Daily briefs
DAILY BRIEFS
Top stories as punchy one-liners—designed to scan in seconds.
Last updated
7/8/2026, 7:15:43 PM
- 01FortiBleed: Large-scale credential reuse and brute-force attacks target internet-exposed FortiGate devices1h agoQualys Threat ResearchIdentity & Access
- 02AI coding agents are triggering endpoint security rules designed to catch attackers.2h agoThe Hacker NewsThreat Intelligence
- 03Pink extortion gang targets Microsoft 365 users with Entra passkey enrollment vishing campaigns.2h agoBleepingComputerIdentity & Access
- 04Vidar infostealer targets SMBs via malvertising campaign using pirated software lures.2h agoDark ReadingMalware
- 05Accenture confirms data breach after hacker claims theft of source code and Azure keys.3h agoSecurityWeekBreaches
- 06China-linked APT UAT-7810 expands SOHO router malware with new LongLeash, DogLeash, and JarLeash backdoors.3h agoSecurityWeekThreat Intelligence
- 07HalluSquatting attack exploits AI coding assistants' hallucinations to deliver botnet malware via fake package names.4h agoThe Hacker NewsAI Security
- 08Ubiquiti patches critical UniFi flaws across multiple products, including Connect, Talk, Access, Protect, and OS.4h agoThe Hacker NewsVulnerabilities
- 09New APT group Armored Likho targets government and energy sectors with BusySnake Stealer.4h agoHackreadNation-state
- 10AI enhances service desk impersonation attacks through convincing personalization and scalability.5h agoBleepingComputerAI Security
- 11New 'ghost phishing' campaign uses encrypted pages to bypass email security.6h agoThe Hacker NewsThreat Intelligence
- 12SCMBANKER malware targets Mexican banks with fake CAPTCHA lures and LLM-generated tools.6h agoThe Hacker NewsMalware
- 13Cybersecurity startup IRIS C2, run by convicted felons, offers millions for zero-day exploits.6h agoKrebs on SecurityThreat Intelligence
- 14Google Dialogflow CX 'Rogue Agent' vulnerability allowed attackers to hijack AI conversations and exfiltrate data7h agoSecurityWeekVulnerabilities
- 15China-linked UNK_MassTraction targets US/Canadian universities via Roundcube flaws.7h agoHackreadNation-state
- 16GitHub 'Verified' commits can be rewritten with new hashes without breaking signatures.7h agoThe Hacker NewsVulnerabilities
- 17EU court orders Commission to pay €400 for data transfer to US.7h agoGDPRHubPolicy
- 18EDPB adopts guidelines on anonymisation, web scraping for generative AI, and blockchain.7h agoEuropean Data Protection Board (EDPB)Policy
- 19Account takeover attacks shift to verification flows as passkeys harden primary login.7h agoThe Hacker NewsIdentity & Access
- 20KDDI reports data breach exposing over 12 million customer emails and passwords.7h agoBleepingComputerBreaches