Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-16 08:00 PDT
- Protecting Privacy in an AI Era
Schneier on Security • 2026-07-16 07:34 • www.schneier.comDaniel Solove argues in the Wall Street Journal (alternate link) that giving people control of their personal data is not an effective way to regulate privacy in this era. Instead, we need to hold companies accountable for their actions, similar to what we do with food and drug companies. Measures such as rigorous data minimization, fiduciary duties, liability for negligent or reckless technological design, liability for algorithms that cause harm, and multi-st…
https://www.schneier.com/blog/archives/2026/07/protecting-privacy-in-an-ai-era.html - AI Agents Broke the Security Playbook. Here's What Replaces It.
BleepingComputer • 2026-07-16 07:00 • www.bleepingcomputer.com
Traditional security workflows were built for environments that changed at human speed. Token Security explains why AI agents require a new approach: building on a live identity foundation while giving security teams the flexibility to create workflows tailored to their own environments. […]
https://www.bleepingcomputer.com/news/security/ai-agents-broke-the-security-playbook-heres-what-replaces-it/ - 23andMe to pay $18 million in new genetics data breach settlement
BleepingComputer • 2026-07-16 06:47 • www.bleepingcomputer.com
Genetic testing company 23andMe has agreed to pay $18 million to settle claims from a coalition of 43 attorneys general that it failed to protect customers’ genetic data. […]
https://www.bleepingcomputer.com/news/security/23andme-to-pay-18-million-in-new-genetics-data-breach-settlement/ - n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer
The Hacker News • 2026-07-16 06:33 • thehackernews.com
n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one external token issuer, it matched an incoming JWT to a local user on the sub claim alone and ignored iss.A valid token from issuer A carrying a sub that belongs to someone under issuer B logged you in as them. Their password never
https://thehackernews.com/2026/07/n8n-token-exchange-flaw-could-let.html - HelloNet campaign — new malicious modules launched through the ViPNet update system
Securelist • 2026-07-16 06:05 • securelist.com
We identified targeted infection attempts against large Russian organizations using the ViPNet update system (a software suite for creating secure networks).
https://securelist.com/tr/hellonet-vipnet/120700/ - New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands
The Hacker News • 2026-07-16 05:50 • thehackernews.com
Cybersecurity researchers have called attention to a new modular malware called TELEPUZ that’s been spreading via websites infected with ClickFix lures since late April 2026.“The malware is full-featured, lightweight, and modular,” Elastic Security Labs researcher Cyril François said in a technical report. “While the number of C2 [command-and-control] domains is currently small, the daily
https://thehackernews.com/2026/07/new-telepuz-malware-spreads-via.html - New ClickLock macOS Stealer Kills Apps Every 210ms Until Victims Type Their Password
The Hacker News • 2026-07-16 05:33 • thehackernews.com
ClickLock Stealer, a new macOS infostealer, answers a victim’s refusal by killing their apps on a loop until they hand over the login password. It arrives as a command pasted into Terminal, asks for the password behind a fake system dialog, and when the victim cancels, installs two LaunchAgents and quietly exits.At the next login, Finder, the Dock, Spotlight, Terminal, Activity Monitor, and
https://thehackernews.com/2026/07/new-clicklock-macos-stealer-kills-apps.html - Scattered Spider members behind TfL hack get five years in prison
BleepingComputer • 2026-07-16 05:31 • www.bleepingcomputer.com
Two leading members of the Scattered Spider cybercrime collective were sentenced to five years and six months in prison each for hacking Transport for London (TfL) in 2024. […]
https://www.bleepingcomputer.com/news/security/scattered-spider-members-behind-transport-for-london-hack-get-five-years-in-prison/ - GoSerpent: a persistent threat evolves with sophisticated data collection and exfiltration
Securelist • 2026-07-16 05:00 • securelist.com
Two-phase attacks with the GoSerpent backdoor, Stowaway RAT, ThumbcacheService and other tools aim to steal data from government entities in Southeast Asia.
https://securelist.com/goserpent-backdoor-in-southeast-asia/120687/ - Windows 11 24H2 Home and Pro reach end of support in 90 days
BleepingComputer • 2026-07-16 04:59 • www.bleepingcomputer.com
Microsoft announced on Wednesday that systems running Windows 10 Enterprise LTSB 2016 and Home and Pro editions of Windows 11 24H2 will stop receiving updates in three months. […]
https://www.bleepingcomputer.com/news/microsoft/windows-11-24h2-home-and-pro-reach-end-of-support-in-90-days/ - 20+ Hijacked Government Websites Became
an Attack Channel
The Hacker News • 2026-07-16 04:58 • thehackernews.com
More than 20 Brazilian government websites were hijacked and turned into malware delivery channels in an active PhantomEnigma campaign uncovered by ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions.The investigation revealed previously undocumented backdoor behavior, hidden infrastructure relationships, and multiple attack arms behind a campaign
https://thehackernews.com/2026/07/20-hijacked-government-websites.html - New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands
The Hacker News • 2026-07-16 04:32 • thehackernews.com
Ask an AI agent to summarize the reviews on a product page, and a single planted review can make it click “Buy Now” instead. Ask a coding assistant to apply a maintainer’s fix from a GitHub thread, and a fake comment can make it run a stranger’s command on your computer.Neither trick hijacks the agent’s task. Each one just corrupts the facts it trusts and lets it carry on with the job you
https://thehackernews.com/2026/07/new-agent-data-injection-attack-can.html - Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor
The Hacker News • 2026-07-16 04:17 • thehackernews.com
An advanced malware previously attributed to a China-linked threat actor has resurfaced after more than four years within a Taiwan manufacturing firm, along with a previously unreported backdoor dubbed Stupig.Daxin (“srt64.sys”), as the kernel-mode rootkit is referred to, was first documented by Broadcom-owned Symantec in March 2022, with evidence indicating its use in targeted attacks aimed
https://thehackernews.com/2026/07/daxin-resurfaces-in-taiwan-alongside.html - CISA orders feds to patch actively exploited Oracle flaw by Saturday
BleepingComputer • 2026-07-16 03:56 • www.bleepingcomputer.com
CISA has ordered federal agencies to secure their systems by Saturday against ongoing attacks exploiting a critical vulnerability in the Oracle E-Business Suite financial application. […]
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-oracle-flaw-by-saturday/ - Russian hackers trojanize WebEx, Zoom apps to push Starland malware
BleepingComputer • 2026-07-16 03:19 • www.bleepingcomputer.com
A financially motivated Russian threat actor tracked as UAT-11795 is using trojanized software to steal credentials and cryptocurrency by deploying a new backdoor called Starland RAT. […]
https://www.bleepingcomputer.com/news/security/russian-hackers-trojanize-webex-zoom-apps-to-push-starland-malware/ - AI Can Find Bugs, But Human Knowledge Still Proves Them
The Hacker News • 2026-07-16 03:10 • thehackernews.com
Artificial intelligence (AI) is changing offensive security, but it has not changed the standard that matters most: a finding has to be proven before it becomes useful. AI-assisted tools can read code quickly, generate payloads, summarize attack surfaces, explain unfamiliar APIs, and run repetitive testing workflows at impressive speed. That is a real advantage for security teams. It also
https://thehackernews.com/2026/07/ai-can-find-bugs-but-human-knowledge.html - New Spirals ransomware encrypts victim network in under 24 hours
BleepingComputer • 2026-07-16 03:00 • www.bleepingcomputer.com
A new ransomware actor called Spirals completed a corporate intrusion, from initial access to data theft and encryption, in less than 24 hours. […]
https://www.bleepingcomputer.com/news/security/new-spirals-ransomware-encrypts-victim-network-in-under-24-hours/ - Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide
The Hacker News • 2026-07-16 02:23 • thehackernews.com
Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people’s Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext.A researcher publishing under the handle tokay0 put the method online on Monday, having tested it only against vacuums he
https://thehackernews.com/2026/07/unpatched-shark-vacuum-flaw-could-let.html - Smashing Security podcast #476: Remote-control rickshaws and rogue book marketers
Graham Cluley • 2026-07-16 02:02 • grahamcluley.com
An app has appeared in India that lets anyone with a smartphone stop a passing e-rickshaw dead in its tracks – no login, no passwords, no permissions needed.Meanwhile, Geoff – swimming in money and Lamborghinis, as all published authors are – has been on the receiving end of a slew of AI-generated scam pitches from fake book marketing experts. Rather than ignore them, he’s been playing them at their own game…
All this and more in this episode of the “Smashing Security” podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Geoff White.
https://grahamcluley.com/smashing-security-podcast-476/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
