07Jul 2026

호주 정보기관 “사이버 공격, 생명 위협 수준”…핵심 인프라 침투 포착

한국의 국정원과 유사한 역할을 하는 호주보안정보기구(Australia’s Security and Intelligence Organisation, ASIO)가 국가 핵심 기반시설 운영기관의 네트워크를 겨냥한 사이버 공격을 적발했다. ASIO의 사무총장 마이크 버지스(Mike Burgess)는 특정 국가 지원을 받는 해킹 조직이 해당 네트워크에 침투해 시스템 파괴를 준비하고 있었다고 밝혔다. 국가 핵심 기반시설을 노린 이 같은 사이버 위협은 호주만의 문제가 아니다. 다른 국가들도 동일한 위협에 직면해 […]

07Jul 2026

개인정보는 지켰지만 AI는 놓쳤다…GDPR 10년, 유럽 AI 주권의 딜레마

GDPR(General Data Protection Regulation, 일반개인정보보호법)이 시행된 지 10년이 지났지만, 이에 대한 평가는 엇갈린다. 유럽은 물론 세계 각국의 기업에서 개인정보 보호 체계는 이전보다 훨씬 확고하게 자리 잡았다. 반면 기업들은 늘어나는 행정 절차와 법적 불확실성, 경쟁력 저하 등을 이유로 GDPR에 여전히 비판적인 시각을 보이고 있다. 개인정보 보호 측면에서 보면 GDPR은 분명 성공적인 제도로 평가된다. 독일 IT산업협회 비트콤(Bitkom)이 […]

07Jul 2026

With AI, a wrong answer is a bug. A wrong action is an incident

A copilot that gives a wrong answer is a quality problem. An AI agent that takes a wrong action is an incident, sometimes a reportable one. That single difference is most of the story of where banking AI security is heading, and most banks’ current controls were built for the first kind of problem, not […]

07Jul 2026

Modernizing legacy IT with AI without triggering regulatory risk

AI is accelerating modernization projects that previously required months of analysis. But in highly regulated organizations, an uncomfortable reality quickly emerges: The risk is no longer in converting the code, but in demonstrating that the new version still does exactly what the old one did. Almost every management committee has made the same decision this […]

07Jul 2026

Build or buy? Smart CIOs know the answer for AI talent

The key ingredient for successful AI deployment is largely becoming the talent available, not the AI tools installed, putting pressure on IT leaders to upskill their workforces. With AI skills both the highest in demand and the hardest to hire for, many IT leaders and their C-suite colleagues are rolling out comprehensive AI training programs […]

07Jul 2026

The data reckoning: How exponential growth is rewriting the rules of cost, risk and AI

Something structural is happening to enterprise data and most organizations are only beginning to fully understand. Data volumes are growing faster than any original assumptions about how to store, govern and extract value from information. At the same time, the cost of getting it wrong is rising sharply: inflated infrastructure spend, expanding cyber exposure and […]

07Jul 2026

Envirotech Vehicles Closes Merger with Azio AI Ahead of Schedule, Positioning Combined Company to Capture $487 Billion 2026 AI Infrastructure Opportunity

Revised transaction structure enables immediate closing, accelerating the Company’s strategic pivot toward AI data centers, enterprise GPU compute, and digital power infrastructure. Envirotech Vehicles, Inc. (NASDAQ: EVTV) (“EVTV” or the “Company”) today announced the successful completion of its merger with Azio AI Corporation (“Azio AI”) on July 2, 2026, paving the way for the Company […]

07Jul 2026

Preparing for infrastructure constraints, from memory shortages to power limits

Historically, infrastructure planning followed a predictable script. CIOs balanced budgets, refresh cycles and procurement approvals and when demand spiked, the solution was straightforward — find the funding and scale up. The only real constraint was budget. Today, the biggest constraints aren’t sitting in spreadsheets; they’re rooted in physical reality. High-bandwidth memory is in short supply. […]

07Jul 2026

Rubén Andrés Priego (Singular Bank): “En la banca del futuro no competiremos por la experiencia de usuario sino por la del agente [de IA]”

> allowfullscreen> Conocido sobre todo por sus servicios como “boutique de inversión”, el banco Singular Bank, nacido en el año 2020 gracias al impulso del exconsejero delegado del Banco Santander Javier Marín Romano, después de adquirir y transformar la estructura del antiguo banco digital Self Bank, es en la actualidad una entidad con más de […]

07Jul 2026

Tether believes intelligence should not be a service people rent

The world is advancing toward a future in which over 10 billion humans coexist with trillions of autonomous agents in a superintelligent universe. However, the cloud-hosted systems that currently dominate AI’s operational models lack the architectural elasticity to support this growing demand for compute resources. Championed by managed GPU Clusters and centralized data centers, cloud […]

07Jul 2026

Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments

Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web. The post Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments appeared first on SecurityWeek.

07Jul 2026

Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability

Organizations are urged to patch after proof-of-concept code makes the Linux root escalation flaw easier to exploit. The post Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability appeared first on SecurityWeek.

07Jul 2026

North Korean Hackers Target Open Source Developers in Supply Chain Attacks 

The PolinRider campaign has compromised more than 100 legitimate open source packages and repositories to deliver a backdoor and information stealer to developers. The post North Korean Hackers Target Open Source Developers in Supply Chain Attacks  appeared first on SecurityWeek.

07Jul 2026

Armored Likho APT Targeting Government, Electric Power Entities

The threat actor uses modular RATs and information stealers in financially motivated and cyber espionage campaigns. The post Armored Likho APT Targeting Government, Electric Power Entities appeared first on SecurityWeek.

07Jul 2026

The Shift Toward Business-Aligned Risk Management

Moving from isolated, technical data to a continuous risk lifecycle can help organizations align security controls with actual business consequences. The post The Shift Toward Business-Aligned Risk Management appeared first on SecurityWeek.

07Jul 2026

Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks

Securonix says the sophisticated framework abuses compromised websites, Blogspot, PowerShell, and fileless techniques to evade detection and deploy the PureLog information stealer. The post Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks appeared first on SecurityWeek.

07Jul 2026

Keyfactor Scores $1 Billion+ Investment for AI, Post-Quantum Security

The investment will accelerate Keyfactor’s machine identity, PKI, and cryptographic security platform as enterprises prepare for AI-driven and post-quantum threats. The post Keyfactor Scores $1 Billion+ Investment for AI, Post-Quantum Security appeared first on SecurityWeek.

07Jul 2026

Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems

The 16-year-old Januscape flaw affects Linux’s KVM hypervisor, allowing attackers to escape virtual machines and potentially execute code on the underlying host. The post Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems appeared first on SecurityWeek.

07Jul 2026

Why The Gentlemen ransomware is a test of identity and recovery controls

The Gentlemen ransomware underscores a challenge many CISOs face: stopping attackers after they gain an initial foothold. Researchers say the malware can spread across enterprise networks using legitimate Windows management tools while simultaneously attempting to weaken security and recovery systems. A report from Picus Security shows the malware combines self-propagation with the abuse of trusted […]

07Jul 2026

Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities

A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign. The activity involves the exploitation of now-patched, critical security flaws in the open-source email solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon credentials,

07Jul 2026

The modern CISO is becoming the next CFO

At some point, every security leader gets asked a version of the same question: Are we good? It tends to arrive when something is at stake and the person asking needs to know they can rely on the answer. I learned what that question really means at a firm I was with earlier in my […]

07Jul 2026

CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices’ web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday. “An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process

07Jul 2026

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices. The vulnerabilities are listed below – CVE-2026-40138 (CVSS score: 9.2) – A pre-authentication vulnerability exists in the

07Jul 2026

Insignary Closes SBOM Accuracy Gap With Binary-Level Clarity for Regulatory Risk

Most software composition analysis tools read what developers declare. Insignary Clarity’s patented binary-first platform analyzes what is actually built, shipped, and deployed — including the open-source components that never appear in any manifest. Insignary, Inc., whose patented binary fingerprint technology has been cited in four Gartner research reports, today announced its recognition as a Sample […]

07Jul 2026

ISC Stormcast For Tuesday, July 7th, 2026 https://isc.sans.edu/podcastdetail/9996, (Tue, Jul 7th)

Post Content

07Jul 2026

Zscaler finds autonomous agents succumb to IPI traps

In a test of major LLMs, Zscaler found that some autonomous AI agents fell victim to frauds, reinforcing how easily some high-end enterprise agents can be conned by schemes that would fool few, if any, humans. The security vendor looked at various forms of indirect prompt injection (IPI) traps and found that, whereas many models […]

06Jul 2026

The “Anonymous” Tip System That Wasn’t: Three Months Later, Why Hasn’t Navigate360 Notified Anyone?

Trigger Warning: This post includes content from tips submitted to anonymous tiplines by or about students. While identity information is redacted, tips may include obscenities and explicit references to sexual abuse, rape, assault, self-harm, violence, suicidal ideation, pornography, and pedophilia.  Overview On March 18, 2026, DDoSecrets and Straight Arrow News reported on a dataset provided… […]

06Jul 2026

26-00131.pdf

26-00131.pdf Anonymous (not verified) Mon, 07/06/2026 – 18:50 Case ID 26-00131 Forum FINRA Document Type Award Claimants Jerry Shi Respondents Robinhood Securities, LLC Neutrals Thomas P. Valenti Hearing Site Chicago, IL Award Document 26-00131.pdf Documentum DocID 073ae551 Award Date Official Mon, 07/06/2026 – 12:00 Related Content Off Claimant Representatives Jerry Shi Respondent Representatives Dominick F. […]

06Jul 2026

2024084471901 Kim Thien Tran CRD 5575725 AWC lp.pdf

2024084471901 Kim Thien Tran CRD 5575725 AWC lp.pdf Anonymous (not verified) Mon, 07/06/2026 – 16:25 Case ID 2024084471901 Document Number 08837a8e Document Type AWCs (Letters of Acceptance, Waiver, and Consent) Individuals Kim Thien Tran Action Date Thu, 07/02/2026 – 12:00 Related Content Off Attachment 2024084471901 Kim Thien Tran CRD 5575725 AWC lp.pdf Individual CRD 5575725

06Jul 2026

25-00364(2).pdf

25-00364(2).pdf Anonymous (not verified) Mon, 07/06/2026 – 16:10 Case ID 25-00364 Forum FINRA Document Type Motion to Vacate Claimants Steven Seid Respondents Touchstone Securities, Inc. Neutrals Ronald Chun Gary Kostow Anthony Knight Hearing Site San Francisco, CA Award Document 25-00364(2).pdf Documentum DocID 412515fa Award Date Official Wed, 06/03/2026 – 12:00 Related Content On Claimant Representatives […]

06Jul 2026

25-01900.pdf

25-01900.pdf Anonymous (not verified) Mon, 07/06/2026 – 16:05 Case ID 25-01900 Forum FINRA Document Type Award Claimants Ralph Courtland Respondents Wells Fargo Clearing Services, LLC Neutrals John P. Cullem Michael S. Jordan David A. Schuler Hearing Site Jersey City, NJ Award Document 25-01900.pdf Documentum DocID 09cfa9f7 Award Date Official Mon, 07/06/2026 – 12:00 Related Content […]

06Jul 2026

25-02186.pdf

25-02186.pdf Anonymous (not verified) Mon, 07/06/2026 – 16:05 Case ID 25-02186 Forum FINRA Document Type Award Claimants Elizabeth McMullen Respondents Yvonne Kelly Neutrals Karimu F. Hill-Harvey Elizabeth A. Townes Shawn Joseph Barko Hearing Site Tampa, FL Award Document 25-02186.pdf Documentum DocID e7b4ba64 Award Date Official Mon, 07/06/2026 – 12:00 Related Content Off Claimant Representatives Elizabeth […]

06Jul 2026

AIへの依存が、社員の思考力を奪っている?

生成AIは、その可能性とは裏腹に、大量の粗雑なコンテンツを生み出している。それでも社員はこの「ワーク・スロップ(workslop:質の低い作業成果物)」に依存しつつあり、これが怠惰さ、低い生産性、品質管理の崩壊を招き、信頼性が損なわれていくとHarvard Business Reviewのブログは警告する。専門家は、手遅れになる前に企業が今すぐ行動するよう求めている。 「スロピフィケーション(slopification:粗雑化)がビジネスプロセス全体でスケールかつ連鎖的に起きると、そのプロセス自体とアウトプットが劣化し始める。やがて人々は自分の仕事を支えるプロセスへの信頼を失い始める」とオックスフォード大学サイードビジネススクール教授のMatthias Holweg氏とアナリストのThomas H. Davenport氏は書く。彼らはこの組織レベルの現象を「ナレッジ・デケイ(knowledge decay:知識の劣化)」と呼ぶ。 3つの主な課題——検証、妥当性確認、エントロピー Holweg氏とDavenport氏は、職場でのAI生成コンテンツに関してナレッジ・デケイを防ぐための3つのポイントを挙げる。 第一のポイントは「検証(Verification)」だ。 人間が作成した本物のコンテンツと、誤りを含む可能性のあるAI生成コンテンツを「切り離す」ことだ。これは批判的思考と追加調査が必要になるため、時間がかかる。多くの場合、その労力がAI活用で得られた効率を相殺する。 採用を例に取ると、候補者はAIで履歴書を書くだけでなく、AIのランキングアルゴリズムに最適化されたプロンプトで上位に浮上させる。さらに、面接でも隠れてAIを使ってリアルタイムで回答を生成するケースまである。こうした候補者は組織に不適合な人材である可能性がある。その結果、採用担当者はAIが使えないオンサイト面接に多くの時間を割かざるを得なくなる。 第二のポイントは「妥当性確認(Validation)」だ。 AIをワークフローで使う場合に、人間がどこでどう本当の価値を提供したかを確認することだ。たとえばコンサルティング会社はAIで標準的なレポートやスライドを簡単に作成できるが、クライアントが対価を払っているのは人間の専門的な洞察だ。「人間の専門家は今や、提出物の品質だけでなく、実際に人間の知的作業がそれを生み出したことも正当化しなければならない」と両氏は強調する。 第三のポイントは「知識エントロピー(Knowledge Entropy)」だ。 知識がAIを何度も繰り返し通過するにつれ、最初に作成された「真実のデータ」から遠ざかっていく——「AIベースの伝言ゲーム」のリスクだ。LLMは確率的で「コンテキスト非依存」の統計モデルであり、「事実や真実の概念を持たず、最も可能性の高いアウトプットを予測するだけだ」と両氏は書く。さらにLLMが他のモデルが生成した合成データで学習されると、そのデータがモデルを繰り返し通過することで精度と多様性に影響を与える。これはモデル崩壊(または、生成的近親交配)と呼ばれる。 企業が今すぐ取れる対策 両氏は、モデルの設計方法と使用に関する明示的なルールの両面で「根本的な転換」を主張する。最初の、そして最も難しいステップの一つは、社員のAI利用を制限することだ——真に価値を生む場面にのみ適用すべきだと両氏はアドバイスする。 たとえば採用で、候補者が自由に履歴書を作れる場合、生成AIで「最適化」するのは必至だ。ナレッジ・デケイを防ぐために、採用担当者はAIが生成できない事実に基づく回答を求める構造化文書に依拠すべきだ——特定の役職、完了したプロジェクト、関わったチームメンバー、担当サプライヤー、管理した予算などを聞く形式だ。 生成AIの利用が許可される、または避けられない場合、組織はどんな価値が付加されているかを定義し、その影響を明確にすべきだ。「コンテンツをすべて人間が作る必要はないが、AIを使うなら、なぜ、どのように使うかを明確にする」と両氏は書く。 アーキテクチャの観点では、構造化データと非構造化データの両方の履歴を追跡し、「真実のデータ」情報を理解することが重要だ。顧客インタビューなどの素材は重要な事実、感情、コンテキストを提供する——AIがそれを変更・要約した場合、元のデータを特定・記録し、検証可能な本物のコンテンツに立ち返れるようにしておく必要がある。 両氏は、汎用的でエラーを多く含むパブリックLLMは「ほとんど実質的な価値を加えない」と指摘する。一方、企業固有データで学習された小規模言語モデル(SLM)や独自モデルは人間の仕事を補完できる。「生成AIの野放しの普及に対処しなければ、50年前に企業のコンピューター導入時に起きた『生産性パラドックス』——技術投資が増えても生産性が上がらない現象——を繰り返すことになる」と両氏は警告する。 「人的資本」と「トークン資本」の融合 MicrosoftのCEO、Satya Nadella氏は人間とAIの最善を組み合わせるアプローチを「ヒューマンキャピタル(人的資本)」と「トークンキャピタル(トークン資本)」の組み合わせと表現する。前者は人間の「知識、判断力、人間関係、独創性、パターン認識」であり、後者は構築・所有されたAIの能力だ。機会はその二つを学習ループの中で融合させることにある。 このループでは、人間がAIシステムを導き、目標を設定し、パターンを特定することでAIが「空回り」しないようにする。社内評価により企業独自のベンチマークに対してAIが改善しているかを判断でき、「クエリ可能な」制度的記憶を作り出し、トークンの使用を減らしてコストを節約できる。「改善されたワークフローはすべてより良いトレーニングシグナルを生み、企業固有の暗黙知の蓄積を加速させる」とNadella氏は述べている。

06Jul 2026

El éxito de la IA depende de la preparación de la plantilla

La adopción de la IA en las empresas está superando la preparación de la plantilla, según un nuevo estudio de Kyndryl, que revela que solo el 23% de los directivos cree que sus organizaciones están preparadas para implementar la IA a gran escala. El informe desvela que el 57% de las organizaciones ha implantado la […]

06Jul 2026

Why AI agents will make your governance playbook obsolete

Large Australian banks have started implementing agentic AI at scale this year. The same is happening across the country’s larger enterprises. These are not pilots, but production systems that are the tip of a global trend. Research company Gartner expects 40% of enterprises to embed AI agents in applications by the end of 2026, up […]

06Jul 2026

채용·출장비 줄인 SAP, AI 투자 재원 확보 나서

SAP가 AI 전환에 필요한 재원을 마련하기 위해 채용과 출장 비용을 줄인다. 블룸버그에 따르면 SAP는 최근 사내 이메일을 통해 “장기적인 성공에 핵심적인 AI 직무를 중심으로 일부 직군에 한해서만 신규 채용을 진행할 것”이라고 직원들에게 공지했다. 또 AI 개발과 직접 관련된 경우를 제외한 내부 출장을 중단하고, 협력업체 관련 비용을 포함한 다른 지출을 줄이는 방안도 검토하고 있다고 밝혔다. SAP […]

06Jul 2026

벤더 종속 vs 빠른 구축…MS·AWS FDE 도입 전 따져볼 것들

시스템 통합(Systems Integrator, SI)은 수십 년 동안 IT 프로젝트의 핵심 파트너 역할을 맡아왔다. 컨설팅 서비스를 제공하는 것은 물론, 기업이 다양한 기술을 구축하고 도입할 수 있도록 지원해 왔다. 그러나 기업들이 에이전틱 AI 도입에 본격적으로 나서면서 주요 LLM 공급업체들도 이 시장에 직접 뛰어들고 있다. 대표적인 사례가 FDE(Forward Deployed Engineer) 서비스다. AI 전문가를 고객 조직에 직접 배치해 AI […]

06Jul 2026

시스코, 사내 AI 비서로 ‘섀도 AI’ 차단…직원당 주 5~6시간 업무 절감

챗GPT의 등장 이후 기업들은 생성형 AI를 디지털 비서로 활용해 조직 전반의 생산성을 높이는 방안을 적극적으로 모색해 왔다. 이러한 흐름에서 네트워크 기업 시스코는 가장 앞선 행보를 보여온 기업 가운데 하나다. 시스코 최고 자동화 책임자(Chief Automation Officer, CAO) 스리니 나미네니(Srini Namineni)는 사내 AI 비서의 아이디어가 2022년 말과 2023년 초 챗GPT(ChatGPT)를 비롯한 소비자용 AI 서비스가 등장하면서 시작됐다고 설명했다. […]

06Jul 2026

AI doesn’t eliminate inefficiency. It amplifies it

Over the past two years, I have spent a significant amount of time discussing artificial intelligence with technology leaders, business executives and teams across my own organization. Most conversations begin with questions about the use cases, tools, governance and return on investment. Leaders want to know which technologies are creating the most value, where to […]

06Jul 2026

Playing to win at the AI casino

Most executives approach AI cautiously, like people trying to stretch one bankroll across an entire night on the casino floor. They spread their chips, hedge every move, celebrate the occasional small win, and tell themselves they played wisely because they didn’t lose much. It feels disciplined and responsible. But in a market shifting this quickly, […]

06Jul 2026

6 new rules of IT leadership — and what they replace

AI is changing how work gets done and who does it — at all levels of the organization. That means it’s also changing how executives do their jobs and how they need to lead, as execs are now being asked to use AI to reimagine their organizations and navigate the uncertainties that go with that […]

06Jul 2026

Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations. The activity, which has primarily singled out IT providers and government sectors, has been attributed to a threat cluster tracked by Check Point Research

06Jul 2026

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it. Dubbed ‘Januscape’ and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the […]

06Jul 2026

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform trusting the “X-WEBAUTH-USER” header from any source IP address, effectively allowing an unauthenticated internet client to get […]

06Jul 2026

The agentic blind spots in your zero trust program

Stephen Wilson, field chief technology officer for HashiCorp, an IBM company, likens AI agents to “really smart kindergartners.” “They know how to do something, but they have no clue as to why they should do it,” Wilson says. This combination of superior execution power and lack of judgment can create a significant challenge for organizations […]

06Jul 2026

Identity: The operational control plane for agentic AI

Existing security controls weren’t designed for AI agents. Static credentials and standing privileges aren’t sufficient for an emerging model where organizations need to rapidly authorize, limit, and revoke permissions from autonomous agents, sometimes more than once within a single workflow. Agentic AI requires organizations to carefully consider how to govern agentic identity, agent-to-agent communication, secrets […]

06Jul 2026

Operationalizing Agentic AI: from assisted to autonomous

Ever since ChatGPT made its public debut nearly four years ago, governance and security have largely lagged behind AI adoption. Eager to experiment with AI tools and find ways to improve their work and personal lives, users have uploaded corporate data, financial records, and even their own health information to large language models (LLMs). While […]

06Jul 2026

RCS and DNS: The NAPTR Record, (Mon, Jul 6th)

Over the last year, with recent updates to iOS and Android, RCS (Rich Communication Services) has become an increasingly used protocol [1]. RCS is supposed to eventually replace SMS, and in addition to richer formatting, provides added (but optional) security. RCS messages may be end-to-end encrypted and digitally signed. Unlike SMS, which was “bolted on” […]

06Jul 2026

⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More

A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ordinary. Home devices became a routing cover. Clean code pulled dirt from a dependency. Identity shortcuts aged badly. AI […]

06Jul 2026

Alberta, Centurion Project sued over alleged data breach that affected millions of voters

Carrie Tait reports: A retired lawyer is suing Alberta, its Chief Electoral Officer and two organizations that support secession for their respective roles in an alleged data breach affecting 2.9 million residents in the province. Clint Docken, a former class-action lawyer, last week filed a sweeping lawsuit stemming from allegations the Centurion Project unlawfully obtained… […]

06Jul 2026

ISC Stormcast For Monday, July 6th, 2026 https://isc.sans.edu/podcastdetail/9994, (Mon, Jul 6th)

Post Content

06Jul 2026

This AI agent autonomously hacked a network, adapted on the fly, and demanded a ransom

A fully autonomous AI agent conducted an end-to-end cyber intrusion and extortion campaign after exploiting a vulnerable Langflow server, demonstrating how large language models could accelerate ransomware operations, according to research published by Sysdig. Sysdig detailed the operation in a research paper, saying the AI agent, dubbed JadePuffer, completed the entire intrusion chain, from initial […]

06Jul 2026

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigation, and response on their own data […]

06Jul 2026

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.

06Jul 2026

Single points of failure fail. The SaaS layer is not an exception

Higher education has consolidated its entire academic operation into a handful of massive SaaS platforms. The LMS manages instruction, grading and communication. The SIS owns enrollment, records and financial aid. Identity and productivity live in a small number of cloud providers. These are not peripheral tools — they are the operational infrastructure of the institution. […]

06Jul 2026

AI isn’t closing the skills gap — it’s exposing the validation gap

If you wanted to become a basketball star, how would you get started? You wouldn’t read a book on basketball and take an online course. You’d set up a hoop in your driveway, join a local team to train, and play in real matches. So why do we expect cybersecurity professionals to learn their skills […]

06Jul 2026

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode. But TrojPix works only once malware […]

06Jul 2026

New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments. According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 for

06Jul 2026

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, they reconstructed a signed-in user’s full Gmail address from a single visit, with no […]

06Jul 2026

7 cyber risk assessment gotchas to avoid

A cyber risk assessment helps security teams identify, estimate, and prioritize potential threats and vulnerabilities to key enterprise digital and physical assets. Yet, despite its importance, many CISOs fall victim to several types of “gotchas” that prevent them from fully achieving their risk assessment goals. An assessment should be an essential part of every organization’s […]

06Jul 2026

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology. Their strongest trick slipped past every scanner tested more than 90% of the time, and the same […]

04Jul 2026

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left. The odd part: the group that took the money calls itself Kairos, but it may not be […]

04Jul 2026

AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data

Connor Jones reports: AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing. The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system… […]

04Jul 2026

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider. “The campaign remains active, and new malicious packages are likely to continue appearing as threat actors […]

04Jul 2026

In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting

Noteworthy stories that might have slipped under the radar: Anonymous-linked Canadian hacker jailed, researcher drops zero-days in open source projects, Venezuelans sentenced in the US over ATM jackpotting. The post In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting appeared first on SecurityWeek.

03Jul 2026

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices

Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The flaws matter because FatFs is nearly everywhere. It ships inside the firmware that runs security cameras, drones, industrial controllers, hardware crypto wallets, and other devices […]

03Jul 2026

An AI just carried out a cyber attack without any human oversight for the first time

Anthony Cuthbertson reports: Security researchers have uncovered what they believe to be the first ever instance of an artificial intelligence agent executing a cyber attack from start to finish without human assistance. The AI-powered attack marks a major milestone for both artificial intelligence and cyber security, raising concerns that AI is lowering the barrier for cyber criminals. The fully automated campaign involved… […]

03Jul 2026

New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small stretch of kernel code where Anthropic’s most powerful AI model, […]

03Jul 2026

AI 에이전트 시대를 이끄는 CIO의 조건…디지털 리더십 전략 7선

AI 에이전트와 인간의 역량을 효과적으로 결합하는 것이 선도적인 CIO의 중요한 과제로 떠오르고 있다. 그렇다면 디지털 리더는 AI 에이전트의 능력과 전문가의 역량 사이에서 어떻게 균형을 이루고, 조직을 에이전트형 AI 시대에 성공적으로 이끌 수 있을까. 다음은 전문가들이 제시하는 7가지 모범 사례다. 1. AI에 대한 두려움을 극복하라 온라인 여행 플랫폼 부킹닷컴(Booking.com)의 데이터 및 머신러닝 플랫폼 총괄 후이 다오(Huy […]

03Jul 2026

칼럼 | 개발 속도 최대 45% 향상…AI 시대를 이끄는 ‘프로덕트 엔지니어’ 모델

순수 전문성 시대의 종말 수년 동안 소프트웨어 조직은 전문화에 기반해 운영 효율을 극대화해 왔다. 제품 관리자는 요구사항을 담당하고, 엔지니어는 구현을 맡았으며, 디자이너는 사용자 경험(UX), QA는 품질을 책임지는 방식이었다. 이러한 모델은 제품 출시 속도가 분기가 아니라 몇 주 단위로 경쟁력을 좌우하기 시작할 때까지는 효과적으로 작동했다. 오늘날 AI는 고성과 기술 조직의 운영 방식을 근본적으로 바꿀 또 하나의 […]

03Jul 2026

LG전자, 냉난방공조 사업 거점 확대…현지 B2B 강화

LG전자는 최근 대만 타이중과 싱가포르에 HVAC 아카데미를 새롭게 개설했다고 2일 밝혔다. 도시화와 산업 인프라 수요 증가에 대응해 글로벌 B2B 사업 기반을 강화하고, 현지 고객과 엔지니어를 위한 교육 및 지원 체계를 확대하기 위한 조치다. 현재 LG전자는 아시아와 유럽을 비롯해 북미, 중남미, 아프리카 등 전 세계 40여 개국에서 약 70개의 HVAC 아카데미를 운영하고 있다. 각 아카데미에서는 주거·상업용 […]

03Jul 2026

Los agentes de IA ponen en riesgo 234.000 millones de dólares del gasto empresarial en SaaS, según Gartner

“Ya no se compra software principalmente para personas; cada vez se compra más para agentes”, explica George Brocklehurst, vicepresidente ejecutivo de Gartner. “Durante un par de décadas, el software se ha evaluado por su interfaz y por la experiencia de usuario: facilidad de uso, flujos de trabajo, formación. Cuando los agentes de IA se convierten […]

03Jul 2026

SAP cuts hiring and travel to fund AI

SAP is limiting hiring and travel spending to help pay for its AI transformation. The tech giant will “exclusively focus new hiring on selected profiles only, mainly core Al roles, that are critical for our long-term success,” staff were reportedly told in an internal email. The email also said that internal travel, unless it is […]

03Jul 2026

Cisco’s in-house AI assistant is a jack of all trades

Since the advent of ChatGPT, enterprises have been intent on transforming generative AI’s potential as a digital assistant into productivity enhancements in every pocket of the organization. Networking giant Cisco is one company that has been at the leading edge of that pursuit. The original idea for an internal assistant started at Cisco as ChatGPT […]

03Jul 2026

Cisco tiene un asistente de IA interno… y sirve para todo

Desde la irrupción de ChatGPT, las empresas han intentado transformar el potencial de la IA generativa como asistente digital en mejoras de productividad para todas las áreas de la organización. Cisco es una de las compañías que se ha situado a la vanguardia de este esfuerzo. La idea original de crear un asistente interno surgió […]

03Jul 2026

Cloud sovereignty: First four providers sign up to CISPE certification program

The European Union’s drive towards some form of digital sovereignty has just received a boost with the first four companies ready to support the EU cloud sovereignty project. Four cloud service providers — Etix, Phocea, Thésée Datacenter, and Gigas — have signed up for the CISPE Sovereign and Resilient Cloud Service Certification program. Currently, they […]

03Jul 2026

AI token prices are cooling — but why?

A measure of daily spending on AI usage has fallen since its peak in May — although interpreting what the decline means is challenging. The Silicon Data LLM Token Expenditure Index (SDLLMTK) is a daily snapshot of the state of the market. It draws data from a multitude of providers and produces a blended rate, […]

03Jul 2026

Unpacking Workday’s agentic AI pricing model

Only 35% of CIOs have full visibility into their AI operating costs, according to a new KPMG survey. That makes it difficult for them to control spend on software-as-a-service offerings from vendors who, like Workday, have incorporated pay-as-you-go agentic AI into their offerings. Workday is one of several vendors that have shifted to a hybrid […]

03Jul 2026

New Avalon Malware Framework Packs CrownX Ransomware Capabilities

Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that’s distributed by means of a multi-stage phishing chain capable of bypassing traditional security controls. Avalon combines credential collection, lateral movement, remote access, recovery disruption, and ransomware execution, bringing together diverse functions under one

03Jul 2026

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets

Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data theft. According to JFrog, the packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” mimic the legitimate “rollup-plugin-polyfill-node” project, down to the description, repository metadata, and

03Jul 2026

Microsoft 365 users fall victim to one-in-a-million password spray attack

Microsoft users have been hit by a massive, automated password spray attack. Among those targeted by the attack were clients of security company Huntress. It reported that the attackers made 81 million attempts to log into its customers’ accounts between June 12 and 26 — and succeeded in at least 78 cases. And that’s just […]

03Jul 2026

Adobe premieres a second Patch Tuesday each month to deliver fixes faster

Adobe will now issue security patches for its products twice as often to deal with the increasing pace of software vulnerability discovery and exploitation. This follows Oracle’s decision to increase its quarterly patch program to a monthly one. Adobe issues patches on the second Tuesday of each month, as do Microsoft and SAP. Starting in […]

03Jul 2026

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer

A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Brazil, and Kazakhstan. “Armored Likho blends financially motivated campaigns targeting private individuals with targeted cyber espionage aimed at organizations,” Kaspersky said in a technical analysis published today. “

03Jul 2026

HK: Shun Hing Group data breach affects 920,000 customers, 1.05m files encrypted in cyber attack

Erwin Wong reports: Shun Hing Group has confirmed that its computer systems were compromised by hackers in March, resulting in a significant data breach affecting customers and staff. Founded in 1953 by the late Dr William Mong, Shun Hing Group has grown into a leading and diversified Hong Kong conglomerate, best known as the sole… […]

03Jul 2026

New CitrixBleed-like NetScaler flaw sees exploit attempts in the wild

Citrix NetScaler appliances have been a constant target for attackers in recent years, most recently through an information leak vulnerability dubbed CitrixBleed 3, the latest in a series of NetScaler memory overreads going back to 2023. This week, Citrix patched yet another CitrixBleed-like vulnerability and there are signs of in-the-wild exploitation already. The new memory […]

03Jul 2026

European Parliament Member Investigating Spyware Was Hacked With Pegasus

A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving on a committee that was tasked with investigating the abuse of such commercial surveillance tools in the bloc. “Through forensic analysis of his device, […]

03Jul 2026

Trump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity Alarm

Anthropic said Tuesday night that its AI model called Claude Fable 5 is now widely available. The post Trump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity Alarm appeared first on SecurityWeek.

03Jul 2026

FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks

Researchers say credentials harvested from hundreds of thousands of FortiGate firewalls are being used to facilitate ransomware attacks by the INC and Lynx operations. The post FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks appeared first on SecurityWeek.

03Jul 2026

How to Conduct a Successful Audit of AI-Driven Software Development

As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach production. The post How to Conduct a Successful Audit of AI-Driven Software Development appeared first on SecurityWeek.

03Jul 2026

New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure

Hackers are targeting NetScaler appliances using public PoC code to retrieve arbitrary memory content in the HTTP response. The post New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure appeared first on SecurityWeek.

03Jul 2026

Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution

The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor’s sandbox and execute arbitrary code on the underlying operating system. The post Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution appeared first on SecurityWeek.

03Jul 2026

Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices

NetNut rented access to millions of compromised devices, allowing cybercriminals and nation-state actors to mask their identities during attacks. The post Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices appeared first on SecurityWeek.

03Jul 2026

Alleged Scattered Spider Hacker Extradited to US

Prosecutors say 19-year-old Peter Stokes was a member of Scattered Spider, the hacking group linked to more than 100 network intrusions and over $100 million in ransom payments. The post Alleged Scattered Spider Hacker Extradited to US appeared first on SecurityWeek.

03Jul 2026

Medtronic Data Breach Impacts 3.8 Million People

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information. The post Medtronic Data Breach Impacts 3.8 Million People appeared first on SecurityWeek.

03Jul 2026

Agentic AI Used to Conduct Ransomware Attack via Langflow

Attack demonstrates how LLM agents can combine known exploitation techniques with real-time reasoning to automate complex, multi-stage intrusions. The post Agentic AI Used to Conduct Ransomware Attack via Langflow appeared first on SecurityWeek.

03Jul 2026

PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords

Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The stealer, discovered by Jamf Threat Labs, is distributed as a compiled AppleScript (.scpt) file impersonating Maccy, a legitimate open-source clipboard manager. It has been codenamed PamStealer owing to its […]

02Jul 2026

FBI Seizes NetNut Proxy Platform, Popa Botnet

The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa […]

02Jul 2026

AI 에이전트는 왜 RAG가 필요한가…장기 기억이 만드는 성능 차이

AI 에이전트는 작업과 관련된 맥락 정보를 많이 확보할수록 더 뛰어난 성능을 발휘한다. 하지만 에이전트의 메모리에는 한계가 있다. 에이전트가 기반으로 하는 대규모 언어 모델(LLM)은 상태를 유지하지 않는(stateless) 구조이기 때문이다. 메모리가 한계에 이르면 에이전트는 오류를 일으키거나 응답이 멈추고, 사실과 다른 내용을 생성하기도 한다. 메모리를 잘라내거나 압축하는 기법으로 이를 어느 정도 보완할 수는 있지만, 근본적인 해결책은 아니다. 이 […]

02Jul 2026

가트너 “에이전틱 AI에 SaaS 시장 재편…기존 업체는 위기, 서비스 기업은 기회”

가트너는 현재부터 2030년까지 최대 2,340억 달러(약 362조 원) 규모의 기업용 애플리케이션 지출이 ‘에이전틱 차익거래(Agentic arbitrage)’의 영향을 받을 것으로 전망했다. 이는 2030년 전체 기업용 애플리케이션 서비스형 소프트웨어(SaaS) 지출의 약 20%에 해당하는 규모다. 에이전틱 차익거래는 AI 에이전트가 여러 시스템을 넘나들며 업무를 수행하면서 사용자가 기존 소프트웨어 인터페이스를 직접 조작할 필요가 줄어드는 현상을 의미한다. 가트너 VP 애널리스트 조지 브로클허스트는 […]

02Jul 2026

SAP, 베레나 시오 아태 총괄 회장 임명…AI·클라우드 성장 전략 강화

2일 SAP는 베레나 시오 신임 회장이 싱가포르를 거점으로 한국, 일본, 호주, 뉴질랜드, 인도, 중화권, 동남아시아를 포함한 아시아 태평양 지역 사업을 총괄한다고 밝혔다. 시오 회장은 고객 지원과 기업의 비즈니스 혁신을 돕고, SAP 솔루션을 통한 고객의 비즈니스 가치 창출을 지원할 계획이다. 약 30년간 기술 업계에서 활동한 시오 회장은 지난 15년 동안 SAP에서 다양한 리더십 역할을 맡아왔다. 최근에는 […]

02Jul 2026

La resiliencia de identidad empieza donde termina el ‘backup’ 

La identidad se ha convertido en el nuevo perímetro corporativo. En un entorno dominado por modelos híbridos, servicios en la nube y arquitecturas zero trust, prácticamente todas las operaciones dependen de mecanismos de autenticación y autorización. Cuando estos sistemas dejan de funcionar, el impacto va mucho más allá de una interrupción tecnológica: se paralizan procesos […]

02Jul 2026

Why AI savings are an illusion without process re-engineering

The PC was heralded as revolutionary; it was going to save time, revolutionize our work… But it became an opportunity lost. Paper became digital files. Filing cabinets became shared drives. Memos became email. We sometimes worked faster. We did not necessarily work differently. And we certainly did not work more efficiently. The underlying logic: approval […]

02Jul 2026

4 reasons AI projects fail that have nothing to do with technology

Having worked with dozens of companies in various stages of AI adoption, I’ve had a front-row seat to the myriad reasons (and sometimes excuses) why AI projects fail to launch, fail to make it past pilots or fail to deliver business value and ROI. While every organization’s circumstances are unique, the root causes are often […]

02Jul 2026

How AI automation is reshaping the IT leadership pipeline

In the wake of AI, the early-talent job market is in decline across all jobs and industries, with a 10% drop since 2021, according to a recent report from SAP. When isolated for the top 10 most common entry level job titles, including software engineer, customer support, and data analyst, job openings declined 35% from […]

02Jul 2026

IT governance: Best practices for aligning IT and business strategy

The unprecedented pace of AI’s evolution and its use have put a strain on organizations. According to a 2026 study from the IBM Institute for Business Value study, 77% of organizations reported that AI adoption is outpacing their governance capabilities. Although governance practices — including the discipline of IT governance — predate AI, the challenges […]

02Jul 2026

Addressing consequence blindness

Enterprises do not suffer from a lack of oversight. They have dashboards, risk forums, architecture boards, vendor reviews, cyber controls, transformation offices, capital committees, regulatory programs, audit findings, service reports and enough status updates to make even the most patient executive reach for stronger coffee. The issue is not that senior leaders fail to recognize […]

02Jul 2026

Agentic AI puts $234B in enterprise SaaS spending at risk, Gartner says

AI agents are poised to challenge traditional enterprise software business models, placing up to $234 billion in application software spending at risk by 2030 as they increasingly bypass human users and interact directly with business systems, according to Gartner. “You are no longer buying software primarily for people; you are increasingly buying it for agents,” […]

02Jul 2026

Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices

Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people’s traffic. Working with the FBI, Lumen, and others, Google’s Threat Intelligence Group (GTIG) said this week it had reduced the network’s pool of usable devices by millions. Google identifies NetNut, also tracked as Popa, as a network […]

02Jul 2026

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. “Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Remote Management and Monitoring (RMM) tooling, credential access, and hands-on-keyboard procedures used for lateral

02Jul 2026

Global Schools Holdings Cites Two Injunctions in a Bid to Chill Our Reporting. It Won’t Work.

My About page is pretty clear about legal threats: If you want to send me legal threats about my reporting or comments, knock yourself out, but don’t be surprised to see me report on your threat, any confidentiality sig blocks you may attach notwithstanding. I have been threatened with lawsuits many times, and to be… […]

02Jul 2026

26-00309.pdf

26-00309.pdf Anonymous (not verified) Thu, 07/02/2026 – 12:50 Case ID 26-00309 Forum FINRA Document Type Award Claimants TradeStation Securities, Inc. Respondents James Lightning Neutrals Cary Valden Sorensen Hearing Site Houston, TX Award Document 26-00309.pdf Documentum DocID cb64dc17 Award Date Official Wed, 07/01/2026 – 12:00 Related Content Off Claimant Representatives Myra C. Mormile-Wolper Respondent Representatives James […]

02Jul 2026

26-00329.pdf

26-00329.pdf Anonymous (not verified) Thu, 07/02/2026 – 12:45 Case ID 26-00329 Forum FINRA Document Type Award Claimants Tuyet Burke Respondents Alpaca Securities LLC Neutrals Harlita R. Tomlinson Hearing Site Indianapolis, IN Award Document 26-00329.pdf Documentum DocID aedcf8f8 Award Date Official Thu, 07/02/2026 – 12:00 Related Content Off Claimant Representatives Tuyet Burke Respondent Representatives John H. […]

02Jul 2026

Cyber Alert: NGINX Critical Vulnerability

Cyber Alert: NGINX Critical Vulnerability K30658 Thu, 07/02/2026 – 11:29 FINRA firms should be aware of a security vulnerability that poses potentially severe risks to organizations using NGINX products. FINRA recommends sharing this Cyber Alert with appropriate information technology and information security personnel—as well as any third-party vendors that may use NGINX—to identify whether your […]

02Jul 2026

ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through. This is not one big break. It is small permissions, weak checks, open systems, and normal […]

02Jul 2026

OLD MISSION CAPITAL, LLC

OLD MISSION CAPITAL, LLC fnrw-backend Thu, 07/02/2026 – 11:01 MC ID OLDM MC Reporter Type Single Dealer Trading System MC Paragraph MC Link https://www.oldmissioncapital.com MC Last Updated Thu, 07/02/2026 – 11:01

02Jul 2026

OLD MISSION MARKETS LLC

OLD MISSION MARKETS LLC fnrw-backend Thu, 07/02/2026 – 10:46 MC ID OLMN MC Reporter Type Broker-Dealer MC Paragraph MC Link https://www.oldmissioncapital.com MC Last Updated Thu, 07/02/2026 – 10:46

02Jul 2026

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that’s designed to gain surreptitious access to a victim’s email correspondence via the Google API. “In this campaign, the attackers focused their attention on corporate email communications hosted on Gmail, targeting access compromise via APIs,” Kaspersky said in a detailed […]

02Jul 2026

ST Engineering iDirect iQ-Series Terminals

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to device information or cause a denial-of-service condition. The following versions of ST Engineering iDirect iQ-Series Terminals are affected: Evolution iQ‑Series terminals <=4.5.2.1 (CVE-2026-38059, CVE-2026-38057) 3315‑Series terminals <=4.5.2.1 (CVE-2026-38059, CVE-2026-38057) 9‑Series terminals <=4.5.2.1 (CVE-2026-38059, CVE-2026-38057) CVSS Vendor Equipment Vulnerabilities […]

02Jul 2026

Gardyn IoT Hub

View CSAF Summary Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control IoT Hub managed devices. The following versions of Gardyn IoT Hub are affected: Home Firmware Studio Firmware Cloud API <2.12.2026 (CVE-2026-13768, CVE-2026-55726, CVE-2026-54477) CVSS Vendor Equipment Vulnerabilities v3 10 Gardyn Gardyn IoT Hub Use of Hard-coded Credentials, Exposure of […]

02Jul 2026

CubeSpace CW0057 Reaction Wheel

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious firmware to the device. The following versions of CubeSpace CW0057 Reaction Wheel are affected: CW0057 Reaction Wheel CVSS Vendor Equipment Vulnerabilities v3 6.1 CubeSpace CubeSpace CW0057 Reaction Wheel Improper Verification of Cryptographic Signature Background Critical Infrastructure Sectors: Communications Countries/Areas […]

02Jul 2026

Identity Lifecycle Management Wasn't Built for AI Agents 

Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across enterprise environments, the governance model built for humans develops structural blind spots that traditional IGA tools weren’t designed to detect. This guide covers where that model […]

02Jul 2026

Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack

Citrix urges customers to patch NetScaler after fixing six vulnerabilities, including the HTTP/2 Bomb flaw and a high-severity CitrixBleed-style information disclosure bug. The post Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack appeared first on SecurityWeek.

02Jul 2026

Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities

Seven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution. The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared first on SecurityWeek.

02Jul 2026

Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings

Microsoft’s new Teams admin policy requires organizer approval for external AI bots, giving organizations greater visibility and control over automated participants in sensitive meetings. The post Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings appeared first on SecurityWeek.

02Jul 2026

CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability

CISA says threat actors are exploiting a recently patched SharePoint remote code execution vulnerability (CVE-2026-45659). The post CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability appeared first on SecurityWeek.

02Jul 2026

‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials

Researchers show how context manipulation can cause agentic browsers to abandon safety guardrails and exfiltrate sensitive credentials. The post ‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials appeared first on SecurityWeek.

02Jul 2026

Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability

A PoC exploit has been available since public disclosure, and the first exploitation attempts were observed last week. The post Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability appeared first on SecurityWeek.

02Jul 2026

Argo CD flaw shows why GitOps infrastructure should be treated as tier zero

A newly disclosed vulnerability in Argo CD is drawing attention to the security risks of GitOps platforms, with researchers warning that the flaw could allow attackers who gain a foothold inside a Kubernetes cluster to execute code and manipulate application deployments. Security firm Synacktiv said in a report that the flaw affects Argo CD’s repo-server […]

02Jul 2026

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing credentials, moving deeper into the network, then encrypting and wiping a company’s […]

02Jul 2026

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. “An operator tied to FortiBleed’s infrastructure was found actively working negotiation panels for both groups, tying mass FortiGate credential theft directly to ransomware deployment

02Jul 2026

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs. Run one, and it quietly lifts your saved passwords, browser cookies, and files, then hands the […]

02Jul 2026

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-45659 (CVSS score: 8.8), is a case of remote code execution arising from the deserialization of untrusted data. The issue

02Jul 2026

ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)

Post Content

02Jul 2026

Sandbox bypass flaws in Cursor IDE highlight prompt injection as an RCE vector

Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) that can be exploited through prompt injection to achieve remote code execution (RCE). The two flaws, tracked as CVE-2026-50548 and CVE-2026-50549, allow attackers to break out of Cursor’s command execution sandbox, the protective layer that’s supposed to prevent the internal […]

01Jul 2026

25-00946.pdf

25-00946.pdf Anonymous (not verified) Wed, 07/01/2026 – 17:25 Case ID 25-00946 Forum FINRA Document Type Award Claimants Bryan Rigg Ian Rigg Justin Rigg Sophia Rigg Respondents Pershing LLC Pershing Advisor Solutions LLC Cantella & Co., Inc. Neutrals Dineo Coleman Gary Gayle D. Anthony Cecelia Dianne Jefferson Hearing Site Dallas, TX Award Document 25-00946.pdf Documentum DocID […]

01Jul 2026

26-00299.pdf

26-00299.pdf Anonymous (not verified) Wed, 07/01/2026 – 17:25 Case ID 26-00299 Forum FINRA Document Type Award Claimants Equitable Advisors, LLC Equitable Network LLC Respondents Olivier Marcelin Neutrals Cynthia A. DiMarco Hearing Site New York, NY Award Document 26-00299.pdf Documentum DocID 456958f4 Award Date Official Wed, 07/01/2026 – 12:00 Related Content Off Claimant Representatives Andrea Villalpando […]

01Jul 2026

25-01988.pdf

25-01988.pdf Anonymous (not verified) Wed, 07/01/2026 – 17:25 Case ID 25-01988 Forum FINRA Document Type Award Claimants Angelo Piccone Respondents Richard Carlesco Neutrals Tracy L. Allen Hearing Site Buffalo, NY Award Document 25-01988.pdf Documentum DocID a297a5a9 Award Date Official Wed, 07/01/2026 – 12:00 Related Content Off Claimant Representatives Angelo Piccone Respondent Representatives James L. Kopecky

01Jul 2026

24-02150.pdf

24-02150.pdf Anonymous (not verified) Wed, 07/01/2026 – 17:25 Case ID 24-02150 Forum FINRA Document Type Award Claimants Michelle Feland Respondents Raymond James Financial Services, Inc. Neutrals Michael D. Briggs Hearing Site Bismarck, ND Award Document 24-02150.pdf Documentum DocID 7f6d00a5 Award Date Official Tue, 06/30/2026 – 12:00 Related Content Off Claimant Representatives Daniel J. Frisk Respondent […]

01Jul 2026

25-02797.pdf

25-02797.pdf Anonymous (not verified) Wed, 07/01/2026 – 17:25 Case ID 25-02797 Forum FINRA Document Type Award Claimants Paul Valdivia Respondents Fidelity Brokerage Services LLC Neutrals John P. Cullem Andrea U. Calve Linda J. Baer Hearing Site Columbia, SC Award Document 25-02797.pdf Documentum DocID 91f846c6 Award Date Official Wed, 07/01/2026 – 12:00 Related Content Off Claimant […]

01Jul 2026

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the component’s internal network port. Synacktiv, which found the bug, says it can lead to a full cluster takeover. There is no fix and no […]

01Jul 2026

19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges

A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, computer intrusion, and fraud, the U.S. Department of Justice announced on July 1. Peter Stokes, 19, a dual U.S. and Estonian citizen, appeared in a Chicago federal court on June 30, where a judge ordered […]

01Jul 2026

A framework for operational autonomy: Integrating CloudOps, FinOps and AIOps

Operational autonomy is quickly becoming one of the defining capabilities of a modern enterprise. As digital estates become more distributed, cloud environments more dynamic and AI consumption more expensive and less predictable, traditional operating models begin to show their limits. Teams can no longer rely only on manual oversight, disconnected monitoring tools or periodic financial […]

01Jul 2026

SAP reshuffles exec oversight of AI

For the second time this year, SAP is shaking up its executive ranks as it continues its quest to adapt to an AI-centric world. The first shake-up came in March, with the creation of the Customer Value Group, merging SAP’s Customer Success and Customer Services and Delivery organizations to put sales, delivery, services, and support […]

01Jul 2026

Shadow agents: How IT leaders must govern ‘headless’ AI before it breaks the enterprise

Earlier this year, I was running my own local AI agent, a system I built called LaptopAI-Agent, which uses a LangGraph reasoning loop, a local Ollama model and a set of tools that can read files, query my git repositories and monitor system processes, all running entirely on my laptop with no cloud calls. I […]

01Jul 2026

Using AI to reinvent care delivery at Novant Health

In healthcare, the pressure to improve outcomes while reducing costs has never been greater. Yet many organizations are still applying AI to existing systems rather than using it to fundamentally change them. At Novant Health, that shift is being driven in part by establishing the chief AI officer role last year, which Vijay Sankararaman has […]

01Jul 2026

7 ways to ensure effective digital leadership in the age of agentic AI

Research suggests pioneering CIOs must blend AI agents with human skills. So how can digital leaders establish an effective balance between agentic and professional capabilities, and successfully lead their people into the agentic-enabled future? Here are seven best-practice tips from the experts. 1. Get past the fear. Huy Dao, director of data and ML platform […]

01Jul 2026

월드컵을 움직이는 AI…레노버·구글·오픈AI가 펼치는 기술 경쟁

FIFA 월드컵은 세계에서 가장 강력한 광고 무대로 꼽힌다. 올해 초 열린 미국 프로풋볼(NFL) 슈퍼볼의 시청자는 약 1억 2,500만 명이었지만, 2022년 카타르 월드컵은 전 세계에서 최소 28억 명이 대회 일부를 시청했다. 올해는 이 수치가 최소 60억 명까지 늘어날 것으로 전망된다. 하지만 이러한 시청자 수조차 세계적인 기업들이 막대한 마케팅 예산을 투입하는 규모에 비하면 일부에 불과하다. 탄산음료와 스포츠웨어, […]

01Jul 2026

US reverses export restrictions on Anthropic’s Fable 5, Mythos 5 AI models

The US government has reversed export restrictions on Anthropic’s frontier AI models Fable 5 and Mythos 5, allowing the company to resume global access after nearly three weeks of disruption triggered by concerns over the models’ cybersecurity capabilities. “As of today, June 30, the export controls on Fable 5 and Mythos 5 have been lifted,” […]

01Jul 2026

AI가 없앤 주니어, 누가 미래의 시니어를 키우나

AI가 가져온 혁신의 물결은 많은 IT 리더가 인정하고 싶어 하는 것보다 훨씬 빠른 속도로 IT 인재 육성 체계를 중대한 갈림길로 몰아가고 있다. 그동안 기업들은 신입 직급부터 인재를 육성해 내부에서 IT 전문성을 키워왔지만, 이제는 AI 활용 경험을 갖춘 인재에 대한 수요가 커지고 AI 자동화가 초급 직무를 대체하면서 이러한 전통적인 인재 육성 방식이 흔들리고 있다. 스탠퍼드대학교 디지털경제연구소(Stanford […]

01Jul 2026

칼럼 | 모델은 빌리고 그라운딩은 소유한다···AI 경쟁력의 새로운 공식

지난 2년간 기업 AI 인프라 분야에서 일하며 업계의 흐름을 지켜본 결과, 필자는 같은 질문이 반복해서 제기되는 것을 목격했다. ‘우리도 자체 LLM을 구축해야 할까?’라는 질문이다. 이런 생각이 드는 이유는 충분히 이해할 수 있다. 모델은 AI의 핵심이자 엔진이며 두뇌이고, 반드시 확보해야 할 자산처럼 보이기 때문이다. 하지만 고객 경험과 데이터 그라운딩 인프라 분야에서 AI 제품 관리자로 오랜 기간 […]

01Jul 2026

“지침 내리는 조직에서 문화 전파하는 조직으로” AWS·LG CNS가 진단한 AI 시대 보안 조직의 미래

신은수 AWS 수석 보안전문 솔루션즈 아키텍트는 미토스 등으로 대표되는 고성능 AI가 몰고 온 위협의 변화를 세 가지로 정리했다. 첫째는 규모다. 과거 중대 취약점 발견은 대부분 전문가 집단의 영역이었으나, 이제는 AI를 활용해 손쉽게 취약점을 찾아낼 수 있어 기업이 처리해야 할 취약점의 수 자체가 급증한다. 둘째는 속도로, 취약점 발견과 익스플로잇 개발에 필요한 시간이 과거 대비 현저히 줄었다. […]

01Jul 2026

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activity is part of a “massive, multi-domain, multi-language” campaign that distributes malicious installer archives hosted on spoofed websites. These installers masquerade as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam, among others.

01Jul 2026

VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer

Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEIL#DROP by Securonix. It’s suspected that the initial payloads are distributed either via spear-phishing or a drive-by compromise, which occurs when an unsuspecting user lands […]

01Jul 2026

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet’s FortiGuard Labs identified the campaign in May 2026. It opens with a phishing PDF disguised as a corrupted file, checks that the visitor is really in Spain or Portugal, and hides its real payload inside an image. The goal […]

01Jul 2026

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates “resolves critical and important vulnerabilities that could lead to arbitrary code execution, privilege escalation, arbitrary file system read, and security feature bypass,” Adobe said in an alert released Tuesday. The vulnerabilities are listed

01Jul 2026

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-45659 Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing […]

01Jul 2026

Supreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location History

The ruling was made in the case of a bank robber whose identity was discovered through a geofence warrant. The post Supreme Court Rules Constitutional Privacy Protections Apply to Cellphone Users’ Location History appeared first on SecurityWeek.

01Jul 2026

Hacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreat

Chris Thompson’s journey took him from hacking game controls as a teenager to founding IBM’s X-Force Red team. The post Hacker Conversations: Chris Thompson, Former Head of IBM X-Force Red, Co-Founder of RemoteThreat appeared first on SecurityWeek.

01Jul 2026

Aflac Japan Data Breach Impacts 4.38 Million

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25. The post Aflac Japan Data Breach Impacts 4.38 Million appeared first on SecurityWeek.

01Jul 2026

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks

Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors. The post Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks appeared first on SecurityWeek.

01Jul 2026

BlueHammer Vulnerability Exploited in Ransomware Attacks

The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.

01Jul 2026

Google Patches 382 Chrome Vulnerabilities

Fifteen of the newly patched flaws have been rated ‘critical’ and 67 have been rated ‘high severity’. The post Google Patches 382 Chrome Vulnerabilities appeared first on SecurityWeek.

01Jul 2026

Massive Password Spray Campaign Targeting Azure CLI

Hackers were seen making over 81 million login attempts originating from systems associated with hosting provider LSHIY. The post Massive Password Spray Campaign Targeting Azure CLI appeared first on SecurityWeek.

01Jul 2026

Dawnguard Raises $6.3 Million for Security Architecture Automation Platform

The company has publicly launched its solution to help organizations design, build, and operate secure cloud systems. The post Dawnguard Raises $6.3 Million for Security Architecture Automation Platform appeared first on SecurityWeek.

01Jul 2026

Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari

The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users. The post Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari appeared first on SecurityWeek.

01Jul 2026

Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors

From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. The post Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors appeared first on SecurityWeek.

01Jul 2026

Acknowledgement of receipt

Acknowledgement of receipt Dear Contact Thank you for your message. You will find the answer to the vast majority of requests sent to us on the following page https://www.edpb.europa.eu/contact_en. We will respond further only if your request is not already addressed on that page. Please note that the EDPB/EDPB Secretariat will not respond to abusive […]

01Jul 2026

Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware

Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way. Palo Alto Networks’ Unit 42 calls the trick phantom squatting, and its new research shows it is already happening in […]

01Jul 2026

Detection engineering: A programmatic approach to identifying cyber threats

Detection engineering, which was once a niche practice among mostly large companies, appears to have evolved into a capability that organizations across industries now consider essential to their security operations. What is detection engineering? Detection engineering is about creating and implementing systems to identify potential security threats within an organization’s specific technology environment without drowning in […]

01Jul 2026

Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls

Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos 5 about two and a half weeks earlier. Fable 5 returns to users on Wednesday, July 1, across Claude.ai, the Claude Platform, Claude Code, […]

01Jul 2026

Risky Business #844 -- China closes AI vulndev gap as USA lifts Fable ban

On this week’s show Patrick Gray, Adam Boileau and James Wilson discuss the week’s cybersecurity news. They cover: Anthropic’s Fable 5 returning while OpenAI’s GPT-5.6 gets thrown in model jail Distillation, cheap tokens, and AI chat harvesting is an industry in China Edge becomes a lolbin via a new malicious extension An Iranian APT boss’s […]

01Jul 2026

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s Azure command-line interface (CLI), compromising dozens of accounts in the process. The activity, per Huntress, originates from an IPv6 address range (2a0a:d683::/32) controlled by internet infrastructure provider LSHIY LLC (AS32167). “Between June 12 and June 26, the threat

01Jul 2026

Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery

ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands behind its fake “prove you’re human” pages are now handed out by API-driven servers that give each visitor the same malware in a different disguise. The same research also turned up a […]

01Jul 2026

Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)

This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It’s pretty popular, so a juicy target for criminals. In February, I already mentioned a campaign against them[2].

01Jul 2026

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate arbitrary file reads or trigger a denial-of-service (DoS) condition. The vulnerabilities are listed below – CVE-2026-8451 (CVSS score: 8.8) – An insufficient input validation

01Jul 2026

ISC Stormcast For Wednesday, July 1st, 2026 https://isc.sans.edu/podcastdetail/9990, (Wed, Jul 1st)

Post Content