Researchers at Nebula Security have identified GhostLock, a Linux kernel vulnerability tracked as CVE-2026-43499 that has been present since Linux 2. Thank you for being a Ghacks reader. The post AI Agent Discovers 15-Year-Old Linux Kernel Privilege Escalation Bug Named…
Category: EN
A week in security (July 6 – July 12)
A list of topics we covered in the week of July 6 to July 12 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (July 6 – July 12)
Multifunction Windows backdoor, NSA revives TAO, urgent ShareFile warning
Windows backdoor stuffs multiple wipers and ransomware code into a single package NSA brings back Tailored Access Operations name for elite hacking unit Progress urges ShareFile customers to shut down storage zone controllers Show notes: https://cisoseries.com/cybersecurity-news-multifunction-windows-backdoor-nsa-revives-tao-urgent-sharefile-warning/ Huge thanks to our…
New VEXAIoT AI Agents Autonomously Exploit IoT Vulnerabilities With 95% Success Rate
VEXAIoT, an autonomous multi-agent framework designed to discover and exploit vulnerabilities in the Internet of Things (IoT) within controlled test environments. In 200 attack trials against the intentionally vulnerable IoTGoat platform, the system completed 189 attacks, achieving an overall success…
Hackers Can Exploit Motorola MR2600 Firmware Update Process to Gain Code Execution
A newly disclosed unauthenticated remote code execution vulnerability in Motorola MR2600 Wi-Fi routers allows attackers on the local network to upload and install a malicious firmware image without logging in to the router’s administration panel. According to researcher MrBruh, the…
Why SBOMs, signing, and provenance still don’t tell you if software is safe
We have made real progress in software supply chain security, improving visibility into software components, authenticity and build integrity. Much of this progress traces back to Executive Order 14028, which pushed agencies, contractors and enterprises to invest in SBOMs, signing…
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabilities (KEV) catalog, following reports of zero-day exploitation in the wild. The vulnerabilities, both rated…
Exposed Server Unmasks Evilginx Operators Stealing Microsoft 365 Sessions and OAuth Tokens
A misconfigured server in Budapest exposed a live phishing operation built to bypass Microsoft 365 multi-factor authentication and retain access to compromised accounts. The server, hosted at 185.163.204[.]7185.163.204[.]7185.163.204[.]7, was running python3 -m http.server 8080 with directory listing enabled, making its…
Jscrambler npm Supply Chain Attack Steals Cloud Credentials and Crypto Wallet Secrets
A malicious actor compromised the Jscrambler npm package and published several trojanized versions that included a hidden, cross-platform credential-stealing payload. The attack targeted developers, build pipelines, and CI/CD systems, where npm installations could access source code, cloud credentials, deployment tokens,…
Cynative: Open-source deep research agent
Running a large language model against a live cloud account to hunt for security holes comes with an obvious hazard. An agent that holds real credentials and a mandate to poke around can delete a bucket, flip a permission, or…
FBI Disrupts Malicious Network Running On Android Set-Top Boxes
US agency seizes domains of Israel-based NetNut, works with companies to take down millions of bots running on TV streaming boxes This article has been indexed from Silicon UK Read the original article: FBI Disrupts Malicious Network Running On Android…
Operation Capsule Vault Uses Malicious ISO Files and Process Injection to Deliver RokRAT
Operation Capsule Vault began with spear-phishing emails sent on June 22, 2026, posing as notices distributing materials from a legitimate academic event. The lures referenced the “Why Wonsan-Kalma Tourism Now?” conference, held at Seoul COEX on June 12, and incorporated…
15 Best Free Cybersecurity Resources to Learn in 2026
By HOC Team | Last updated: July 2026 | Read time: ~18 min The biggest myth in cybersecurity education… The post 15 Best Free Cybersecurity Resources to Learn in 2026 appeared first on Hackers Online Club. This article has been indexed…
Microsoft demystifies how Windows updates work
Microsoft has published a guide explaining the Windows servicing model, outlining the purpose of monthly security updates, optional preview releases, hotpatch updates, and the mechanisms used to deliver new features throughout the year. “Most individuals and organizations regularly deploy monthly…
A hardware security AI assistant that checks chips for hidden backdoors
Chip designers license blocks of circuitry from outside vendors and drop them into larger products. A single processor can carry components from a range of suppliers, each written by a company the buyer may never deal with directly. A malicious…
Microsoft Tests AI-Powered Copilot Tool to Diagnose Windows 11 Performance Issues
Microsoft is gradually rolling out an optional Copilot feature called PC Insights, which provides the AI assistant with access to real-time information about Windows 11 hardware and performance. This feature, first reported by Windows Latest, is currently being tested with…
Citrix Unveils NetScaler MCP Gateway With Centralized Security for AI Agents
Citrix has introduced new NetScaler capabilities designed to secure and govern enterprise AI agents that use the Model Context Protocol (MCP). Announced on July, the NetScaler MCP Gateway provides a centralized entry point for AI agents connecting to approved MCP…
Microsoft Testing Copilot Feature That Shows What’s Slowing Down Your Windows 11 PC
Microsoft is quietly testing a new Copilot capability called “PC Insights” that lets the AI assistant analyze your Windows 11 machine’s hardware and pinpoint exactly what’s causing slowdowns. The feature is currently rolling out slowly in the United States and…
SpaceX and Starlink X Account Reportedly Compromised to Push Fake Crypto Coins
The official SpaceX and Starlink accounts on X appear to have briefly promoted a fraudulent cryptocurrency after being compromised, with the scam token subsequently “rug-pulled” on unsuspecting buyers. Multiple online reports indicate that an account calling itself “Sam Catman,” displaying…
99.9% of fixable AI vulnerabilities remain unpatched
Organizations build, deploy, and operate AI in the cloud, but basic cybersecurity hygiene is often sacrificed for speed, according to Orca Security’s 2026 State of AI Security Report. Building AI without security Fifty-six percent of AI adopters have deployed agent…