CYBERSEC

Microsoft: AI Will Make Patch Tuesday Permanently More Demanding

Microsoft EVP Pavan Davuluri confirmed on July 9, 2026 that AI will permanently increase the volume of security updates in each Patch…

Jul 10, 2026views - 1.7k

malware

GigaWiper: The Post-Compromise Malware Masking Three Destructive Intents

GigaWiper is a modular Go backdoor that unifies wiper, fake ransomware, and spyware capabilities. Linked to BLUERABBIT, the platform c…

Jul 09, 2026views - 1.3k

ransomware

LVM: Weeks of Blackout After Ransomware Hits System Unpatched for Two Years

Latvia's state-owned forestry company Latvijas valsts meži (LVM) remains paralyzed weeks after a June 22 ransomware attack. Roughly tw…

Jul 09, 2026views - 1.3k

CYBERSEC

AI-Generated Malware Maps Active Directory: How It Was Caught

On June 3, 2026, Huntress detected an attack using an AI-generated PowerShell script created via vibe coding. Behavioral detection suc…

Jul 09, 2026views - 1.2k

CYBERSECZERO-DAY

Microsoft Patches RoguePlanet: When the Antivirus Becomes the Attack Surface

CVE-2026-50656 enables privilege escalation to SYSTEM via the Microsoft Defender engine. The fix arrives through an automatic engine u…

Jul 09, 2026views - 1.4k

CYBERSEC

AssuranceAmerica: 7 Million Driver's Licenses Exposed, No Credit Monitoring Offered

A single compromised employee account opened access to nearly 7 million driver's license numbers. AssuranceAmerica is not offering cre…

Jul 09, 2026views - 1.3k

ransomware

Hyadina Strikes with GodDamn: Microsoft-Signed Driver Disables EDR in 24 Hours

The Hyadina ransomware-as-a-service group deploys a new locker, GodDamn, using the Microsoft-signed PoisonX kernel driver to neutraliz…

Jul 09, 2026views - 1.9k

CYBERSEC

Verified X Ads Spread Mac Malware and Steal Microsoft 365 Accounts

Active campaigns exploit X's blue verification badge to distribute Mac malware via ClickFix and steal Microsoft 365 OAuth tokens using…

Jul 09, 2026views - 1.8k

ransomware

Mount Royal University Confirms Breach With Double Extortion: Data Theft and Deletion

The CMD Organization ransomware group claimed responsibility for the attack on Mount Royal University, demanding a $1.9 million ransom…

Jul 09, 2026views - 1.7k

agentic

Agentic AI: A Lone Attacker Compromises Enterprise AWS in 72 Hours

Sygnia documents the first operational case of a lone threat actor using AI-assisted workflows to compress an enterprise AWS attack fr…

Jul 08, 2026views - 1.4k

VULNCRITICAL

Lorex 0-Day ZDI-26-399: Root RCE on Wi-Fi Camera, No Patch After 14 Months

The ZDI-26-399 vulnerability exposes Lorex 2K Indoor Wi-Fi Security Cameras to root-level remote code execution from the local network…

Jul 08, 2026views - 1.3k

aiZERO-DAY

Ollama Zero-Day DoS: downloadBlob Bug Puts Local AI Servers at Risk

ZDI has disclosed a zero-day vulnerability in Ollama enabling unauthenticated remote denial-of-service attacks via the downloadBlob fu…

Jul 08, 2026views - 1.5k