2026-07-09
Github Security Blog
How GitHub gave every repository a durable owner
Microsoft Security
GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
Hybrid Analysis Blog
Suspected Russian Threat Actor Impersonates Legitimate Crypto Wallets to Deploy Remote Utilities
Dark Reading
AI Gateways Offer Attackers the Keys to the Kingdom
Eclypsium
The Two BIOS Passwords Everyone Confuses
MIT Technology Review
The Download: a nuclear landmark, and China eyes Nvidia chips
CISA Alerts & Advisories
OpenPLC v3
CISA Alerts & Advisories
Schneider Electric Easergy MiCOM Px40 Series
CISA Alerts & Advisories
Schneider Electric PowerChute Serial Shutdown
Malwarebytes
Microsoft fixes RoguePlanet zero-day in Defender
Schneier on Security
The Language of AI Could Change How Humans Speak
Sicuranext Blog
Why the HTTP QUERY Method Is a Good Idea but Accept-Query Is Not
Sicuranext Blog
Why the HTTP QUERY Method Is a Good Idea but Accept-Query Is Not
MIT Technology Review
Four nuclear reactors hit a big milestone in the US
TrustedSec
Vulnify: Giving Your Agents a CVE Brain
ISC SANS
ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)
2026-07-08
Dark Reading
Mexico's New Cyber Plan Faces Its First Real Test
Ars Technica Security
Google pays $250K for Linux vulnerability allowing guest VM escapes
Amazon Security
Designing for the inevitable: System prompt leakage and mitigations in generative AI applications
Microsoft Security
Protecting Microsoft at AI speed: How SFI proactively hardens our cloud
MIT Technology Review
EmTech AI 2026: The Rise of the AI Platform
Black Lantern Security
BBOT 3.0
Amazon Security
The CISO’s guide to post-quantum mandates and migrations
Black Hills Info Sec
Finding the “Goldilocks” Zone: A Practical Approach to Alert Triage
Bishop Fox Security
Cracking Firmware with Claude: Senior-Level Skill, Junior-Level Autonomy
Krebs on Security
Felons, Fraudsters Flog Offensive Cybersecurity Startup
Malwarebytes
Your next car could be watching your face
MIT Technology Review
The Download: worms fight pollution, and geoengineering faces reality
Sicuranext Blog
Protect Your WordPress Using Claude Code and Karna
Sicuranext Blog
Protect Your WordPress Using Claude Code and Karna
Searchlight Cyber
July 7th – This Week’s Top Cybersecurity and Dark Web Stories
Schneier on Security
Cybersecurity and the Gap Between Skill and Ability
Trail of Bits
Mutation testing comes to DAML
Escape DAST
Product Updates: Quick fix issues by prompting your agents and follow a live tree of agents in your pentest
ISC SANS
My Stack Simulator, (Wed, Jul 8th)
Ars Technica Security
Hackers can use 9 of the most popular AI tools to assemble massive botnets
DarkRelay
Nmap for Pentester: Host Discovery Guide
Arch Cloud Labs
Kexec & Btrfs Subvolumes for Kernel Testing
ISC SANS
ISC Stormcast For Wednesday, July 8th, 2026 https://isc.sans.edu/podcastdetail/9998, (Wed, Jul 8th)
Elastic Security Labs
ClickFix to Cash-Out: Anatomy of a Mexican Banking-Fraud Toolkit
Teleport Blog
When AI Agents Call AWS, Who Does AWS Think They Are?
2026-07-07
Palo Alto Networks
What It Takes to Secure Claude Cowork Across the AI Enterprise
Amazon Security
Enforce zero data retention on Amazon Bedrock with Bedrock Projects and service control policies
Jericho
CISA KEV’s Revolving Door
Red Siege InfoSec Blog
Improving Your Simple Windows Domain for Offensive Testing: Elastic Defend EDR
MIT Technology Review
The Download: your stake in OpenAI, and the Treasury’s AI warning
CISA Alerts & Advisories
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Alerts & Advisories
Siemens SINEC OS
CISA Alerts & Advisories
Hydro-Québec Le Circuit Electrique charging station backend
CISA Alerts & Advisories
Labcenter Proteus 9
CISA Alerts & Advisories
Hitachi Energy e-mesh EMS
CISA Alerts & Advisories
Digi International PortServer TS, Digi One SP IA
CISA Alerts & Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Alerts & Advisories
Hitachi Energy PROMOD V
CISA Alerts & Advisories
Siemens Mendix Studio Pro
MIT Technology Review
The foundational elements of AI architecture that IT leaders need to scale
Schneier on Security
Google Is Suing Chinese Scammers Who Are Using Gemini
Talos Intelligence
UAT-7810 continues building ORB networks using new malware
MIT Technology Review
Why worms (and microbes) are catching on as a manure pollution solution
Escape DAST
Introducing Escape's Partner Program
Malwarebytes
Scammers are using AI to sell impossible flowers
NVISO Labs
Reducing Microsoft Sentinel Costs Without Compromising Detection – Part 2: The Firewall Quest
Compass Security Blog
Cyber Resilience Act – Part II
TrustedSec
Welcoming ObfusGit
ISC SANS
ISC Stormcast For Tuesday, July 7th, 2026 https://isc.sans.edu/podcastdetail/9996, (Tue, Jul 7th)
Fastly
Fastly recognized as a Gartner® Peer Insights™ Customers' Choice for Edge Distribution Platforms
Rosecurify
Seclog - #185
2026-07-06
White Knight Labs
Introduction to Tokenizers in LLMs
MIT Technology Review
Your family’s $300 stake in OpenAI
Malwarebytes
How to tell if an image is AI-generated
Microsoft Security
5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management
RME-DisCo Research Group
Inferring Network Protocols from Traffic with MARISSA
MIT Technology Review
The Download: South Korea’s hottest bachelors, and advancing eye transplants
Malwarebytes
Choose your WhatsApp username carefully
ISC SANS
ISC Stormcast For Monday, July 6th, 2026 https://isc.sans.edu/podcastdetail/9994, (Mon, Jul 6th)
Palo Alto Networks
It Might Feel Like We’ve Been Here Before, But We Haven’t
Schneier on Security
France to Stop Certifying Non-Quantum-Safe Encryption
MIT Technology Review
South Korea’s hottest new bachelors are chip workers
Malwarebytes
A week in security (June 29 – July 5)
2026-07-04
Project Black
HestiaCP Admin Takeover & RCE
Project Black
CREST ANZ vs CREST International
2026-07-03
Rapid7
Weekly Metasploit Update: Modules for SMB-to-Meterpreter, Peyara Remote Mouse RCE exploit, and more
Jericho
F5 Contributes to KEV Confusion
Searchlight Cyber
Why Preemptive Cybersecurity Matters
Schneier on Security
Flock Cameras Can Surveil Cars Without License Plates
2026-07-02
Step Security
10 Layers Deep: How StepSecurity Stops TeamPCP's Trivy Supply Chain Attack on GitHub Actions
Ars Technica Security
Newly discovered PamStealer isn't your typical macOS malware
Krebs on Security
FBI Seizes NetNut Proxy Platform, Popa Botnet
Talos Intelligence
Catan and Mouse
watchTowr Labs
It’s 37oC, And All We Can Think About Is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza)