Categories Breaking News

Breaking News – Cyber Threats – 2026-07-06 13:00 PDT

Breaking News – Cyber Threats (last 6h)

Generated: 2026-07-06 13:00 PDT

  • Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
    The Hacker News • 2026-07-06 11:34 • thehackernews.com
    An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations.

    The activity, which has primarily singled out IT providers and government sectors, has been attributed to a threat cluster tracked by Check Point Research
    https://thehackernews.com/2026/07/iran-linked-hackers-use-new-cavern-c2.html

  • Vietnam arrests suspects behind HiAnime anime piracy service
    BleepingComputer • 2026-07-06 11:25 • www.bleepingcomputer.com
    ​Vietnamese authorities have arrested and are prosecuting seven suspects believed to have run HiAnime, the largest anime piracy streaming service before its shutdown in June. […]
    https://www.bleepingcomputer.com/news/security/vietnam-arrests-suspects-behind-hianime-anime-piracy-service/
  • 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
    The Hacker News • 2026-07-06 10:37 • thehackernews.com
    A use-after-free bug in Linux’s KVM hypervisor can be triggered from a guest virtual machine to corrupt the shadow-page state of the host kernel that runs it.

    Dubbed ‘Januscape’ and tracked as CVE-2026-53359, the flaw sits in the shadow MMU code that KVM shares across both Intel and AMD. The public proof-of-concept panics the host; the researcher claims that a separate, unreleased exploit
    https://thehackernews.com/2026/07/16-year-old-linux-kvm-flaw-lets-guest.html

  • Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure
    The Hacker News • 2026-07-06 09:28 • thehackernews.com
    Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig.

    The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform trusting the “X-WEBAUTH-USER” header from any source IP address, effectively allowing an unauthenticated internet client to get elevated
    https://thehackernews.com/2026/07/threat-actors-probe-gitea-docker-flaw.html

  • Software Is Now Written at the Speed of Thought. Security Isn't.
    BleepingComputer • 2026-07-06 07:00 • www.bleepingcomputer.com
    Every evolution in software development has reduced the friction between an idea and a deployable application. AI may remove the final barrier, but it also removes many of the moments where security decisions have traditionally taken place. […]
    https://www.bleepingcomputer.com/news/security/software-is-now-written-at-the-speed-of-thought-security-isnt/

Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.

Written By

More From Author

You May Also Like