IT Security Weekend Catch Up – July 10, 2026

Comments

10.07.2026 | 20:30

IT Security Weekend Catch Up – July 10, 2026
avatar

badcyber

comments

IT Security Weekend Catch Up – July 10, 2026

Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!

For the less technical

  1. [PL][VIDEO] Cybersecurity on vacation
  2. [PL] Play impersonation scam exploits alleged duplicate bill payment
  3. [PL][VIDEO] AI for pennies: how the illicit token market works
  4. [PL][VIDEO] An overview of security risks posed by home cameras
  5. [PL] European Commission sues Poland over failure to implement the Law Enforcement Directive
  6. The city admits irregularities but blames Google and the operator it finances
  7. [PL] Up to five years in prison for making and selling eavesdropping devices
  8. [PL] Fake accounts, fabricated articles and Russian links: how Operation Matryoshka is still operating
  9. [PL] Is geo-blocking users an effective way to protect copyright when any VPN can bypass it?
  10. European cloud provider Nextcloud leaks 367K records, exposing staff and clients
  11. "We've unbanned everyone affected by this bug" — Discord explains how over 8,000 users were banned, and why the platform had to scramble to undo the damage
  12. Over 5,800 arrests, USD 293 million intercepted in global fraud bust
  13. Eight Predator victims sue spyware firm Intellexa, 13 others, for millions
  14. US government says it got hacked — again
  15. Adult supervision: How OnlyFans takedowns quietly police compromised domains

For the more technical

  1. [PL][VIDEO] What you can do with a radio without an amateur radio licence
  2. [PL][VIDEO] WordPress without hardening: a straightforward path to hacking
  3. [PL] How the Cetus decentralised exchange was robbed
  4. [PL] Critical Oracle E-Business Suite flaw already exploited by cybercriminals, putting enterprise financial systems at risk
  5. One trigram at a time: XSLeak via Universal CSS Injection and DoS in Opera (GX)
  6. Here’s how Opera’s Paste Protect guards you natively against clipboard attacks
  7. It’s 37oC, and all we can think about is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza)
  8. Seven FatFs bugs, one very large blast radius
  9. Tenda firmware (multiple versions) contains hidden authentication backdoor
  10. Protocol prying: Systematic vulnerability research in the Apple AirDrop and Android Quick Share proximity transfer protocols
  11. Bad Epoll: The bug missed by Mythos
  12. Januscape: Guest-to-host escape in KVM/x86
  13. Exploiting vulnerabilities in Johnson & Johnson web apps
  14. Don’t eat the ChocoPoCs! How vulnerability researchers were repeatedly targeted by trojanised exploits
  15. Glitch SPY: An emerging Android RAT distributed through a fake Polish rental app
  16. RedWing: A mobile malware-as-a-service operation
  17. ClickFix to cash-out: Anatomy of a Mexican banking-fraud toolkit
  18. JadePuffer: Agentic ransomware for automated database extortion
  19. Browser-only ransomware: From LLM hallucinations to a practical attack technique
  20. SOCRadar links FortiBleed campaign to INC and Lynx ransomware operations
  21. GodDamn ransomware: Latest beast rebrand uses malicious driver to disable defenses
  22. Seven steps to ransomware: CitrixBleed 2 weaponized by initial access brokers
  23. Phantom squatting: AI-hallucinated domains as a software supply chain vector
  24. Analyzing AI-augmented network enumeration
  25. Inside an AI-assisted cloud attack: Familiar techniques at unfamiliar speed
  26. Boss Scam: Don’t trust every “urgent” email or WhatsApp message from your boss!
  27. TimbreStealer malware targets Mexico companies with advanced evasion techniques
  28. From phishing to persistence: A CrySome RAT infection chain analysis
  29. Vidar stealer unmasked: Code signing abuse, Go loaders and file inflation
  30. One email closer to the edge: UNK_MassTraction & the physics of exploitation
  31. From invoice to AnyDesk: Uncovering a phishing campaign targeting  Russian aerospace organizations
  32. Suspected Russian threat actor impersonates legitimate crypto wallets to deploy remote utilities
  33. Cavern Manticore: Exposing Iran-linked modular C2 framework

Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.

Afraid of missing important security news during the week? We’re here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy! 2026-07-10T20:30:00+02:00

Comments