Breaking News – Cyber Threats (last 6h)
Generated: 2026-07-14 08:00 PDT
- You Don't Have to Run an Exploit to Know If You're Vulnerable
BleepingComputer • 2026-07-14 07:00 • www.bleepingcomputer.com
Many vulnerabilities cannot be safely validated with live exploits, either because no exploit exists or the affected systems are too critical to test. Picus explains how TTP chaining helps organizations determine exploitability by validating the attack techniques an exploit depends on, without launching the exploit itself. […]
https://www.bleepingcomputer.com/news/security/you-dont-have-to-run-an-exploit-to-know-if-youre-vulnerable/ - RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
The Hacker News • 2026-07-14 06:48 • thehackernews.com
Cybersecurity researchers have disclosed details of two access control-related flaws impacting the RabbitMQ message broker service that could allow attackers to leak OAuth client secrets, expose enterprise messaging infrastructure to takeover risks, and bypass tenant boundaries.Miggo’s security team, which discovered and reported the flaws, said one “leaks the broker’s confidential OAuth
https://thehackernews.com/2026/07/rabbitmq-flaws-could-leak-oauth-secrets.html - Microsoft Entra ID gets passkeys default authentication starting September
BleepingComputer • 2026-07-14 05:49 • www.bleepingcomputer.com
Microsoft has announced that passkeys will become the default authentication method for the Entra ID enterprise identity service starting September 2026. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-entra-id-gets-passkeys-default-authentication-starting-september/ - New phishing kits target Microsoft 365 accounts, evade MFA
BleepingComputer • 2026-07-14 05:49 • www.bleepingcomputer.com
Two new phishing kits, Jalisco and OmegaLord, have been discovered in attacks targeting Microsoft 365 accounts, using techniques that defeat multi-factor authentication (MFA). […]
https://www.bleepingcomputer.com/news/security/new-phishing-kits-target-microsoft-365-accounts-evade-mfa/ - 11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
The Hacker News • 2026-07-14 05:46 • thehackernews.com
Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Secure Boot on most systems using the modern firmware standard.“An attacker exploiting one of these vulnerable applications can execute untrusted code during system boot, enabling deployment of malicious UEFI bootkits or other malware,”
https://thehackernews.com/2026/07/11-old-microsoft-signed-linux-uefi.html - Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks
The Hacker News • 2026-07-14 04:55 • thehackernews.com
Researchers at KU Leuven tested 85 of the most popular crypto wallets that run as browser extensions and found that the wallets themselves leak enough to link and track the people using them.The way these wallets talk to websites and blockchain servers can tie a person’s separate addresses together and let outsiders follow them from site to site. And on a site that already holds a name or
https://thehackernews.com/2026/07/study-of-85-crypto-wallet-extensions.html - SAP warns of critical flaws in NetWeaver and Commerce Cloud
BleepingComputer • 2026-07-14 04:42 • www.bleepingcomputer.com
SAP has addressed 16 vulnerabilities across multiple products as part of its July 2026 security updates, including three critical flaws in NetWeaver, Commerce Cloud, and AppRouter. […]
https://www.bleepingcomputer.com/news/security/sap-warns-of-critical-flaws-in-netweaver-and-commerce-cloud/ - How Pentera Turns AI Security Workflows into Validation Engines
The Hacker News • 2026-07-14 04:30 • thehackernews.com
AI security agents are starting to influence real security decisions. They summarize findings, prioritize remediation, recommend next steps, and help teams move faster. But most still rely on fragmented risk signals: scanner output, severity scores, threat intelligence, configuration findings, and exposure data.That fragmentation matters because attackers do not move through environments one
https://thehackernews.com/2026/07/how-pentera-turns-ai-security-workflows.html - OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
The Hacker News • 2026-07-14 04:21 • thehackernews.com
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry.The activity allows users to enumerate user accounts and validate stolen credentials in Microsoft Entra ID environments, without ever generating a successful sign-in event that would otherwise alert defenders. And bad actors have begun
https://thehackernews.com/2026/07/oauth-client-id-spoofing-lets-attackers.html - Vulnerability in FIFA’s Network
Schneier on Security • 2026-07-14 04:06 • www.schneier.comFIFA’s network was vulnerable to anyone with even minimal access.
https://www.schneier.com/blog/archives/2026/07/vulnerability-in-fifas-network.html
- Microsoft starts testing cleaner Windows Search without ads
BleepingComputer • 2026-07-14 03:47 • www.bleepingcomputer.com
Microsoft is now testing a cleaner and faster version of Windows Search that should prioritize relevant results over ads and promotional content. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-starts-testing-cleaner-windows-search-without-ads/ - US sanctions VPN, malware providers for enabling ransomware attacks
BleepingComputer • 2026-07-14 02:40 • www.bleepingcomputer.com
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. organizations. […]
https://www.bleepingcomputer.com/news/security/us-sanctions-vpn-malware-providers-linked-to-ransomware-gangs/ - Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
The Hacker News • 2026-07-14 02:02 • thehackernews.com
xAI’s Grok Build coding CLI was uploading entire Git repositories, full commit history and all, to a Google Cloud Storage bucket run by xAI, not just the files a coding task needed.A researcher publishing as cereblab, testing version 0.2.93, captured one of those uploads, cloned the git bundle out of the intercepted request, and pulled back a file the agent had been told in plain terms not
https://thehackernews.com/2026/07/grok-build-uploads-entire-git.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
