Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-07 08:00 PDT
- The GitHub Actions Attack Pattern Your CI Security Scanners Miss
BleepingComputer • 2026-07-07 07:01 • www.bleepingcomputer.com
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn’t guarantee a secure pipeline, and how organizations can better govern their CI/CD workflows. […]
https://www.bleepingcomputer.com/news/security/the-github-actions-attack-pattern-your-ci-security-scanners-miss/ - Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
The Hacker News • 2026-07-07 06:27 • thehackernews.com
U.S. prosecutors linked an alleged Scattered Spider hacker to a break-in at a luxury jewelry retailer using a persistent Windows device ID, according to a newly unsealed federal complaint.Microsoft records tied that ID first to the account the attackers used to keep access during the May 2025 intrusion, then to online accounts prosecutors say belong to 19-year-old Peter Stokes.
Stokes is
https://thehackernews.com/2026/07/court-filing-reveals-windows-device-id.html - Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants
The Hacker News • 2026-07-07 06:27 • thehackernews.com
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence (AI) platform, that could result in cross-tenant compromise.The one-click vulnerability has been codenamed WriteOut by the Sand Security Research team.
“An outsider could go from having no access to taking over any Writer AI
https://thehackernews.com/2026/07/writer-ai-flaw-could-let-agent-previews.html - Two arrested over credit card phishing – as the Netherlands is named Europe’s worst for payment fraud
Graham Cluley • 2026-07-07 05:56 • www.bitdefender.com
Two young men have been arrested in the Netherlands on suspicion of running a phishing operation that harvested the credit card details of unsuspecting victims.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/two-arrested-credit-card-phishing-netherlands-europe-payment-fraud - Webinar tomorrow: Why modern email attacks require a new approach to defense
BleepingComputer • 2026-07-07 05:12 • www.bleepingcomputer.com
Tomorrow’s webinar explores how behavioral AI can help organizations detect sophisticated phishing, business email compromise, and account takeover attacks while reducing alert fatigue through automated investigation and response workflows. […]
https://www.bleepingcomputer.com/news/security/webinar-tomorrow-why-modern-email-attacks-require-a-new-approach-to-defense/ - New Januscape Linux flaw allows VM escape on Intel, AMD devices
BleepingComputer • 2026-07-07 05:06 • www.bleepingcomputer.com
A 16-year-old Linux kernel vulnerability, dubbed Januscape, allows attackers to escape a virtual machine and execute arbitrary code on the host. […]
https://www.bleepingcomputer.com/news/linux/new-januscape-linux-kernel-flaw-allows-vm-escape-on-intel-amd-devices/ - What Changes When Your Software Supply Chain Includes AI Writing Your Code?
The Hacker News • 2026-07-07 04:30 • thehackernews.com
Software supply chain security was hard enough. Then AI joined the build pipeline.For five years, “software supply chain security” meant one question: what’s in your code? Which open-source packages, which versions, which transitive dependencies three layers deep that nobody chose on purpose?
SolarWinds, Log4Shell, and XZ Utils all taught the same lesson: the risk lives less in the code a
https://thehackernews.com/2026/07/what-changes-when-your-software-supply.html - Google Is Suing Chinese Scammers Who Are Using Gemini
Schneier on Security • 2026-07-07 03:43 • www.schneier.comNot sure this will have any effect, but I support the effort:
According to Google’s legal filing, Outsider Enterprise operates through Telegram. The group offers phishing-as-a-service to individuals who may not be technically savvy enough to set up fraudulent websites and text campaigns on their own. In its Telegram channels, Outsider Enterprise reportedly provided instructions on how to use Google’s Gemini AI to create websites th…
https://www.schneier.com/blog/archives/2026/07/google-is-suing-chinese-scammers-who-are-using-gemini.html - Threat landscape for industrial automation systems. Q1 2026
Securelist • 2026-07-07 03:00 • securelist.com
This report contains industrial threat statistics for Q1 2026, including industrial threat distribution by type, source, region and industry.
https://securelist.com/industrial-threat-report-q1-2026/120643/ - Microsoft to enable Windows settings backup by default for orgs
BleepingComputer • 2026-07-07 02:41 • www.bleepingcomputer.com
Microsoft says the Windows settings backup and restore tool will be enabled by default on Microsoft Entra-joined or Microsoft Entra hybrid-joined enterprise systems after upgrading to Windows 11 26H2. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-enable-windows-backup-for-organizations-by-default/ - Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
The Hacker News • 2026-07-07 02:10 • thehackernews.com
A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign.The activity involves the exploitation of now-patched, critical security flaws in the open-source email solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon credentials,
https://thehackernews.com/2026/07/suspected-china-aligned-hackers-exploit.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
