Cyber Defense Command Center

Real-time security intelligence and threat monitoring

SYSTEM SECURE
INFO 12:10 am, July 18, 2026

Abbott probes two cyber incidents amid extortion claims

Abbott Laboratories is investigating two separate cybersecurity incidents after confirming unauthorized access to internal legacy Exact Sciences systems in its Cancer Diagnostics business, while also investigating a separate claim that attackers breached its LabCentral portal and stole company data. [...]
CVE: N/A
Target: N/A
INFO 10:10 pm, July 17, 2026

New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code

An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install with zero plugins is exploitable. Every 6.9 and 7.0 site was in range until Friday, when WordPress shipped 6.9.5 and 7.0.2 and enabled what it calls forced updates through its auto-update system. Adam Kues at Assetnote, Searchlight Cyber's attack surface management arm, found the flaw and reported
CVE: N/A
Target: N/A
INFO 9:10 pm, July 17, 2026

OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests

Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts. OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry pointing at it. Okta's Red Team, which reported the denial-of-service bug and named it, published the
CVE: N/A
Target: N/A
HIGH 9:10 pm, July 17, 2026

Abbott Laboratories probes two cyber incidents amid extortion claims

Abbott Laboratories investigates two separate cybersecurity incidents involving unauthorized access to internal systems and potential data theft.
CVE: N/A
Target: Abbott Laboratories
HIGH 8:10 pm, July 17, 2026

Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT

Seven malicious Vite npm packages use blockchain C2 to deliver a RAT
CVE: N/A
Target: Vite frontend tooling
MEDIUM 6:10 pm, July 17, 2026

GoldenEyeDog Subgroup Linked to DigiCert Breach and Code-Signing Certificate Theft

GoldenEyeDog subgroup linked to DigiCert breach and code-signing certificate theft
CVE: N/A
Target: DigiCert
INFO 6:10 pm, July 17, 2026

New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens

A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator's own dashboard claims 3,811 unique AWS keys. A Shodan harvester keeps the scan queue stocked with ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio: the image generators, local model runners, and workflow builders that teams stand up fast and firewall late. The intel feed behind that counter
CVE: N/A
Target: N/A
HIGH 6:10 pm, July 17, 2026

HollowByte DDoS flaw bloats OpenSSL server memory with 11-byte payload

A vulnerability called HollowByte allows unauthenticated attackers to trigger a denial-of-service condition on OpenSSL servers with an 11-byte malicious payload.
CVE: N/A
Target: OpenSSL
HIGH 4:10 pm, July 17, 2026

Fake Coding Tests Deliver OtterCookie-Aligned Malware Hidden in SVG Flag Images

North Korean threat actors use steganography in SVG images to deliver OTTERCOOKIE malware via fake job postings and coding challenges.
CVE: N/A
Target: OTTERCOOKIE
MEDIUM 3:10 pm, July 17, 2026

Ernst & Young discloses data breach after support system hack

Ernst & Young discloses data breach after support system hack.
CVE: N/A
Target: Ernst & Young support system
INFO 2:10 pm, July 17, 2026

Inside the Search for "Clean" Residential Proxies for Carding

Cybercriminals are seeking 'clean' residential proxies to evade modern fraud detection by combining them with browser fingerprints and device profiles.
CVE: N/A
Target: N/A
INFO 12:10 pm, July 17, 2026

Armenia Detains Russian Tourist on U.S. Warrant for REvil Hacker, Lawyers Say Wrong Man

Armenia detains Russian tourist Aleksandr Ermakov on a U.S. extradition request for a REvil ransomware suspect.
CVE: N/A
Target: N/A
INFO 12:10 pm, July 17, 2026

The Race to Field Military Autonomy Is On, Can Trusted Information Infrastructure Keep Pace?

Military forces are under increasing pressure to field autonomous capabilities faster than ever before. Across the U.S., UK, and NATO, new investment, evolving defense strategies, and accelerated acquisition pathways are transforming how capability is delivered, rewarding programs that can move from concept to operational deployment at commercial speed. Now the focus shifts to the trusted
CVE: N/A
Target: N/A
MEDIUM 12:10 pm, July 17, 2026

E.U. Orders Google to Open Android Mic, Camera and Screen to Rival AI Assistants

The European Commission ordered Google to provide rival AI assistants with equivalent access to Android features currently available to Gemini.
CVE: N/A
Target: Android
HIGH 11:10 am, July 17, 2026

New GoSerpent Malware Targets Southeast Asian Governments and Diplomats for Espionage

New GoSerpent Malware targets Southeast Asian governments and diplomats for espionage
CVE: N/A
Target: Southeast Asian Governments and Diplomats
HIGH 11:10 am, July 17, 2026

ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files

ACR Stealer infostealer steals browser tokens, Microsoft 365 files using ClickFix lures
CVE: N/A
Target: Microsoft 365
CRITICAL 11:10 am, July 17, 2026

New Windows LegacyHive zero-day gives hackers admin privileges

A zero-day exploit called LegacyHive allows attackers to escalate privileges on up-to-date Windows systems.
CVE: N/A
Target: Windows
INFO 10:10 am, July 17, 2026

Windows Server 2022 reach end of mainstream support in 90 days

Windows Server 2022 will reach its mainstream support end date in October 2026, but will continue receiving security updates under extended support for five more years.
CVE: N/A
Target: Windows Server 2022
INFO 9:10 am, July 17, 2026

US charges two over laundering $43 million from investment fraud

US authorities charged two individuals for laundering $43 million from investment fraud schemes.
CVE: N/A
Target: N/A
CRITICAL 8:10 am, July 17, 2026

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

CISA added a newly patched SharePoint Server RCE zero-day CVE-2026-58644 to its KEV catalog.
CVE: CVE-2026-58644
Target: Microsoft SharePoint Server
CRITICAL 7:10 am, July 17, 2026

CISA urges immediate action on actively exploited Fortinet flaws

CISA urges immediate patching of actively exploited Fortinet flaws in FortiSandbox.
CVE: N/A
Target: Fortinet FortiSandbox
INFO 2:10 am, July 17, 2026

ISC Stormcast For Friday, July 17th, 2026 https://isc.sans.edu/podcastdetail/10012, (Fri, Jul 17th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
CVE: N/A
Target: N/A
HIGH 10:10 pm, July 16, 2026

New ClickLock macOS malware traps users into revealing login password

New ClickLock macOS malware traps users into revealing login password by terminating visible processes.
CVE: N/A
Target: macOS
HIGH 9:10 pm, July 16, 2026

Coca-Cola says Fairlife ransomware attack halts US dairy production

Ransomware attack disrupts Fairlife dairy production across the US.
CVE: N/A
Target: Fairlife dairy
INFO 8:10 pm, July 16, 2026

Claude Chrome extension flaw lets malicious extensions trigger AI actions

A flaw in Anthropic's Claude for Chrome browser extension could allow a malicious extension to trigger predefined AI actions by simulating user clicks, potentially allowing it to abuse Claude's access to connected services such as Gmail, Google Docs, Google Calendar, and Salesforce. [...]
CVE: N/A
Target: N/A
LOW 7:10 pm, July 16, 2026

Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack

Two hackers sentenced to 5.5 years each for 2024 TfL hack causing £29 million losses
CVE: N/A
Target: Transport for London
HIGH 7:10 pm, July 16, 2026

New OkoBot framework deploys 20 payloads to steal data, crypto

OkoBot framework delivers 20 payloads to steal sensitive data including cryptocurrency wallet seed phrases and credentials.
CVE: N/A
Target: Cryptocurrency wallets
INFO 4:10 pm, July 16, 2026

ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

A lot of this week’s trouble starts with something that looks close enough. A familiar repo. A useful installer. A harmless sync setting. Then the handoff goes bad, the box starts talking to someone else, and the damage moves faster than the explanation. Old bugs are back, weak defaults are earning their keep, and some attack paths are so plain they barely feel like research. Here’s the mess.
CVE: N/A
Target: N/A
INFO 3:10 pm, July 16, 2026

n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer

n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one external token issuer, it matched an incoming JWT to a local user on the sub claim alone and ignored iss. A valid token from issuer A carrying a sub that belongs to someone under issuer B logged you in as them. Their password never
CVE: N/A
Target: N/A
HIGH 2:10 pm, July 16, 2026

New ClickLock macOS Stealer Kills Apps Every 210ms Until Victims Type Their Password

New ClickLock macOS Stealer kills apps every 210ms until victims type their password.
CVE: N/A
Target: macOS
HIGH 2:10 pm, July 16, 2026

New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands

New TELEPUZ malware spreading via ClickFix to steal data and run commands.
CVE: N/A
Target: TELEPUZ Malware
INFO 2:10 pm, July 16, 2026

23andMe to pay $18 million in new genetics data breach settlement

23andMe agrees to $18 million settlement for failing to protect customers' genetic data.
CVE: N/A
Target: 23andMe
INFO 2:10 pm, July 16, 2026

AI Agents Broke the Security Playbook. Here's What Replaces It.

The article discusses the need for a new approach to security workflows due to the increasing use of AI agents.
CVE: N/A
Target: N/A
HIGH 1:10 pm, July 16, 2026

Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor

Daxin malware resurfaces in Taiwan with a new backdoor called Stupig.
CVE: N/A
Target: Taiwan manufacturing firm
HIGH 1:10 pm, July 16, 2026

New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands

New data injection attack can manipulate AI agents to perform unintended actions or execute malicious commands.
CVE: N/A
Target: AI Agents
INFO 1:10 pm, July 16, 2026

20+ Hijacked Government Websites Became
an Attack Channel

More than 20 Brazilian government websites were hijacked and turned into malware delivery channels in an active PhantomEnigma campaign uncovered by ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions. The investigation revealed previously undocumented backdoor behavior, hidden infrastructure relationships, and multiple attack arms behind a campaign
CVE: N/A
Target: N/A
LOW 1:10 pm, July 16, 2026

Scattered Spider members behind TfL hack get five years in prison

Two leading members of Scattered Spider were sentenced to five years and six months in prison for hacking TfL in 2024.
CVE: N/A
Target: Transport for London (TfL)
INFO 12:10 pm, July 16, 2026

Windows 11 24H2 Home and Pro reach end of support in 90 days

Microsoft announced that Windows 11 24H2 Home and Pro editions will reach end of support in 90 days.
CVE: N/A
Target: Windows 11 24H2
CRITICAL 11:10 am, July 16, 2026

Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Unpatched Shark Vacuum flaw allows attackers to control other vacuums region-wide by pulling the certificate off the flash of a Shark RV2320EDUS robot vacuum.
CVE: N/A
Target: Shark RV2320EDUS robot vacuum
INFO 11:10 am, July 16, 2026

AI Can Find Bugs, But Human Knowledge Still Proves Them

AI-assisted tools are enhancing offensive security by speeding up tasks like code reading and payload generation, but human expertise remains crucial for validating findings.
CVE: N/A
Target: N/A
HIGH 11:10 am, July 16, 2026

Russian hackers trojanize WebEx, Zoom apps to push Starland malware

Russian hackers use trojanized WebEx and Zoom apps to deploy Starland RAT malware
CVE: N/A
Target: WebEx, Zoom
INFO 11:10 am, July 16, 2026

CISA orders feds to patch actively exploited Oracle flaw by Saturday

CISA has ordered federal agencies to secure their systems by Saturday against ongoing attacks exploiting a critical vulnerability in the Oracle E-Business Suite financial application. [...]
CVE: N/A
Target: N/A
HIGH 10:10 am, July 16, 2026

New Spirals ransomware encrypts victim network in under 24 hours

New Spirals ransomware encrypts victim network in under 24 hours
CVE: N/A
Target: N/A
CRITICAL 9:10 am, July 16, 2026

Zoom Patches Critical Windows Flaw That Could Enable Account Takeover

Zoom patches critical Windows flaw CVE-2026-53412 with CVSS score 9.8 that could enable account takeover.
CVE: CVE-2026-53412
Target: Zoom Workplace for Windows
INFO 9:10 am, July 16, 2026

OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol

OpenAI disclosed GPT-Red, an internal automated red-teaming model, to scale prompt injection vulnerability discovery and harden GPT-5.6 before deployment.
CVE: N/A
Target: GPT-5.6
INFO 3:10 am, July 16, 2026

ISC Stormcast For Thursday, July 16th, 2026 https://isc.sans.edu/podcastdetail/10010, (Thu, Jul 16th)

A summary of an article on how to earn a billion dollars.
CVE: N/A
Target: N/A
INFO 10:10 pm, July 15, 2026

Dutch police bust investment fraud ring stealing over €100 million

Dutch police arrested multiple individuals suspected of operating an international investment fraud scheme that allegedly stole over €100 million from tens of thousands of victims.
CVE: N/A
Target: N/A
CRITICAL 9:10 pm, July 15, 2026

Zoom warns of critical account takeover vulnerability

A critical vulnerability in Zoom's desktop client and software development kit for Windows allows unauthenticated account takeover.
CVE: N/A
Target: Zoom desktop client and software development kit for Windows
INFO 7:10 pm, July 15, 2026

Google Gemini CLI abused as a hacking agent, malware botnet operator

A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to operate a small-scale botnet. [...]
CVE: N/A
Target: N/A
MEDIUM 7:10 pm, July 15, 2026

TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development

TuxBot v3 Evolution shows signs of LLM-assisted IoT botnet development, but with limited success.
CVE: N/A
Target: TuxBot v3 Evolution
AI Testing

Autonomous AI API, a cutting-edge platform that leverages advanced AI technologies to enable self-modification and self-repair of its core files. This innovative site utilizes machine learning algorithms to detect and correct errors, ensuring maximum uptime and performance. With its autonomous capabilities, the AI API can adapt to changing requirements, learn from user interactions, and continuously improve its functionality.