145 posts were published in the last hour
- 20:34 : New Chrome Update Fixes 382 Security Bugs Across Desktop, Mobile
- 20:34 : Apple’s ‘Hide My Email’ Privacy Flaw Exposes Real Email Addresses
- 20:9 : FBI Seizes NetNut Proxy Platform, Popa Botnet
- 19:32 : Identity Was Never the Real Problem. Intent Is — and Almost Nobody Is Building For It Yet
- 19:32 : AI-Driven Threats, Global Breaches, and Compliance Shifts Define the Week in Cybersecurity for July 2026
- 19:32 : Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
- 19:31 : Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
- 19:6 : Wordfence Intelligence Weekly WordPress Vulnerability Report (June 22, 2026 to June 28, 2026)
- 19:5 : IT Security News Hourly Summary 2026-07-02 21h : 8 posts
- 18:34 : Europe Confirms Record €4.1B Penalty Against Google for Android Practices
- 18:34 : Claude Cowork’s Sandbox Vulnerability Allows Attackers to Run Arbitrary Commands as Root
- 18:34 : Ousaban Malware Uses Phishing PDFs and VBS Downloader to Target Iberian Banking Users
- 18:34 : AsyncRAT Campaign Abuses TryCloudflare Tunnels and Python Scripts for Malware Delivery
- 18:34 : Microsoft 365 Phishing Panel Uses OAuth Device Code Flow to Capture Tokens and Persist Access
- 18:34 : AsyncRAT Campaign Uses DLL Sideloading and ScreenConnect for Stealthy Remote Access
- 18:11 : Catan and Mouse
- 18:10 : Smooth AI criminal drives ‘first’ end-to-end agentic ransomware attack
- 17:34 : Real-Time Observability: Introducing Akamai Cloud Pulse Alerts
- 17:7 : FortiBleed Credential Theft Connected to INC and Lynx Ransomware
- 17:7 : How to Install Kali Linux on VirtualBox (Step by Step 2026)
- 17:6 : CitrixBleed Vulnerability Exploited by Hackers Within 24 Hours of Public Disclosure
- 17:6 : Researchers Warn of Unpatched Argo CD Flaw That Enables Cluster Takeover
- 17:6 : Accenture Buys Cybersecurity Firms Dragos, runZero, NetRise for $4.18 Billion
- 16:32 : U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog
- 16:32 : ChatGPT File Download Flow Vulnerability Could Be Abused to Access System Files
- 16:32 : DHS Confirms Breach of Information-Sharing Network Platform HSIN
- 16:31 : Fake Google and Cloudflare verification pages spread multiple malware families
- 16:31 : Apple’s Hide My Email doesn’t hide it very well
- 16:31 : Improving security posture across the Microsoft partner ecosystem
- 16:7 : Ctrl+Alt+Oops: FortiBleed criminal’s logins stitch two gangs together
- 16:6 : ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
- 16:6 : FortiBleed campaign traced to INC and Lynx ransomware operations
- 16:5 : IT Security News Hourly Summary 2026-07-02 18h : 7 posts
- 15:34 : Why a Windows Hello PIN Beats a Password for Enterprise Security
- 15:33 : New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure
- 15:10 : Perimeter to posture: A roadmap to zero trust maturity
- 15:9 : Microsoft said exploitation was ‘less likely’ … but CISA just added SharePoint RCE to KEV list
- 15:9 : Hackers Breached Kubota, Employee Data Compromised
- 15:9 : WhatsApp Tests New Android Chat Backup Management Feature to Improve Google Drive Storage Control
- 15:9 : Most cybersecurity workers have been told to conceal a breach, report finds
- 14:34 : US government says it got hacked — again
- 14:34 : Agentic Ransomware JADEPUFFER Uses Base64 Python Payloads to Harvest Cloud and API Keys
- 14:34 : Microsoft Outlook Bug Removes Copilot Button For Windows Users
- 14:34 : Opera Blocks Clipboard Attacks, Including ClickFix, With New Paste Protect Feature
- 14:34 : Hackers Use Fake VLC Executable and Malicious libvlc.dll to Deploy ValleyRAT
- 14:34 : 900+ Oracle E-Business instances Exposed Online Amid Active Vulnerability Exploitation
- 14:33 : Cyber Briefing: 2026.07.02
- 14:7 : Scattered Spider suspect extradited over $8 million ransom scheme
- 14:7 : ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
- 13:33 : Opera Browser Adds Native Paste Protect to Stop Clipboard Hijacking and Code Injection Attacks
- 13:32 : How to Conduct a Successful Audit of AI-Driven Software Development
- 13:16 : Context Engineering | Compaction & Agent Memory for Automated Malware Analysis
- 13:15 : Hackers Abuse ScreenConnect Remote Access Tool to Deploy AsyncRAT Through Fake Installers
- 13:13 : WinRAR flaw could allow attackers to take control of your computer
- 13:12 : Pacemaker manufacturer Medtronic warns patients cybercrooks may have swiped health data
- 13:10 : FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks
- 13:9 : New iboss platform gives organizations instant visibility into AI tools and usage
- 13:8 : Researcher Behind ‘Exploitarium’ Explains Release of Undisclosed Zero-Day Exploits
- 13:5 : IT Security News Hourly Summary 2026-07-02 15h : 13 posts
- 12:37 : NetScaler Memory Overread Flaw Revives CitrixBleed Fears
- 12:37 : Cursor IDE Vulnerabilities Let Prompt Injection Escape the Sandbox
- 12:36 : Cloudflare changes AI crawler access rules
- 12:36 : Identity Lifecycle Management Wasn’t Built for AI Agents
- 12:36 : Cisco Unified CM Vulnerability Exploited
- 12:35 : Four Major Japan Breaches Share Common Entry Point
- 12:35 : Opera launches Paste Protect against ClickFix
- 12:35 : NSF Announces AI Coordination Hubs Program
- 12:34 : AI Adoption Rises; Cybersecurity Burnout Soars
- 12:15 : 950 Oracle E-Business Suite Instances Exposed as CVE-2026-46817 Attacks Observed in the Wild
- 12:15 : Phishing Campaign Uses Fake Invoice PDF to Drop AsyncRAT, VenomRAT, and XWorm
- 12:13 : India gives WhatsApp three days to defend username rollout amid security fears
- 12:9 : Cybercriminals Pose as Interpol in Phishing Emails to Infect Victims With Ransomware
- 11:37 : CISA Adds Actively Exploited Microsoft SharePoint Vulnerability to KEV Catalog
- 11:36 : EvilTokens-Linked ARToken Panel Exposes 80+ APIs for Microsoft 365 Token Theft
- 11:36 : 430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link
- 11:35 : Cybersecurity Mission Creep in the US
- 11:35 : Hackers Disable Defender, Sysmon, and WAF Before Dumping Credentials With Mimikatz
- 11:34 : FCC Announces Bans on Chinese Equipment Linked to Cybersecurity Risks
- 11:34 : Critical JetBrains Vulnerabilities Enable Authentication Bypass and Code Execution Attacks
- 11:34 : Trump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity Alarm
- 11:6 : Microsoft Warns: Fake Perplexity Extension Abused Chrome Search Features
- 11:6 : New BioShocking Attack Tricks AI Browsers Into Leaking Credentials
- 11:5 : Oracle E-Business Suite was under attack via critical flaw before the public exploit code was even released
- 11:5 : CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability
- 11:4 : ‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials
- 11:4 : Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability
- 10:34 : Sysdig Details JADEPUFFER, the First Documented Agentic Ransomware Operation
- 10:34 : Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic
- 10:34 : WinRAR 7.23 Fixes Heap Overflow Vulnerability that Leads to Application Crashes
- 10:34 : Medtronic Confirms Data Breach – Hackers Gained Access to Corporate IT Systems
- 10:34 : Multiple ClamAV Vulnerabilities Allow Remote Attacker to Cause a DoS Condition
- 10:34 : Browser-Only Ransomware Abuses Chrome File System Access API to Encrypt Android Photos
- 10:33 : CISA Warns of Microsoft SharePoint Server Code Execution Vulnerability Exploited in Attacks
- 10:7 : JetBrains Patches Critical Hub Authentication Bypass and Account Takeover Vulnerabilities
- 10:7 : Hackers Use Geofenced Webpages to Deliver Ousaban Banking Trojan in Spain and Portugal
- 10:7 : “We’ve struck a chord with the new partner programme”
- 10:7 : NCSC Shares Tips on How to Make a Pen Tester’s Job Harder
- 10:5 : IT Security News Hourly Summary 2026-07-02 12h : 9 posts
- 9:34 : ValleyRAT Uses RC4 Encryption, Donut Shellcode, and rundll32 Injection for Stealth
- 9:34 : FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
- 9:34 : AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
- 9:12 : Valar Atomics Works With Nvidia On Data Centre Pilot
- 9:11 : Meta Developing Plans To Sell AI Infrastructure
- 9:11 : Oxmiq Raises $35m To Develop Custom AI Tech Stack
- 9:11 : Apple Hide My Email Vulnerability Lets Attackers Reveal Users’ Real Email Addresses
- 9:11 : Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects
- 9:11 : Alleged Scattered Spider Member Extradited to US
- 8:34 : Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges
- 8:6 : JADEPUFFER Agentic Ransomware Uses LLM to Automate Database Extortion
- 8:5 : Critical Flaws Double as Elevation of Privilege Dominates the Cyber Threats – Analysis of Microsoft Vulnerabilities Report 2026
- 8:5 : Opera blocks ClickFix attacks with new clipboard protection feature
- 8:4 : New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
- 7:36 : Taiwan Detains Two Super Micro Staff In GPU Smuggling Probe
- 7:36 : Swedish Court Orders Google To Pay Klarna $2bn In Damages
- 7:35 : Under Pressure: Insights from the 2026 Exposure Gap Report
- 7:34 : How Attackers Weaponize AI
- 7:34 : Hide My Email bug shows real addresses, Fable 5 gets the greenlight, Microsoft Teams hits back on AI bots
- 7:6 : Anthropic Restores Access After US Restrictions Lifted
- 7:5 : ChocoPoC Campaign Abuses GitHub PoC Repositories to Steal Browser Credentials
- 7:5 : Hackers shoveled snow for company, were rewarded with network admin access
- 7:5 : IT Security News Hourly Summary 2026-07-02 09h : 5 posts
- 7:4 : SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
- 6:34 : The endpoint recovery gap many teams discover during an incident
- 6:5 : Royal Navy To Build Drone Warships
- 6:5 : LSHIY Password Spray Attack Hits Microsoft 365 Accounts With 81 Million Login Attempts
- 6:5 : Attackers Downgrade WDigest Protection to Dump Plaintext Credentials With Mimikatz
- 6:4 : Review: CTRL+ALT+PWN
- 5:37 : Critical Cursor IDE Flaws Let Attackers Execute Code via Zero-Click Prompt Injection
- 5:36 : Browser-Only Ransomware Uses File System Access API to Encrypt Files Without Malware Installation
- 5:34 : Catching ransomware on the wire before it locks the file server
- 5:9 : Scattered Spider Hacker Arrested in Finland and Extradited to U.S. Over Cyber Intrusion Charges
- 5:8 : FortiBleed Campaign Linked to INC and Lynx Ransomware Operations
- 5:8 : What the AI patch gap means for enterprise security
- 4:34 : CISA Warns of SimpleHelp Authentication Bypass Vulnerability Exploited in Attacks
- 4:34 : WhatsApp Username Reservations Go Live – What Are the Security Concerns for 2 Billion Users
- 4:34 : Alleged Scattered Spider Member Extradited to the US for His Role in Hacking 100+ Networks
- 4:33 : FortiBleed Password Stealing Attack Linked to INC and Lynx Ransomware Operations
- 4:33 : GitHub’s new tool helps prevent costly open-source license violations
- 2:6 : ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
- 23:34 : Healthcare Cybersecurity Threats Persist in 2026
- 23:4 : Code Injection in Perforce Helix Core (CVE-2026-6902)
- 22:6 : Claude Sonnet 5.0 heads straight down the middle of the road to dodge controversy
- 22:6 : EvilTokens device-code phishing kit totally more evil than we all thought
- 22:5 : IT Security News Hourly Summary 2026-07-02 00h : 3 posts
- 21:55 : IT Security News Daily Summary 2026-07-01