Unauthenticated attackers could obtain the broker’s confidential OAuth client secret, allowing them to take control of the broker. The post RabbitMQ Vulnerability Threatens Enterprise Systems appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers
A “credible external security threat” targeting Progress Software’s ShareFile Storage Zone Controllers (SZC) – the on-premises, customer-managed server components where organizations store files shared via this popular enterprise platform – has spurred the company to disable access to ShareFile accounts…
Siggen Backdoor Hits Windows Developers Via Infected Visual Studio Projects
Dr.Web details Siggen Windows backdoor that uses Steam for C2, steals credentials and crypto data and infects Visual Studio projects to spread among developers. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read…
AI Data Centers and the Concentration of Wealth
This essay was written with Nathan E. Sanders, and originally appeared in The Guardian. Opposition to AI data centers has emerged as a primary theme in US politics, one that—surprisingly—doesn’t fall along party lines. We applaud people coming together for…
Fake crypto gift card sites are getting harder to spot
Scam crypto gift card stores look almost identical to the real thing. One wrong click can leave you with no card and no way to get your money back. This article has been indexed from Malwarebytes Read the original article:…
BusySnake Stealer Uses Reverse SSH Tunnels and AI-Generated Loaders to Evade Detection
Armored Likho, a previously undocumented threat group also tracked as Eagle Werewolf based on circumstantial evidence, is targeting government institutions and electric-power organizations across Russia, Brazil, and Kazakhstan with a new Python-based infostealer named BusySnake. The group’s activity reflects an…
Debian 13.6 Released With Security Updates for Linux, Apache, Curl, QEMU, and More
The Debian Project has released Debian 13.6, the sixth point update for its stable Debian 13 “trixie” distribution. This update, released on July 11, 2026, includes a collection of security fixes, critical bug corrections, and updated installation images. It does…
Armored Likho APT Uses AI-Generated Loaders to Deploy BusySnake Stealer Against Government Targets
Armored Likho has launched a phishing campaign that uses AI-generated loaders to deploy the newly identified BusySnake Stealer. The operation has targeted government agencies and electrical power organizations, putting sensitive public-sector data and essential services at risk. Confirmed victims span…
VEXAIoT Multi-Agent System Automates IoT Reconnaissance and Exploit Execution
Security researchers have introduced VEXAIoT, an AI-powered multi-agent framework designed to automate vulnerability discovery and exploit execution against Internet of Things environments. The research shows how large language model agents can coordinate reconnaissance, attack planning, command generation, and result validation…
Critical WordPress Plugin Vulnerability Allows Attackers to Gain Full Control Over Website
A critical security vulnerability has been discovered in the widely used WordPress OAuth Single Sign–On (SSO (OAuth Client) plugin developed by miniOrange, exposing millions of WordPress websites to complete takeover by unauthenticated remote attackers. The flaw, tracked as CVE-2026-57807, carries…
Russian State Hackers Target Vulnerable Routers Worldwide, Joint Advisory Warns
Cybersecurity agencies from 12 countries have warned that Russian state-backed hackers are actively targeting vulnerable routers using weak SNMP credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian State Hackers Target Vulnerable Routers Worldwide, Joint Advisory…
Progress orders emergency ShareFile server shutdown over mystery security threat
Vendor insists there’s no evidence of unauthorized access, but it’s asking customers to take one of the most drastic precautions available This article has been indexed from www.theregister.com – Articles Read the original article: Progress orders emergency ShareFile server shutdown…
A Leak of San Francisco Police Drone Footage Exposes the New Reality of Urban Surveillance
The SFPD’s exposure of hours of videos from drone platform Skydio reveals how broadly it’s watching the city from above—and how the results can spill online. This article has been indexed from Security Latest Read the original article: A Leak…
EU Targets Russian Intelligence Officers Accused of Running a Yearslong Cyber Spying Campaign
The move targeted people and entities accused of links to an online spying network that the EU claims targeted governments and carried out sabotage operations against critical infrastructure. The post EU Targets Russian Intelligence Officers Accused of Running a Yearslong…
Zimbra Patches Critical Code Execution Vulnerability
The flaw results in malicious code embedded in crafted emails being executed when the emails are opened. The post Zimbra Patches Critical Code Execution Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Dutch Nationals Suspected in Odido Hack That Exposed Six Million Customers
Dutch police suspect local hackers behind the Odido breach that exposed 6M customers after a phishing attack and seek public help identifying them. Dutch police have identified strong indications that Dutch nationals were involved in the February 2026 cyberattack on…
SpyGlace Attacks Abuse Trusted Developer Services to Evade Network Detection
SpyGlace has returned in a campaign that hides malicious activity behind online services many companies trust. The operation, linked to APT-C-60, uses spear-phishing emails to steer victims toward a booby-trapped archive and then installs malware through a chain of ordinary…
Anthropic Extends Claude Fable 5 Access From July 12 to July 19
Anthropic has extended promotional access to Claude Fable 5 until July 19, 2026, giving eligible paid subscribers more time to use the company’s newest AI model at no additional charge. The offer was previously scheduled to end earlier. However, Anthropic…
Hackers Compromised jscrambler With 15,800+ Weekly Downloads to Attack Developers
A supply chain attack on the jscrambler npm package, a JavaScript code-protection tool with over 15,800 weekly downloads, involved malicious versions that silently deployed native malware on Linux, macOS, and Windows systems. Socket Research Team detected the first malicious release,…
IT Security News Hourly Summary 2026-07-13 12h : 7 posts
7 posts were published in the last hour 9:40 : Organizations Warned of Exploited Joomla Extension Vulnerabilities 9:38 : Claude Code users keep 50% higher limits until July 19 9:36 : FastNetMon eliminates third-party bgp lookups with Netomics 9:34 :…
Organizations Warned of Exploited Joomla Extension Vulnerabilities
Threat actors have been targeting Balbooa Forms and iCagenda Joomla extension flaws for remote code execution. The post Organizations Warned of Exploited Joomla Extension Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Claude Code users keep 50% higher limits until July 19
Anthropic has extended a limited-time promotion that increases weekly usage limits in Claude Code by 50% through July 19, 2026, at 11:59 PM PT. When the promotion ends, weekly usage limits will return to their standard levels without any changes…
FastNetMon eliminates third-party bgp lookups with Netomics
FastNetMon is introducing Netomics, a self-hosted BGP routing intelligence platform that combines live routing data, registry information, RPKI validation, routing history and AI-assisted querying into a single application. Built for internet service providers (ISPs), cloud providers, Internet Exchange Points (IXPs)…
Hacker Extradited from Ukraine Pleads Guilty to Ryuk Ransomware Charges
An Armenian man has pleaded guilty to his role in the infamous Ryuk ransomware operation This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacker Extradited from Ukraine Pleads Guilty to Ryuk Ransomware Charges