List cybersec
Nearly 300 GitHub repos pose as legit software to push malware
{ "priority": "HIGH", "cve": "N/A", "target": "GitHub", "threat_actor": "N/A", "patch_ready": false, "insight": "A threat actor published hundreds of fake GitHub repositories impersonating..
8:10 pm, July 14, 2026 Cybersecurity
Microsoft Patches a Record 570 Security Flaws
{ "priority": "CRITICAL", "cve": "N/A", "target": "Microsoft Windows", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft patches a record 570 security flaws in Windows and ..
8:10 pm, July 14, 2026 Cybersecurity
Microsoft releases Windows 10 KB5099539 extended security update
{ "priority": "INFO", "cve": "N/A", "target": "Windows 10", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released the Windows 10 KB5099539 extended security update, in..
7:10 pm, July 14, 2026 Cybersecurity
LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts
{ "priority": "HIGH", "cve": "N/A", "target": "Windows Hosts", "threat_actor": "LabubaRAT", "patch_ready": false, "insight": "LabubaRAT is a Rust-based remote access trojan that masquerade..
6:10 pm, July 14, 2026 Cybersecurity
Windows 11 KB5101650 & KB5099414 cumulative updates released
{ "priority": "MEDIUM", "cve": "N/A", "target": "Windows 11", "threat_actor": "N/A", "patch_ready": true, "insight": "Microsoft released cumulative updates KB5101650 and KB5099414 for Wind..
6:10 pm, July 14, 2026 Cybersecurity
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploited in attacks and one publicly disclosed..
6:10 pm, July 14, 2026 Cybersecurity
LastPass, Bitwarden users targeted with fake security alerts
{ "priority": "HIGH", "cve": "N/A", "target": "LastPass, Bitwarden", "threat_actor": "N/A", "patch_ready": false, "insight": "Users of LastPass and Bitwarden are being targeted with a phis..
4:10 pm, July 14, 2026 Cybersecurity
Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
{ "priority": "CRITICAL", "cve": "N/A", "target": "ShareFile Storage Zone Controllers", "threat_actor": "N/A", "patch_ready": true, "insight": "Progress Software confirmed a high-severity ..
4:10 pm, July 14, 2026 Cybersecurity
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
{ "priority": "HIGH", "cve": "N/A", "target": "RabbitMQ", "threat_actor": "N/A", "patch_ready": false, "insight": "Two access control-related flaws in RabbitMQ could allow attackers to lea..
3:10 pm, July 14, 2026 Cybersecurity
OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft Entra ID", "threat_actor": "Multiple threat actors", "patch_ready": false, "insight": "Attackers use OAuth client ID spoofing to va..
2:10 pm, July 14, 2026 Cybersecurity
How Pentera Turns AI Security Workflows into Validation Engines
AI security agents are starting to influence real security decisions. They summarize findings, prioritize remediation, recommend next steps, and help teams move faster. But most still rely on fragment..
2:10 pm, July 14, 2026 Cybersecurity
Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks
``` { "priority": "MEDIUM", "cve": "N/A", "target": "Crypto Wallet Extensions", "threat_actor": "N/A", "patch_ready": false, "insight": "Researchers found address leaks and cross-site trac..
2:10 pm, July 14, 2026 Cybersecurity
11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Secure Boot on most systems using the moder..
2:10 pm, July 14, 2026 Cybersecurity
You Don't Have to Run an Exploit to Know If You're Vulnerable
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "TTP chaining helps organizations determine exploitability by validating attack..
2:10 pm, July 14, 2026 Cybersecurity
New phishing kits target Microsoft 365 accounts, evade MFA
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "N/A", "patch_ready": false, "insight": "New phishing kits, Jalisco and OmegaLord, target Microsoft 365 accou..
1:10 pm, July 14, 2026 Cybersecurity
Microsoft Entra ID gets passkeys default authentication starting September
{ "priority": "INFO", "cve": "N/A", "target": "Microsoft Entra ID", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft announces passkeys as default authentication for Entr..
1:10 pm, July 14, 2026 Cybersecurity
SAP warns of critical flaws in NetWeaver and Commerce Cloud
{ "priority": "CRITICAL", "cve": "N/A", "target": "SAP NetWeaver and Commerce Cloud", "threat_actor": "N/A", "patch_ready": true, "insight": "SAP addressed 16 vulnerabilities across multip..
12:10 pm, July 14, 2026 Cybersecurity
Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
{"priority":"HIGH","cve":"N/A","target":"xAI's Grok Build","threat_actor":"N/A","patch_ready":false,"insight":"xAI's Grok Build coding CLI was uploading entire Git repositories to a Google Cloud Stora..
11:10 am, July 14, 2026 Cybersecurity
Microsoft starts testing cleaner Windows Search without ads
{ "priority": "INFO", "cve": "N/A", "target": "Windows Search", "threat_actor": "N/A", "patch_ready": false, "insight": "Microsoft is testing an ad-free version of Windows Search." }
11:10 am, July 14, 2026 Cybersecurity
Grok Build Uploads Entire Git Repositories to xAI Storage, Not Just Files It Reads
{"priority":"HIGH","cve":"N/A","target":"xAI's Grok Build","threat_actor":"N/A","patch_ready":false,"insight":"Grok Build's coding CLI was uploading entire Git repositories to xAI Storage, exposing se..
10:10 am, July 14, 2026 Cybersecurity
US sanctions VPN, malware providers for enabling ransomware attacks
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. organizations. [...]
10:10 am, July 14, 2026 Cybersecurity
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
{ "priority": "HIGH", "cve": "N/A", "target": "Salesforce", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "ShinyHunters group exploited Salesforce via OAuth connections ..
9:10 am, July 14, 2026 Cybersecurity
148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
{ "priority": "HIGH", "cve": "N/A", "target": "npm packages", "threat_actor": "N/A", "patch_ready": false, "insight": "A campaign of 148 npm packages disguised as student web proxies turne..
9:10 am, July 14, 2026 Cybersecurity
U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
{ "priority": "HIGH", "cve": "N/A", "target": "1VPNS", "threat_actor": "N/A", "patch_ready": false, "insight": "U.S. sanctions VPN service and malware cryptor seller for supporting ransomw..
9:10 am, July 14, 2026 Cybersecurity
Microsoft Maps Year-Long ShinyHunters-Linked Salesforce Data Theft Across Three Paths
{ "priority": "HIGH", "cve": "N/A", "target": "Salesforce", "threat_actor": "ShinyHunters", "patch_ready": false, "insight": "ShinyHunters-linked attackers exploited trust through OAuth co..
7:10 am, July 14, 2026 Cybersecurity
ISC Stormcast For Tuesday, July 14th, 2026 https://isc.sans.edu/podcastdetail/10006, (Tue, Jul 14th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
3:10 am, July 14, 2026 Cybersecurity
Japan's largest taxi operator shuts systems after cyberattack
{ "priority": "HIGH", "cve": "N/A", "target": "Nihon Kotsu", "threat_actor": "N/A", "patch_ready": false, "insight": "Japan's largest taxi operator, Nihon Kotsu, shut down systems after a ..
9:10 pm, July 13, 2026 Cybersecurity
Hackers backdoor Jscrambler npm package with infostealer malware
{ "priority": "HIGH", "cve": "N/A", "target": "Jscrambler npm package", "threat_actor": "Unknown threat actor", "patch_ready": false, "insight": "A malicious version of the Jscrambler npm ..
8:10 pm, July 13, 2026 Cybersecurity
New CrashStealer malware poses as Apple crash reporting tool
A new macOS information-stealing malware called CrashStealer pretends to be Apple's crash-reporting tool to steal credentials, keychain data, and crypto wallets. [...]
7:10 pm, July 13, 2026 Cybersecurity
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
{ "priority": "HIGH", "cve": "N/A", "target": "ModHeader", "threat_actor": "N/A", "patch_ready": false, "insight": "Google and Microsoft pulled ModHeader with 1.6 million installs due to a..
6:10 pm, July 13, 2026 Cybersecurity
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
``` { "priority": "HIGH", "cve": "N/A", "target": "macOS", "threat_actor": "N/A", "patch_ready": false, "insight": "CrashStealer, a native C++-based macOS information stealer, uses a notar..
6:10 pm, July 13, 2026 Cybersecurity
New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email
{ "priority": "HIGH", "cve": "N/A", "target": "AI Agents", "threat_actor": "N/A", "patch_ready": false, "insight": "A single email can trick an AI assistant into saving a false fact about ..
4:10 pm, July 13, 2026 Cybersecurity
Lessons Learned from CISA’s Recent GitHub Leak
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA credentials -- including AWS Govcloud keys --..
4:10 pm, July 13, 2026 Cybersecurity
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More
{"priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "The article discusses the current state of cybersecurity, highlighting the use of automated..
4:10 pm, July 13, 2026 Cybersecurity
CISA warns of actively exploited RCE flaws in Joomla extensions
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that attackers are exploiting vulnerabilities in the iCagenda and Balbooa Forms extensions for Joomla to achieve remote code..
4:10 pm, July 13, 2026 Cybersecurity
Lidl discloses online shop breach after service provider hack
{ "priority": "MEDIUM", "cve": "N/A", "target": "Lidl online shop", "threat_actor": "N/A", "patch_ready": false, "insight": "Lidl discloses online shop breach after service provider hack, ..
3:10 pm, July 13, 2026 Cybersecurity
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "Forg365", "patch_ready": false, "insight": "Forg365 PhaaS operation targets Microsoft 365 accounts with devi..
2:10 pm, July 13, 2026 Cybersecurity
UK charges suspects linked to Russian Coms call spoofing platform
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "UK authorities charged five people linked to Russian Coms, a caller ID spoofin..
2:10 pm, July 13, 2026 Cybersecurity
Breach at the Beach: Play the Ultimate Entra ID CTF
Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigate Entra ID attack techniques using realisti..
2:10 pm, July 13, 2026 Cybersecurity
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory
{ "priority": "MEDIUM", "cve": "N/A", "target": "Active Directory", "threat_actor": "Unknown", "patch_ready": false, "insight": "An unknown threat actor used a PowerShell script for Active..
1:10 pm, July 13, 2026 Cybersecurity
Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots
{"priority":"INFO","cve":"N/A","target":"N/A","threat_actor":"N/A","patch_ready":false,"insight":"The article discusses the integration of autonomous AI with analyst copilots in Security Operations Ce..
1:10 pm, July 13, 2026 Cybersecurity
Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling
{ "priority": "INFO", "cve": "N/A", "target": "Meta AI", "threat_actor": "N/A", "patch_ready": false, "insight": "Meta files patent for AI that listens to voice and tracks emotions through..
1:10 pm, July 13, 2026 Cybersecurity
EU sanctions Russian GRU military hackers over cyberattacks
{ "priority": "HIGH", "cve": "N/A", "target": "Russian GRU", "threat_actor": "Russian GRU military hackers", "patch_ready": false, "insight": "The European Union and the United Kingdom san..
12:10 pm, July 13, 2026 Cybersecurity
US and allies warn of Russian critical infrastructure attacks
{ "priority": "HIGH", "cve": "N/A", "target": "Critical Infrastructure Networks", "threat_actor": "Russian State Hackers", "patch_ready": false, "insight": "US and allies warn of Russian c..
10:10 am, July 13, 2026 Cybersecurity
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365
{ "priority": "HIGH", "cve": "N/A", "target": "Microsoft 365", "threat_actor": "Evilginx", "patch_ready": false, "insight": "Misconfigured server exposes Evilginx phishing ops targeting Mi..
9:10 am, July 13, 2026 Cybersecurity
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabiliti..
7:10 am, July 13, 2026 Cybersecurity
Someone Is Scanning for Your MCP Servers and AI Assistant Credentials, (Mon, Jul 13th)
{ "priority": "INFO", "cve": "N/A", "target": "MCP Servers and AI Assistant Credentials", "threat_actor": "N/A", "patch_ready": false, "insight": "Scanning activity targeting MCP servers a..
5:10 am, July 13, 2026 Cybersecurity
ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)
{ "priority": "INFO", "cve": "N/A", "target": "N/A", "threat_actor": "N/A", "patch_ready": false, "insight": "A summary of an article on how to earn a billion dollars." }
2:10 am, July 13, 2026 Cybersecurity
OpenAI temporarily relaxes GPT-5.6 Sol usage limits
{ "priority": "INFO", "cve": "N/A", "target": "GPT-5.6 Sol", "threat_actor": "N/A", "patch_ready": false, "insight": "OpenAI temporarily relaxes GPT-5.6 Sol usage limits due to surging dem..
1:10 am, July 13, 2026 Cybersecurity
Claude Fable 5 stays free for paid users until July 19 as Anthropic buys more time
{"priority": "INFO", "cve": "N/A", "target": "Claude Fable 5", "threat_actor": "N/A", "patch_ready": false, "insight": "Anthropic extends access to Claude Fable 5 for paid subscribers until July 19."}..
8:10 pm, July 12, 2026 Cybersecurity
