We have made real progress in software supply chain security, improving visibility into software components, authenticity and build integrity. Much of this progress traces back to Executive Order 14028, which pushed agencies, contractors and enterprises to invest in SBOMs, signing…
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabilities (KEV) catalog, following reports of zero-day exploitation in the wild. The vulnerabilities, both rated…
IT Security News Hourly Summary 2026-07-13 09h : 7 posts
7 posts were published in the last hour 6:32 : Exposed Server Unmasks Evilginx Operators Stealing Microsoft 365 Sessions and OAuth Tokens 6:32 : Jscrambler npm Supply Chain Attack Steals Cloud Credentials and Crypto Wallet Secrets 6:32 : Cynative: Open-source…
Exposed Server Unmasks Evilginx Operators Stealing Microsoft 365 Sessions and OAuth Tokens
A misconfigured server in Budapest exposed a live phishing operation built to bypass Microsoft 365 multi-factor authentication and retain access to compromised accounts. The server, hosted at 185.163.204[.]7185.163.204[.]7185.163.204[.]7, was running python3 -m http.server 8080 with directory listing enabled, making its…
Jscrambler npm Supply Chain Attack Steals Cloud Credentials and Crypto Wallet Secrets
A malicious actor compromised the Jscrambler npm package and published several trojanized versions that included a hidden, cross-platform credential-stealing payload. The attack targeted developers, build pipelines, and CI/CD systems, where npm installations could access source code, cloud credentials, deployment tokens,…
Cynative: Open-source deep research agent
Running a large language model against a live cloud account to hunt for security holes comes with an obvious hazard. An agent that holds real credentials and a mandate to poke around can delete a bucket, flip a permission, or…
FBI Disrupts Malicious Network Running On Android Set-Top Boxes
US agency seizes domains of Israel-based NetNut, works with companies to take down millions of bots running on TV streaming boxes This article has been indexed from Silicon UK Read the original article: FBI Disrupts Malicious Network Running On Android…
Operation Capsule Vault Uses Malicious ISO Files and Process Injection to Deliver RokRAT
Operation Capsule Vault began with spear-phishing emails sent on June 22, 2026, posing as notices distributing materials from a legitimate academic event. The lures referenced the “Why Wonsan-Kalma Tourism Now?” conference, held at Seoul COEX on June 12, and incorporated…
15 Best Free Cybersecurity Resources to Learn in 2026
By HOC Team | Last updated: July 2026 | Read time: ~18 min The biggest myth in cybersecurity education… The post 15 Best Free Cybersecurity Resources to Learn in 2026 appeared first on Hackers Online Club. This article has been indexed…
Microsoft demystifies how Windows updates work
Microsoft has published a guide explaining the Windows servicing model, outlining the purpose of monthly security updates, optional preview releases, hotpatch updates, and the mechanisms used to deliver new features throughout the year. “Most individuals and organizations regularly deploy monthly…
A hardware security AI assistant that checks chips for hidden backdoors
Chip designers license blocks of circuitry from outside vendors and drop them into larger products. A single processor can carry components from a range of suppliers, each written by a company the buyer may never deal with directly. A malicious…
Microsoft Tests AI-Powered Copilot Tool to Diagnose Windows 11 Performance Issues
Microsoft is gradually rolling out an optional Copilot feature called PC Insights, which provides the AI assistant with access to real-time information about Windows 11 hardware and performance. This feature, first reported by Windows Latest, is currently being tested with…
Citrix Unveils NetScaler MCP Gateway With Centralized Security for AI Agents
Citrix has introduced new NetScaler capabilities designed to secure and govern enterprise AI agents that use the Model Context Protocol (MCP). Announced on July, the NetScaler MCP Gateway provides a centralized entry point for AI agents connecting to approved MCP…
Microsoft Testing Copilot Feature That Shows What’s Slowing Down Your Windows 11 PC
Microsoft is quietly testing a new Copilot capability called “PC Insights” that lets the AI assistant analyze your Windows 11 machine’s hardware and pinpoint exactly what’s causing slowdowns. The feature is currently rolling out slowly in the United States and…
SpaceX and Starlink X Account Reportedly Compromised to Push Fake Crypto Coins
The official SpaceX and Starlink accounts on X appear to have briefly promoted a fraudulent cryptocurrency after being compromised, with the scam token subsequently “rug-pulled” on unsuspecting buyers. Multiple online reports indicate that an account calling itself “Sam Catman,” displaying…
99.9% of fixable AI vulnerabilities remain unpatched
Organizations build, deploy, and operate AI in the cloud, but basic cybersecurity hygiene is often sacrificed for speed, according to Orca Security’s 2026 State of AI Security Report. Building AI without security Fifty-six percent of AI adopters have deployed agent…
Someone Is Scanning for Your MCP Servers and AI Assistant Credentials, (Mon, Jul 13th)
The setup This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Someone Is Scanning for Your MCP Servers and AI Assistant Credentials, (Mon, Jul 13th)
Enterprises are rethinking where their AI applications run
Growing demand for compute capacity, power, cooling and low-latency connectivity is prompting organizations to reassess where AI applications run, according to CoreSite. Public cloud continues to support experimentation and rapid deployment, while colocation is increasingly used for workloads that require…
New GhostCommit Technique Hides Exploits in Images to Evade AI Code Reviewers
Researchers have revealed a technique called “GhostCommit,” which involves prompt injection by hiding malicious instructions within images included in pull requests. This technique has the potential to bypass text-only AI code reviewers and later manipulate coding agents into exposing repository…
ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, July 13th, 2026…
ShareFile shutdown, double-agent ransomware negotiator sentenced, Helix uses vishing
ShareFile shutdown order, a double-agent ransomware negotiator sentenced, and vishing crews raid SharePoint Progress Software ordered customers running ShareFile Storage Zone Controllers to shut down the Windows servers immediately amid a credible external threat, offering no CVE, threat details,…
Debian 13.6 security update patches over a hundred advisories in trixie
Most PCs still run with a UEFI Secure Boot certificate authority, installed by default since 2013, that has now expired. That certificate signed the bootloaders letting machines start with Secure Boot turned on. Its expiry sits at the center of…
Ryuk Ransomware Member Pleads Guilty Over Attacks on U.S. Organizations
An alleged Ryuk ransomware member pleaded guilty in the U.S. for helping deploy attacks on American companies and faces up to 15 years in prison. Armenian national Karen Serobovich Vardanyan (34) pleaded guilty in the U.S. for his role in…
IT Security News Hourly Summary 2026-07-13 00h : 2 posts
2 posts were published in the last hour 21:58 : IT Security News Weekly Summary 28 21:55 : IT Security News Daily Summary 2026-07-12