List cybersec
OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps
{"priority":"HIGH","cve":"N/A","target":"Ledger and Trezor Apps","threat_actor":"OkoBot","patch_ready":false,"insight":"OkoBot malware framework injects seed phrase phishing into Ledger and Trezor app..
5:10 pm, July 15, 2026 Cybersecurity
AsyncAPI npm packages infected with credential-stealing malware
Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that delivered a remote access trojan with info-stealing capabilities. [...]
4:10 pm, July 15, 2026 Cybersecurity
Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
{ "priority": "CRITICAL", "cve": "CVE-2026-15718, CVE-2026-15719", "target": "Firefox, Chrome, Adobe, and VMware", "threat_actor": "N/A", "patch_ready": true, "insight": "Multiple critical..
2:10 pm, July 15, 2026 Cybersecurity
We built a vulnerability vending machine: AI tokens in, zero-days out
{ "priority": "CRITICAL", "cve": "N/A", "target": "WordPress plugin", "threat_actor": "Intruder", "patch_ready": false, "insight": "Intruder built an AI-powered vulnerability vending machi..
2:10 pm, July 15, 2026 Cybersecurity
New Webinar: Closing the Approval Gap in AI-Era Ad Tech
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A webinar discusses the Approval Gap in AI-Era Ad Tech, where unapproved marke..
1:10 pm, July 15, 2026 Cybersecurity
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive..
1:10 pm, July 15, 2026 Cybersecurity
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The increasing use of AI tools, SaaS applications, and browser extensions has ..
1:10 pm, July 15, 2026 Cybersecurity
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
{ "priority": "HIGH", "cve": "N/A", "target": "@asyncapi npm packages", "threat_actor": "N/A", "patch_ready": false, "insight": "Compromised @asyncapi npm packages deliver multi-stage botn..
11:11 am, July 15, 2026 Cybersecurity
CISA warns admins to patch actively exploited SharePoint flaws
{ "priority": "CRITICAL", "cve": "N/A", "target": "SharePoint Server", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA warns admins to patch actively exploited SharePoint flaw..
11:11 am, July 15, 2026 Cybersecurity
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
{"priority":"CRITICAL","cve":"N/A","target":"Cursor","threat_actor":"N/A","patch_ready":false,"insight":"A flaw in Cursor allows malicious cloned repositories to trigger Windows code execution without..
11:10 am, July 15, 2026 Cybersecurity
Microsoft: Some Dell PCs shut down after recent Windows updates
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Article discussing ways to earn a billion dollars."}
9:10 am, July 15, 2026 Cybersecurity
US charges alleged operators of Russian bulletproof hosting service
{"priority":"LOW","cve":"N/A","target":"N/A","threat_actor":"Russian Nationals","patch_ready":false,"insight":"US charges three Russian nationals for operating bulletproof hosting service aiding ranso..
8:10 am, July 15, 2026 Cybersecurity
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
{"priority": "CRITICAL", "cve": "CVE-2026-15409", "target": "SonicWall SMA 1000", "threat_actor": "N/A", "patch_ready": false, "insight": "Zero-day SSRF vulnerability with CVSS score of 10.0 exploited..
7:10 am, July 15, 2026 Cybersecurity
Recent DShield SIEM Update, (Tue, Jul 14th)
{ "priority": "INFO", "cve": "N/A", "target": "DShield SIEM", "threat_actor": "N/A", "patch_ready": false, "insight": "The DShield SIEM has received an update using ELK stack version 8.19...
2:10 am, July 15, 2026 Cybersecurity
ISC Stormcast For Wednesday, July 15th, 2026 https://isc.sans.edu/podcastdetail/10008, (Wed, Jul 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, July 15, 2026 Cybersecurity
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly release..
10:10 pm, July 14, 2026 Cybersecurity
Spanish Police take down €140 million cyber fraud ring, arrest four
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Spanish Police dismantled a €140 million cyber fraud ring, arresting four in..
9:10 pm, July 14, 2026 Cybersecurity
Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches 622 flaws, including two zero-days under active att..
9:10 pm, July 14, 2026 Cybersecurity
Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads
{ "priority": "HIGH", "cve": "N/A", "target": "Claude for Chrome", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers discover flaw in Claude for Chrome that allows rogue..
8:10 pm, July 14, 2026 Cybersecurity
SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data
{"priority": "CRITICAL", "cve": "CVE-2026-44747", "target": "SAP NetWeaver Application Server ABAP", "threat_actor": "N/A", "patch_ready": true, "insight": "SAP patches critical CVSS 9.9 flaw in NetWe..
8:10 pm, July 14, 2026 Cybersecurity
Microsoft Patch Tuesday July 2026 - The AI Acopolypse is Here , (Tue, Jul 14th)
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft's July 2026 Patch Tuesday fixes 622 vulnerabilities, includ..
8:10 pm, July 14, 2026 Cybersecurity
Nearly 300 GitHub repos pose as legit software to push malware
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "A threat actor published hundreds of fake GitHub repositories impersonating..
8:10 pm, July 14, 2026 Cybersecurity
Microsoft Patches a Record 570 Security Flaws
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches a record 570 security flaws in Windows and ..
8:10 pm, July 14, 2026 Cybersecurity
Microsoft releases Windows 10 KB5099539 extended security update
{ "priority": "INFO", "cve": "N/A", "target": "Windows 10", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released the Windows 10 KB5099539 extended security update, in..
7:10 pm, July 14, 2026 Cybersecurity
LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts
{ "priority": "HIGH", "cve": "N/A", "target": "Windows Hosts", "threat_actor": "LabubaRAT", "patch_ready": false, "insight": "LabubaRAT is a Rust-based remote access trojan that masquerade..
6:10 pm, July 14, 2026 Cybersecurity
Windows 11 KB5101650 & KB5099414 cumulative updates released
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released cumulative updates KB5101650 and KB5099414 for Wind..
6:10 pm, July 14, 2026 Cybersecurity
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploited in attacks and one publicly disclosed..
6:10 pm, July 14, 2026 Cybersecurity
LastPass, Bitwarden users targeted with fake security alerts
{ "priority": "HIGH", "cve": "N/A", "target": "LastPass, Bitwarden", "threat_actor": "N/A", "patch_ready": false, "insight": "Users of LastPass and Bitwarden are being targeted with a phis..
4:10 pm, July 14, 2026 Cybersecurity
Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
{ "priority": "CRITICAL", "cve": "N/A", "target": "ShareFile Storage Zone Controllers", "threat_actor": "N/A", "patch_ready": true, "insight": "Progress Software confirmed a high-severity ..
4:10 pm, July 14, 2026 Cybersecurity
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
{ "priority": "HIGH", "cve": "N/A", "target": "RabbitMQ", "threat_actor": "N/A", "patch_ready": false, "insight": "Two access control-related flaws in RabbitMQ could allow attackers to lea..
3:10 pm, July 14, 2026 Cybersecurity
OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Entra ID", "threat_actor": "Multiple threat actors", "patch_ready": false, "insight": "Attackers use OAuth client ID spoofing to va..
2:10 pm, July 14, 2026 Cybersecurity
How Pentera Turns AI Security Workflows into Validation Engines
AI security agents are starting to influence real security decisions. They summarize findings, prioritize remediation, recommend next steps, and help teams move faster. But most still rely on fragment..
2:10 pm, July 14, 2026 Cybersecurity
Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks
``` { "priority": "MEDIUM", "cve": "N/A", "target": "Crypto Wallet Extensions", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers found address leaks and cross-site trac..
2:10 pm, July 14, 2026 Cybersecurity
11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Secure Boot on most systems using the moder..
2:10 pm, July 14, 2026 Cybersecurity
You Don't Have to Run an Exploit to Know If You're Vulnerable
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "TTP chaining helps organizations determine exploitability by validating attack..
2:10 pm, July 14, 2026 Cybersecurity
New phishing kits target Microsoft 365 accounts, evade MFA
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "N/A", "patch_ready": false, "insight": "New phishing kits, Jalisco and OmegaLord, target Microsoft 365 accou..
1:10 pm, July 14, 2026 Cybersecurity
Microsoft Entra ID gets passkeys default authentication starting September
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Entra ID", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft announces passkeys as default authentication for Entr..
1:10 pm, July 14, 2026 Cybersecurity
SAP warns of critical flaws in NetWeaver and Commerce Cloud
{ "priority": "CRITICAL", "cve": "N/A", "target": "SAP NetWeaver and Commerce Cloud", "threat_actor": "N/A", "patch_ready": true, "insight": "SAP addressed 16 vulnerabilities across multip..
12:10 pm, July 14, 2026 Cybersecurity
Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
{"priority":"HIGH","cve":"N/A","target":"xAI's Grok Build","threat_actor":"N/A","patch_ready":false,"insight":"xAI's Grok Build coding CLI was uploading entire Git repositories to a Google Cloud Stora..
11:10 am, July 14, 2026 Cybersecurity
Microsoft starts testing cleaner Windows Search without ads
{ "priority": "INFO", "cve": "N/A", "target": "Windows Search", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is testing an ad-free version of Windows Search." }
11:10 am, July 14, 2026 Cybersecurity
Grok Build Uploads Entire Git Repositories to xAI Storage, Not Just Files It Reads
{"priority":"HIGH","cve":"N/A","target":"xAI's Grok Build","threat_actor":"N/A","patch_ready":false,"insight":"Grok Build's coding CLI was uploading entire Git repositories to xAI Storage, exposing se..
10:10 am, July 14, 2026 Cybersecurity
US sanctions VPN, malware providers for enabling ransomware attacks
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. organizations. [...]
10:10 am, July 14, 2026 Cybersecurity
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
{ "priority": "HIGH", "cve": "N/A", "target": "Salesforce", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "ShinyHunters group exploited Salesforce via OAuth connections ..
9:10 am, July 14, 2026 Cybersecurity
148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
{ "priority": "HIGH", "cve": "N/A", "target": "npm packages", "threat_actor": "N/A", "patch_ready": false, "insight": "A campaign of 148 npm packages disguised as student web proxies turne..
9:10 am, July 14, 2026 Cybersecurity
U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
{ "priority": "HIGH", "cve": "N/A", "target": "1VPNS", "threat_actor": "N/A", "patch_ready": false, "insight": "U.S. sanctions VPN service and malware cryptor seller for supporting ransomw..
9:10 am, July 14, 2026 Cybersecurity
Microsoft Maps Year-Long ShinyHunters-Linked Salesforce Data Theft Across Three Paths
{ "priority": "HIGH", "cve": "N/A", "target": "Salesforce", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "ShinyHunters-linked attackers exploited trust through OAuth co..
7:10 am, July 14, 2026 Cybersecurity
ISC Stormcast For Tuesday, July 14th, 2026 https://isc.sans.edu/podcastdetail/10006, (Tue, Jul 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
3:10 am, July 14, 2026 Cybersecurity
Japan's largest taxi operator shuts systems after cyberattack
{ "priority": "HIGH", "cve": "N/A", "target": "Nihon Kotsu", "threat_actor": "N/A", "patch_ready": false, "insight": "Japan's largest taxi operator, Nihon Kotsu, shut down systems after a ..
9:10 pm, July 13, 2026 Cybersecurity
Hackers backdoor Jscrambler npm package with infostealer malware
{ "priority": "HIGH", "cve": "N/A", "target": "Jscrambler npm package", "threat_actor": "Unknown threat actor", "patch_ready": false, "insight": "A malicious version of the Jscrambler npm ..
8:10 pm, July 13, 2026 Cybersecurity
New CrashStealer malware poses as Apple crash reporting tool
A new macOS information-stealing malware called CrashStealer pretends to be Apple's crash-reporting tool to steal credentials, keychain data, and crypto wallets. [...]
7:10 pm, July 13, 2026 Cybersecurity
