Daily briefs
DAILY BRIEFS
Top stories as punchy one-liners—designed to scan in seconds.
Last updated
7/8/2026, 6:20:49 PM
- 01FortiBleed: Large-scale credential reuse and brute-force attacks target internet-exposed FortiGate devices42m agoQualys Threat ResearchIdentity & Access
- 02AI coding agents are triggering endpoint security rules designed to catch attackers.1h agoThe Hacker NewsThreat Intelligence
- 03Pink extortion gang targets Microsoft 365 users with Entra passkey enrollment vishing campaigns.1h agoBleepingComputerIdentity & Access
- 04Vidar infostealer targets SMBs via malvertising campaign using pirated software lures.1h agoDark ReadingMalware
- 05Accenture confirms data breach after hacker claims theft of source code and Azure keys.2h agoSecurityWeekBreaches
- 06China-linked APT UAT-7810 expands SOHO router malware with new LongLeash, DogLeash, and JarLeash backdoors.2h agoSecurityWeekThreat Intelligence
- 07HalluSquatting attack exploits AI coding assistants' hallucinations to deliver botnet malware via fake package names.3h agoThe Hacker NewsAI Security
- 08Ubiquiti patches critical UniFi flaws across multiple products, including Connect, Talk, Access, Protect, and OS.3h agoThe Hacker NewsVulnerabilities
- 09New APT group Armored Likho targets government and energy sectors with BusySnake Stealer.3h agoHackreadNation-state
- 10AI enhances service desk impersonation attacks through convincing personalization and scalability.4h agoBleepingComputerAI Security
- 11New 'ghost phishing' campaign uses encrypted pages to bypass email security.5h agoThe Hacker NewsThreat Intelligence
- 12SCMBANKER malware targets Mexican banks with fake CAPTCHA lures and LLM-generated tools.5h agoThe Hacker NewsMalware
- 13Cybersecurity startup IRIS C2, run by convicted felons, offers millions for zero-day exploits.5h agoKrebs on SecurityThreat Intelligence
- 14Google Dialogflow CX 'Rogue Agent' vulnerability allowed attackers to hijack AI conversations and exfiltrate data6h agoSecurityWeekVulnerabilities
- 15China-linked UNK_MassTraction targets US/Canadian universities via Roundcube flaws.6h agoHackreadNation-state
- 16GitHub 'Verified' commits can be rewritten with new hashes without breaking signatures.6h agoThe Hacker NewsVulnerabilities
- 17EU court orders Commission to pay €400 for data transfer to US.6h agoGDPRHubPolicy
- 18EDPB adopts guidelines on anonymisation, web scraping for generative AI, and blockchain.6h agoEuropean Data Protection Board (EDPB)Policy
- 19Account takeover attacks shift to verification flows as passkeys harden primary login.6h agoThe Hacker NewsIdentity & Access
- 20KDDI reports data breach exposing over 12 million customer emails and passwords.6h agoBleepingComputerBreaches