Categories Uncategorized

Weekly Threat Report 2026-07-13

Weekly Threat Intelligence Summary

Top 10 General Cyber Threats

Generated 2026-07-13T05:00:05.348155+00:00

  1. Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts (www.malwarebytes.com, 2026-07-03T13:30:36)
    Score: 8.592
    Two new campaigns show how cybercriminals are increasingly relying on social engineering instead of software exploits to compromise devices and accounts.
  2. Microsoft fixes RoguePlanet zero-day in Defender (www.malwarebytes.com, 2026-07-09T11:38:12)
    Score: 8.579
    The RoguePlanet zero-day is now fixed in Microsoft Defender. Here's how to make sure your system is protected.
  3. Evaluating Mexico’s New Cybersecurity Plan (www.recordedfuture.com, 2026-06-25T00:00:00)
    Score: 7.965
    Explore an analysis of Mexico’s 2025–2030 National Cybersecurity Plan. Discover how Mexico is addressing critical threats like ransomware, organized crime, and AI-driven attacks while preparing its digital infrastructure for the 2026 FIFA World Cup and beyond
  4. This new Windows malware can take over your PC and wipe it clean (www.malwarebytes.com, 2026-07-10T13:25:41)
    Score: 7.759
    GigaWiper is a remote access Trojan that can spy on victims and permanently wipe their systems in three different ways.
  5. June 2026 CVE Landscape (www.recordedfuture.com, 2026-07-10T00:00:00)
    Score: 7.465
    In June 2026, Insikt Group® identified 60 high-impact vulnerabilities that should be prioritized for remediation, 30 of which had a Very Critical Recorded Future Risk Score. This represents a 49% increase from last month.
  6. Two Chrome updates in two days fix critical vulnerabilities (www.malwarebytes.com, 2026-07-10T10:32:54)
    Score: 7.239
    Chrome updates are arriving within days of each other. Learn how to update Chrome and check if you're running the latest version.
  7. Browser Security: Zero-Days Are Only Part of the Problem (www.crowdstrike.com, 2026-06-30T05:00:00)
    Score: 7.033
  8. Apple’s Hide My Email doesn’t hide it very well (www.malwarebytes.com, 2026-07-02T16:22:25)
    Score: 6.446
    A year ago a researcher found a vulnerability in Apple's Hide My Email feature and now he's tired of waiting for a fix.
  9. Fake Google and Cloudflare verification pages spread multiple malware families (www.malwarebytes.com, 2026-07-02T16:05:08)
    Score: 6.444
    We uncovered ClickFix attacks using fake Google and Cloudflare pages to deliver everything from infostealers to a newly discovered malware loader.
  10. Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Tool (www.recordedfuture.com, 2026-07-01T00:00:00)
    Score: 6.165
    Discover how Iranian-nexus threat cluster TAG-182 uses MarkiRAT malware and fake VPN/media apps to conduct cyber surveillance operations against domestic targets.

Top 10 AI / LLM-Related Threats

Generated 2026-07-13T06:00:15.804508+00:00

  1. Weekly Metasploit Update: Exploits for FlowiseAI CSV Agent and MacOS Package Kit (www.rapid7.com, 2026-07-11T00:32:34)
    Score: 18.97
    More AI, more software, more bugs! AI, it's all you hear about nowadays and everyone's got an opinion on it. Here at Metasploit, we care less about those opinions and more about the growing attack surface all this new software brings with it (yeehaw exploits!). Take for example the new Flowise CSV Agent Prompt Injection RCE brought to you by Takahiro Yokoyama and zdi-disclosures. Flowise is an open-source tool that lets you build AI apps and chatbots using a visual, drag-and-drop canva
  2. The LLMbda Calculus: AI Agents, Conversations, and Information Flow (arxiv.org, 2026-07-13T04:00:00)
    Score: 18.78
    arXiv:2602.20064v2 Announce Type: replace-cross
    Abstract: Large language models are increasingly deployed as agents: they plan, call tools, read untrusted data, and act on the results. This exposes them to prompt injection: data meant only to be read is obeyed as an instruction. The most principled defences replace content inspection with provenance: classifying data by source and keeping trusted and untrusted apart through a separation of duty (the dual-LLM pattern) and information-flow contro
  3. VEXAIoT: Autonomous IoT Vulnerability EXploitation using AI Agents (arxiv.org, 2026-07-13T04:00:00)
    Score: 17.78
    arXiv:2607.09653v1 Announce Type: new
    Abstract: Internet of Things (IoT) systems are inherently vulnerable due to constrained hardware, outdated firmware, and insecure default configurations, creating a need for scalable and adaptive security testing approaches. While recent adoptions of Large Language Model (LLM) agents have demonstrated promise in penetration testing and Capture-the-Flag (CTF) environments, their application to IoT specific vulnerabilities remains unexplored. This paper prese
  4. Formalizing Red Teaming Offensive Methodology as a Multi-Agent AI Architecture (www.rapid7.com, 2026-07-02T13:32:24)
    Score: 15.956
    Threat actors are integrating AI into their exploit chains, accelerating reconnaissance, automating vulnerability discovery, and scaling social engineering in ways that compress the timeline between initial access and impact. The barrier to sophisticated offensive operations is dropping fast. Rapid7's Red Team is doing the same. Over the past year we formalized our approach into a structured multi-agent system that follows our penetration testing methodology end-to-end from scoping an engag
  5. Efficient and Universal Watermarking for LLM-Generated Code Detection (arxiv.org, 2026-07-13T04:00:00)
    Score: 14.78
    arXiv:2402.07518v5 Announce Type: replace
    Abstract: Large language models (LLMs) have significantly enhanced the usability of AI-generated code, providing effective assistance to programmers. This advancement also raises ethical and legal concerns, such as academic dishonesty and the generation of malicious code. For accountability, it is imperative to detect whether a piece of code is AI-generated. Watermarking is broadly considered a promising solution and has been successfully applied to ide
  6. Secret Scanner Agent: Extracting Secrets and Access Context from Unstructured Documents (arxiv.org, 2026-07-13T04:00:00)
    Score: 12.48
    arXiv:2607.09011v1 Announce Type: new
    Abstract: Exposed documents such as emails, chat threads, tickets, and incident notes routinely leak credentials, but during incident response a leaked secret is only half the story. Responders also need to identify the “door'' the secret opens: the account, tenant, endpoint, database, cloud resource, or other system that the credential could allow an attacker to access. Traditional secret scanners rely on regular expressions or trained classifie
  7. SherAgent: Scaling Attack Investigation in the Wild via LLM-Empowered Iterative Query-Filter Backtracking (arxiv.org, 2026-07-13T04:00:00)
    Score: 12.48
    arXiv:2607.09176v1 Announce Type: new
    Abstract: Provenance-based attack investigation enables viable automation by standardizing data and query logic; however, it is critically hindered in practice by dependency explosions and fragmented causal chains in the wild. Towards designing a robust and automated investigation tool, we collaborated with the SOC of a major Internet corporation serving billions of users. By engaging in real-world incident response, we are able to evaluate and refine their
  8. Powering scientific discovery: BYOKG and GraphRAG for intelligent pharmaceutical research (aws.amazon.com, 2026-07-08T16:57:12)
    Score: 12.318
    In this post, we explore how Graph-based Retrieval Augmented Generation (GraphRAG) is transforming scientific research by combining graph databases with generative AI. With this approach, you can accelerate discovery processes without compromising scientific integrity.
  9. When Routes Run Out: Adversarial Co-Learning and Explainable Robustness in Quantum Repeater Networks (arxiv.org, 2026-07-13T04:00:00)
    Score: 11.78
    arXiv:2607.09378v1 Announce Type: cross
    Abstract: We study an adversarial bandit problem for entanglement-based quantum-network routing over a modest graph corpus. Alice selects an end-to-end repeater route for an Ekert-91 protocol (E91) representing her move, while Eve selects an attack surface, either edge intercept–resend or repeater memory degradation. Payoffs are drawn from cached SeQUeNCe-simulated E91 transcripts, and Alice accepts a turn when the finite-sample statistic violates the Cl
  10. Beyond Embeddings: Interpretable Feature Extraction for Binary Code Similarity (arxiv.org, 2026-07-13T04:00:00)
    Score: 10.78
    arXiv:2509.23449v2 Announce Type: replace-cross
    Abstract: Binary code similarity detection is a core task in reverse engineering. It supports malware analysis and vulnerability discovery by identifying semantically similar code in different contexts. Modern methods have progressed from manually engineered features to vector representations. Hand-crafted statistics (e.g., operation ratios) are interpretable, but shallow and fail to generalize. Embedding-based methods overcome this by learning ro
  11. Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector (unit42.paloaltonetworks.com, 2026-07-01T01:00:11)
    Score: 9.893
    Attackers can exploit LLM domain hallucinations through phantom squatting to target supply chains. Read the analysis to learn more. The post Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector appeared first on Unit 42 .
  12. Manage AI applications on Mac with Jamf’s AI Governance and Amazon Bedrock (aws.amazon.com, 2026-07-08T15:53:08)
    Score: 9.808
    In this post, we show how you can use Jamf’s AI Governance with Amazon Bedrock to configure, deploy, and validate managed settings for AI applications across a Mac fleet.
  13. A Seed for Privacy — semi-automatic privacy-revealing data reminder in databases and data streams (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.08801v1 Announce Type: new
    Abstract: Sharing databases and data streams imposes the danger of revealing private information in the form of complex events which can comprise individual data elements and their combinations. Identifying these privacy-revealing complex events is crucial for preserving privacy while maintaining data utility. However, data producers often lack the expertise to comprehensively identify these events, which undermines many state-of-the-art privacy-preserving
  14. SeedSmith: LLM-Driven Seed Synthesis for Directed Fuzzing (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.08949v1 Announce Type: new
    Abstract: Directed fuzzing steers fuzzers toward user-defined sink functions to identify vulnerabilities, but it frequently fails to trigger crashes even after long campaigns. We identify two challenges that prevent directed fuzzers from exposing crashes: incomplete static analysis of indirect calls, which leaves reachable paths invisible to distance-based guidance, and lack of semantic guidance for crash preconditions, which blind mutation cannot satisfy w
  15. SLBench: Evaluating How LLM Agents Follow Logical Relations in Skills (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.09016v1 Announce Type: new
    Abstract: Agent skills extend LLM agents with reusable procedures, tools, and domain-specific workflows, but their safety depends on resolving dependencies among interacting instructions. We introduce SkillLogic, a framework for analyzing logical relations in skill files and constructing executable tests from them. Our taxonomy covers eight relation types, including preconditions that gate valid actions, constraints that limit how allowed actions may be per
  16. Malaika: Understanding Malware through Tri-Grounded Agentic Reasoning (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.09179v1 Announce Type: new
    Abstract: Recent LLM-based systems have shown promising capabilities for security-focused code analysis. Malware understanding, however, poses a distinct challenge: analysts must reconstruct high-level malicious behaviors under partial observability from sparse, dispersed evidence intertwined with benign functionality. While static analysis can expose security-relevant signals, the central challenge is not merely identifying suspicious code, but determining
  17. Blockchain-Linked Auditable Decision Management for Telecom/IoT Fraud-Control Requests (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.09259v1 Announce Type: new
    Abstract: Telecom fraud-control studies often stop at detector-level classification, but deployment use requires request-level policy resolution, lifecycle traceability, and auditability. This paper reframes fraud control as blockchain-linked auditable decision management for synthetic telecom/IoT fraud-control requests, and its main result is that the QLoRA-tuned LLM branch becomes much more usable than zero-shot prompting but mainly approaches, rather tha
  18. Leveraging Interpretable Tsetlin Machine for PDF Malware Detection (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.09290v1 Announce Type: new
    Abstract: In the digital era, Portable Document Format (PDF) is one of the most widely used file formats for storing and exchanging digital documents due to its platform independence and rich functionality. However, these same capabilities have also made PDF files an attractive attack vector for cyberattackers, who embed malicious code within seemingly legitimate documents to compromise target systems. This paper presents a novel interpretable Tsetlin Machi
  19. Triggering Stealthy Feature Map Backdoors via Physical Fault Injection in Embedded Neural Networks (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.09473v1 Announce Type: new
    Abstract: Fault injection (FI) attacks on embedded neural network (NN) implementations primarily focus on inducing misclassification by corrupting weights or intermediate computations, overlooking their interaction with algorithmic adversarial threats. In this work, we present a cross-level attack that bridges implementation-level physical faults to algorithm-level adversarial attacks. By characterizing fault-induced data perturbations during NN inference,
  20. Privacy Detective: A Narrative Game that Cultivates Student Developers' Privacy Awareness by Harnessing Legal Documents (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2607.09022v1 Announce Type: cross
    Abstract: Developers' choices about what data a system collects, how it is used and shared, and what defaults govern user choices directly shape users' privacy experiences. Yet, developers often make problematic privacy-related design decisions without realizing the potential consequences. We introduce Privacy Detective, a narrative investigation game that leverages real-world legal documents to train developers' privacy awareness. In the g
  21. Ruby: Unmasking Unsafe Rust in Stripped Binaries via Machine Learning (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2211.00111v3 Announce Type: replace
    Abstract: Rust, as an emerging system programming language, introduces $\texttt{unsafe}$ to allow developers to bypass safety checks during compilation. As a result, memory safety bugs are typically confined to the $\texttt{unsafe}$ regions, which have been the primary focus of Rust bug-finding tools. However, such tools rely on the presence of the $\texttt{unsafe}$ keyword in Rust source code; there are no tools available that can examine Rust binaries
  22. LDPKiT: Superimposing Remote Queries for Privacy-Preserving Distillation (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2405.16361v4 Announce Type: replace-cross
    Abstract: To protect privacy in regulated domains such as healthcare and finance, model owners may allow only remote API access while keeping both the training data and model parameters private. However, model users performing inference on such remotely hosted models may be required to transmit potentially sensitive inputs, raising privacy concerns. In this work, we present LDPKiT, a framework for non-adversarial, privacy-preserving model distilla
  23. Computing Isomorphisms between Products of Supersingular Elliptic Curves (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2503.21535v2 Announce Type: replace-cross
    Abstract: The Deligne-Ogus-Shioda theorem guarantees the existence of isomorphisms between products of supersingular elliptic curves over finite fields. In this paper, we present methods for explicitly computing these isomorphisms in polynomial time, given the endomorphism rings of the curves involved. Our approach leverages the Deuring correspondence, enabling us to reformulate computational isogeny problems into algebraic problems in quaternions
  24. Regression-aware Continual Learning for Android Malware Detection (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2507.18313v2 Announce Type: replace-cross
    Abstract: Malware evolves rapidly, forcing machine learning-based detectors to be continuously updated. With antivirus vendors processing hundreds of thousands of new samples daily, datasets can grow to billions of examples, making full retraining impractical. Continual learning (CL) has emerged as a scalable alternative, enabling incremental updates without full data access while mitigating catastrophic forgetting. In this work, we analyze a crit
  25. List Decoding of Reed-Solomon Codes and Folded Reed-Solomon Codes Over Galois Ring (arxiv.org, 2026-07-13T04:00:00)
    Score: 9.48
    arXiv:2511.04135v3 Announce Type: replace-cross
    Abstract: List decoding of codes can be seen as the generalization of unique decoding of codes while list decoding over finite fields has been extensively studied, extending these results to more general algebraic structures such as Galois rings remains an important challenge. Due to recent progress in zero knowledge systems, there is a growing demand to investigate the proximity gap of codes over Galois rings in Yizhou Yao(2025). The proximity ga

Auto-generated 2026-07-13

Written By

More From Author

You May Also Like