Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside…
The Department of Know: PeopleSoft exploit, Ford brings back gray beards, LLM vetting
This week’s Department of Know is hosted by Rich Stroffolino, with guests David Cross, CISO, Atlassian; Kathleen Mullin, Director, SABSA Institute; Montez Fitzpatrick, CISO, Navvis; and Howard Holton, former CEO, GigaOm. Get the show notes here: https://cisoseries.com/the-department-of-know-peoplesoft-exploit-ford-brings-back-gray-beards-llm-vetting/ Huge thanks to our…
FBI Seizes NetNut Domains as Google Disrupts 2M Device Proxy Network
FBI and Google disrupt NetNut after domains linked to its residential proxy network are seized, exposing abuse of 2 million TVs and streaming devices worldwide. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More…
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds
A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The Citizen Lab published a report documenting one of the more darkly ironic findings in recent surveillance research: former Member of the European…
New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll…
AI Agents Are Creating a New Enterprise Security Gap
Five independent security disclosures in a single week point to the same gap: AI agent permissions, not AI agent capabilities, are the problem enterprises haven’t solved. The post AI Agents Are Creating a New Enterprise Security Gap appeared first on…
New Avalon Malware Framework Packs CrownX Ransomware Capabilities
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution,…
IT Security News Hourly Summary 2026-07-03 21h : 4 posts
4 posts were published in the last hour 19:4 : Prompt Injection Attacks and Hidden Security Risks in LLM Applications 18:38 : How to scale your patches without scaling your team (the patch wave) 18:36 : Moody Bible Institute –…
Prompt Injection Attacks and Hidden Security Risks in LLM Applications
Where the Problem Sits Everyone talks about model safety. Not enough people talk about what happens when the input itself is the weapon. Prompt injection is not a niche edge case. It is the most direct way to compromise an…
How to scale your patches without scaling your team (the patch wave)
Most breaches don’t start with a vulnerability nobody knew about. They start with one nobody patched in time. Vulnerability exploitation is now the single biggest way attackers get into a network. It has overtaken stolen credentials for the first time…
Moody Bible Institute – 2,303,416 breached accounts
In June 2026, Moody Bible Institute was targeted by a ShinyHunters “pay or leak” extortion campaign. Over 2.3M unique email addresses and other personal data were later published publicly, including names, physical addresses, phone numbers, dates of birth and other…
Indian Govt Bans Apps Being Misused to Stop E-Rickshaws Remotely
The Indian government has directed Google and Apple to take down three mobile applications, BAT-BMS, Lossigy, and Epoch-i-ion, after they were allegedly misused to remotely disable e-rickshaws and other battery-operated three-wheelers mid-journey, putting passenger safety at risk. Authorities have also…
North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” mimic…
Burp Suite for Beginners: Web Application Pentesting Tutorial (2026)
By HOC Team | Last updated: July 2026 | Read time: ~22 min If Nmap is the first… The post Burp Suite for Beginners: Web Application Pentesting Tutorial (2026) appeared first on Hackers Online Club. This article has been indexed…
IT Security News Hourly Summary 2026-07-03 18h : 4 posts
4 posts were published in the last hour 15:35 : Top 10 Best Post-Quantum Cryptographic Solutions in 2026 15:34 : In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting 15:34 : Nissan Confirms Employee Data…
Top 10 Best Post-Quantum Cryptographic Solutions in 2026
Quantum computing has crossed the line from research curiosity to board-level risk. Once a cryptographically relevant quantum computer arrives — an event security planners call “Q-Day” — the public-key cryptography that protects banking, government, healthcare, and the entire internet (RSA,…
In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting
Noteworthy stories that might have slipped under the radar: Anonymous-linked Canadian hacker jailed, researcher drops zero-days in open source projects, Venezuelans sentenced in the US over ATM jackpotting. The post In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two…
Nissan Confirms Employee Data Breach Following Oracle PeopleSoft Zero-Day Cyberattack
Nissan has confirmed that it fell victim to a third-party cyberattack after being targeted as an Oracle PeopleSoft user, making it the latest company to suffer an attack due to a yet-revealed vulnerability. The breach is currently under investigation,…
ISA VDA 6.0.3 (part 4) — Information Security Sheet: IT Security / Cyber Security
This is the part 4 of the series about the TISAX label: TISAX getting started: A Deep Dive into the ISA Assessment Workbook (part 1). ISA VDA 6.0.3 (part 4) — Information Security Sheet: IT Security / Cyber Security Chapter…
Nebula AI-Powered Penetration Testing Platform Automates Vulnerability Assessments
A new open-source security tool is bringing large language models directly into the penetration tester’s terminal. Nebula, developed by BerylliumSec, integrates state-of-the-art AI models into the command-line interface, allowing ethical hackers and security professionals to automate vulnerability assessments, generate exploit…
Alibaba to Ban Claude Code Over Alleged Embedded Backdoor Risks
Alibaba is reportedly set to ban Anthropic’s Claude Code from its internal workplace environments starting July 10, 2026, over alleged embedded backdoor risks. The company has not officially confirmed the decision and did not respond to media queries at the…
Hackers Abuse SEO Poisoning and Hidden HTML to Trick AI Agents Into Following Malicious Instructions
Artificial intelligence agents are quickly becoming the new front door to the internet, and attackers have noticed. A fresh wave of malicious websites is using search engine tricks and invisible code to feed false instructions directly into AI systems, turning…
Multiple Apache ActiveMQ Vulnerabilities Enable DoS Attacks and Lead to Crashes
Apache ActiveMQ users are advised to urgently update their deployments after three important vulnerabilities were disclosed, exposing messaging infrastructure to denial-of-service (DoS) attacks, broken isolation, and improper authorization risks. The issues, tracked as CVE-2026-53917, CVE-2026-54475, and CVE-2026-49877, affect core components…
Scammers Impersonate Trusted Brands in Gambling Ads to Drive Casino Traffic
Scammers are hijacking trusted brand names to push people toward online casinos unrelated to those companies. Instead of building fake bank sites or phishing emails, they exploit the trust people place in familiar logos. The scam starts simply. A consumer…