Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-07 03:00 PDT
- Microsoft to enable Windows settings backup by default for orgs
BleepingComputer • 2026-07-07 02:41 • www.bleepingcomputer.com
Microsoft says the Windows settings backup and restore tool will be enabled by default on Microsoft Entra-joined or Microsoft Entra hybrid-joined enterprise systems after upgrading to Windows 11 26H2. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-enable-windows-backup-for-organizations-by-default/ - Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
The Hacker News • 2026-07-07 02:10 • thehackernews.com
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign.The activity involves the exploitation of now-patched, critical security flaws in the open-source email solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon credentials,
https://thehackernews.com/2026/07/suspected-china-aligned-hackers-exploit.html - BeyondTrust warns of critical flaws in remote access software
BleepingComputer • 2026-07-07 01:12 • www.bleepingcomputer.com
BeyondTrust warned customers to patch two critical security flaws in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow attackers to bypass authentication. […]
https://www.bleepingcomputer.com/news/security/beyondtrust-warns-of-critical-flaws-in-remote-access-software/ - Microsoft testing new Cloud Rebuild Windows 11 recovery feature
BleepingComputer • 2026-07-07 00:37 • www.bleepingcomputer.com
Microsoft has begun testing the Cloud Rebuild recovery feature in the latest Windows 11 Insider Preview builds released for users in the Experimental channel. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-testing-new-cloud-rebuild-windows-11-recovery-feature/ - 176: NSL
Darknet Diaries • 2026-07-07 00:00 • darknetdiaries.comOne day Nick got a visit from the FBI demanding he give them data on one of his customers. They asked for it in the form of a National Security Letter or NSL. Something wasn’t right about this letter. It seemed to violate the constitution. So he set out to change the law.
Learn more about Nicks work at calyxinstitute.org and phreeli.com.
Check out Cindy’s book Privacy’s Defender: My Thirty-Year Fight Against Digital Surve…
https://darknetdiaries.com/episode/176/ - CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
The Hacker News • 2026-07-06 23:40 • thehackernews.com
Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices’ web management interfaces, the CERT Coordination Center (CERT/CC) warned Monday.“An attacker can exploit this vulnerability, tracked as CVE-2026-11405, to bypass the password verification process
https://thehackernews.com/2026/07/certcc-warns-of-hidden-admin-backdoor.html - BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
The Hacker News • 2026-07-06 22:16 • thehackernews.com
BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susceptible devices.The vulnerabilities are listed below –
CVE-2026-40138 (CVSS score: 9.2) – A pre-authentication vulnerability exists in the
https://thehackernews.com/2026/07/beyondtrust-patches-critical-auth.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
