Jul 2Tech Intel

Cybersecurity

Breaches, CVEs, CISA advisories, and threat intelligence

Threat Severity Distribution

0
1
0
0
49
Critical
High
Medium
Low
Info
50 total cyber intel items
Flash Alerts1 items
highabout 1 month ago

The Boring Stuff is Dangerous Now

AI agents are now capable of discovering and exploiting obscure vulnerabilities while AI-generated code introduces widespread quality risks, requiring security teams to fundamentally rethink their defense strategies. The convergence of these threats means routine security practices are no longer sufficient against emerging attack vectors.

All Cyber Intelligence (50)

highabout 1 month ago

The Boring Stuff is Dangerous Now

AI agents are now capable of discovering and exploiting obscure vulnerabilities while AI-generated code introduces widespread quality risks, requiring security teams to fundamentally rethink their defense strategies. The convergence of these threats means routine security practices are no longer sufficient against emerging attack vectors.

informationalabout 2 months ago

Friday Squid Blogging: Bigfin Squid

This article is a Friday Squid Blogging post from Schneier on Security featuring the bigfin squid, a deep-sea creature. The post serves as a platform for discussing security news rather than covering a specific security topic.

informationalabout 2 months ago

More than $10 million stolen from crypto platform THORChain

THORChain officials said the investigation into the incident is ongoing but explained that one of their six vaults was compromised, leading to a loss of about $10.7 million.

informationalabout 2 months ago

Funnel Builder WordPress plugin bug exploited to steal credit cards

A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. [...]

informationalabout 2 months ago

Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own

​During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft E

informationalabout 2 months ago

Popular node-ipc npm package compromised to steal credentials

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [...]

informationalabout 2 months ago

Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access

The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineered for stealth and persistent access to comp

informationalabout 2 months ago

Avada Builder WordPress plugin flaws allow site credential theft

Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the data

informationalabout 2 months ago

In Other News: Big Tech vs Canada Encryption Bill, Cisco’s Free AI Security Spec, Audi App Flaws

Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas. The post In Other News: Bi

informationalabout 2 months ago

Microsoft backpedals: Edge to stop loading passwords into memory

Microsoft is updating the Edge web browser to ensure it no longer loads saved passwords into process memory in clear text at startup after previously stating it was "by design." [...]

informationalabout 2 months ago

Inside the REMUS Infostealer: Session Theft, MaaS, and Rapid Evolution

Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the REMUS infostealer evolved around session theft and operational scalability. [

informationalabout 2 months ago

Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence

Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively

informationalabout 2 months ago

CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday

Cisco released a patch for the vulnerability on Thursday, writing in an advisory that it could “allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges

informationalabout 2 months ago

Microsoft to automatically roll back faulty Windows drivers

Microsoft is introducing a new capability that will allow it to remotely roll back problematic Windows drivers delivered through Windows Update. [...]

informationalabout 2 months ago

Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild

Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions. The post Microsoft Warns of Exchange Server Zero-Day Exploited in the

informationalabout 2 months ago

Cyber Pioneers Ponder Past as Prologue

Robert "RSnake" Hansen, Katie Moussouris, Rich Mogull, Richard Stiennon, and Bruce Schneier reflect on how their favorite columns penned for Dark Reading over the past 20 years have stood the test of

informationalabout 2 months ago

American Lending Center Data Breach Affects 123,000 Individuals

The non-bank lender discovered a ransomware attack nearly one year ago, but only recently completed its investigation. The post American Lending Center Data Breach Affects 123,000 Individuals appeared

informationalabout 2 months ago

Bypassing On-Camera Age-Verification Checks

Some AI-based video age-verification checks can be fooled with a fake mustache .

informationalabout 2 months ago

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

In Your Biggest Security Risk Isn't Malware — It's What You Already Trust, we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks lik

informationalabout 2 months ago

TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates

OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production system

informationalabout 2 months ago

OpenAI Hit by TanStack Supply Chain Attack

Two employee devices were compromised in the attack, and credential material was stolen from OpenAI code repositories. The post OpenAI Hit by TanStack Supply Chain Attack appeared first on SecurityWee

informationalabout 2 months ago

Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files

Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking to compromise data. The post Gremlin Stealer's Evolved Tactics: Hi

informationalabout 2 months ago

TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code

The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on

informationalabout 2 months ago

Microsoft warns of Exchange zero-day flaw exploited in attacks

On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while

informationalabout 2 months ago

Chrome 148 Update Patches Critical Vulnerabilities

The refresh resolves critical-severity use-after-free and other types of bugs in various browser components. The post Chrome 148 Update Patches Critical Vulnerabilities appeared first on SecurityWeek

informationalabout 2 months ago

Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026

The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploi

informationalabout 2 months ago

On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email

Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. The vulnerability, tracked as CVE-202

informationalabout 2 months ago

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV

informationalabout 2 months ago

Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems

A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response.

informationalabout 2 months ago

[CISA KEV] CVE-2026-42897: Microsoft Exchange Server Cross-Site Scripting Vulnerability

Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be ex

informationalabout 2 months ago

TeamPCP hackers advertise Mistral AI code repos for sale

The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [...]

informationalabout 2 months ago

Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin

Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]

informationalabout 2 months ago

SecurityScorecard Snags Driftnet to Level Up Threat Intelligence

The acquisition looks to boost visibility into third-party ecosystems, which are becoming a bigger concern as vectors for supply chain attacks.

informationalabout 2 months ago

OpenAI asks macOS users to update after TanStack npm supply chain attack

The actions are being taken in light of an expanding supply chain campaign impacting the popular open-source library TanStack and additional npm and PyPI packages tied to several AI companies.

informationalabout 2 months ago

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

informationalabout 2 months ago

Congress Puts Heat on Instructure After Canvas Outage

The House Committee on Homeland Security sent a letter about the Canvas cyberattack, the same day that the edtech company said it reached an "agreement" with the ShinyHunters cybercriminals.

informationalabout 2 months ago

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrat

informationalabout 2 months ago

OpenAI confirms security breach in TanStack supply chain attack

OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for

informationalabout 2 months ago

Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026

On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. [...]

informationalabout 2 months ago

ODNI taps officials to coordinate response to foreign election threats

Director of National Intelligence Tulsi Gabbard has tapped two individuals to coordinate work across U.S. spy agencies to monitor threats to the 2026 elections, according to multiple sources familiar

informationalabout 2 months ago

The time of much patching is coming

Welcome to this week’s edition of the Threat Source newsletter.  Many solutions have been proposed to reduce software bugs: zero-defect mandates, pair programming, formal methods, and

informationalabout 2 months ago

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-

informationalabout 2 months ago

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity, three different ve

informationalabout 2 months ago

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.

informationalabout 2 months ago

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some cursed little game fo

informationalabout 2 months ago

Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities

Cisco Talos is tracking the active exploitation of CVE-2026-20182 , an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manage

informationalabout 2 months ago

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s Association of New York , at 6:

informationalabout 2 months ago

Defense in depth for autonomous AI agents

Designing Secure Autonomous AI Agents with Defense in Depth AI agents are moving beyond assistance and into action. Instead of generating content, they invoke tools, modify data, trigger workflows, an