Afraid of missing important security news during the week? We're here to help! Every week we put together a curated list of all important security news in one place, for your reading pleasure. Enjoy!
For the less technical
- UK and EU strike Russian cyber networks with new sanctions
- Secret Claude tracker shocks users after Anthropic’s anti-surveillance stance
- Police ‘hackathon’ identifies sexual exploitation networks on content subscription sites
- Florida ransomware negotiator who extorted and attacked multiple U.S. victims sentenced to prison
- Felons, fraudsters flog offensive cybersecurity startup
For the more technical
- July 2026 Patch Tuesday: Microsoft patches 622 vulnerabilities including two exploited zero-days
- LegacyHive: Windows user profile service arbitrary hive load elevation of privileges vulnerability
- Progress urges ShareFile admins to shut down servers over “credible” threat
- CVE-2026-53359 Januscape KVM bug enables guest-to-host escape
- GhostLock, a stack-UAF that has existed in ALL Linux distributions for 15 years
- Forgotten UEFI shims undermining Secure Boot
- Bypassing Tangem card security with a laser attack
- Attackers actively exploiting critical vulnerability in Everest Forms Pro plugin
- GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
- ClickFix on macOS: Blockchain-powered infostealer hidden inside compromised websites
- ACR Stealer: Two observed intrusion chains amid increased threat activity
- Telepuz: a modular MaaS malware spreading via ClickFix-Vidar chains
- Kratos PhaaS targets US and EU: How to reduce Microsoft 365 account takeover risk
- Compromised npm packages in the AsyncAPI namespace deliver Miasma botnet loader
- Scalable untargeted promptware attacks via universal and transferable adversarial HalluSquatting
- ClaudeBleed reopened: Browser extensions can still push Claude for Chrome to read your Gmail
- TuxBot v3: Inside an IoT botnet framework with LLM-assisted development
- One target, two flags: Rival espionage actors converge on Pakistani law enforcement
- Operation ShadowRecruit: A recruitment-themed malware campaign leveraging ControlR and Google Sheets to target Indian job seekers
- Inside Russia’s camera-hacking espionage campaign
Did you enjoy this list? You can subscribe to one of our feeds on Twitter, Facebook or RSS.
Comments