Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-02 08:00 PDT
- ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
BleepingComputer • 2026-07-02 07:00 • www.bleepingcomputer.com
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA bypass tactics work and how to defend against them. […]
https://www.bleepingcomputer.com/news/security/consentfix-and-clickfix-how-microsoft-365-accounts-are-hijacked-in-3-seconds/ - ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
The Hacker News • 2026-07-02 06:04 • thehackernews.com
The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that’s designed to gain surreptitious access to a victim’s email correspondence via the Google API.“In this campaign, the attackers focused their attention on corporate email communications hosted on Gmail, targeting access compromise via APIs,” Kaspersky said in a detailed report published this week. “
https://thehackernews.com/2026/07/toddycat-linked-umbrij-malware-abuses.html - Microsoft fixes bug that removed Copilot buttons in Outlook
BleepingComputer • 2026-07-02 05:15 • www.bleepingcomputer.com
Microsoft has fixed a known issue causing the Copilot Chat or Copilot buttons in Classic Outlook to disappear for Windows users with the Copilot Chat (Basic) license. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-bug-that-removed-copilot-button-in-outlook/ - Cisco finally confirms attackers exploiting Unified CM flaw
BleepingComputer • 2026-07-02 04:35 • www.bleepingcomputer.com
Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in early June. […]
https://www.bleepingcomputer.com/news/security/cisco-finally-confirms-attackers-exploiting-unified-cm-flaw/ - Identity Lifecycle Management Wasn't Built for AI Agents
The Hacker News • 2026-07-02 04:30 • thehackernews.com
Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across enterprise environments, the governance model built for humans develops structural blind spots that traditional IGA tools weren’t designed to detect. This guide covers where that model breaks, what it
https://thehackernews.com/2026/07/identity-lifecycle-management.html - Cybersecurity Mission Creep in the US
Schneier on Security • 2026-07-02 04:11 • www.schneier.comInteresting paper: “Cybersecurity Mission Creep.”
Abstract: Cybersecurity is experiencing mission creep. Policymakers are casting more and more problems as issues of cybersecurity. So reframed, wildly different policy issues, from misinformation, to child social media safety laws, to antitrust regulations, to alleged journalist misconduct, to anti-sex trafficking statutes become what this Article calls “cybersecuritized.” Before this reframing, these issues present …
https://www.schneier.com/blog/archives/2026/07/cybersecurity-mission-creep-in-the-us.html - CISA: Microsoft SharePoint RCE flaw now actively exploited
BleepingComputer • 2026-07-02 03:52 • www.bleepingcomputer.com
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution vulnerability patched in May. […]
https://www.bleepingcomputer.com/news/security/cisa-microsoft-sharepoint-rce-flaw-now-actively-exploited/ - Opera rolls out Paste Protect feature to fight ClickFix attacks
BleepingComputer • 2026-07-02 03:46 • www.bleepingcomputer.com
Opera has introduced Paste Protect, a security feature designed to block ClickFix-style attacks that trick users into executing malicious commands through social engineering. […]
https://www.bleepingcomputer.com/news/security/opera-rolls-out-paste-protect-feature-to-fight-clickfix-attacks/ - AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
The Hacker News • 2026-07-02 02:13 • thehackernews.com
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent.Its Threat Research Team calls the operator JADEPUFFER and says a large language model handled the whole job: breaking in, stealing credentials, moving deeper into the network, then encrypting and wiping a company’s production database.
Ransomware has always
https://thehackernews.com/2026/07/ai-agent-exploits-langflow-rce-to.html - Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects
Securelist • 2026-07-02 02:00 • securelist.com
Kaspersky Compromise Assessment specialists analyze trends from the service’s 2025 projects and provide tips on how to enhance your organization’s security.
https://securelist.com/compromise-assessment-findings-2025/120542/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
