Two vulnerabilities in Anthropic’s Claude for Chrome extension could allow a malicious browser extension to trigger AI-driven actions affecting a victim’s Gmail, Google Docs, and Google Calendar data. These issues are still reproducible in Claude for Chrome version 1.0.801.0, released…
Americans are ignoring scam calls, but phishing emails still fool many
Americans are becoming more effective at avoiding spam calls and texts, but new research suggests that the strategy comes with an unexpected cost. A new survey of 1,000 Americans from privacy company Cloaked, revealed that two-thirds of respondents have missed…
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution. The vulnerabilities are listed below – CVE-2026-15409 (CVSS score: 10.0) –…
Russian Hackers Hijack Routers To Target Critical Infrastructure
Threat group attributed to Russia’s FSB security service actively seeking out poorly configured routers around world, researchers say This article has been indexed from Silicon UK Read the original article: Russian Hackers Hijack Routers To Target Critical Infrastructure
Notepad++ v8.9.7 Security Update Fixes 5 Vulnerabilities, Including Stack Buffer Overflow and Zip Slip Flaws
Notepad++ has released version 8.9.7, codenamed “Slava Ukraini.” This update addresses five security vulnerabilities related to session-file handling, environment-variable expansion, ZIP extraction, macro validation, and the Windows installation process. The release date was July 14, 2026, and includes three CVE-tracked…
Goose Creek – 6,574,121 breached accounts
In June 2026, a party claiming to have access to data from Goose Creek Candle Company sent emails to a number of the company’s customers, claiming the company had a security vulnerability and suffered a data breach. The data was…
Multiple Notepad++ Vulnerabilities Enable PowerShell Command Injection Attacks
Notepad++ v8.9.7 has been released with critical security fixes addressing multiple vulnerabilities, including a high-risk PowerShell command injection flaw that could enable arbitrary code execution during installation. The update resolves five distinct issues spanning path traversal, buffer overflow, and authentication…
Microsoft Active Directory Services 0-Day Vulnerability Actively Exploited in the Wild
Microsoft has released security updates for CVE-2026-56155, an actively exploited elevation-of-privilege vulnerability in Active Directory Federation Services (AD FS). This flaw allows an authenticated local attacker with low privileges to gain administrator-level access on affected systems. CVE-2026-56155 stems from insufficient…
SingGuard-NSFA: Open-source guardrails for agentic AI
SingGuard-NSFA is an open-source guardrail framework aimed at operational threats in agent workflows. Four models ship at 0.8B, 2B, 4B, and 9B parameters, all built on Qwen3.5 base backbones. Risk taxonomy The NSFA risk taxonomy organizes threats along the CIA…
Microsoft Patch Tuesday July 2026 – Record 570 Vulnerabilities Patched
In July 2026, Microsoft addressed a record total of 570 vulnerabilities, including three zero-days, two of which were exploited in the wild and one that was publicly disclosed. The release includes 59 Critical vulnerabilities, with Remote Code Execution (RCE) flaws…
Artlist ClickFix Campaign Uses Infostealer-Stolen WordPress Credentials to Deploy RAT Malware
A threat campaign discovered in mid-July 2026 abused the compromised Artlist subdomain new-blog. artlist[.]io to distribute a Remote Access Trojan through a fake CAPTCHA prompt. The operation combined stolen WordPress credentials, blockchain-based EtherHiding infrastructure, ClickFix social engineering, DLL side-loading, and…
SonicWall Issues Urgent SMA Patch Warning for Two Zero-Day Exploits
SonicWall SMA1000 zero-day vulnerabilities CVE-2026-15409 and CVE-2026-15410 can be exploited for remote code execution. The post SonicWall Issues Urgent SMA Patch Warning for Two Zero-Day Exploits appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
The MDR renewal question: What changes when AI can handle the alerts
For most of the past decade, the managed detection and response (MDR) decision was a simple one: teams that couldn’t staff a 24/7 SOC outsourced detection and response to a provider who could. It solved a resources problem, and the…
AI used to help plan the break-in, now it’s doing the break-in
Over the past twelve months, researchers documented intrusions in which AI ran exploitation workflows autonomously, generating thousands of commands across dozens of sessions with minimal human direction, according to Check Point’s AI Security Report 2026. AI-powered cyber attacks The attackers…
An AI overthinking attack can tie a robot up for over a minute
Robots that read the world through cameras now lean on large vision-language models to interpret what they see and decide what to do next. These models handle images and text together, so any words that fall inside the camera frame…
Windows BitLocker 0‑Day Vulnerability Allows Hackers to Bypass Security Feature
A newly disclosed Windows BitLocker 0‑day vulnerability, tracked as CVE-2026-50661, exposes encrypted devices to physical attacks that can completely undermine Microsoft’s disk encryption guarantees. The flaw, classified as a security feature bypass, stems from a protection mechanism failure in BitLocker’s…
Six Minutes to Compromise: How ‘Patriot Bait’ Actor Used AI to Build and Deploy a C&C Botnet
TrendAI™ Research analyzed over 200 Gemini CLI session logs showing how a Russian-speaking threat actor used AI to run a live botnet, finishing a full C&C migration in six minutes while doing just 11% of the work himself. This article…
ShareFile explained, healthcare in critical cyber condition and click fix tops malware charts
ShareFile emergency explained, a year of Salesforce breaches examined, healthcare cybersecurity in critical condition and click fix goes number one for malware. David Shipley covers Progress Software’s emergency ShareFile shutdown, now tied to a previously unknown high-severity path traversal flaw…
Recent DShield SIEM Update, (Tue, Jul 14th)
The last update to the DShield SIEM [4] was in Sep 2025 which contained some minor tweaks. This update currently is using ELK stack version 8.19.15, contains some additional dashboards and new logs. This article has been indexed from SANS…
ISC Stormcast For Wednesday, July 15th, 2026 https://isc.sans.edu/podcastdetail/10008, (Wed, Jul 15th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, July 15th, 2026…
ICYMI: June 2026 @AWS Security
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, new service capabilities, code samples, and workshops. AWS Security Blog posts This month’s AWS Security Blog…
Patch Tuesday security updates for July 2026, the largest update ever. 621 CVEs in one month
Patch Tuesday: Microsoft fixes a record 621 CVEs, including 2 exploited zero-days and critical flaws affecting SharePoint, RDP, Hyper-V, and AD FS. Microsoft’s July 2026 Patch Tuesday is, by a significant margin, the largest single-month security release in the company’s…
IT Security News Hourly Summary 2026-07-15 00h : 3 posts
3 posts were published in the last hour 21:57 : IT Security News Daily Summary 2026-07-14 21:9 : 12 Factor Framework for Building Secure and Compliant Cloud Applications 21:7 : Patchpocalypse Now: Microsoft tops last month’s record with 622 Patch…
IT Security News Daily Summary 2026-07-14
152 posts were published in the last hour 21:9 : 12 Factor Framework for Building Secure and Compliant Cloud Applications 21:7 : Patchpocalypse Now: Microsoft tops last month’s record with 622 Patch Tuesday CVEs 21:4 : Microsoft Patches Record 622…