July 04, 2026 · 6 articles

JadePuffer ransomware used AI agent to automate entire attack
July 04, 2026
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. [...] (BleepingComputer)

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
July 04, 2026
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negoti... (The Hacker News)

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
July 04, 2026
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist,... (The Hacker News)

Confidential computing's core trust mechanism is broken. The fix may not exist
July 04, 2026
Attested TLS: the handshake that can't prove who's on the other end (The Register - Security)

FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials
July 04, 2026
FBI says TeamPCP poisoned trusted developer tools to steal cloud credentials, spread malware through software updates, and extort victims. On July 2, 2026, the FBI published a F... (Security Affairs)

Ivanti Sentry Pre-Authentication RCE
July 04, 2026
What is the Vulnerability? FortiGuard Labs continues to observe exploitation attempts targeting CVE-2026-10520 following the public release of technical details and proof-of-con... (FortiGuard Labs)
July 03, 2026 · 29 articles

Google, FBI Disrupt NetNut Residential Proxy Network Powered by Millions of Devices
July 03, 2026
NetNut rented access to millions of compromised devices, allowing cybercriminals and nation-state actors to mask their identities during attacks. The post Google, FBI Disrupt Ne... (SecurityWeek)

Weekly Metasploit Update: Modules for SMB-to-Meterpreter, Peyara Remote Mouse RCE exploit, and more
July 03, 2026
It's Time to Upgrade Your SMB Session This week, Metasploit contributor Dean Welch has added an SMB to Meterpreter session upgrade module. It uses PsExec to facilitate the upgra... (Rapid7 Blog)

Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
July 03, 2026
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and... (The Hacker News)

Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds
July 03, 2026
A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The Citizen Lab published a report documenting one of the more darkly... (Security Affairs)

New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
July 03, 2026
A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux deskt... (The Hacker News)

New Avalon Malware Framework Packs CrownX Ransomware Capabilities
July 03, 2026
Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means of a multi-stage phishing chain capabl... (The Hacker News)

North Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets
July 03, 2026
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data... (The Hacker News)

In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting
July 03, 2026
Noteworthy stories that might have slipped under the radar: Anonymous-linked Canadian hacker jailed, researcher drops zero-days in open source projects, Venezuelans sentenced in... (SecurityWeek)

AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data
July 03, 2026
Third-party contractor compromise exposed health information and insurance billing passwords (The Register - Security)

ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
July 03, 2026
A new phishing-as-a-service (PhaaS) platform dubbed "ARToken" appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extens... (BleepingComputer)

Armored Likho Targets Government Agencies, Power Sector with BusySnake Stealer
July 03, 2026
A previously undocumented threat actor known as Armored Likho has been attributed to cyber attacks targeting government agencies and the electric power sector across Russia, Bra... (The Hacker News)

Qilin Dominates Ransomware Market Amid Growing Cybercrime Consolidation
July 03, 2026
The ransomware landscape is reconsolidating around major players, with Qilin emerging as the leading RaaS operation, researchers say (Infosecurity Magazine)

NetNut cracked as Google and FBI target 2 million-device botnet
July 03, 2026
Other residential proxy brands may rely on the same network (The Register - Security)

Warning Over “Industrialized” Cyber-Attacks After Ransomware Gang Partners With TeamPCP
July 03, 2026
Researchers warn that collaboration could lead to “unprecedented” ransomware attacks, as FBI also issues warning (Infosecurity Magazine)

Agentic AI Used to Conduct Ransomware Attack via Langflow
July 03, 2026
Attack demonstrates how LLM agents can combine known exploitation techniques with real-time reasoning to automate complex, multi-stage intrusions. The post Agentic AI Used to Co... (SecurityWeek)

The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident
July 03, 2026
Vercel breach happened after an employee used an unvetted AI tool. Attackers exploited it as a trusted link to access systems, steal data, and extort $2M. The Vercel breach of A... (Security Affairs)

Medtronic Data Breach Impacts 3.8 Million People
July 03, 2026
In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information. The post Medtronic Data Breach Impacts 3.8 Million Peopl... (SecurityWeek)

Alleged Scattered Spider Hacker Extradited to US
July 03, 2026
Prosecutors say 19-year-old Peter Stokes was a member of Scattered Spider, the hacking group linked to more than 100 network intrusions and over $100 million in ransom payments.... (SecurityWeek)

PamStealer Uses Fake Maccy Sites and PAM Checks to Steal Mac Login Passwords
July 03, 2026
Cybersecurity researchers have flagged a new macOS information stealer called PamStealer that employs a series of clever tricks to infect systems and siphon sensitive data. The... (The Hacker News)

Government and Healthcare Are the Weakest Links in Global Email Security
July 03, 2026
Government and healthcare sectors have weak email security. Many domains lack SPF, DMARC, DKIM, and MTA-STS, leaving them open to phishing attacks. Comparitech analyzed live DNS... (Security Affairs)

Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution
July 03, 2026
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system. The post Cri... (SecurityWeek)

Intezer helps SOC teams automate custom security tasks
July 03, 2026
Intezer has announced Custom Agents, a new capability that lets security teams build their own AI agents directly inside the Intezer platform. The launch builds on Intezer’s cor... (Help Net Security)

User swore hacker called General Failure had invaded his PC
July 03, 2026
Maybe they were looking for Private Data (The Register - Security)

Non-interactive SSH attacks dominate after login
July 03, 2026
Anyone who runs a server with SSH exposed to the internet sees the same pattern in the logs. A steady stream of automated scanners tries to log in, hour after hour, from address... (Help Net Security)

Geopolitical cyber threats are turning HR into a security front line
July 03, 2026
In this Help Net Security video, Roman Sannikov, Global Research Coordinator at iCOUNTER, explains why geopolitics belongs in every security team’s threat model. With open and s... (Help Net Security)

Organizations struggle to prioritize known cyber risks
July 03, 2026
Organizations collect more cyber risk data than ever, with many still struggling to build a unified view of their exposure. The latest State of Threat Management report from Fil... (Help Net Security)

New infosec products of the week: July 3, 2026
July 03, 2026
Here’s a look at the most interesting products from the past week, featuring releases from Digi International, iboss, Jamf, and Netzilo. Digi International’s DANI automates netw... (Help Net Security)

Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
July 03, 2026
Anthropic says Claude Fable 5 won't be accessible via Claude subscriptions after July 7, but it's not a permanent change, and the company expects the model to return outside the... (BleepingComputer)

Claude Fable relaunch disappoints users with nerfed performance
July 03, 2026
Claude Fable, the company's most powerful model, is now available to all users, but early impressions are disappointing, as it appears to be nowhere near the original release. [... (BleepingComputer)
July 02, 2026 · 44 articles

FortiBleed Campaign Harvests 110M+ Credentials, Fuels Ransomware Operations
July 02, 2026
A critical credential-harvesting campaign dubbed “FortiBleed” has been exposed, systematically targeting over 430,000 FortiGate firewalls worldwide and exploiting CVE-2026-35616... (Orca Security Blog)

ITDR for the Cloud: Identity Threat Detection and Response Explained
July 02, 2026
Key Takeaways ITDR (Identity Threat Detection and Response) detects and responds to identity-based attacks in real time: credential theft, token abuse, anomalous privilege use,... (Orca Security Blog)

Cloud Least Privilege: Principles, Best Practices & How to Enforce It
July 02, 2026
Key Takeaways In the cloud, identities accumulate permissions they never use, and every unused permission is a reachable path for an attacker who lands on that identity. Most of... (Orca Security Blog)

U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog
July 02, 2026
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and I... (Security Affairs)

Cybercriminals Pose as Interpol in Phishing Emails to Infect Victims With Ransomware
July 02, 2026
Bitdefender researchers warned of curious ransomware campaign which has targeted businesses around the world (Infosecurity Magazine)

Opera rolls out Paste Protect feature to fight ClickFix attacks
July 02, 2026
Opera has introduced Paste Protect, a security feature designed to block ClickFix-style attacks that trick users into executing malicious commands through social engineering. [...] (BleepingComputer)

Cisco finally confirms attackers exploiting Unified CM flaw
July 02, 2026
Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in early June. [...] (BleepingComputer)

Startup sues Palo Alto Networks' Koi Security, saying an AI-hallucinated report falsely linked it to Chinese espionage
July 02, 2026
MeetingTV wants to see the evidence (The Register - Security)

Apple Reverses Age-Old Patch Policy to Keep Up With AI
July 02, 2026
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit. (Dark Reading)

FBI Seizes NetNut Proxy Platform, Popa Botnet
July 02, 2026
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service... (KrebsOnSecurity)

CIEM vs IAM vs PAM: What’s the Difference (and Do You Need All Three)?
July 02, 2026
Key Takeaways IAM, PAM, and CIEM all manage “access,” which is exactly why teams confuse them. The acronyms sound interchangeable, and every vendor draws the lines a little diff... (Orca Security Blog)

Best CIEM Tools in 2026: The Cloud Infrastructure Entitlement Management Buyer’s Guide
July 02, 2026
Key Takeaways CIEM tools find, prioritize, and right-size the permissions attached to cloud identities. They matter because cloud environments have become increasingly driven by... (Orca Security Blog)

Catan and Mouse
July 02, 2026
What do board games and cybersecurity have in common? Pattern recognition. Strategy. Adaptation. In this week’s Threat Source Bill explores why curiosity may be a defender’s mos... (Cisco Talos)

Ctrl+Alt+Oops: FortiBleed criminal's logins stitch two gangs together
July 02, 2026
Researchers scoured logs, finding opsec fail for at least one person who was working with INC and Lynx simultaneously (The Register - Security)

ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
July 02, 2026
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal... (The Hacker News)

New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure
July 02, 2026
Hackers are targeting NetScaler appliances using public PoC code to retrieve arbitrary memory content in the HTTP response. The post New CitrixBleed Vulnerability Exploited Imme... (SecurityWeek)

ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
July 02, 2026
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA bypass tactics work and how to defend against them.... (BleepingComputer)

Formalizing Red Teaming Offensive Methodology as a Multi-Agent AI Architecture
July 02, 2026
Threat actors are integrating AI into their exploit chains, accelerating reconnaissance, automating vulnerability discovery, and scaling social engineering in ways that compress... (Rapid7 Blog)

How to Conduct a Successful Audit of AI-Driven Software Development
July 02, 2026
As AI-generated code becomes commonplace, CISOs need new audit strategies to measure developer practices, govern AI tool usage, and identify software risks before they reach pro... (SecurityWeek)

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
July 02, 2026
The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email correspondence via the Goo... (The Hacker News)

Context Engineering | Compaction & Agent Memory for Automated Malware Analysis
July 02, 2026
Compaction cut input tokens 86% across long-running agent evals with no quality loss. Context discipline matters as much as model selection. (SentinelLabs)

New iboss platform gives organizations instant visibility into AI tools and usage
July 02, 2026
iboss has launched the AI Security Platform, a new service that gives any organization visibility into the AI tools its people are using, free of charge. Signup is instant, depl... (Help Net Security)

Researcher Behind 'Exploitarium' Explains Release of Undisclosed Zero-Day Exploits
July 02, 2026
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first (Infosecurity Magazine)

Anthropic's AI Finds Bugs. IBM Bets $5B It Can Fix Them.
July 02, 2026
IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic's Mythos findings ignite debate over how to secure the open-source software supply chain. (Dark Reading)

Cloudflare changes AI crawler access rules
July 02, 2026
Cloudflare introduced new controls that let website owners manage AI traffic across three categories: Search, Agent, and Training. The feature is available to all Cloudflare cus... (Help Net Security)

India gives WhatsApp three days to defend username rollout amid security fears
July 02, 2026
Government of the messenger's largest market demands a pause while Meta explains how it plans to stop impersonators (The Register - Security)

Identity Lifecycle Management Wasn't Built for AI Agents
July 02, 2026
Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals... (The Hacker News)

Cybersecurity Mission Creep in the US
July 02, 2026
Interesting paper: “ Cybersecurity Mission Creep .” Abstract: Cybersecurity is experiencing mission creep. Policymakers are casting more and more problems as issues of cybersecu... (Schneier on Security)

Trump Administration Lifts Restrictions on Anthropic’s Claude Models After Cybersecurity Alarm
July 02, 2026
Anthropic said Tuesday night that its AI model called Claude Fable 5 is now widely available. The post Trump Administration Lifts Restrictions on Anthropic’s Claude Models After... (SecurityWeek)

Build AI Security Agents with Wiz MCP
July 02, 2026
Power AI-driven security with trusted security context, Wiz AI Agents, and Wiz AI Skills. (Wiz Blog)

‘BioShocking’ Attack Tricks AI Browsers Into Stealing Credentials
July 02, 2026
Researchers show how context manipulation can cause agentic browsers to abandon safety guardrails and exfiltrate sensitive credentials. The post ‘BioShocking’ Attack Tricks AI B... (SecurityWeek)

Oracle E-Business Suite was under attack via critical flaw before the public exploit code was even released
July 02, 2026
Attackers appear to have reverse-engineered Big Red's patch (The Register - Security)

NCSC Shares Tips on How to Make a Pen Tester’s Job Harder
July 02, 2026
The NCSC has shared best practice advice from pen testers which could help improve system resilience (Infosecurity Magazine)

Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic
July 02, 2026
Adobe fixed multiple critical flaws, including max severity bugs in ColdFusion and Campaign Classic that could lead to remote code execution Adobe has released security updates... (Security Affairs)

AI-Speed Risk Requires Identity-Defined Reachability
July 02, 2026
Why Zero Trust Steps 3, 4, and 5 must evolve beyond patching, topology, and ticket-driven connectivity Executive Summary AI is compressing the time between vulnerability discove... (Cloud Security Alliance)

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
July 02, 2026
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-con... (The Hacker News)

The endpoint recovery gap many teams discover during an incident
July 02, 2026
In this interview with Help Net Security, IGEL CTO Matthias Haas explains why backups alone do not equal recovery. He makes the case that endpoint recovery is often overlooked,... (Help Net Security)

Review: CTRL+ALT+PWN
July 02, 2026
Hacking gear that once sat in well-funded labs now ships to anyone with a credit card and a video tutorial. Frank Riccardi builds his consumer guide, CTRL+ALT+PWN: The Hacker’s... (Help Net Security)

Catching ransomware on the wire before it locks the file server
July 02, 2026
Corporate networks keep sensitive files off individual workstations and store them on shared servers that staff reach through mapped network drives. That arrangement hands ranso... (Help Net Security)

What the AI patch gap means for enterprise security
July 02, 2026
Open-source maintainers are receiving more vulnerability reports than they can act on, and a rising share now comes from an AI system working at machine speed. Over roughly two... (Help Net Security)

GitHub’s new tool helps prevent costly open-source license violations
July 02, 2026
GitHub’s Open Source Program Office (OSPO) uses the new GitHub License Compliance feature, now in public preview, to manage thousands of open-source dependencies and identify de... (Help Net Security)

ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
July 02, 2026
(SANS ISC)

Inside Elastic InfoSec's agentic SOC: cutting alert triage from 30 minutes to under 3
July 02, 2026
Elastic's InfoSec team built AI agents on Elastic Workflows that investigate every alert and assemble the case before an analyst ever opens it. (Elastic Security Labs)

You can't trust what you can't see: How we keep an eye on a fleet of AI agents
July 02, 2026
See how Chainguard uses Lens to monitor AI agents in real time with traces, evals, costs, and safeguards that make autonomous coding trustworthy. (Chainguard Unchained)
July 01, 2026 · 41 articles

And the Winner in Dominant Malware Delivery? ClickFix
July 01, 2026
Researchers say the highly effective social engineering technique is no longer the exception for malware attacks - it's now the rule. (Dark Reading)

Langflow RCE Actively Exploited to Deploy Cryptominers on AI Infrastructure
July 01, 2026
A critical vulnerability (CVE-2026-33017, CVSS 9.8) was disclosed affecting Langflow, a widely used open-source AI application builder, allowing attackers to execute arbitrary c... (Orca Security Blog)

Brazilian Banking Trojan Ousaban Targets Spain and Portugal
July 01, 2026
FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing (Infosecurity Magazine)

Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector
July 01, 2026
Attackers can exploit LLM domain hallucinations through phantom squatting to target supply chains. Read the analysis to learn more. The post Phantom Squatting: AI-Hallucinated D... (Palo Alto Networks Unit 42)

Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)
July 01, 2026
This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users s... (SANS ISC)

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts
July 01, 2026
Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising dozens of ac... (The Hacker News)

When Too Much Security Data Became the Risk
July 01, 2026
Rapid growth turned routine firewall logs into a security and budget liability. One CISO used artificial intelligence to filter what data truly belongs in the SIEM. (Dark Reading)

Over 900 Oracle E-Business instances exposed to ongoing attacks
July 01, 2026
Over 900 Oracle E-Business Suite (EBS) instances have been found exposed online amid ongoing attacks exploiting a critical security flaw. [...] (BleepingComputer)

Dawnguard launches platform to automate secure cloud architecture
July 01, 2026
Dawnguard announced the public launch of its security architecture automation platform, making it available to organizations looking to design, build, and operate secure cloud-n... (Help Net Security)

Anthropic's Fable 5 and Mythos 5 Are Back with New Security Guardrails
July 01, 2026
The new classifier in Fable 5 blocks the jailbreak technique that prompted the US export controls “in over 99% of cases” (Infosecurity Magazine)

Microsoft Adds New Teams Controls to Block Unauthorized AI Bots From Meetings
July 01, 2026
Microsoft's new Teams admin policy requires organizer approval for external AI bots, giving organizations greater visibility and control over automated participants in sensitive... (SecurityWeek)

EvilTokens device-code phishing kit totally more evil than we all thought
July 01, 2026
It's a 'complete BEC operations environment,' Talos researcher says (The Register - Security)

Claude Sonnet 5.0 heads straight down the middle of the road to dodge controversy
July 01, 2026
Safer, cheaper, and nothing to do with cybersecurity (The Register - Security)

Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS
July 01, 2026
Attackers fingerprint victims through user-agent data to deliver OS-specific payloads, increasing compromise rates and campaign profitability. (Dark Reading)

New ChocoPoC malware targets researchers via trojanized PoC exploits
July 01, 2026
Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute commands and steal... (BleepingComputer)

Somebody told DeepSeek to build in-browser ransomware and it gleefully complied
July 01, 2026
'The original incomplete DeepSeek sample can be transformed into a fully functional attack with minimal effort,' Check Point researcher tells The Reg (The Register - Security)

Secure Amazon container workloads using container attribute-based rules in AWS Network Firewall
July 01, 2026
Today, you can use AWS Network Firewall to protect traffic flowing to and from containerized applications on Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Co... (AWS Security Blog)

Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
July 01, 2026
Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided the... (The Hacker News)

DHS confirms hackers breached HSIN info-sharing platform
July 01, 2026
The Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network (HSIN), a sensitive information-sharing platform us... (BleepingComputer)

Red teamers turned Claude Desktop into a double agent to do their evil bidding
July 01, 2026
People trust their AI assistants and it's easy to abuse this trust (The Register - Security)

How to use the AWS Workload Credentials Provider for cross-account secret retrieval and prefetching secrets
July 01, 2026
If you manage secrets across multiple AWS accounts or need faster secret access for latency-sensitive applications, this post shows you how to meet those requirements using two... (AWS Security Blog)

5 Myths About AI in the SOC Security Teams Need to Rethink
July 01, 2026
AI is now part of almost every conversation in security operations. Most teams are already investing in it, experimenting with it, or trying to understand where it fits. The cha... (Rapid7 Blog)

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands
July 01, 2026
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There... (The Hacker News)

Turning Indicators into Intelligence in OpenCTI with Criminal IP
July 01, 2026
Threat intelligence is only as useful as the context behind it. Criminal IP explains how its integration enriches threat indicators in OpenCTI with risk scoring, infrastructure... (BleepingComputer)

Announcing the Monetization Gateway: charge for any resource behind Cloudflare via x402
July 01, 2026
We're opening the waitlist for our Monetization Gateway, which will allow you to charge for any web page, dataset, API, or MCP tool behind Cloudflare. The charges will settle in... (Cloudflare Blog)

Content Independence Day, one year on: building the business model for the agentic Internet
July 01, 2026
One year after declaring Content Independence Day, a dynamic market for monetized content has officially emerged. In this report, we examine how the rise of autonomous AI agents... (Cloudflare Blog)

Making AI search smarter
July 01, 2026
Search is how we find nearly everything on the web - creators, merchants, answers. AI is rewriting the rules, leaving creators caught between staying discoverable in an agentic... (Cloudflare Blog)

Your site, your rules: new AI traffic options for all customers
July 01, 2026
For our second Content Independence Day, we’re giving website owners finer options to manage AI traffic. Instead of a one-size-fits-all block, all customers can now easily disti... (Cloudflare Blog)

Safe Events Start With Threat Intel and Digital Security
July 01, 2026
Planning ahead to defend against cyber threats is the work that keeps events uneventful. (Dark Reading)

AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android
July 01, 2026
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with... (The Hacker News)

Netzilo adds runtime governance for AI agents across major platforms
July 01, 2026
Netzilo has announced expanded AI agent governance and runtime enforcement capabilities for Amazon Bedrock AgentCore and other major AI agent harnesses. As enterprises move AI a... (Help Net Security)

2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience
July 01, 2026
Organizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybers... (The Hacker News)

Intruder offers Free security plan for lean IT and security teams
July 01, 2026
Intruder has announced the launch of its Free plan, providing security, IT, and DevOps teams ongoing access to professional-grade vulnerability management, cloud security, and a... (Help Net Security)

Microsoft Accelerates Post-Quantum Cryptography Shift to 2029
July 01, 2026
Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encry... (The Hacker News)

RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow
July 01, 2026
RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers a... (Security Affairs)

Martin Lee: Running through the Arctic (and the threat landscape)
July 01, 2026
Ever wonder how someone goes from studying human viruses to leading cybersecurity teams? In this Humans of Talos, we’re joined by Martin Lee, EMEA Lead, to talk about his journe... (Cisco Talos)

Frontier AI: Six Questions Every Enterprise Should Ask Security Vendors
July 01, 2026
From model selection and automation to validation and measurable results, the right questions can help enterprises separate genuine AI capabilities from marketing hype. The post... (SecurityWeek)

Amazon fined $2.25M for withholding evidence from fraud victims
July 01, 2026
The U.S. Federal Trade Commission (FTC) says Amazon will pay a $2.25 million civil penalty to settle charges that it blocked identity theft victims' access to transaction record... (BleepingComputer)

Unmasking the crawls with Attribution Business Insights
July 01, 2026
Cloudflare’s new Attribution Business Insights dashboard helps website owners understand crawler behavior, appetite, and potential value, fueling business-level conversations ar... (Cloudflare Blog)

Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari
July 01, 2026
The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users. The post Apple Patches Dozens... (SecurityWeek)

Insurance Giant Aflac Discloses Data Breach Impacting Millions
July 01, 2026
Aflac Japan has notified regulators that policy details and personal and banking information have been compromised (Infosecurity Magazine)
