Cloud SecurityLinux bug dormant for 16 years can cause a VM escapeSteve ZurierJuly 7, 2026A single compromised hypervisor can grant root privileges over the server.
AI/MLMalicious websites trick AI agents into crypto payments, context poisoningLaura FrenchJuly 7, 2026Indirect prompt injections hidden in HTML were discovered on sites targeting developers and cryptocurrency owners.
Supply chainNorth Korean PolinRider supply chain attack targets 108 unique reposSteve ZurierJuly 6, 2026Socket says the campaign remains active and more attacks are likely.
Ransomware1st ‘agentic ransomware’ JADEPUFFER invades database at machine speedLaura FrenchJuly 2, 2026The LLM fixed a failed login attempt within 31 seconds, demonstrating real-time adaptability.
Vulnerability ManagementCISA adds SharePoint flaw to known exploited vulnerabilities listSteve ZurierJuly 2, 2026SharePoint offers bad actors a roadmap into how an organization operates.
Ransomware‘Interpol’ emails spread custom ransomware with decryption key left insideLaura FrenchJuly 2, 2026The campaign targets small businesses with fearmongering emails.
IdentityMicrosoft Azure’s CLI target of automated password spray attacksSteve ZurierJuly 1, 2026Huntress researchers saw 78 user accounts compromised across 64 organizations.
AI/ML‘BioShocking’ jailbreak tricks AI browsers into disclosing private dataLaura FrenchJuly 1, 2026A website framed as a game led AI assistants to submit private GitHub file contents.
Vulnerability ManagementCritical Oracle E-Business Suite bug actively exploitedSteve ZurierJune 30, 2026Critical Oracle EBS flaw now exploited, prompting urgent patching guidance.
MalwareAttack exploiting SimpleHelp vulnerability deploys novel loader, infostealerLaura FrenchJune 30, 2026The TaskWeaver loader delivers Djinn Stealer, which targets dev credentials and AI tokens.