154Articles
8Categories
2026-07-01Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 54[−]
1 JulCitrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-ServiceCitrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition. T…THEHACKERNEWS.COM
1 JulCVE-2026-6450 CRL critical extension bypass in ParseCRL_ExtensionsInformation published.MSRC.MICROSOFT.COM
1 JulCVE-2026-6331 HMAC zero-length tag forgery in EVP_DigestVerifyFinalInformation published.MSRC.MICROSOFT.COM
1 JulCVE-2026-10592 Wildcard DNS SAN bypasses CA name-constraint checksInformation published.MSRC.MICROSOFT.COM
1 JulCVE-2026-7531 Use-after-free in PQC hybrid key-share handlingInformation published.MSRC.MICROSOFT.COM
1 JulCISA Warns BlueHammer Flaw Is Now Exploited in Ransomware AttacksCISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept noise to real ransomware attacks in the wild, the US CISA confirms. BlueHammer …SECURITYAFFAIRS.COM
1 JulProgress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation AttemptsA recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU). The Canadian cybersecurity company said it identified exploitation attempts targeting CVE-20…THEHACKERNEWS.COM
1 JulCritical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run CommandsTwo flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for and no approval box to ignore. Cato AI Labs found the pair and named them…THEHACKERNEWS.COM
1 Jul KEVOracle E-Business Suite Flaw Under Active Attack, 950 Systems ExposedOracle E-Business Suite flaw CVE-2026-46817 is under active attack, with about 950 vulnerable internet-facing instances still exposed. This week, Defused Cyber researchers warned that a critical vulnerability in Oracle E-Business Suite, tracked as CVE-2026-46817, is being activel…SECURITYAFFAIRS.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
1 JulPhantom Squatting: AI-Hallucinated Domains as a Software Supply Chain VectorAttackers can exploit LLM domain hallucinations through phantom squatting to target supply chains. Read the analysis to learn more. The post Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
1 JulMicrosoft wants to stop unwanted bots from entering Teams meetingsA new Microsoft Teams admin policy, Manage external bots and their access to meetings, gives organizations greater visibility and control over external bots in meetings. The policy identifies bots and applies safeguards before they are admitted. Microsoft will begin retiring the …HELPNETSECURITY.COM
1 Jul KEVDetection engineering: A programmatic approach to identifying cyber threatsDetection engineering, which was once a niche practice among mostly large companies, appears to have evolved into a capability that organizations across industries now consider essential to their security operations. What is detection engineering? Detection engineering is about c…CSOONLINE.COM
1 JulNika: Open-source code analysis toolMany serious security bugs in web applications sit across several files at once. Request data enters through a controller, moves through data objects and service layers, and turns dangerous only when it reaches a sensitive operation such as a database query or a file action. A sc…HELPNETSECURITY.COM
1 JulRisky Bulletin: Researcher drops giant cache of zero-daysAn anonymous researcher has dropped a giant cache of zero-day exploits, a sensitive DHS network got hacked, the US Supreme Court restricts geofence warrants, and security firm Huntress has denied accusations of a malicious insider.RISKY.BIZ
1 JulAnthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export ControlsAnthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos 5 about two and a half weeks earlier. Fable 5 returns to users on Wednesday, …THEHACKERNEWS.COM
1 JulCasey Ellis on How AI Is Reshaping Vulnerability Research and PatchingIn this episode of the Microsoft Threat Intelligence Podcast, host⁠ ⁠⁠⁠Sherrod DeGrippo⁠ sits down with Casey Ellis, founder of Bugcrowd and co-founder of disclose.io, to explore how AI is reshaping vulnerability research, bug bounty programs, and the future of cyber defense. The…THECYBERWIRE.COM
1 JulClaude Sonnet 5 includes safeguards against dangerous cyber useAnthropic has introduced Claude Sonnet 5, the latest version of its general-purpose AI model, with improved reasoning, coding, tool use, and knowledge work capabilities. The model can make plans, use tools such as browsers and terminals, and complete tasks autonomously. Scores fo…HELPNETSECURITY.COM
1 JulPerformance Through People as Executives Struggle and Mentorship Matters - Greg Hoffman - BSW #454One of the biggest questions most executives ask is "Why does it still feel this hard when the talent is clearly there?" The answer, in almost every case, is not a people problem. It is an environment problem. And environment is something a leader can build. Greg Hoffman, Preside…YOUTUBE.COM
1 JulClaude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music FestivalA researcher found that using Anthropic’s Claude Opus 4.7, he could break into the website of Front Gate—used by every festival from Lollapalooza to Bonnaroo—and freely issue any ticket he chose.WIRED.COM
1 JulGuardFall Flaw Hits 10 of 11 Popular Open-Source AI AgentsResearchers found a shell injection flaw in 10 of 11 popular open-source AI agents, allowing attackers to bypass command filters. Adversa AI just published a survey, titled “GuardFall: a universal shell injection vulnerability in open-source AI agents,” of eleven open…SECURITYAFFAIRS.COM
1 JulNetzilo adds runtime governance for AI agents across major platformsNetzilo has announced expanded AI agent governance and runtime enforcement capabilities for Amazon Bedrock AgentCore and other major AI agent harnesses. As enterprises move AI agents from experimentation into production, agents are becoming a new enterprise edge. They operate acr…HELPNETSECURITY.COM
1 JulIntruder offers Free security plan for lean IT and security teamsIntruder has announced the launch of its Free plan, providing security, IT, and DevOps teams ongoing access to professional-grade vulnerability management, cloud security, and attack surface management at no cost. Smaller organizations face the same threats as Fortune 500 compani…HELPNETSECURITY.COM
1 JulRustDuck: The Botnet That’s Still Small but Engineering Like It Plans to GrowRustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin’s XLab have been tracking a new malware family, called RustDuck, that hijacks routers, …SECURITYAFFAIRS.COM
1 JulOver 900 Oracle E-Business instances exposed to ongoing attacksOver 900 Oracle E-Business Suite (EBS) instances have been found exposed online amid ongoing attacks exploiting a critical security flaw. [...]BLEEPINGCOMPUTER.COM
1 JulBioShocking: when “gaming” AI agents is no longer a gameResearchers warned AI vendors about a proof-of-concept called BioShiocking that tricks agents by gamifying the outcome.MALWAREBYTES.COM
1 JulU.S. lifting export control restrictions on Anthropic’s Mythos, FableThe company and the Commerce Department say they have reached an agreement that will see the AI models released publicly with new guardrails and classifiers. The post U.S. lifting export control restrictions on Anthropic’s Mythos, Fable appeared first on CyberScoop .CYBERSCOOP.COM
1 JulCaught in the Octopus Trap: Unauthenticated RCE in Argo CD with CodeQLSynacktiv has discovered an unauthenticated arbitrary code execution vulnerability in ArgoCD's repo-server component, potentially allowing full cluster compromise. This article explains how the vulnerability was identified using CodeQL, details the exploitation process to gain co…SYNACKTIV.COM
1 JulAdobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign ClassicAdobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file…THEHACKERNEWS.COM
1 JulCritical flaw in Oracle E-Business Suite is under immediate threatResearchers warn that successful exploitation of the vulnerability could allow an attacker to compromise Oracle Payments.CYBERSECURITYDIVE.COM
1 Jul5 Myths About AI in the SOC Security Teams Need to RethinkAI is now part of almost every conversation in security operations. Most teams are already investing in it, experimenting with it, or trying to understand where it fits. The challenge is not whether to adopt AI, but how to apply it in a way that actually improves outcomes. At the…RAPID7.COM
1 JulWebinar: Why traditional email security is no longer enoughModern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making them harder for traditional email defenses to detect. This webinar explores how behavioral AI can help organizations automate…BLEEPINGCOMPUTER.COM
1 JulResearchers spot exploitation of another critical Oracle defectThe defect impacts a popular collection of business applications that attackers have hit before in widespread attack sprees. The post Researchers spot exploitation of another critical Oracle defect appeared first on CyberScoop .CYBERSCOOP.COM
1 JulThe AI lock comes off.The US restores exports of Anthropic’s most advanced AI models. Adobe and Citrix rush out critical patches. RustDuck emerges as a fast-evolving DDoS threat. The Gentlemen raise the stakes with a new EDR-killing exploit. Rocket lab bets big on Iridium. Researchers unveil browser-o…THECYBERWIRE.COM
1 JulNew ChocoPoC malware targets researchers via trojanized PoC exploitsMultiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute commands and steal sensitive data in a campaign believed to target cybersecurity researchers. [...]BLEEPINGCOMPUTER.COM
1 JulOONI: LaLiga piracy blocks disrupted over 500,000 legitimate sitesThe Open Observatory of Network Interference (OONI) reports that Spain's IP-based anti-piracy blocking campaign against unauthorized LaLiga streams caused widespread collateral damage. Specifically, the actions have temporarily disrupted access to more than half a million legitim…CYBERINSIDER.COM
1 JulKubota says hackers had month-long access to network systemsKubota North America Corporation disclosed that hackers had access to some of its network systems for more than a month earlier this year. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 1[−]
1 JulAI-generated code risks reach security, legal, and compliance teamsMost engineering organizations write code with AI, and a good number of them keep that code away from customers. A Flux survey of engineering leaders and practitioners found that nearly half run AI-generated code in production. Almost every company in the sample uses AI somewhere…HELPNETSECURITY.COM
🔥 INCIDENT REPORTING 14[−]
1 JulChina-Linked Group Targets Southeast Asia Critical SystemsThe group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.DARKREADING.COM
1 JulUS puts $10m bounty on Russian hackers, new phish hunts hotels, Supreme Court reins in geofencingUS Puts $10M Bounty on Russian Hackers, Supreme Court Limits Geofence Warrants, New phishing campaign targets hotels, AI Coding Agents Tricked into Malware and Canada's Electronic Spies Go After Ransomware Gangs. The episode covers the US State Department's up to $10 million rewa…CYBERSECURITYTODAY.LIBSYN.COM
1 JulWhy Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)This morning, an interesting phishing email hit my mailbox. It targets Metamask[ 1 ], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It's pretty popular, so a juicy target for crimin…ISC.SANS.EDU
1 JulInsurance Giant Aflac Discloses Data Breach Impacting MillionsAflac Japan has notified regulators that policy details and personal and banking information have been compromisedINFOSECURITY-MAGAZINE.COM
1 JulBrowser-Only Ransomware: From LLM Hallucinations to a Practical Attack TechniqueResearch by: Alexey Bukhteyev Key Takeaways Introduction Over the past several years, large language models have reshaped software development, and malware development has followed the same path. Check Point Research has documented this trend from early experiments showing t…RESEARCH.CHECKPOINT.COM
1 JulARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365Talos has identified "ARToken," a phishing-as-a-service platform that targets Microsoft 365. The ARToken panel exposes 80+ API endpoints for device code phishing, Primary Refresh Token persistence, email access, BEC operations, and SharePoint exfiltration.TALOSINTELLIGENCE.COM
1 JulThe SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaignKaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure.SECURELIST.COM
1 JulJapanese insurer, brewer, manufacturer and telecom disclose cyber breachesAflac's Tokyo arm and brewer Sapporo are among the major Japanese companies to recently notify the public about data breaches.THERECORD.MEDIA
1 JulAI-Generated Browser Ransomware Abuses Chromium API on Windows and AndroidCybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the…THEHACKERNEWS.COM
1 JulAzure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs81 Million Login Attempts, 78 Compromised Accounts: The LSHIY Password Spray Hitting Azure CLI Huntress researchers have been tracking a massive automated password spray campaign against Microsoft Azure CLI environments since June 12, 2026. A password spray attack is when attacke…SECURITYAFFAIRS.COM
1 JulFake Interpol investigation emails deliver custom ransomware worldwideThreat actors impersonate Interpol to trick small businesses into launching ransomware disguised as evidence in a fake cybercrime investigation. The campaign has targeted organizations across Europe, Asia, the Middle East, and the United States, relying on convincing social engin…CYBERINSIDER.COM
1 JulDHS confirms hackers breached HSIN info-sharing platformThe Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform used by federal, state, local, and private-sector partners. [...]BLEEPINGCOMPUTER.COM
1 JulTeen suspect in Scattered Spider hacks is extradited to USA complaint unsealed this week accuses a 19-year-old of participating in incidents including a breach of a "luxury-jewelry retailer" in 2025.THERECORD.MEDIA
1 JulFortiBleed credential-theft campaign linked to Lynx ransomwareThe massive FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet credentials were intended to fuel future network intrusions. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 29[−]
1 JulISC Stormcast For Wednesday, July 1st, 2026 https://isc.sans.edu/podcastdetail/9990, (Wed, Jul 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 JulGetting boards to fund ERM means speaking their currencyIn this Help Net Security video, Greg Young, VP Cybersecurity and Corporate Development at TrendAI, explains how to build Enterprise Risk Management that a board will pay for. Drawing on nearly four decades in cybersecurity, including time as a CISO and 14 years as a Gartner anal…HELPNETSECURITY.COM
1 JulThis supercomputer encrypts your data even while it’s running itMost people who handle sensitive data already encrypt it in two places. They lock it down when it sits on a hard drive, and they lock it down when it moves across a network. There has always been a third moment that stayed open. The instant a computer pulls that data into memory …HELPNETSECURITY.COM
1 JulRisky Business #844 -- China closes AI vulndev gap as USA lifts Fable banOn this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s Fable 5 returning while OpenAI’s GPT-5.6 gets thrown in model jail Distillation, cheap tokens, and AI chat harvesting is an industry in China Edge become…RISKY.BIZ
1 JulGoogle Patches 382 Chrome VulnerabilitiesFifteen of the newly patched flaws have been rated ‘critical’ and 67 have been rated ‘high severity’. The post Google Patches 382 Chrome Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulWhat a financial planner taught me about cybersecurityWhen I spoke at a recent cybersecurity awareness event for financial planners and tax advisors, the audience really engaged with the subject. As happens at conferences the world over, people often come up to speakers to ask follow-up questions, or just give their feedback about p…HELPNETSECURITY.COM
1 JulMassive Password Spray Campaign Targeting Azure CLIHackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY. The post Massive Password Spray Campaign Targeting Azure CLI appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulDawnguard Raises $6.3 Million for Security Architecture Automation PlatformThe company has publicly launched its solution to help organizations design, build, and operate secure cloud systems. The post Dawnguard Raises $6.3 Million for Security Architecture Automation Platform appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulThis phishing kit looks more like BEC-as-a-serviceCisco Talos’ research on ARToken builds on what’s known about the related EvilTokens phishing-as-a-service. The post This phishing kit looks more like BEC-as-a-service appeared first on CyberScoop .CYBERSCOOP.COM
1 JulFrontier AI: Six Questions Every Enterprise Should Ask Security VendorsFrom model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. The post Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors appeared first on SecurityWeek…SECURITYWEEK.COM
1 JulApple Patches Dozens of Vulnerabilities Across iOS, macOS, and SafariThe updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users. The post Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulPapa Johns Surveillance-Based AdvertisingPapa Johns is spying on people’s buying activities to predict when they are low on food: The pizza chain recently tapped NBCUniversal, Instacart and the dentsu-owned media agency Carat for help reaching consumers when they’re low on groceries—and thus more likel…SCHNEIER.COM
1 JulThe ARToken phishing panel targets Microsoft 365 accountsAccounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in April 2026, addressed to the person who handles payments and written in the voice of a Wisconsin contracto…HELPNETSECURITY.COM
1 JulAdobe Patches Critical ColdFusion, Campaign Classic VulnerabilitiesSeven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution. The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulCitrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ AttackCitrix urges customers to patch NetScaler after fixing six vulnerabilities, including the HTTP/2 Bomb flaw and a high-severity CitrixBleed-style information disclosure bug. The post Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack appeared first on Sec…SECURITYWEEK.COM
1 JulDawnguard launches platform to automate secure cloud architectureDawnguard announced the public launch of its security architecture automation platform, making it available to organizations looking to design, build, and operate secure cloud-native systems from day zero through production. The launch marks the company’s move from enterprise des…HELPNETSECURITY.COM
1 JulSafe Events Start With Threat Intel and Digital SecurityPlanning ahead to defend against cyber threats is the work that keeps events uneventful.DARKREADING.COM
1 JulEmpowering Too Soon BackfiresEmpowerment isn't binary. It's a dial that leaders should adjust based on operational clarity, individual capability, and team maturity. Granting full autonomy before a team is ready can increase mistakes, confusion, and inconsistency. On the other hand, withholding autonomy from…YOUTUBE.COM
1 JulTurning Indicators into Intelligence in OpenCTI with Criminal IPThreat intelligence is only as useful as the context behind it. Criminal IP explains how its integration enriches threat indicators in OpenCTI with risk scoring, infrastructure intelligence, and phishing analysis. [...]BLEEPINGCOMPUTER.COM
1 Jul6 security settings every GitHub maintainer should enable this weekThese six free settings will not make your project unhackable. Nothing will. What they will do is close the easy doors. Turn these on, and your project will be meaningfully harder to attack than it was before. The post 6 security settings every GitHub maintainer should enable thi…GITHUB.BLOG
1 JulAnthropic reactivates Fable, Mythos after securing government approvalThe company’s powerful frontier models are back, but vetting issues remain unresolved.CYBERSECURITYDIVE.COM
1 JulTor releases Arti 2.5.0 with stable CGO encryption and security fixesThe Tor Project has released Arti 2.5.0, promoting its next-generation Counter Galois Onion (CGO) encryption scheme to stable status while also patching two denial-of-service (DoS) vulnerabilities affecting the Rust-based Tor implementation. The release marks a significant milest…CYBERINSIDER.COM
1 JulMicrosoft named a leader in the Frost Radar for cloud and application runtime securityFrost & Sullivan names Microsoft a leader as cloud and application security converge into unified, runtime risk reduction. The post Microsoft named a leader in the Frost Radar for cloud and application runtime security appeared first on Microsoft Security Blog .MICROSOFT.COM
1 JulWaiting for Quantum Is a MistakeQuantum computing is still in its early stages, but major technology platforms are already investing in the technology. While commercial-scale systems aren't available yet, development continues to accelerate. Organizations that wait for quantum computing to become commonplace ma…YOUTUBE.COM
1 JulSEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRATUnknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a "massive, multi-domain, multi-language" campaign that distributes malicious installer archives hosted on spoofed websites. T…THEHACKERNEWS.COM
1 JulMicrosoft Adds New Teams Controls to Block Unauthorized AI Bots From MeetingsMicrosoft's new Teams admin policy requires organizer approval for external AI bots, giving organizations greater visibility and control over automated participants in sensitive meetings. The post Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings appea…SECURITYWEEK.COM
1 JulMicrosoft accelerates quantum cryptography rollout, targets 2029 transitionMicrosoft has announced that it is accelerating its transition to post-quantum cryptography (PQC) amid growing concerns that cryptographically relevant quantum computers could arrive sooner than previously anticipated. The company now aims to transition critical products and serv…CYBERINSIDER.COM
1 JulCrafty Phishing Campaigns Auto-Adapt to Victim's Device, OSAttackers fingerprint victims through user-agent data to deliver OS-specific payloads, increasing compromise rates and campaign profitability.DARKREADING.COM
1 JulFake Values Kill Company TrustCore values only build trust when they're reflected in everyday decisions. A company that claims to be "people first" but consistently acts otherwise creates a gap between its messaging and reality. That disconnect weakens credibility with employees, leaders, and candidates. Orga…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 10[−]
1 JulResearcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware DeliveryClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands behind its fake "prove you're human" pages are now handed out by API-driven servers that give each visitor the same malware in a differen…THEHACKERNEWS.COM
1 JulPhantom Squatting Uses AI-Hallucinated Domains for Phishing and MalwareLarge language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way. Palo Alto Networks' Unit 42 calls the tr…THEHACKERNEWS.COM
1 JulMartin Lee: Running through the Arctic (and the threat landscape)Ever wonder how someone goes from studying human viruses to leading cybersecurity teams? In this Humans of Talos, we’re joined by Martin Lee, EMEA Lead, to talk about his journey into the industry.TALOSINTELLIGENCE.COM
1 Jul2026 Cybersecurity Assessment: The Gap Between Awareness and ResilienceOrganizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybersecurity Assessment confirms this is the case, as this year's findings reveal a series of surprising con…THEHACKERNEWS.COM
1 JulBrazilian Banking Trojan Ousaban Targets Spain and PortugalFortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishingINFOSECURITY-MAGAZINE.COM
1 JulFileless Malware Abuses Google Blogspot to Deploy Infostealer in MemorySecuronix said the Veil#Drop campaign abuses Google Blogspot to deliver PureLog Stealer in memoryINFOSECURITY-MAGAZINE.COM
1 JulOusaban Banking Trojan Targets Iberian Bank Users with Fake PDF LuresA Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026. It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really in Spain …THEHACKERNEWS.COM
1 Jul'Phantom Squatting': An Emerging AI-Driven Supply Chain ThreatLLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.DARKREADING.COM
1 JulVEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs StealerCybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEIL#DROP by Securonix. It's suspected that the initial payload…THEHACKERNEWS.COM
1 JulAnd the Winner in Dominant Malware Delivery? ClickFixResearchers say the highly effective social engineering technique is no longer the exception for malware attacks — it's now the rule.DARKREADING.COM
🎙️ PODCASTS 1[−]
1 JulSmashing Security podcast #474: Polymarket can predict the future. So how did it miss this hack?Polymarket has built an entire business on predicting the future. So how did it manage to spectacularly fail to predict its own hack? Plus, the Google engineer with a million-dollar secret, and the curious case of the airport hairdryer. Meanwhile, "FortiBleed" sees 75,000 Fortine…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 18[−]
1 JulWeekly Threat Bulletin – July 1st, 2026These are the top threats you should know about this week.F5.COM
1 JulHow Madalina Petrea Runs Marketing for 27+ Cybersecurity Franchise Owners Across 4 ContinentsCyberGlobal is the world's first cybersecurity franchise, with Madalina Petrea heading up marketing there. What does it mean to run marketing at a cyber franchise? Supporting 27+ franchise owners across the US, Europe, Africa, and Asia who sell cybersecurity services to small bus…THECYBERWIRE.COM
1 JulAzure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ AttemptsCybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range (2a0a:d683::/3…THEHACKERNEWS.COM
1 JulAdobe patches seven max severity ColdFusion, Campaign flawsAdobe has released security patches for seven maximum-severity vulnerabilities in the ColdFusion web app development platform and the Campaign Classic marketing automation platform. [...]BLEEPINGCOMPUTER.COM
1 JulChatGPT produced graphic violent images that shocked researchersAI assistants like ChatGPT are supposed to have appropriate guardrails to stop people creating harmful content. However, they don't always work.MALWAREBYTES.COM
1 JulMicrosoft Accelerates Quantum-Safe Push with New TimelineMicrosoft has brought forward its timelines for transitioning to post-quantum cryptography (PQC)INFOSECURITY-MAGAZINE.COM
1 JulAmazon fined $2.25M for withholding evidence from fraud victimsThe U.S. Federal Trade Commission (FTC) says Amazon will pay a $2.25 million civil penalty to settle charges that it blocked identity theft victims' access to transaction records. [...]BLEEPINGCOMPUTER.COM
1 JulAnthropic's Fable 5 and Mythos 5 Are Back with New Security GuardrailsThe new classifier in Fable 5 blocks the jailbreak technique that prompted the US export controls “in over 99% of cases”INFOSECURITY-MAGAZINE.COM
1 JulMicrosoft fixes GIF functionality in the Windows Emoji PanelMicrosoft has fixed the GIF functionality in the Emoji Panel for Windows 11 and Windows Server users after the provider shut down its service. [...]BLEEPINGCOMPUTER.COM
1 JulMicrosoft Accelerates Post-Quantum Cryptography Shift to 2029Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encryption standards sooner than previously expected. "Advances in quantum research and development have shi…THEHACKERNEWS.COM
1 JulChrome needs another whopper update to fix 382 security bugsGoogle released a huge update of 382 security fixes, 15 of which were rated as critical. So, it's time to update agaiMALWAREBYTES.COM
1 JulUS lifts export controls on Anthropic’s frontier cybersecurity AI modelsAnthropic said export controls on certain models had been lifted after the company came to a series of agreements with the government.THERECORD.MEDIA
1 JulHow to use the AWS Workload Credentials Provider for cross-account secret retrieval and prefetching secretsIf you manage secrets across multiple AWS accounts or need faster secret access for latency-sensitive applications, this post shows you how to meet those requirements using two new features of the AWS Workload Credentials Provider (provider). You will learn how to configure role …AWS.AMAZON.COM
1 JulUS lifts export restrictions on Anthropic’s most advanced AI models.Adobe patches seven maximum-severity flaws. Business news: Quantifind lands $200 million.THECYBERWIRE.COM
1 JulHackers target Microsoft 365 accounts with 81 million login attemptsAn aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period. [...]BLEEPINGCOMPUTER.COM
1 JulSecure Amazon container workloads using container attribute-based rules in AWS Network FirewallToday, you can use AWS Network Firewall to protect traffic flowing to and from containerized applications on Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS) clusters. If you run AI and machine learning (ML) workloads on Amazon EKS—…AWS.AMAZON.COM
1 JulQuantifind has secured $200 million in a funding round led by Summit Partners.Straiker has raised $64 million in a Series A round. F5 has acquired Denver-based AI governance firm SurePath AI.THECYBERWIRE.COM
1 JulFake Perplexity Chrome extension spies on your searchesA fake Perplexity Chrome extension secretly monitored searches. If you installed "Search for perplexity ai," you need to remove it manually.MALWAREBYTES.COM