Cyber Security
Cybersecurity
Nine-Nation Advisory Flags FSB Center 16 Router Attacks
Andrew Doyle
July 13, 2026
Cybersecurity agencies from nine countries issued a joint advisory on FSB Center 16 router attacks targeting energy, healthcare, and defense sectors globally.
Cybersecurity
Open Server Exposes Three Concurrent Evilginx M365 Operations
Andrew Doyle
July 13, 2026
French security firm Lexfo discovered three Evilginx M365 phishing campaigns after attackers left a Python HTTP server with directory listing exposed.
Application Security
CISA Adds Two CVSS 10.0 Joomla Extension Zero-Days to KEV
Gabby Lee
July 13, 2026
CISA added CVE-2026-48939 and CVE-2026-56291 to KEV with a same-day federal deadline after both Joomla extension zero-days were exploited before disclosure.
Application Security
Progress Orders ShareFile SZC Server Shutdown Over Security Threat
Mitchell Langley
July 13, 2026
Progress Software ordered ShareFile Storage Zone Controller customers to shut down internet-facing servers amid an undisclosed security threat investigation.
Cybersecurity
RedHook Android RAT Gains Shell Access via Wireless ADB Loopback
Gabby Lee
July 13, 2026
Group-IB analyzed a new RedHook Android RAT variant that gains shell-level access by turning the device into its own ADB client via loopback, without rooting.
Cybersecurity
Ryuk Ransomware Broker Pleads Guilty in $15M Bitcoin Theft Case
Mitchell Langley
July 13, 2026
Armenian national Karen Vardanyan pleaded guilty to enabling Ryuk ransomware attacks on U.S. organizations that yielded about 1,610 Bitcoin for the gang.
Application Security
Ghostcommit PNG Attack Tricks AI Code Reviewers into Leaking .env
Andrew Doyle
July 13, 2026
UMKC researchers demonstrated Ghostcommit, a PNG-based prompt injection attack that tricks AI code reviewers into exfiltrating .env secrets as code constants.
Application Security
Compromised jscrambler npm Package Drops Rust Infostealer on Devs
Mitchell Langley
July 13, 2026
An attacker compromised jscrambler's npm credentials and published five malicious versions dropping a Rust infostealer targeting cloud and AI credentials.
CVE Vulnerability Alerts
Binarly Finds Six U-Boot CVEs That Break Secure Boot on 50+ Firmware
Gabby Lee
July 13, 2026
Binarly disclosed six flaws in U-Boot's FIT signature verification subsystem, including two RCEs that bypass Secure Boot across more than 50 firmware releases.
Application Security
Google TAG Finds Critical Stored XSS in Zimbra Classic Web Client
Mitchell Langley
July 13, 2026
Google's Threat Analysis Group found a critical stored XSS flaw in the Zimbra Classic Web Client that allows mailbox takeover via a single crafted email.
Application Security
Australia’s ASD Warns of Active Campaign Exploiting 17 CMS CVEs
Mitchell Langley
July 13, 2026
Australia's Signals Directorate warned of an active global campaign scanning for 17 known CVEs across WordPress, Joomla, and other public-facing CMS platforms.
CVE Vulnerability Alerts
Microsoft Patches RoguePlanet Defender Zero-Day CVE-2026-50656
Andrew Doyle
July 10, 2026
Microsoft silently patched CVE-2026-50656 RoguePlanet via a Defender engine update, ending over three weeks of confirmed active SYSTEM privilege exploitation.
Application Security
GhostApproval: Symlink Flaw Lets Attackers Hijack AI Agent Approvals
Gabby Lee
July 10, 2026
Wiz Research's GhostApproval attack uses symlinks in cloned repositories to trick six AI coding agents into writing attacker SSH keys behind a fake approval dialog.
Cybersecurity
SCMBANKER Targets Mexican Banking With AI-Written PowerShell
Mitchell Langley
July 10, 2026
Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and hijack transfers.
Cybersecurity
China Bans Claude Code After CNVDB Backdoor Advisory
Mitchell Langley
July 10, 2026
China's CNVDB directed developers to uninstall three months of Claude Code versions, citing unauthorized data collection. Alibaba banned the tool for all employees.
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Mitchell Langley
July 10, 2026
Socket found 17 malicious npm and PyPI packages impersonating Paysafe, Skrill, and Neteller SDKs that stole AWS keys and payment credentials while returning fake success ...
Application Security
HalluSquatting Turns AI Package Hallucinations Into Botnet Traps
Gabby Lee
July 10, 2026
Tel Aviv University and Intuit documented HalluSquatting: AI coding tools hallucinate package names up to 100% of the time, which attackers preregister with malicious payloads.
Application Security
Chrome 150 Patches Two Critical Use-After-Free Flaws in Ozone, Views
Gabby Lee
July 10, 2026
Google released Chrome 150.0.7871.114/.115 patching 27 vulnerabilities including two critical use-after-free bugs in Ozone and Views.
Application Security
CMU Research: Copilot’s Safety Refusals Fail 100% in Workflow Mode
Andrew Doyle
July 10, 2026
Carnegie Mellon researchers found GitHub Copilot refuses harmful prompts 99% of the time in chat but produced harmful code in all 816 workflow-mode tests across ...
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
Mitchell Langley
July 10, 2026
AI Now Institute's Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded with strings from a legitimate ...
Application Security
Progress Orders ShareFile SZC Server Shutdown Over Security Threat
Mitchell Langley
July 13, 2026
Cybersecurity
Ryuk Ransomware Broker Pleads Guilty in $15M Bitcoin Theft Case
Mitchell Langley
July 13, 2026
Cybersecurity
DigitalMint Employee Sentenced for BlackCat Ransomware Conspiracy
Mitchell Langley
July 10, 2026
TOP CYBERSECURITY HEADLINES
Application Security
Progress Orders ShareFile SZC Server Shutdown Over Security Threat
Application Security
Ghostcommit PNG Attack Tricks AI Code Reviewers into Leaking .env
This Week’s Security Spotlight
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Mitchell Langley
July 10, 2026
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
Mitchell Langley
July 10, 2026
Cybersecurity
200 GitHub Repos Used as Dead Drop C2 Network for Windows Malware
Gabby Lee
July 10, 2026
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
Progress Orders ShareFile SZC Server Shutdown Over Security Threat
July 13, 2026
Progress Software ordered ShareFile Storage Zone Controller customers to shut down internet-facing servers amid an undisclosed security threat investigation.
RedHook Android RAT Gains Shell Access via Wireless ADB Loopback
July 13, 2026
Group-IB analyzed a new RedHook Android RAT variant that gains shell-level access by turning the device into its own ADB client via loopback, without rooting.
Ryuk Ransomware Broker Pleads Guilty in $15M Bitcoin Theft Case
July 13, 2026
Armenian national Karen Vardanyan pleaded guilty to enabling Ryuk ransomware attacks on U.S. organizations that yielded about 1,610 Bitcoin for the gang.
Ghostcommit PNG Attack Tricks AI Code Reviewers into Leaking .env
July 13, 2026
UMKC researchers demonstrated Ghostcommit, a PNG-based prompt injection attack that tricks AI code reviewers into exfiltrating .env secrets as code constants.
Compromised jscrambler npm Package Drops Rust Infostealer on Devs
July 13, 2026
An attacker compromised jscrambler's npm credentials and published five malicious versions dropping a Rust infostealer targeting cloud and AI credentials.
Binarly Finds Six U-Boot CVEs That Break Secure Boot on 50+ Firmware
July 13, 2026
Binarly disclosed six flaws in U-Boot's FIT signature verification subsystem, including two RCEs that bypass Secure Boot across more than 50 firmware releases.
Google TAG Finds Critical Stored XSS in Zimbra Classic Web Client
July 13, 2026
Google's Threat Analysis Group found a critical stored XSS flaw in the Zimbra Classic Web Client that allows mailbox takeover via a single crafted email.
Australia’s ASD Warns of Active Campaign Exploiting 17 CMS CVEs
July 13, 2026
Australia's Signals Directorate warned of an active global campaign scanning for 17 known CVEs across WordPress, Joomla, and other public-facing CMS platforms.
Microsoft Patches RoguePlanet Defender Zero-Day CVE-2026-50656
July 10, 2026
Microsoft silently patched CVE-2026-50656 RoguePlanet via a Defender engine update, ending over three weeks of confirmed active SYSTEM privilege exploitation.
GhostApproval: Symlink Flaw Lets Attackers Hijack AI Agent Approvals
July 10, 2026
Wiz Research's GhostApproval attack uses symlinks in cloned repositories to trick six AI coding agents into writing attacker SSH keys behind a fake approval dialog.
SCMBANKER Targets Mexican Banking With AI-Written PowerShell
July 10, 2026
Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and hijack transfers.
China Bans Claude Code After CNVDB Backdoor Advisory
July 10, 2026
China's CNVDB directed developers to uninstall three months of Claude Code versions, citing unauthorized data collection. Alibaba banned the tool for all employees.
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
July 10, 2026
Socket found 17 malicious npm and PyPI packages impersonating Paysafe, Skrill, and Neteller SDKs that stole AWS keys and payment credentials while returning fake success ...
HalluSquatting Turns AI Package Hallucinations Into Botnet Traps
July 10, 2026
Tel Aviv University and Intuit documented HalluSquatting: AI coding tools hallucinate package names up to 100% of the time, which attackers preregister with malicious payloads.
Chrome 150 Patches Two Critical Use-After-Free Flaws in Ozone, Views
July 10, 2026
Google released Chrome 150.0.7871.114/.115 patching 27 vulnerabilities including two critical use-after-free bugs in Ozone and Views.
CMU Research: Copilot’s Safety Refusals Fail 100% in Workflow Mode
July 10, 2026
Carnegie Mellon researchers found GitHub Copilot refuses harmful prompts 99% of the time in chat but produced harmful code in all 816 workflow-mode tests across ...
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
July 10, 2026
AI Now Institute's Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded with strings from a legitimate ...
DigitalMint Employee Sentenced for BlackCat Ransomware Conspiracy
July 10, 2026
A former DigitalMint employee received 70 months in prison for conspiring with BlackCat ransomware operators while posing as a trusted victim recovery advisor.
Ill Bloom Flaw Drained $3.1M by Breaking Wallet Seed Randomness
July 10, 2026
Coinspect disclosed Ill Bloom, a weak entropy flaw in cryptocurrency wallet seed phrase generation that let attackers drain $3.1 million from affected wallets.
Threat Actors Use Aged GitHub Accounts to Map Corporate Orgs
July 10, 2026
Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted attacks.






















