Beijing-based start-up reportedly plans Kimi K3 release in coming days, with open model set to surpass performance of Anthropic’s Opus 4.8 This article has been indexed from Silicon UK Read the original article: China’s Moonshot AI Set To Narrow Anthropic…
Linux Creator Linus Torvalds Rejects Anti-AI Push and Defends LLM Tools
Linux creator and top-level kernel maintainer Linus Torvalds has made it clear that the Linux kernel project will not adopt an anti-AI stance. He believes that large language models and related tools should be assessed based on their technical value…
7-Zip Vulnerability Lets Attackers Trigger Heap Buffer Overflow Using Malicious Files
A newly disclosed vulnerability in 7-Zip could allow attackers to execute arbitrary code by tricking users into opening a specially crafted XZ-compressed file. Tracked as CVE-2026-14266 and identified by Trend Micro’s Zero Day Initiative as ZDI-26-444 (ZDI-CAN-30169), the flaw is…
The script, not the voice, is what makes AI voice phishing work
The call comes in at 4:40 on a Friday. The voice belongs to a senior manager, or sounds close enough, and she needs a password reset before a flight. She is polite, she is in a hurry, and she has…
ACR Stealer Uses ClickFix, WebDAV, and Steganography to Steal Browser Credentials and Tokens
A surge in ACR Stealer activity from late April through mid-June 2026, with operators combining ClickFix social engineering, WebDAV-hosted payloads, PowerShell obfuscation, and steganography to compromise enterprise users. The malware operations rely on ClickFix social-engineering lures to trick victims into…
Two Hackers Jailed for Hacking 148 TfL Systems, Forcing Password Reset for 27,000 Staff
Two young members of the Scattered Spider cybercrime group have been jailed for a 2024 attack that knocked out 148 Transport for London (TfL) systems, forced all 27,000 staff to reset passwords in person, and cost the organization about £29…
The five step plan that cuts security budget waste
In this Help Net Security video, Viktor Bulanek, CTO of Penetrify, explains where security budget waste comes from. Budgets get built around vendor categories, compliance checkboxes, and last year’s headlines. Attackers work along attack paths, and that mismatch is where…
AnyDesk Zero-Day Flaw Allows Local Attackers to Trigger System-Wide Denial-of-Service
A newly disclosed zero-day vulnerability in AnyDesk has the potential to allow a local attacker to trigger a denial-of-service condition by exploiting the remote-access software’s “Send Support Information” feature. The advisory, tracked as ZDI-26-401 and ZDI-CAN-26645, was published by Trend…
Five-Layer Fileless Malware Uses JScript and PowerShell to Evade AMSI and Load .NET Payload
An active phishing campaign using a five-layer, fileless malware loader to evade Microsoft’s Antimalware Scan Interface (AMSI), static detection controls, and disk-based forensic analysis. The campaign delivers a Windows Script Host JScript payload inside a TAR archive disguised as a…
A hard drive reliability check on 341,263 drives, from 4TB to past 20TB
Large cloud storage operators track their hard drives every day, recording which units keep running and which ones drop off the racks. Backblaze does this at scale, and its Q1 2026 report covers a fleet built for continuous use. The…
New infosec products of the week: July 17, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Cloudflare, Lineation.ai, Nudge Security, and Polygraf AI. Polygraf AI Meeting Guard delivers real-time deepfake detection for enterprise meetings Polygraf AI has announced Meeting Guard, a…
7-Zip Vulnerability Exposes Millions of Users to Remote Code Execution Risk
A newly disclosed vulnerability in 7-Zip, one of the most widely used open-source file archiving tools, could allow remote attackers to execute arbitrary code on affected systems. Tracked as CVE-2026-14266, the flaw stems from improper handling of XZ chunked data…
Two Hackers Jailed for Hacking 148 TfL Systems, Forcing Password Reset for 27,000 staffs
Two young members of the Scattered Spider cybercrime group have been jailed for a 2024 attack that knocked out 148 Transport for London (TfL) systems, forced all 27,000 staff to reset passwords in person, and cost the organization about £29…
ISC Stormcast For Friday, July 17th, 2026 https://isc.sans.edu/podcastdetail/10012, (Fri, Jul 17th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, July 17th, 2026…
South Korea making its own security-centric AI model
Adapting existing local LLM project for security and sovereignty purposes and hopes to one day match Mythos This article has been indexed from www.theregister.com – Articles Read the original article: South Korea making its own security-centric AI model
Scattered Spiders sentenced, OpenAI builds an AI that breaks AIs, and Iran leans on ChatGPT
Two leading Scattered Spider members, Thaila Jubar and Owen Flowers, were sentenced to five years and six months for the 2024 Transport for London hack that knocked 148 systems offline, forced 27,000 password resets, stole customer data, and cost TfL…
IT Security News Hourly Summary 2026-07-17 03h : 1 posts
1 posts were published in the last hour 1:4 : ACR Stealer: Two observed intrusion chains amid increased threat activity
ACR Stealer: Two observed intrusion chains amid increased threat activity
From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer environments. These campaigns are successfully using ClickFix lures to steal browser credentials, authentication tokens, and sensitive documents from enterprise environments. The post ACR…
AI, Automation and Attacks: Unpacking the Unit 42 2026 Global Incident Response Report
Explore Unit 42’s perspectives on AI’s impact on cybersecurity, including key updates since the 2026 Incident Response Report. The post AI, Automation and Attacks: Unpacking the Unit 42 2026 Global Incident Response Report appeared first on Unit 42. This article…
Why CISOs should automate SBOM management with AI
<p>Modern software runs on open source. Nearly all codebases — 98% — contain open source code, according to a 2026 <a target=”_blank” href=”https://www.blackduck.com/content/dam/black-duck/en-us/reports/rep-ossra.pdf” rel=”noopener”>report</a> from cybersecurity vendor Black Duck, which scanned 947 codebases and analyzed nearly 3,000 individual projects between…
OpenAI admits GPT-5.6 occasionally deletes files – but it’s an ‘honest mistake’
Data purges deemed an example of ‘misaligned behavior’ that upstart is working to avoid This article has been indexed from www.theregister.com – Articles Read the original article: OpenAI admits GPT-5.6 occasionally deletes files – but it’s an ‘honest mistake’
Zoom Patches Critical Account Takeover Vulnerability for Windows
Zoom patched a critical Windows vulnerability that could enable unauthenticated account takeover. The post Zoom Patches Critical Account Takeover Vulnerability for Windows appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Zoom…
IT Security News Hourly Summary 2026-07-17 00h : 3 posts
3 posts were published in the last hour 21:55 : IT Security News Daily Summary 2026-07-16 21:35 : How mapping security controls can ease the compliance burden 21:34 : Coca-Cola suspended production at its Fairlife dairy after a ransomware attack
IT Security News Daily Summary 2026-07-16
170 posts were published in the last hour 21:35 : How mapping security controls can ease the compliance burden 21:34 : Coca-Cola suspended production at its Fairlife dairy after a ransomware attack 20:34 : Wordfence Intelligence Weekly WordPress Vulnerability Report…