Categories Breaking News

Breaking News – Cyber Threats – 2026-07-17 17:00 PDT

Breaking News – Cyber Threats (last 6h)

Generated: 2026-07-17 17:00 PDT

  • Google’s Gemini lets strangers send messages from your locked Android phone
    Graham Cluley • 2026-07-17 15:30 • www.bitdefender.com
    Gemini, Google’s AI assistant, is supposed to make life easier for Android smartphone owners. But right now it may also be making life easier for anyone anyone who happens to pick up your phone.

    Read more in my article on the Hot for Security blog.
    https://www.bitdefender.com/en-us/blog/hotforsecurity/googles-gemini-strangers-messages-locked-android-phone

  • New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code
    The Hacker News • 2026-07-17 14:20 • thehackernews.com
    An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install with zero plugins is exploitable.

    Every 6.9 and 7.0 site was in range until Friday, when WordPress shipped 6.9.5 and 7.0.2 and enabled what it calls forced updates through its auto-update system.

    Adam Kues at Assetnote, Searchlight Cyber’s attack surface management arm, found the flaw and reported
    https://thehackernews.com/2026/07/new-wp2shell-wordpress-core-flaw-lets.html

  • Friday Squid Blogging: Squid Washing Up on Cape Cod Beach
    Schneier on Security • 2026-07-17 14:01 • www.schneier.com

    Lots of articles about this.

    As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

    Blog moderation po…
    https://www.schneier.com/blog/archives/2026/07/friday-squid-blogging-squid-washing-up-on-cape-cod-beach.html

  • Abbott probes two cyber incidents amid extortion claims
    BleepingComputer • 2026-07-17 13:45 • www.bleepingcomputer.com
    Abbott Laboratories is investigating two separate cybersecurity incidents after confirming unauthorized access to internal legacy Exact Sciences systems in its Cancer Diagnostics business, while also investigating a separate claim that attackers breached its LabCentral portal and stole company data. […]
    https://www.bleepingcomputer.com/news/security/abbott-laboratories-probes-two-cyber-incidents-amid-extortion-claims/
  • OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests
    The Hacker News • 2026-07-17 13:20 • thehackernews.com
    Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts.

    OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry pointing at it. Okta’s Red Team, which reported the denial-of-service bug and named it, published the
    https://thehackernews.com/2026/07/openssl-hollowbyte-flaw-could-freeze.html

  • Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT
    The Hacker News • 2026-07-17 11:54 • thehackernews.com
    Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack.

    The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil, which was observed using an “unprecedented” four-tier blockchain-based command-and-control (C2) infrastructure spanning Tron,
    https://thehackernews.com/2026/07/seven-malicious-vite-npm-packages-use.html

Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.

Written By

More From Author

You May Also Like