13minZDNet SecurityHow to install the MacOS 27 public beta on your Mac today - it's live now41minDark ReadingCursor IDE Auto-Executes Malicious Code in Poisoned Repos41minSecurityWeekUnpatched Claude for Chrome Flaw Lets Extensions Read Gmail, Calendar41minRapid7CVE-2026-55040: Microsoft SharePoint JWT Token Authentication Bypass (FIXED)47minZDNet SecurityWindows Search just got a faster, cleaner overhaul - how to try it today51minBleepingComputerMicrosoft Entra ID gets passkeys default authentication starting September52minBleepingComputerNew phishing kits target Microsoft 365 accounts, evade MFA1hThe Register SecurityMusk promises purge after Grok Build caught sending entire repos to the cloud1hZDNet Security12 YouTube default settings to change right now for a more enjoyable experience1hThe Register Security'The bots are alive!' Jailbroken Gemini spun up new C2 server for Russian fraudster in just 6 minutes1hZDNet SecurityDon't let an AI chatbot pick your password, ever1hInfosecurityNew MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter1hBleepingComputerSAP warns of critical flaws in NetWeaver and Commerce Cloud2hSecurityWeekSAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud2hSchneier on SecurityVulnerability in FIFA’s Network2hThe Register SecurityBaddies caught exploiting extensions bugs with perfect 10 scores on vulnerable Joomla websites2hZDNet SecuritySEO is not dead: 5 ways to win more citations from AI search2hSecurityWeekUS, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure Routers2hBleepingComputerMicrosoft starts testing cleaner Windows Search without ads2hCisco Talos[Video] Where protection starts: Cisco Talos Intelligence Integrations3hWizM-Red-Team: AsyncAPI Supply Chain Compromise via GitHub Actions3hOX SecurityAsyncAPI npm organization compromised, 2M weekly downloads affected3hCisco TalosThe serpent’s tongue: Luring the Python out of its den3hCSO OnlinePhishing for dummies: Forg365 lowers barrier to M365 account takeovers3hInfosecurityLidl Notifies Customers of Third-Party Data Breach4hBleepingComputerUS sanctions VPN, malware providers for enabling ransomware attacks4hSecurityWeekValarian Raises $50 Million for Sovereign Infrastructure Control Layer4hSecurityWeekMultiple Jscrambler Packages Impacted by Supply Chain Attack4hCSO OnlineAI incidents need a new playbook. Here’s how to build one5hInfosecurityFive Charged in “Russian Coms” Fraud Platform Case5hRapid7Rapid7 and Mindshare Partner to Accelerate Cyber Resilience Across the Middle East5hGraham CluleyThe ransomware negotiator who was working for the other side6hCSO OnlineAI-powered breaches provide wake-up call for incident response7hZDNet SecurityI tried Google Maps' new 3D Immersive View for Android Auto, and it fixed my biggest navigation problems7hSecurityWeekPentagon Suspends CMMC Phase 2 as It Rethinks Contractor Cybersecurity Rules9harXiv SecurityA Guess and Determine Attack on the Elliptic Curve Discrete Logarithm Problem9harXiv SecurityEvaluating AI Models' Capability to Automate Voice Phishing Attacks9harXiv SecuritySafeGuard: A Lightweight Client-Server Architecture for Real-Time Endpoint Threat Detection and Response9harXiv SecurityA Survey on LLM Watermarking: Theory and Deployment9harXiv SecurityMinionese: Comprehensive Benchmark and Mechanistic Study of Multilingual LLM Safety9harXiv SecurityToward Stronger Code Watermarking: A Grammar-Driven Approach to Optimizing the Trade-off Between Quality and Detectability9harXiv SecurityOne Token Is Enough: Fingerprinting and Verifying Large Language Models from Single-Token Output Distributions9harXiv SecurityDevil in the Lens: Analyzing and Defending Physical Prompt Injection Against Vision-Language Models on Wearable Devices9harXiv SecurityLarge Language Models in Misinformation Ecosystems: Misuse, Defense, and Vulnerability9harXiv SecurityThreat Vectors and the State of the Art in Defense Methods for Security in Neurotechnology9hTrustedSecPandora’s Container Part 1: Unpacking Azure Container Security9hZscalerAccelerating Post-Quantum Readiness Timelines: A New Executive Order on Securing Against Advanced Cryptographic Attacks11hSANS ISCISC Stormcast For Tuesday, July 14th, 2026 https://isc.sans.edu/podcastdetail/10006, (Tue, Jul 14th)11hCSO OnlineGovernments to enterprises: Improve your router security hygiene12hNextgov CyberAI, once relegated to helping hackers with certain tasks, can now power every stage of a cyberattack12hCheck Point ResearchAI Security Report 202612hCSO OnlineUS authorities warn of Russian attacks on critical infrastructure13hTLDR InfoSecCrashStealer macOS 🍏,Ghostcommit Attack 🖼️, Six U-Boot Flaws 🥾13hDatadog Security LabsCompromised AsyncAPI packages on npm deliver malware14hThe RecordHackers steal Lidl customer data from external service provider15hSimon WillisonDOOMQL15hMicrosoft SecurityDefending SaaS-based applications against ShinyHunters OAuth abuse15hSimon Willisondatasette code-frequency chart on GitHub16hDark ReadingWeak Security Continues to Fuel Russian Cyberattacks16hCyberScoopStates are building their own election defense networks as federal support evaporates16hZDNet SecurityI tested COSMIC's new Frosted Glass effect, and it's way better than MacOS' Liquid Glass16hThe RecordEU leaders eye social media ban for children under age 1317hFederal News CyberPentagon suspends CMMC phase two requirements, launches review of program17hFederal News CyberWhy Medicaid fraud enforcement alone cannot solve a $37B problem17hTechCrunch SecurityApple says former employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI17hBleepingComputerHackers backdoor Jscrambler npm package with infostealer malware18hNextgov CyberRussian hackers exploit weak router security to breach critical infrastructure, Western allies warn18hBleepingComputerNew CrashStealer malware poses as Apple crash reporting tool18hThe RecordVPN service favored by ransomware groups is sanctioned by US19hDark Reading'Yellow Teams' Are Defining the Future of AI Security19hZDNet SecurityIs that QR code a trap? How to spot quishing scams before it's too late20hEFF DeeplinksSony Nerfs Videogame Ownership20hZDNet SecurityWindows questions? How Copilot can analyze your PC settings now20hThe RecordRussian celebrity journalist Ksenia Sobchak says hackers accessed Telegram channels via email breach20hMicrosoft SecurityMicrosoft Entra ID security updates: Passkeys are the default authentication method in Entra ID20hDark ReadingGigaWiper Lets Threat Actors Choose Their Own Destructive Attack21hCyberScoopEurope strikes out against Russia’s Turla over espionage, ‘destructive attacks’22hThe Register SecurityEU and UK officially blame Russian spies for cyberattack on Poland's power grid22hZDNet SecurityHow I tag my files to avoid endless searching and disorganized folders22hInfosecurityOpen Directory Exposes Three Evilginx Phishing Operators22hNextgov CyberDHS network intrusion was twice ruled a false positive before breach confirmed22hCyberScoopOfficials once again warn defenders that Russian hackers are targeting network devices22hBleepingComputerCISA warns of actively exploited RCE flaws in Joomla extensions22hCybersecurity DiveUS authorities warn that state-linked hackers are targeting vulnerable networking devices22hKrebs on SecurityLessons Learned from CISA’s Recent GitHub Leak22hInfosecurityPakistani Police Systems Hit by Chinese and Indian Espionage23hXBOWResources23hCybersecurity DiveHackers find a new trick to collect Microsoft Entra user data without raising red flags23hSecurityWeekHacker Conversations: Jesse McGraw (GhostExodus), From Blackhat Hacker to Redemption23hBleepingComputerLidl discloses online shop breach after service provider hack23hTechCrunch SecurityLAPD lets contract with surveillance giant Flock expire, citing ‘serious concerns’ over civil liberties and privacy23hBleepingComputerBreach at the Beach: Play the Ultimate Entra ID CTF23hTenableWhy cloud security is mission-critical for federal civilian and defense agencies1dHelp Net SecurityCloudflare Precursor uses continuous behavioral analysis to stop advanced bots1dCheck Point Research13th July – Threat Intelligence Report1dDark ReadingTurning the Tables on Email Scammers With 'ScamBuster'1dInfosecurityNovel OAuth Client ID Spoofing Technique Targets Cloud Environments1dCloudflareIntroducing Precursor: detecting agentic behavior with continuous client-side signals1dZscalerFormula One and Cybersecurity in the AI Era1dHacking ArticlesWindows Privilege Escalation: SeTakeOwnershipPrivilege1dWizWhy IaC Coverage Belongs on Your Security Dashboard1dHelp Net SecurityRansomware negotiator who betrayed clients sentenced to 70 months in prison1dSecurityWeekCybersecurity M&A Roundup: 37 Deals Announced in June 20261dHelp Net SecurityFake OAuth client IDs are helping attackers slip past sign-in logs1dInfosecurityProgress Software Warns of "External Security Threat" to ShareFile1dThe Register SecurityWorld Cup grudge attackers may have scored Argentine FA access via year-old infostealer infection1dCSO OnlineRabbitMQ flaws expose OAuth secrets, risk complete takeover of the broker1dSecurityWeekRabbitMQ Vulnerability Threatens Enterprise Systems1dNCSC UKUK and Allies urge critical sectors to improve defences against Russian intelligence targeting1dSchneier on SecurityAI Data Centers and the Concentration of Wealth1dIndicatorOktoberfest upskirting videos are being monetized on Meta, TikTok, and YouTube1dInfosecurityRussian State Hackers Target Vulnerable Routers Worldwide, Joint Advisory Warns1dThe Register SecurityProgress orders emergency ShareFile server shutdown over mystery security threat1dSecurityWeekZimbra Patches Critical Code Execution Vulnerability1dCSO OnlineJurassic Park, cybersecurity and the dangerous myth of control1dInfosecurityHacker Extradited from Ukraine Pleads Guilty to Ryuk Ransomware Charges1dCyberScoopAI-generated code has made security debt a governance problem1dCSO OnlineYour AI risk register is not an incident response plan1dCybersecurity DiveWhen cybercriminals outrun the feed1dCybersecurity DiveCopy-paste might be the riskiest thing your enterprise employees do all day1dInfosecurityAustralian Cyber Agency Warns of Global CMS Exploitation Campaign1dCSO OnlineCan AI narrow cybersecurity’s class divide?1dProjectDiscoveryCommunity Spotlight: Rishi (@rxerium)1dHelp Net SecurityCynative: Open-source deep research agent1dHelp Net SecurityMicrosoft demystifies how Windows updates work1dHelp Net Security99.9% of fixable AI vulnerabilities remain unpatched1dSANS ISCSomeone Is Scanning for Your MCP Servers and AI Assistant Credentials, (Mon, Jul 13th)1dFederal News CyberThe challenges, opportunities of open source intelligence for cyber defenders1dFederal News CyberFighting AI with AI requires enduring, new approaches1dSANS ISCISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)1dFlock SafetyEvidence Management Best Practices for Law Enforcement1dTLDR InfoSecShareFile Emergency Shutdown ⚠️, Injective npm Key Theft 🪙, NSA Revives TAO Name 🏢1dRecorded FutureKlueセキュリティインシデントとRecorded Futureへの影響1dSimon WillisonDirectly Responsible Individuals (DRI)1dThe RecordRussia's FSB blamed for Poland grid attack as UK and EU impose first joint cyber sanctions1dSimon WillisonFable gets another bump2dOX SecurityMalware-Slop: Crypto Stealer Impersonating Polymarket Exposes Its Own Credentials2dThe Hacker NewsCompromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install2dThe Hacker NewsHackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns2d0xdfHTB: CCTV3dSANS ISCWireshark 4.6.7 Released, (Sat, Jul 11th)3dTechCrunch SecurityUS cybersecurity agency CISA had to build its incident playbook during the incident, agency reveals3dRapid7Weekly Metasploit Update: Exploits for FlowiseAI CSV Agent and MacOS Package Kit3dUnit 42No Manners Here: The Ruthless Rise of The Gentlemen Ransomware3dSchneier on SecurityFriday Squid Blogging: “Squidbleed” Vulnerability3dFederal News CyberAI in battlefield intelligence: Expanding the speed of decision-making3dPraetorianBluetooth Low Energy Security Testing, Consolidated: Introducing Caeruleus3dCyberScoopArmenian national pleads guilty to Ryuk ransomware attacks3dDark ReadingJen Ellis: Connecting Cyber Community With Political Machinery3dCyberScoopCISA looks to remedy ailments from big May credential leak3dXBOWGrok 4.5 for Offensive Security: Performance vs. Cost3dOX SecurityAI Pentesting vs Traditional Pentesting: Where Each Wins3dXBOWXBOW Demo | See Autonomous Hackers in Action3dOX SecurityContinuous Pentesting: From Annual Audit to Always-On3dThe Register SecurityDestructive Windows backdoor stuffs multiple wipers and ransomware code into a single package3dDark ReadingCybercriminals Flock to Healthcare Businesses as Attacks Surge3dThe Hacker NewsURGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat3dMicrosoft SecuritySecuring our future: July 2026 progress report on Microsoft’s Secure Future Initiative3dSANS ISCMy Stack Simulator, (Wed, Jul 8th)3dCybersecurity DiveInitial access broker linked to weaponization of CitrixBleed2 flaw3dEFF DeeplinksBuilding Our Future Together3dCybersecurity DiveCISA details security lapses that led to GitHub leak of passwords, cloud access keys3dCSO OnlineEU extends mass scanning of messages without a warrant3dThe Hacker NewsResearcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws3dTechCrunch SecurityFlorida ransomware negotiator convicted for helping ransomware gang extort US companies3dDark ReadingFresh ATM Crypto Software Bugs: Jackpot or Bust?3dZero Day InitiativeCVE-2026-47291: Remote Code Execution in the Windows HTTP.sys3dDark ReadingMore Countries Jump on the Social Media 'Ban Wagon'4dEFF DeeplinksAutomated Moderation Is Here to Stay—Accountability Must Keep Pace4dDark ReadingAI Coding: Do Security Risks Outweigh Productivity Gains?4dCloudflareImproving Smart Tiered Cache for Public Cloud Regions4dThe Register SecurityFashion mart Miinto unzips breach details, warns shoppers to watch for phisherfolk4dXBOWHuman-in-the-Loop AI Pentesting: What It HIL in Pentesting & Why It Works4dThe Hacker NewsFrom 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale4dThe Hacker NewsExposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites4dSchneier on SecurityAI Surveillance and Social Progress4dThe Hacker NewsStudy of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking4dThe Register SecurityScot NHS Trust probes email stuffup involving maternity patients' data4dSANS ISC"Comment stuffing" in an HTML phishing attachment as a mechanism for evading AI-based detection?, (Fri, Jul 10th)4dHelp Net SecurityMicrosoft is rewriting Windows patch guidance because of AI4dSANS ISCISC Stormcast For Friday, July 10th, 2026 https://isc.sans.edu/podcastdetail/10002, (Fri, Jul 10th)4dThe Register SecurityMicrosoft warns customers AI will mean busier Patch Tuesdays4dCyberScoopFormer DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail4dFlock SafetyHow Flock's Audio Detection Works, and the Concerns We Hear Most4dSophosSophos named a 2026 Gartner® Peer Insights™ Customers’ Choice for Email Security4dTLDR InfoSecnpm 12 Reduces Supply Chain Risk ⛓️, 130 Exploits Published 👿, Linux Distro Sabotage 💣4dRecorded FutureJune 2026 CVE Landscape4dEFF Deeplinks"We Want Texans to Know Their Rights": Q&A with Mayday Health on the Impact of Surveillance on Abortion Care4dEFF DeeplinksThe House Passed The KIDS Act—The Senate Should Reject It4dFederal News CyberCyber training will enable government to successfully harness AI while staying secure4dXBOWMuse Spark vs. GLM: AI Models for Offensive Security4dSimon WillisonThe new GPT-5.6 family: Luna, Terra, Sol4dQualysHow to Meet a 3-Day Remediation SLA & Comply with CISA BOD 26-044dZscalerWhy Do F1 Teams Need Cybersecurity, and How Is AI Changing the Threat Landscape?4dCisco TalosWolfSSL, GeoVision, VTK vulnerabilities4dFederal News CyberDLA accelerates ERP modernization to strengthen audit readiness4dEFF DeeplinksEuropean Commission Chooses to Keep EU Users Locked Up Behind Big Tech’s Gates4dCisco TalosWinning 54% of the time4dCyberScoopInterpol cybercrime crackdown nets 5,800 arrests across 97 countries4dThe Hacker Newsnpm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk4dSimon WillisonIntroducing Muse Spark 1.14dWizHow ProdSec uses Wiz4dWizWiz in the Verizon DBIR: How AI Acceleration and Cloud Sprawl Impact Modern Defense4dReversingLabsAI-BOM push borrows from the SBOM playbook4dSpecterOpsFinding SOCKS with Proxywatch4dOX SecurityInjectivelabs npm Package Hijacked, Impacting 87 Dependent Packages4dCybersecurity DiveData breach hits car insurance provider4dMicrosoft SecurityGigaWiper: Anatomy of a destructive backdoor assembled from multiple malware4dCybersecurity DiveRansomware ecosystem grows, but ‘four-headed monster’ dominates4dCyberScoop764 splinter group leader sentenced to 40 years in jail4dCloudflareWhy we cannot wait for better post-quantum signature algorithms5dGraham CluleyInvited to a “job interview” with Netflix or OpenAI? Beware! Your Google password could be at risk5dSentinelOneOne Target, Two Flags | Rival Espionage Actors Converge On Pakistani Law Enforcement5dHelp Net SecurityMicrosoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656)5dNIST NewsNew Fabric Test Material Could Help Strengthen Domestic Supply Chain for Textiles and Clothing5dThe MarkupKaiser Permanente nurses say technology is making their jobs — and patient care — worse5dAdversa AITop AI Coding Agent security resources — July 20265dSchneier on SecurityThe Language of AI Could Change How Humans Speak5dThe Hacker NewsGodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses5dEFF DeeplinksGoogle's New Remote Attestation Scheme is As Bad As Its Old One5dFull Disclosure[REVIVE-SA-2026-003] Revive Adserver Vulnerabilities5dCrowdStrikeWhy AI Governance Without Guardrails Is Theater5dTrustedSecVulnify: Giving Your Agents a CVE Brain5dSANS ISCISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)5dZscalerKainos Shares Five Essential Tips for Your Zscaler Deployment at Scale5dSANS ISC_HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)5dFlock SafetyWhat the Supreme Court's Chatrie Decision Means for ALPR Technology5dTLDR InfoSecAI Breaches AWS Environment ☁️, Accenture Data Breach 🔓, AI For Blue Teams 🟦5dDatadog Security LabsNot-so-anonymous telemetry: The @injectivelabs/sdk-ts backdoor5dSnykSymlinks Are Still Scary (And Yes, You Can Commit Them to Git)5dRecorded FutureRiskX interview video featuring Colin Mahony and Mastercard's Aditi Sawhney5dSimon WillisonRewriting Bun in Rust5dSimon WillisonIntroducing GPT‑Live5dGraham CluleySmashing Security podcast #475: JadePuffer – the AI that ran a ransomware attack all by itself5dQualysWhen AI-Accelerated Discovery Outruns Patching, Exploitability Proof Decides What Gets Fixed First5dNextgov CyberPentagon opens applications for cyber apprenticeship program5dFederal News CyberNorth Carolina rationalizes cyber tools by asking a simple question5dSimon WillisonQuoting Kenton Varda5dCyberScoopFrench nonprofit starts global intelligence and research hub for AI cyber threats5dQualysFortiBleed: Credential Reuse, Legacy Hashes, and the Risk of Internet-Exposed FortiGate Devices5dHacking ArticlesWindows Privilege Escalation: SeDebugPrivilege5dMicrosoft SecurityProtecting Microsoft at AI speed: How SFI proactively hardens our cloud5dFederal News CyberNIST’s National Vulnerability Database needs some help to continue working5dHacking ArticlesWireless Pentesting with Claude Using the Aircrack MCP Server5dSentinelOneHPC AI Workloads Need Runtime Security. The Architecture Already Exists.5dTechCrunch SecurityAnother massive data breach exposed millions of driver’s license numbers5dCitizen LabAI Surveillance Is Being Supercharged–And It Will Chill Social Progress5dSpecterOpsBuilding a Mental Model for Kubernetes Security Research5dCybersecurity DiveUS enterprises incorporate cyber risk into larger strategic focus5dZscalerBeyond Alert Fatigue: Architecting Next5dReversingLabsSpectra Analyze in Action: Hunting Device Code Phishing Pages5dQualysOperationalizing Day Minus Seven: The Cloud-Native ROC5dCybersecurity DiveAccenture faces massive data breach that could put clients at risk5dHelp Net SecurityAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)5dWizGhostApproval: A Trust Boundary Gap in AI Coding Assistants5dBlack Hills InfoSecFinding the “Goldilocks” Zone: A Practical Approach to Alert Triage5dTroy HuntWeekly Update 511: Live from my Riad in Marrakech6dThe Hacker NewsNew Ghost Phishing Wave Is Breaking Traditional Email Security6dRapid7Security Teams Are Ready To Become More Preemptive. What’s Holding Them Back?6dCloudflareIntroducing Meerkat: an experiment in global consensus6dKrebs on SecurityFelons, Fraudsters Flog Offensive Cybersecurity Startup6dWizWiz ASM for any environment, any risk, everywhere6dHelp Net SecurityAccenture acknowledges security incident following 35GB data theft claim6dSchneier on SecurityCybersecurity and the Gap Between Skill and Ability6dWeLiveSecurityESET Threat Report H1 20266dCrowdStrikeFalcon Secure Access Sets the Standard for Zero Trust Browser Security6dSANS ISCISC Stormcast For Wednesday, July 8th, 2026 https://isc.sans.edu/podcastdetail/9998, (Wed, Jul 8th)6dTLDR InfoSecGitHub AI Agent Leaks Private Repos 🤖, Windows Service Abuse 🪟, Coding Agent Jailbreak Harness 🔑6dElastic SecurityClickFix to Cash-Out: Anatomy of a Mexican Banking-Fraud Toolkit6dDatadog Security LabsCoordinated GitHub API enumeration and access token abuse6dRecorded FutureThe Threat Isn’t the Frontier Model6dExploit-DB[webapps] Krayin CRM v2.2.x - Authenticated Remote Code Execution6dExploit-DB[webapps] Atarim WordPress Plugin 4.2.2 - Sensitive Information Exposure6dExploit-DB[webapps] Langflow 1.9.0 - RCE6dExploit-DB[webapps] Joomla Page Builder CK 3.5.10 - Arbitrary File Upload6dUnit 42Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflation6dNextgov CyberHouse Homeland committee seeks briefing on DHS network hack6dFederal News CyberDoD opens applications for long-awaited cyber apprenticeship program6dSimon Willisonsqlite-utils 4.0, now with database schema migrations6dTenableOMB M-26-14: Why federal agencies must fix asset visibility first6dTechCrunch SecurityHacked, leaked, and held for ransom: The worst breaches of 2026 so far6dEFF DeeplinksAutomated Moderation Is Here to Stay6dEFF DeeplinksHelp EFF Cut the AI Hype6dSpecterOpsHow to Set Red Team Objectives that Produce Value6dReversingLabs‘Download pumping’ joins the trust-abuse bandwagon6dQualysQualys Joins Cisco Cloud Control Studio as a Launch Partner to Bring Risk Intelligence to Agentic Operations6dMandiantThe ‘Ghost’ in the Database: Recovering Active ADFS Signing Keys via Machine DPAPI7dTechCrunch SecurityHacktivists call out Trump by hacking and defacing US Army websites7dCloudflareCloudflare proudly joins the UK government's Cyber Resilience Pledge7dGraham CluleyTwo arrested over credit card phishing – as the Netherlands is named Europe’s worst for payment fraud7dTechCrunch SecuritySavi’s app aims to protect consumers from realistic AI scams like kidnappers demanding ransom7dIndicatorNo code, no budget: 7 web scrapers put to the test7dSchneier on SecurityGoogle Is Suing Chinese Scammers Who Are Using Gemini7dKaspersky SecurelistThreat landscape for industrial automation systems. Q1 20267dCisco TalosUAT-7810 continues building ORB networks using new malware7d0xdfHTB: Abducted7dFull DisclosureOPNsense XPATH Injection (CVE-2026-53582)7dFull DisclosureSCHUTZWERK-SA-2025-001: Authentication Bypass for SafeLine SL6 and SL6+7dCrowdStrikeCrowdStrike Uncovers New Prompt Injection Techniques7dTrustedSecWelcoming ObfusGit7dZscalerThe Director’s Cut: Trusted Perimeters Become Board Liabilities7dSophosWhen AI agents look like attackers: what behavioral telemetry tells us7dTLDR InfoSecUK Government Login Theft 🇬🇧,Veil#Drop Loader 🛠️ , Scattered Spider Telemetry 🕷️7dExploit-DB[webapps] MCPJam Inspector - Remote Code Execution7dExploit-DB[local] ProtonVPN v4.4.1 - Unquoted Service Path7dExploit-DB[webapps] Flowise 3.1.3 - arbitrary code execution7dExploit-DB[remote] Hydra - Stack Buffer Overflow7dExploit-DB[webapps] Discuz! X5.0 - Authentication Bypass7dExploit-DB[webapps] Tenable Nessus 10.12.1 - SQL Injection7dTechCrunch SecurityThe ‘first’ AI-run ransomware attack still needed a human7dZscalerSSE Architecture Explained: How SSE Enables Zero Trust7dNextgov CyberCISA expects to finalize key cyber reporting rule by September7dPraetorianFreeBSoD: Leveraging Language Models to Find and Exploit Kernel Bugs (Part 2 of 2)7dMicrosoft Security5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management7dXBOWContinuous Vulnerability Testing for Small Security Teams7dQualysIs Your AppSec Program Built to Close the OWASP Top 10 2025 Coverage Gap?7dAdversa AITop MCP security resources — July 20267dTechCrunch SecurityCanadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year7dRapid7A Day With Your Vector Command Red Team Pod8dCloudflareYour Worker can now have its own cache in front of it8dCheck Point ResearchCavern Manticore: Exposing Iran-Linked Modular C2 Framework8dCheck Point Research6th July – Threat Intelligence Report8dNIST NewsArvind Raman Confirmed as the 18th NIST Director8dSchneier on SecurityFrance to Stop Certifying Non-Quantum-Safe Encryption8dKaspersky SecurelistWhen checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website8dCrowdStrikeHow AI-leading Security Teams Are Building the Agentic SOC8dSophos"Exploit mitigation" stalled around 2008. The attacks didn't.8dTLDR InfoSecJadePuffer AI Attack 🤖,Anthropic v. Alibaba ⚖️ , PamStealer macOS Bug 🍏8dDatadog Security LabsEntra Agent ID: Protect, detect, respond9dOX SecurityMalware Detected: Reverse Shell Without JavaScript Files in npm9d0xdfHTB: DevArea10dRapid7Weekly Metasploit Update: Modules for SMB-to-Meterpreter, Peyara Remote Mouse RCE exploit, and more11dWeLiveSecurityCyber readiness for SMBs: Getting the basics right11dSchneier on SecurityFlock Cameras Can Surveil Cars Without License Plates11dIndicatorBriefing: X tries to undo its monetization mess11dKaspersky SecurelistArmored Likho digging a snake pit: inside the covert BusySnake Stealer campaign11dTroy HuntSwimming Pools, Pee, and Trying to Delete Your Data From the Internet11dTLDR InfoSecSharePoint RCE Active Exploitation 🛠️, Cursor Zero-Click RCE 💥, NetNut Proxy Disrupted 🌐11dUnit 42How We Added WebAuthn to a Browser-Based RDP Client11dZscalerSecOps for the AI Age: Detecting and Responding to AI‑Related Incidents11dKrebs on SecurityFBI Seizes NetNut Proxy Platform, Popa Botnet11dFull DisclosureWhistleblowersoftware.com: confidentiality and anonymity leakage to third parties