Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-11 03:00 PDT
- Wireshark 4.6.7 Released, (Sat, Jul 11th)
SANS ISC Diary (full) • 2026-07-11 02:07 • isc.sans.eduWireshark release 4.6.7 fixes 12 vulnerabilities and 16 bugs.
- 'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets
BleepingComputer • 2026-07-11 02:03 • www.bleepingcomputer.com
A PNG hiding a prompt injection could steal your repo’s secrets, researchers demonstrate. The technique, dubbed ‘Ghostcommit,’ slipped past AI code reviewers CodeRabbit and Bugbot, which never open image files at all, then convinced a coding agent to read a repo’s .env and write every secret into the code as a list of numbers. […]
https://www.bleepingcomputer.com/news/security/ghostcommit-hides-prompt-injection-in-images-to-fool-ai-agents-steal-secrets/ - Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions
The Hacker News • 2026-07-10 23:45 • thehackernews.com
Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution.The vulnerability has been described as a case of stored cross-site scripting (XSS) that could allow specially crafted emails to execute malicious scripts in a user’s session. It has yet to be assigned a CVE identifier.
“The
https://thehackernews.com/2026/07/critical-zimbra-flaw-could-let-crafted_0483473395.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
