Claude Code’s hidden tracker was an “experiment,” says Anthropic | Malware
As a developer, you want to use tools you can trust and rely on. One researcher took that idea seriously enough to scrutinize their local Claude Code (2.1.196) installation. For…
Read moreHow the Reddit and Discord false report scam steals accounts | Malware
A stranger messages you on Reddit. They say someone reported them, and the reporting account looks a lot like yours. Was it you? It wasn’t. That’s not really the point…
Read moreRedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service | Cybersecurity
Swati KhandelwalJul 07, 2026Malware / Mobile Security A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals…
Read moreDEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts | Cybersecurity
A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts between the last week of June 2026 and into early July,…
Read moreFake Netflix, Coca-Cola, and FIFA job scams target marketers | Malware
Attackers are impersonating major companies and recruiters to target marketing professionals, using trusted services and browser tricks to make the scam look legitimate. A BleepingComputer article detailing the campaign found…
Read moreSuspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities | Cybersecurity
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign….
Read moreScammers are using AI to sell impossible flowers | Malware
We’ve had problems with deepfake celebrity scams, non-consensual deepfake sexual material, and deepfake politicians. Now we have to deal with… deepfake plants? Yup, AI seed slop is now a thing….
Read moreBeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA | Cybersecurity
Ravie LakshmananJul 07, 2026Vulnerability / Enterprise Security BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully…
Read moreChoose your WhatsApp username carefully | Malware
Dutch consumer organization Consumentenbond has warned users to be careful when choosing their optional WhatsApp username. Meta announced the introduction of usernames on June 29, 2026, and encouraged users to…
Read moreIran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations | Cybersecurity
An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations….
Read moreHow to tell if an image is AI-generated | Malware
A photo of an injured dog by the roadside. A dating profile with pictures that look almost too perfect. A donation appeal showing a family stranded on a rooftop after…
Read moreBreach Transparency Remains Cybersecurity’s Toughest Governance Problem | Cybersecurity
Cybersecurity is entering a new phase. It’s one where the gap between awareness and operational execution is becoming the industry’s biggest challenge. That’s what stood out to me most after…
Read moreNetNut botnet takes a hit. Don’t be part of the next one. | Malware
In a joint operation, Google, the FBI, and other partners have dealt a significant blow to the residential proxy ecosystem by disrupting the NetNut (also tracked as Popa) botnet. NetNut…
Read moreNew TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions | Cybersecurity
Swati KhandelwalJul 06, 2026Cyber Espionage / Endpoint Security Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique,…
Read moreU.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case | Cybersecurity
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation…
Read moreNorth Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign | Cybersecurity
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as…
Read moreUnpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices | Cybersecurity
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT and exFAT formats used on USB drives and SD cards. The…
Read moreNorth Korea-Linked npm Packages Mimic Rollup Polyfills to Steal Developer Secrets | Cybersecurity
Threat actors with ties to North Korea have been linked to a fresh set of malicious npm packages that masquerade as Rollup polyfill tooling to facilitate remote access and data…
Read moreVerified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts | Malware
Cybercriminals are finding new ways to trick people into compromising their own devices and accounts. One campaign used a sponsored ad on X to target Mac users, while another technique,…
Read moreEuropean Parliament Member Investigating Spyware Was Hacked With Pegasus | Cybersecurity
A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while…
Read moreWinRAR flaw could allow attackers to take control of your computer | Malware
Rarlab has released a new version of the popular WinRAR tool to patch a vulnerability that can be abused in remote code execution attacks. The issue is fixed in WinRAR…
Read moreGoogle Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices | Cybersecurity
Swati KhandelwalJul 02, 2026Cybercrime / Botnet Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people’s traffic. Working with the…
Read moreApple’s Hide My Email doesn’t hide it very well | Malware
404 Media reports that a researcher has found a vulnerability in Apple’s Hide My Email feature that could allow someone to discover a person’s real email address. That’s especially concerning…
Read moreThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories | Cybersecurity
Ravie LakshmananJul 02, 2026Hacking News / Cybersecurity News This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem…
Read moreAI Agent Exploits Langflow RCE to Automate Database Ransomware Attack | Cybersecurity
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER…
Read moreChatGPT produced graphic violent images that shocked researchers | Malware
AI assistants like ChatGPT are supposed to be safe to use, with appropriate guardrails to stop people creating harmful content. However, a British AI security firm just figured out how…
Read moreFake Google and Cloudflare verification pages spread multiple malware families | Malware
ClickFix attacks, which trick people into running malicious commands themselves, continue to evolve. This latest campaign uses fake Google and Cloudflare verification pages to convince victims to infect their own…
Read moreSharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation | Cybersecurity
Ravie LakshmananJul 02, 2026Vulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities…
Read moreChrome needs another whopper update to fix 382 security bugs | Malware
If there was ever a time when it dawned on users how full of holes the software they’ve been using is, it’s now. Last month Microsoft pushed out its biggest…
Read moreUnpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters | Cybersecurity
Swati KhandelwalJul 01, 2026Kubernetes / Server Security Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated…
Read more