List cybersec
ISC Stormcast For Friday, July 17th, 2026 https://isc.sans.edu/podcastdetail/10012, (Fri, Jul 17th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, July 17, 2026 Cybersecurity
New ClickLock macOS malware traps users into revealing login password
{ "priority": "HIGH", "cve": "N/A", "target": "macOS", "threat_actor": "N/A", "patch_ready": false, "insight": "New ClickLock macOS malware traps users into revealing login password by ter..
10:10 pm, July 16, 2026 Cybersecurity
Coca-Cola says Fairlife ransomware attack halts US dairy production
{ "priority": "HIGH", "cve": "N/A", "target": "Fairlife dairy", "threat_actor": "Unknown", "patch_ready": false, "insight": "Ransomware attack disrupts Fairlife dairy production across the..
9:10 pm, July 16, 2026 Cybersecurity
Claude Chrome extension flaw lets malicious extensions trigger AI actions
A flaw in Anthropic's Claude for Chrome browser extension could allow a malicious extension to trigger predefined AI actions by simulating user clicks, potentially allowing it to abuse Claude's access..
8:10 pm, July 16, 2026 Cybersecurity
Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack
{ "priority": "LOW", "cve": "N/A", "target": "Transport for London", "threat_actor": "Scattered Spider", "patch_ready": false, "insight": "Two hackers sentenced to 5.5 years each for 2024 ..
7:10 pm, July 16, 2026 Cybersecurity
New OkoBot framework deploys 20 payloads to steal data, crypto
{ "priority": "HIGH", "cve": "N/A", "target": "Cryptocurrency wallets", "threat_actor": "OkoBot", "patch_ready": false, "insight": "OkoBot framework delivers 20 payloads to steal sensitive..
7:10 pm, July 16, 2026 Cybersecurity
ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories
A lot of this week’s trouble starts with something that looks close enough. A familiar repo. A useful installer. A harmless sync setting. Then the handoff goes bad, the box starts talking to someon..
4:10 pm, July 16, 2026 Cybersecurity
n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer
n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one external token issuer, it matched an incoming JWT to a local us..
3:10 pm, July 16, 2026 Cybersecurity
New ClickLock macOS Stealer Kills Apps Every 210ms Until Victims Type Their Password
{ "priority": "HIGH", "cve": "N/A", "target": "macOS", "threat_actor": "N/A", "patch_ready": false, "insight": "New ClickLock macOS Stealer kills apps every 210ms until victims type their ..
2:10 pm, July 16, 2026 Cybersecurity
New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands
{"priority":"HIGH","cve":"N/A","target":"TELEPUZ Malware","threat_actor":"N/A","patch_ready":false,"insight":"New TELEPUZ malware spreading via ClickFix to steal data and run commands."}
2:10 pm, July 16, 2026 Cybersecurity
23andMe to pay $18 million in new genetics data breach settlement
{ "priority": "INFO", "cve": "N/A", "target": "23andMe", "threat_actor": "N/A", "patch_ready": false, "insight": "23andMe agrees to $18 million settlement for failing to protect customers'..
2:10 pm, July 16, 2026 Cybersecurity
AI Agents Broke the Security Playbook. Here's What Replaces It.
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the need for a new approach to security workflows due to..
2:10 pm, July 16, 2026 Cybersecurity
Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor
{ "priority": "HIGH", "cve": "N/A", "target": "Taiwan manufacturing firm", "threat_actor": "China-linked threat actor", "patch_ready": false, "insight": "Daxin malware resurfaces in Taiwan..
1:10 pm, July 16, 2026 Cybersecurity
New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands
{ "priority": "HIGH", "cve": "N/A", "target": "AI Agents", "threat_actor": "N/A", "patch_ready": false, "insight": "New data injection attack can manipulate AI agents to perform unintended..
1:10 pm, July 16, 2026 Cybersecurity
20+ Hijacked Government Websites Became an Attack Channel
More than 20 Brazilian government websites were hijacked and turned into malware delivery channels in an active PhantomEnigma campaign uncovered by ANY.RUN, a leading provider of interactive malware a..
1:10 pm, July 16, 2026 Cybersecurity
Scattered Spider members behind TfL hack get five years in prison
{ "priority": "LOW", "cve": "N/A", "target": "Transport for London (TfL)", "threat_actor": "Scattered Spider", "patch_ready": false, "insight": "Two leading members of Scattered Spider wer..
1:10 pm, July 16, 2026 Cybersecurity
Windows 11 24H2 Home and Pro reach end of support in 90 days
{ "priority": "INFO", "cve": "N/A", "target": "Windows 11 24H2", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft announced that Windows 11 24H2 Home and Pro editions wil..
12:10 pm, July 16, 2026 Cybersecurity
Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide
{ "priority": "CRITICAL", "cve": "N/A", "target": "Shark RV2320EDUS robot vacuum", "threat_actor": "tokay0", "patch_ready": false, "insight": "Unpatched Shark Vacuum flaw allows attackers ..
11:10 am, July 16, 2026 Cybersecurity
AI Can Find Bugs, But Human Knowledge Still Proves Them
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "AI-assisted tools are enhancing offensive security by speeding up tasks like c..
11:10 am, July 16, 2026 Cybersecurity
Russian hackers trojanize WebEx, Zoom apps to push Starland malware
{"priority":"HIGH","cve":"N/A","target":"WebEx, Zoom","threat_actor":"UAT-11795","patch_ready":false,"insight":"Russian hackers use trojanized WebEx and Zoom apps to deploy Starland RAT malware"}
11:10 am, July 16, 2026 Cybersecurity
CISA orders feds to patch actively exploited Oracle flaw by Saturday
CISA has ordered federal agencies to secure their systems by Saturday against ongoing attacks exploiting a critical vulnerability in the Oracle E-Business Suite financial application. [...]
11:10 am, July 16, 2026 Cybersecurity
New Spirals ransomware encrypts victim network in under 24 hours
{"priority":"HIGH","cve":"N/A","target":"N/A","threat_actor":"Spirals","patch_ready":false,"insight":"New Spirals ransomware encrypts victim network in under 24 hours"}
10:10 am, July 16, 2026 Cybersecurity
Zoom Patches Critical Windows Flaw That Could Enable Account Takeover
{ "priority": "CRITICAL", "cve": "CVE-2026-53412", "target": "Zoom Workplace for Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "Zoom patches critical Windows flaw CVE-20..
9:10 am, July 16, 2026 Cybersecurity
OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol
{ "priority": "INFO", "cve": "N/A", "target": "GPT-5.6", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI disclosed GPT-Red, an internal automated red-teaming model, to scal..
9:10 am, July 16, 2026 Cybersecurity
ISC Stormcast For Thursday, July 16th, 2026 https://isc.sans.edu/podcastdetail/10010, (Thu, Jul 16th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A summary of an article on how to earn a billion dollars." }
3:10 am, July 16, 2026 Cybersecurity
Dutch police bust investment fraud ring stealing over €100 million
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Dutch police arrested multiple individuals suspected of operating an internati..
10:10 pm, July 15, 2026 Cybersecurity
Zoom warns of critical account takeover vulnerability
{ "priority": "CRITICAL", "cve": "N/A", "target": "Zoom desktop client and software development kit for Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "A critical vulnera..
9:10 pm, July 15, 2026 Cybersecurity
Google Gemini CLI abused as a hacking agent, malware botnet operator
A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to operate a small-scale botnet. [...]
7:10 pm, July 15, 2026 Cybersecurity
TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development
{"priority": "MEDIUM", "cve": "N/A", "target": "TuxBot v3 Evolution", "threat_actor": "N/A", "patch_ready": false, "insight": "TuxBot v3 Evolution shows signs of LLM-assisted IoT botnet development, b..
7:10 pm, July 15, 2026 Cybersecurity
AsyncAPI npm packages infected with credential-stealing malware
{ "priority": "HIGH", "cve": "N/A", "target": "AsyncAPI npm packages", "threat_actor": "N/A", "patch_ready": false, "insight": "Malicious versions of AsyncAPI packages published to npm con..
6:10 pm, July 15, 2026 Cybersecurity
OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps
{"priority":"HIGH","cve":"N/A","target":"Ledger and Trezor Apps","threat_actor":"OkoBot","patch_ready":false,"insight":"OkoBot malware framework injects seed phrase phishing into Ledger and Trezor app..
5:10 pm, July 15, 2026 Cybersecurity
AsyncAPI npm packages infected with credential-stealing malware
Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that delivered a remote access trojan with info-stealing capabilities. [...]
4:10 pm, July 15, 2026 Cybersecurity
Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
{ "priority": "CRITICAL", "cve": "CVE-2026-15718, CVE-2026-15719", "target": "Firefox, Chrome, Adobe, and VMware", "threat_actor": "N/A", "patch_ready": true, "insight": "Multiple critical..
2:10 pm, July 15, 2026 Cybersecurity
We built a vulnerability vending machine: AI tokens in, zero-days out
{ "priority": "CRITICAL", "cve": "N/A", "target": "WordPress plugin", "threat_actor": "Intruder", "patch_ready": false, "insight": "Intruder built an AI-powered vulnerability vending machi..
2:10 pm, July 15, 2026 Cybersecurity
New Webinar: Closing the Approval Gap in AI-Era Ad Tech
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A webinar discusses the Approval Gap in AI-Era Ad Tech, where unapproved marke..
1:10 pm, July 15, 2026 Cybersecurity
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive. It has been described as a Windows User Profile Service arbitrary hive..
1:10 pm, July 15, 2026 Cybersecurity
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The increasing use of AI tools, SaaS applications, and browser extensions has ..
1:10 pm, July 15, 2026 Cybersecurity
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
{ "priority": "HIGH", "cve": "N/A", "target": "@asyncapi npm packages", "threat_actor": "N/A", "patch_ready": false, "insight": "Compromised @asyncapi npm packages deliver multi-stage botn..
11:11 am, July 15, 2026 Cybersecurity
CISA warns admins to patch actively exploited SharePoint flaws
{ "priority": "CRITICAL", "cve": "N/A", "target": "SharePoint Server", "threat_actor": "N/A", "patch_ready": true, "insight": "CISA warns admins to patch actively exploited SharePoint flaw..
11:11 am, July 15, 2026 Cybersecurity
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
{"priority":"CRITICAL","cve":"N/A","target":"Cursor","threat_actor":"N/A","patch_ready":false,"insight":"A flaw in Cursor allows malicious cloned repositories to trigger Windows code execution without..
11:10 am, July 15, 2026 Cybersecurity
Microsoft: Some Dell PCs shut down after recent Windows updates
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"Article discussing ways to earn a billion dollars."}
9:10 am, July 15, 2026 Cybersecurity
US charges alleged operators of Russian bulletproof hosting service
{"priority":"LOW","cve":"N/A","target":"N/A","threat_actor":"Russian Nationals","patch_ready":false,"insight":"US charges three Russian nationals for operating bulletproof hosting service aiding ranso..
8:10 am, July 15, 2026 Cybersecurity
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
{"priority": "CRITICAL", "cve": "CVE-2026-15409", "target": "SonicWall SMA 1000", "threat_actor": "N/A", "patch_ready": false, "insight": "Zero-day SSRF vulnerability with CVSS score of 10.0 exploited..
7:10 am, July 15, 2026 Cybersecurity
Recent DShield SIEM Update, (Tue, Jul 14th)
{ "priority": "INFO", "cve": "N/A", "target": "DShield SIEM", "threat_actor": "N/A", "patch_ready": false, "insight": "The DShield SIEM has received an update using ELK stack version 8.19...
2:10 am, July 15, 2026 Cybersecurity
ISC Stormcast For Wednesday, July 15th, 2026 https://isc.sans.edu/podcastdetail/10008, (Wed, Jul 15th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
2:10 am, July 15, 2026 Cybersecurity
SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges customers to install the newly release..
10:10 pm, July 14, 2026 Cybersecurity
Spanish Police take down €140 million cyber fraud ring, arrest four
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "Spanish Police dismantled a €140 million cyber fraud ring, arresting four in..
9:10 pm, July 14, 2026 Cybersecurity
Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches 622 flaws, including two zero-days under active att..
9:10 pm, July 14, 2026 Cybersecurity
Researchers Say Claude for Chrome Flaw Lets Rogue Extensions Trigger Gmail Reads
{ "priority": "HIGH", "cve": "N/A", "target": "Claude for Chrome", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers discover flaw in Claude for Chrome that allows rogue..
8:10 pm, July 14, 2026 Cybersecurity
SAP Patches CVSS 9.9 NetWeaver ABAP Flaw That Could Expose or Modify Data
{"priority": "CRITICAL", "cve": "CVE-2026-44747", "target": "SAP NetWeaver Application Server ABAP", "threat_actor": "N/A", "patch_ready": true, "insight": "SAP patches critical CVSS 9.9 flaw in NetWe..
8:10 pm, July 14, 2026 Cybersecurity
