Categories Breaking News

Breaking News – Cyber Threats – 2026-07-07 08:00 PDT

Breaking News – Cyber Threats (last 6h)

Generated: 2026-07-07 08:00 PDT

  • The GitHub Actions Attack Pattern Your CI Security Scanners Miss
    BleepingComputer • 2026-07-07 07:01 • www.bleepingcomputer.com
    ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn’t guarantee a secure pipeline, and how organizations can better govern their CI/CD workflows. […]
    https://www.bleepingcomputer.com/news/security/the-github-actions-attack-pattern-your-ci-security-scanners-miss/
  • Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
    The Hacker News • 2026-07-07 06:27 • thehackernews.com
    U.S. prosecutors linked an alleged Scattered Spider hacker to a break-in at a luxury jewelry retailer using a persistent Windows device ID, according to a newly unsealed federal complaint.

    Microsoft records tied that ID first to the account the attackers used to keep access during the May 2025 intrusion, then to online accounts prosecutors say belong to 19-year-old Peter Stokes.

    Stokes is
    https://thehackernews.com/2026/07/court-filing-reveals-windows-device-id.html

  • Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants
    The Hacker News • 2026-07-07 06:27 • thehackernews.com
    Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial intelligence (AI) platform, that could result in cross-tenant compromise.

    The one-click vulnerability has been codenamed WriteOut by the Sand Security Research team.

    “An outsider could go from having no access to taking over any Writer AI
    https://thehackernews.com/2026/07/writer-ai-flaw-could-let-agent-previews.html

  • Two arrested over credit card phishing – as the Netherlands is named Europe’s worst for payment fraud
    Graham Cluley • 2026-07-07 05:56 • www.bitdefender.com
    Two young men have been arrested in the Netherlands on suspicion of running a phishing operation that harvested the credit card details of unsuspecting victims.

    Read more in my article on the Hot for Security blog.
    https://www.bitdefender.com/en-us/blog/hotforsecurity/two-arrested-credit-card-phishing-netherlands-europe-payment-fraud

  • Webinar tomorrow: Why modern email attacks require a new approach to defense
    BleepingComputer • 2026-07-07 05:12 • www.bleepingcomputer.com
    Tomorrow’s webinar explores how behavioral AI can help organizations detect sophisticated phishing, business email compromise, and account takeover attacks while reducing alert fatigue through automated investigation and response workflows. […]
    https://www.bleepingcomputer.com/news/security/webinar-tomorrow-why-modern-email-attacks-require-a-new-approach-to-defense/
  • New Januscape Linux flaw allows VM escape on Intel, AMD devices
    BleepingComputer • 2026-07-07 05:06 • www.bleepingcomputer.com
    A 16-year-old Linux kernel vulnerability, dubbed Januscape, allows attackers to escape a virtual machine and execute arbitrary code on the host. […]
    https://www.bleepingcomputer.com/news/linux/new-januscape-linux-kernel-flaw-allows-vm-escape-on-intel-amd-devices/
  • What Changes When Your Software Supply Chain Includes AI Writing Your Code?
    The Hacker News • 2026-07-07 04:30 • thehackernews.com
    Software supply chain security was hard enough. Then AI joined the build pipeline.

    For five years, “software supply chain security” meant one question: what’s in your code? Which open-source packages, which versions, which transitive dependencies three layers deep that nobody chose on purpose?

    SolarWinds, Log4Shell, and XZ Utils all taught the same lesson: the risk lives less in the code a
    https://thehackernews.com/2026/07/what-changes-when-your-software-supply.html

  • Google Is Suing Chinese Scammers Who Are Using Gemini
    Schneier on Security • 2026-07-07 03:43 • www.schneier.com

    Not sure this will have any effect, but I support the effort:

    According to Google’s legal filing, Outsider Enterprise operates through Telegram. The group offers phishing-as-a-service to individuals who may not be technically savvy enough to set up fraudulent websites and text campaigns on their own. In its Telegram channels, Outsider Enterprise reportedly provided instructions on how to use Google’s Gemini AI to create websites th…
    https://www.schneier.com/blog/archives/2026/07/google-is-suing-chinese-scammers-who-are-using-gemini.html

  • Threat landscape for industrial automation systems. Q1 2026
    Securelist • 2026-07-07 03:00 • securelist.com
    This report contains industrial threat statistics for Q1 2026, including industrial threat distribution by type, source, region and industry.
    https://securelist.com/industrial-threat-report-q1-2026/120643/
  • Microsoft to enable Windows settings backup by default for orgs
    BleepingComputer • 2026-07-07 02:41 • www.bleepingcomputer.com
    Microsoft says the Windows settings backup and restore tool will be enabled by default on Microsoft Entra-joined or Microsoft Entra hybrid-joined enterprise systems after upgrading to Windows 11 26H2. […]
    https://www.bleepingcomputer.com/news/microsoft/microsoft-to-enable-windows-backup-for-organizations-by-default/
  • Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
    The Hacker News • 2026-07-07 02:10 • thehackernews.com
    A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign.

    The activity involves the exploitation of now-patched, critical security flaws in the open-source email solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon credentials,
    https://thehackernews.com/2026/07/suspected-china-aligned-hackers-exploit.html

Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.

Written By

More From Author

You May Also Like