Updated Hourly

Tech Intelligence

Cybersecurity news, vulnerability advisories, and technology insights — curated from the world's leading security sources.

The Hacker NewsBleepingComputerKrebs on SecuritySANS ISCDark Reading
BCJul 10, 2026

Ryuk ransomware member pleads guilty in the US, faces 15 years in prison

A 34-year-old Armenian man has pleaded guilty to hacking U.S. companies and deploying the infamous Ryuk ransomware to encrypt their systems. [...]…

Read on BleepingComputer
DRJul 10, 2026

Cybercriminals Flock to Healthcare Businesses as Attacks Surge

While cyberattacks against hospitals and clinics grew modestly in the first half of 2026, attacks on service providers and other healthcare businesses more than doubled.…

Read on Dark Reading
BCJul 10, 2026

Police suspects Dutch hackers were involved in Odido breach

The Dutch National Police (Politie) says it has found "strong indications" that Dutch hackers have been involved in a February breach at the telecommunications provider Odido. [...]…

Read on BleepingComputer
THNJul 10, 2026

URGENT - Progress Tells ShareFile Customers to Shut Down Storage Zone Controllers Over Security Threat

Progress Software has told ShareFile customers to shut down the Windows servers running their Storage Zone Controllers, confirming to The Hacker News that it is responding to a "credible external security threat." The co…

Read on The Hacker News
THNJul 10, 2026

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages

Unknown threat actors compromised the Injective Labs SDK project's GitHub repository and leveraged it to publish a malicious package on the npm registry to steal cryptocurrency wallet private keys and mnemonic seed phras…

Read on The Hacker News
BCJul 10, 2026

Progress urges ShareFile admins to shut down servers over “credible” threat

Progress Software is emailing ShareFile customers who use Storage Zone Controllers to immediately shut down their servers after identifying what it describes as a "credible external security threat" targeting the on-prem…

Read on BleepingComputer
THNJul 10, 2026

Six New U-Boot Flaws Could Let Malicious Images Crash Devices or Run Code at Boot

Researchers at firmware security firm Binarly have found six new flaws in U-Boot, the small program that starts up hardware as varied as home routers, smart cameras, and the management chips inside data-center servers. F…

Read on The Hacker News
SANSJul 10, 2026

My Stack Simulator, (Wed, Jul 8th)

The stack is a memory region where a program stores temporary data -&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xc2&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xa0&#x3b;like local variables and return addresses. Think of the stack as a pil…

Read on SANS ISC
BCJul 10, 2026

Hackers exploit critical auth bypass in Gitea Docker image

Hackers are actively exploiting a critical vulnerability in the official Docker image for the Gitea self-hosted Git service that allows attackers to impersonate any user, including administrators. [...]…

Read on BleepingComputer
BCJul 10, 2026

Money launderer accused of stealing seized crypto while in prison

A Bulgarian national has been charged with stealing $290,000 in government-seized cryptocurrency while serving 121 months in prison for helping launder millions stolen from American fraud victims. [...]…

Read on BleepingComputer
THNJul 10, 2026

Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card's password to anything the attacker picks. No old passw…

Read on The Hacker News
THNJul 10, 2026

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitr…

Read on The Hacker News
BCJul 10, 2026

The Replicant in Your Directory: AI Agents and the Identity Security Gap

AI agents are accelerating the growth of non-human identities, making it harder for organizations to understand what exists, who owns it, and what it can access. Netwrix explains why stronger visibility and identity gove…

Read on BleepingComputer
DRJul 10, 2026

Fresh ATM Crypto Software Bugs: Jackpot or Bust?

Organizations, and possibly ATMs, are at risk of compromise, thanks to holes in a Microsoft BitLocker security wrapper.…

Read on Dark Reading
DRJul 10, 2026

More Countries Jump on the Social Media 'Ban Wagon'

Age restrictions on accounts may be more of a stopgap because industry compliance is already falling short. Tech giants are struggling to follow the laws without affecting users.…

Read on Dark Reading
THNJul 10, 2026

New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic

The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON. Chinese cybersecurity company QiAnXin said that while the threat cluster may appe…

Read on The Hacker News
DRJul 10, 2026

AI Coding: Do Security Risks Outweigh Productivity Gains?

AI coding tools cost $19-$200/month/user, but security scanning, remediation, and false positives add hidden costs. Are the productivity gains worth it?…

Read on Dark Reading
THNJul 10, 2026

Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers

A single wrong variable on one line in XQUIC, Alibaba's QUIC and HTTP/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch. FoxIO researcher Sébastien Féry …

Read on The Hacker News
BCJul 10, 2026

Zimbra urges customers to patch critical web client XSS flaw

The Zimbra security team urged customers to patch a critical vulnerability affecting the Classic Web Client used to access the Zimbra Collaboration suite. [...]…

Read on BleepingComputer
THNJul 10, 2026

From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale

Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600 security leaders in the 2026 Axonius Actionability Report, only 45% of organiz…

Read on The Hacker News
THNJul 10, 2026

Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites

A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and target lists naming more than 1.4 million …

Read on The Hacker News
THNJul 10, 2026

Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking

Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure.…

Read on The Hacker News
THNJul 10, 2026

Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access

A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to carry out data extortion atta…

Read on The Hacker News
SANSJul 10, 2026

"Comment stuffing" in an HTML phishing attachment as a mechanism for evading AI-based detection?, (Fri, Jul 10th)

Anyone who deals with phishing messages caught by basic security filters knows that most phishing samples tend to blend into one another, since only a small set of techniques and approaches keeps reappearing in them. Tha…

Read on SANS ISC
THNJul 10, 2026

Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. …

Read on The Hacker News
BCJul 10, 2026

Former ransomware negotiator gets 4 years for BlackCat attacks

A former employee of cybersecurity incident response company DigitalMint was sentenced to 70 months in prison for targeting U.S. companies in BlackCat (ALPHV) ransomware attacks. [...]…

Read on BleepingComputer
SANSJul 10, 2026

ISC Stormcast For Friday, July 10th, 2026 https://isc.sans.edu/podcastdetail/10002, (Fri, Jul 10th)

Read on SANS ISC
BCJul 9, 2026

OpenMandriva Linux says contributor tried to sabotage the project

The OpenMandriva Linux project announced that it was the target of an attempted act of internal sabotage after a dispute among contributors. [...]…

Read on BleepingComputer
DRJul 9, 2026

Iran's Cyber Crosshairs Focus Beyond Critical Infrastructure

Obscurity isn't a defense. If your company has any Internet-facing vulnerability, you're at risk from multiple threats.…

Read on Dark Reading
DRJul 9, 2026

Microsoft Reins in RoguePlanet Zero-Day Threat

The researcher known as Nightmare-Eclipse published a proof-of-concept (PoC) exploit for the Windows Defender vulnerability in early June after dropping several other Microsoft zero-days.…

Read on Dark Reading
BCJul 9, 2026

Injective SDK on npm infected with cryptocurrency wallet stealer

Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manager (npm) that stole cryptocurrency wallet private keys and mnemonic seed phrases.…

Read on BleepingComputer
DRJul 9, 2026

AI Agents Are a New Kind of Identity — and Most Organizations Aren't Ready

If you're handling AI agents like a service account or API token, consider yourself behind. AI agents need a fundamentally different approach.…

Read on Dark Reading
BCJul 9, 2026

New Helix vishing group emerges in SharePoint data theft attacks

A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code phishing, and multi-factor authentication (MFA) abuse to steal data from SharePoint environments. [.…

Read on BleepingComputer
BCJul 9, 2026

Microsoft expects more Windows security updates from AI-discovered flaws

Microsoft says Windows users should expect to see an increase in security updates as the company increasingly relies on artificial intelligence to discover vulnerabilities in its codebase. [...]…

Read on BleepingComputer
DRJul 9, 2026

As Global Conflicts Go Digital, Businesses Need Wartime Game Plans

The fate of a Ukrainian tax software company shows how modern cyber warfare can claim casualties far beyond the battlefield, and how businesses across the ocean still need to protect themselves.…

Read on Dark Reading
SANSJul 9, 2026

ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)

Read on SANS ISC
SANSJul 9, 2026

_HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)

[This is a Guest Diary by Jason Callahan, an ISC intern as part of the SANS.edu BACS program]
…

Read on SANS ISC
KrebsJul 8, 2026

Felons, Fraudsters Flog Offensive Cybersecurity Startup

A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures inc…

Read on Krebs on Security
SANSJul 8, 2026

ISC Stormcast For Wednesday, July 8th, 2026 https://isc.sans.edu/podcastdetail/9998, (Wed, Jul 8th)

Read on SANS ISC
SANSJul 7, 2026

More Odd DNS Records: NIMLOC, (Tue, Jul 7th)

Yesterday, I talked about NAPTR records and how they are related to RCS. But there is another "odd" record that shows up in my DNS logs. This one isn&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;t new, but I don&&#x23&#x3b;x26…

Read on SANS ISC
SANSJul 7, 2026

ISC Stormcast For Tuesday, July 7th, 2026 https://isc.sans.edu/podcastdetail/9996, (Tue, Jul 7th)

Read on SANS ISC
KrebsJul 2, 2026

FBI Seizes NetNut Proxy Platform, Popa Botnet

The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli com…

Read on Krebs on Security
KrebsJun 23, 2026

Scattered Spider Hackers Plead Guilty on Day 1 of Trial

Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Great…

Read on Krebs on Security
KrebsJun 18, 2026

‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm

For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. Thi…

Read on Krebs on Security
KrebsJun 10, 2026

Who Runs the Ransomware Group ‘The Gentlemen?’

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affi…

Read on Krebs on Security
KrebsJun 9, 2026

A Record-Breaking Patch Tuesday for June 2026

Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly thre…

Read on Krebs on Security
KrebsJun 1, 2026

Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on T…

Read on Krebs on Security
KrebsMay 25, 2026

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campa…

Read on Krebs on Security
KrebsMay 22, 2026

Lawmakers Demand Answers as CISA Tries to Contain Data Leak

Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published …

Read on Krebs on Security
KrebsMay 21, 2026

Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada

Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of mass…

Read on Krebs on Security