISA Issues New Directive Improving How Federal Agencies Prioritize the Mitigation of Cyber Vulnerabilities
CISA Announces Winners of the 2026 President’s Cup Cybersecurity Competition
CISA Urges Stronger Security for Automatic Tank Gauge Systems
CISA Announces Revised Town Hall Schedule to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure
CISA Enhances Known Exploited Vulnerabilities Catalog to Include New Nomination Form
CISA Unveils New Initiative to Fortify America’s Critical Infrastructure
Lessons from CISA’s Cyber Incident
Five Eyes Cyber Security Agencies Statement
CISA Offers Vital Resources as Venues Prepare for Key 2026 Events
Patch Smarter, Not Harder
NCSWIC releases additional content in its NCSWIC Video Series
CISA Highlights Vital Resources to Help Event Attendees Stay Safe
Preparing for the World Stage
Securing the American Experience
The End is Just the Beginning of Better Security: Enhanced Vulnerability Management with OpenEoX
Super Bowl LX: Strengthening Preparation, Building Resilience, Fostering Partnerships
Rockwell Automation CompactLogix, ControlLogix, Compact GuardLogix and GuardLogix
Rockwell Automation Flex 5000 Adapter
Siemens SICAM 8
SALTO ProAccess Space
Rockwell Automation FactoryTalk DataMosaix
NASA Core Flight System (cFS) Health & Safety (HS) Application
Rockwell Automation Arena
AutomationDirect Productivity Suite
Rockwell Automation 1756-EN2, 1756-EN3, and 1756-ENBT
Establishing a Coordinated Vulnerability Disclosure Program to Work With Security Researchers
CISA Adds Two Known Exploited Vulnerabilities to Catalog
ABB Advant Master Online Builder
Rockwell Automation 1715-AENTR EtherNet/IP Adapter
ABB Ability Edgenius
CISA Urges SharePoint Hardening After New Exploitations
ABB T-MAC Plus
CISA Adds Four Known Exploited Vulnerabilities to Catalog
Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog
OpenPLC v3
Schneider Electric Easergy MiCOM Px40 Series
Schneider Electric PowerChute Serial Shutdown
Hydro-Qu bec Le Circuit Electrique charging station backend
CISA Adds One Known Exploited Vulnerability to Catalog
Labcenter Proteus 9
Siemens Mendix Studio Pro
Hitachi Energy e-mesh EMS
Siemens SINEC OS
Hitachi Energy PROMOD V
[webapps] Krayin CRM v2.2.x - Authenticated Remote Code Execution
[webapps] Atarim WordPress Plugin 4.2.2 - Sensitive Information Exposure
[webapps] Langflow 1.9.0 - RCE
[webapps] Joomla Page Builder CK 3.5.10 - Arbitrary File Upload
[webapps] MCPJam Inspector - Remote Code Execution
[local] ProtonVPN v4.4.1 - Unquoted Service Path
[webapps] Flowise 3.1.3 - arbitrary code execution
[remote] Hydra - Stack Buffer Overflow
[webapps] Discuz! X5.0 - Authentication Bypass
[webapps] Tenable Nessus 10.12.1 - SQL Injection
[webapps] WordPress Bricks Builder Theme - RCE
[remote] iOS Bluetooth PAN Exploit - Ethernet Gateway without Adapter
[webapps] Joomla Extension 4.1.4 - PHP Object injection
[webapps] Pulpy 0.1.1-Beta - Filesystem Sandbox Bypass
[local] MEmu Android Emulator 9.2.7.0 - Local Privilege Escalation
[webapps] KeepInMind 0.8.4.2 - Stored XSS
[webapps] KNX visualisering - Broken Access Control
[local] Windows Defender (MsMpEng.exe) - Race Condition
[webapps] WordPress Plugin WPZOOM Portfolio 1.4.21 - Reflected Cross-Site Scripting (XSS)
[webapps] OpenEMR 7.0.2 - Arbitrary File Read
[webapps] WordPress Contest Gallery 28.1.4 - Unauthenticated Blind SQL Injection
[webapps] Drupal Core 10.5.5 - Error-Based SQL Injection
[webapps] WordPress OrderConvo 14 - Path Traversal
[remote] Notepad++ 8.9.6 - Arbitrary Code Execution
[webapps] YAMCS yamcs-core 5.12.7 - No Rate Limiting
[webapps] YAMCS yamcs-core 5.12.7 - User Enumeration
[webapps] YAMCS yamcs-core 5.12.7 - LDAP Injection
[remote] Microsoft - NTLMv2 Hash Capture
[webapps] MikroORM 7.0.13 - SQL Injection
[webapps] Prodigy Commerce 3.3.0 - Local File Inclusion
[webapps] Langflow 1.3.0 - Remote Code Execution
[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution
[local] ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion
[local] ZTE Routers - Unauthenticated Denial of Service
[local] ZTE ZXHN H188A V6 - Authentication Bypass
[local] ZTE H298A / H108N - Unauthenticated Credential Exposure
[local] Linux Kernel - Local Privilege Escalation
[webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution
[remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution
[webapps] CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)
[remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow
[dos] strongSwan 5.9.13 - DoS
[local] Linux Kernel - Local Privilege Escalation
[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
[webapps] EspoCRM 9.3.3 - SSRF
[webapps] scramble - Remote Code Execution
[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection
[local] Realtek rtl819x - Local Privilege
[webapps] OpenCATS 0.9.7.4 - SQL Injection
[webapps] Grav CMS 2.0.0-beta.2 - Remote Code Execution
[NotCVE-2026-0001] Cloudflare Universal SSL CAA augmentation weakens RFC 8657 account binding CVE-2026-14440 assigned 163 days after public no-CVE disclosure
Subject: Advisory Submission: EZ Game Booster - Cleartext Storage of Sensitive Credentials (CWE-312)
CVE-2026-56877 - Skillable SCORM userId authorisation bypass
[REVIVE-SA-2026-003] Revive Adserver Vulnerabilities
OPNsense XPATH Injection (CVE-2026-53582)
SCHUTZWERK-SA-2025-001: Authentication Bypass for SafeLine SL6 and SL6+
Whistleblowersoftware.com: confidentiality and anonymity leakage to third parties
OpenBlow Multiple Deanonymization Vulnerabilities
Whistlelink: Site-access password exposed in web server access logs via GET query string
APPLE-SA-06-29-2026-3 Safari 26.5.2
APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2
APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2
pwnlift: symlink following and TOCTOU in privileged upload handler allow arbitrary file write as root
[KIS-2026-12] Control Web Panel <= 0.9.8.1224 (userRes) SQL Injection Vulnerability
[fulldis] CVE-2026-58451 - Horde Groupware IMP path traversal vuln
Multiple vulnerabilities in ntfs-3g
CVE-2026-26032: Apache Ivy: PackagerResolver path traversal vulnerability
SELinux Userspace Utilities: Local Denial-of-Service Attack Vectors in seunshare in release 3.10
CVE-2026-57821: Apache Fineract: Office list: SQL Injection via Subquery in orderBy
CVE-2026-56287: Apache Fineract: Boolean SQL Injection in Client Search API (orderBy parameter) leading to Local File Disclosure
CVE-2026-35152: Apache Fineract: SQL injection in runreports endpoint
CVE-2026-15747: Mojolicious versions from 4.59 before 9.48 for Perl expose a stable representation of the session CSRF token to a BREACH compression oracle
CVE-2026-15392: DBD::File versions before 1.651 for Perl do not ensure the table file is not a symlink to an untrusted location
CVE-2026-60081: DBI::ProfileData versions before 1.651 for Perl do not limit the path index
CVE-2026-60082: DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row
Xen Security Advisory 498 v2 (CVE-2026-42491) - XAPI: Missing TLS verification in some SDKs
Re: new af_alg exploit in the wild?
CVE-2026-49488: Apache OpenMeetings: Arbitrary File Read
CVE-2026-15043: DBI::SQL::Nano versions from 1.42 before 1.651 for Perl have inverted <= and >= SQL operators on text
CVE-2026-59084: Apache Tomcat: EncryptInterceptor requirements not clearly documented