Categories Breaking News

Breaking News – Cyber Threats – 2026-07-08 22:00 PDT

Breaking News – Cyber Threats (last 6h)

Generated: 2026-07-08 22:00 PDT

  • GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents
    The Hacker News • 2026-07-08 21:27 • thehackernews.com
    Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer’s computer. The assistant asks permission to edit one harmless-looking file, but the write lands on a sensitive one instead.

    The affected tools are Amazon Q Developer, Anthropic’s Claude Code, Augment, Cursor, Google Antigravity, and Windsurf.
    https://thehackernews.com/2026/07/ghostapproval-symlink-flaws-could-let.html

  • Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes
    The Hacker News • 2026-07-08 21:01 • thehackernews.com
    Cybersecurity researchers have disclosed details of a new threat actor dubbed Lurking Lizard that has been operating an end-to-end malicious residential proxy business using an infrastructure comprising more than 230 lookalike domains.

    The activity dates back to at least August 2022, according to DNS threat intelligence firm Infoblox. Once such campaign, observed earlier this year, involved the
    https://thehackernews.com/2026/07/fake-7-zip-installers-turn-devices-into.html

  • ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)
    SANS ISC Diary (full) • 2026-07-08 19:00 • isc.sans.edu
    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
    https://isc.sans.edu/diary/rss/33140
  • _HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)
    SANS ISC Diary (full) • 2026-07-08 18:20 • isc.sans.edu

    [This is a Guest Diary by Jason Callahan, an ISC intern as part of the SANS.edu BACS program]


    https://isc.sans.edu/diary/rss/33130

  • Smashing Security podcast #475: JadePuffer – the AI that ran a ransomware attack all by itself
    Graham Cluley • 2026-07-08 16:19 • grahamcluley.com
    A 15-year-old boy asked a chatbot for help – and cancelled nearly 47,000 anime streaming subscriptions in under four hours. Meanwhile, researchers have documented the first fully autonomous, agentic AI-driven ransomware attack, “JadePuffer”. What does this tell us about the future of cybersecurity?

    Also, Apple’s “Hide My Email” feature turns out to hide rather less than it promises – despite Apple knowing it has a problem for over a year.

    All this and more in this episode of the “Smashing Security” podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Zoë …
    https://grahamcluley.com/smashing-security-podcast-475/

Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.

Written By

More From Author

You May Also Like