Cyber Security
Cybersecurity
SCMBANKER Targets Mexican Banking With AI-Written PowerShell
Mitchell Langley
July 10, 2026
Elastic Security Labs found REF6045 deploying SCMBANKER, an AI-written PowerShell toolkit that lets operators control Mexican banking sessions live and hijack transfers.
Cybersecurity
China Bans Claude Code After CNVDB Backdoor Advisory
Mitchell Langley
July 10, 2026
China's CNVDB directed developers to uninstall three months of Claude Code versions, citing unauthorized data collection. Alibaba banned the tool for all employees.
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Mitchell Langley
July 10, 2026
Socket found 17 malicious npm and PyPI packages impersonating Paysafe, Skrill, and Neteller SDKs that stole AWS keys and payment credentials while returning fake success ...
Application Security
HalluSquatting Turns AI Package Hallucinations Into Botnet Traps
Gabby Lee
July 10, 2026
Tel Aviv University and Intuit documented HalluSquatting: AI coding tools hallucinate package names up to 100% of the time, which attackers preregister with malicious payloads.
Application Security
Chrome 150 Patches Two Critical Use-After-Free Flaws in Ozone, Views
Gabby Lee
July 10, 2026
Google released Chrome 150.0.7871.114/.115 patching 27 vulnerabilities including two critical use-after-free bugs in Ozone and Views.
Application Security
CMU Research: Copilot’s Safety Refusals Fail 100% in Workflow Mode
Andrew Doyle
July 10, 2026
Carnegie Mellon researchers found GitHub Copilot refuses harmful prompts 99% of the time in chat but produced harmful code in all 816 workflow-mode tests across ...
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
Mitchell Langley
July 10, 2026
AI Now Institute's Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded with strings from a legitimate ...
Cybersecurity
DigitalMint Employee Sentenced for BlackCat Ransomware Conspiracy
Mitchell Langley
July 10, 2026
A former DigitalMint employee received 70 months in prison for conspiring with BlackCat ransomware operators while posing as a trusted victim recovery advisor.
Application Security
Ill Bloom Flaw Drained $3.1M by Breaking Wallet Seed Randomness
Gabby Lee
July 10, 2026
Coinspect disclosed Ill Bloom, a weak entropy flaw in cryptocurrency wallet seed phrase generation that let attackers drain $3.1 million from affected wallets.
Cybersecurity
Threat Actors Use Aged GitHub Accounts to Map Corporate Orgs
Gabby Lee
July 10, 2026
Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted attacks.
Cybersecurity
Microsoft Discloses GigaWiper: Disk Wiper Hidden Behind Fake Ransom
Andrew Doyle
July 10, 2026
Microsoft disclosed GigaWiper, a Windows backdoor combining a real disk wiper, fake ransomware encryption, and multi-pass file overwriting in a single payload.
Cybersecurity
GodDamn Ransomware Uses PoisonX Driver to Kill EDR Before Encrypting
Mitchell Langley
July 10, 2026
Symantec identified GodDamn ransomware using a kernel driver named PoisonX via the BYOVD technique to kill security software before file encryption begins.
Application Security
Injective Labs’ npm SDK Poisoned to Steal Crypto Wallet Credentials
Gabby Lee
July 10, 2026
Attackers compromised Injective Labs' repository and injected credential-stealing code into the authentic npm SDK packages used by DeFi blockchain developers.
Cybersecurity
Helix Group Uses Vishing and Device Code Flow to Steal SharePoint Data
Gabby Lee
July 10, 2026
New threat group Helix chains vishing with Microsoft's OAuth Device Code Flow to harvest M365 tokens and exfiltrate SharePoint data for corporate extortion.
Cybersecurity
Forg365 PhaaS Combines AiTM and Device Code Flow to Target M365
Mitchell Langley
July 10, 2026
Forg365 is a new phishing-as-a-service platform combining AiTM session hijacking and Device Code Flow abuse with AI-generated lures for mass targeting.
Cybersecurity
200 GitHub Repos Used as Dead Drop C2 Network for Windows Malware
Gabby Lee
July 10, 2026
Researchers exposed a network of 200 GitHub repositories serving as C2 dead drops for Windows malware, delivered via a malicious Go module and PowerShell chain.
CVE Vulnerability Alerts
Palo Alto Networks Patches 13 PAN-OS Flaws Including Auth Bypass
Mitchell Langley
July 10, 2026
Palo Alto Networks patched 13 PAN-OS vulnerabilities including buffer overflow, command injection, SSRF, and authentication bypass in its firewall platform.
Cybersecurity
NHS Forth Valley Employee Emails Maternity Data to Personal Account
Mitchell Langley
July 10, 2026
NHS Forth Valley disclosed a breach after a staff member emailed maternity patient data, including NHS numbers and pregnancy records, to a personal account.
Cybersecurity
EU Parliament Falls Short of Votes to Block Chat Control Return
Mitchell Langley
July 10, 2026
European Parliament voted 314-276 against EU Chat Control but fell short of the 360-seat absolute majority needed to block the message scanning law's return.
Application Security
OpenMandriva Linux Contributor Attempted Code Sabotage After Dispute
Mitchell Langley
July 10, 2026
OpenMandriva Linux caught a contributor sabotage attempt before production, disclosing the insider supply chain attack after an internal community dispute.
Cybersecurity
SCMBANKER Targets Mexican Banking With AI-Written PowerShell
Mitchell Langley
July 10, 2026
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Mitchell Langley
July 10, 2026
Cybersecurity
DigitalMint Employee Sentenced for BlackCat Ransomware Conspiracy
Mitchell Langley
July 10, 2026
Cybersecurity
GodDamn Ransomware Uses PoisonX Driver to Kill EDR Before Encrypting
Mitchell Langley
July 10, 2026
TOP CYBERSECURITY HEADLINES
Application Security
HalluSquatting Turns AI Package Hallucinations Into Botnet Traps
Application Security
Chrome 150 Patches Two Critical Use-After-Free Flaws in Ozone, Views
Application Security
CMU Research: Copilot’s Safety Refusals Fail 100% in Workflow Mode
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
This Week’s Security Spotlight
Application Security
Socket Finds 17 Malicious Payment SDKs Stealing AWS Keys via npm, PyPI
Mitchell Langley
July 10, 2026
Application Security
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
Mitchell Langley
July 10, 2026
Cybersecurity
200 GitHub Repos Used as Dead Drop C2 Network for Windows Malware
Gabby Lee
July 10, 2026
Cybersecurity
Cisco Talos Exposes UAT-7810 LONGLEASH Backdoor on Ruckus Routers
Mitchell Langley
July 8, 2026
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Featured Videos
Podcasts
Cyber Security News
- All
- Application Security
- Blog
- CVE Vulnerability Alerts
- Cybersecurity
- Cybersecurity Newsletter
- Data Security
- Endpoint Security
- Identity and Access Management
- Information Security
- Network Security
- News
- Phishing
- Podcasts
- Product Reviews
- Ransomware
- Ransomware Victims
- Resources
- Security Spotlight
- Sponsored
- Threat Actors
- Threat Actors
- Threat Detection Tools
HalluSquatting Turns AI Package Hallucinations Into Botnet Traps
July 10, 2026
Tel Aviv University and Intuit documented HalluSquatting: AI coding tools hallucinate package names up to 100% of the time, which attackers preregister with malicious payloads.
Chrome 150 Patches Two Critical Use-After-Free Flaws in Ozone, Views
July 10, 2026
Google released Chrome 150.0.7871.114/.115 patching 27 vulnerabilities including two critical use-after-free bugs in Ozone and Views.
CMU Research: Copilot’s Safety Refusals Fail 100% in Workflow Mode
July 10, 2026
Carnegie Mellon researchers found GitHub Copilot refuses harmful prompts 99% of the time in chat but produced harmful code in all 816 workflow-mode tests across ...
Friendly Fire PoC Turns Claude Code and Codex Into Malware Launchers
July 10, 2026
AI Now Institute's Friendly Fire PoC shows Claude Code and Codex in security-audit mode will execute disguised malware when seeded with strings from a legitimate ...
DigitalMint Employee Sentenced for BlackCat Ransomware Conspiracy
July 10, 2026
A former DigitalMint employee received 70 months in prison for conspiring with BlackCat ransomware operators while posing as a trusted victim recovery advisor.
Ill Bloom Flaw Drained $3.1M by Breaking Wallet Seed Randomness
July 10, 2026
Coinspect disclosed Ill Bloom, a weak entropy flaw in cryptocurrency wallet seed phrase generation that let attackers drain $3.1 million from affected wallets.
Threat Actors Use Aged GitHub Accounts to Map Corporate Orgs
July 10, 2026
Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted attacks.
Microsoft Discloses GigaWiper: Disk Wiper Hidden Behind Fake Ransom
July 10, 2026
Microsoft disclosed GigaWiper, a Windows backdoor combining a real disk wiper, fake ransomware encryption, and multi-pass file overwriting in a single payload.
GodDamn Ransomware Uses PoisonX Driver to Kill EDR Before Encrypting
July 10, 2026
Symantec identified GodDamn ransomware using a kernel driver named PoisonX via the BYOVD technique to kill security software before file encryption begins.
Injective Labs’ npm SDK Poisoned to Steal Crypto Wallet Credentials
July 10, 2026
Attackers compromised Injective Labs' repository and injected credential-stealing code into the authentic npm SDK packages used by DeFi blockchain developers.
Helix Group Uses Vishing and Device Code Flow to Steal SharePoint Data
July 10, 2026
New threat group Helix chains vishing with Microsoft's OAuth Device Code Flow to harvest M365 tokens and exfiltrate SharePoint data for corporate extortion.
Forg365 PhaaS Combines AiTM and Device Code Flow to Target M365
July 10, 2026
Forg365 is a new phishing-as-a-service platform combining AiTM session hijacking and Device Code Flow abuse with AI-generated lures for mass targeting.
200 GitHub Repos Used as Dead Drop C2 Network for Windows Malware
July 10, 2026
Researchers exposed a network of 200 GitHub repositories serving as C2 dead drops for Windows malware, delivered via a malicious Go module and PowerShell chain.
Palo Alto Networks Patches 13 PAN-OS Flaws Including Auth Bypass
July 10, 2026
Palo Alto Networks patched 13 PAN-OS vulnerabilities including buffer overflow, command injection, SSRF, and authentication bypass in its firewall platform.
NHS Forth Valley Employee Emails Maternity Data to Personal Account
July 10, 2026
NHS Forth Valley disclosed a breach after a staff member emailed maternity patient data, including NHS numbers and pregnancy records, to a personal account.
EU Parliament Falls Short of Votes to Block Chat Control Return
July 10, 2026
European Parliament voted 314-276 against EU Chat Control but fell short of the 360-seat absolute majority needed to block the message scanning law's return.
OpenMandriva Linux Contributor Attempted Code Sabotage After Dispute
July 10, 2026
OpenMandriva Linux caught a contributor sabotage attempt before production, disclosing the insider supply chain attack after an internal community dispute.
Seven FatFs Flaws Threaten Cameras, Drones, and Crypto Wallets
July 10, 2026
runZero disclosed seven unpatched vulnerabilities in the FatFs filesystem library affecting hundreds of millions of IoT devices, drones, and hardware wallets.
Microsoft Warns AI Tools Will Accelerate Windows Patch Volumes
July 10, 2026
Microsoft warned enterprises that its AI-assisted vulnerability discovery tools will produce higher Windows patch volumes and more frequent out-of-band updates.
IPNetwork Monitor Adds Native PostgreSQL Monitoring and One-Click Zabbix Import to Its Self-Hosted Platform
July 10, 2026
IPNetwork Monitor LLC has released a major update to its self-hosted network and server monitoring platform, adding native PostgreSQL database monitoring, a simplified way to ...





















