2026-07-16
Escape DAST
Best GraphQL security tools in 2026: An in-depth guide, including business logic and enterprise coverage
Palo Alto Networks
Announcing the General Availability of Prisma AIRS AI Gateway
Schneier on Security
Protecting Privacy in an AI Era
Palo Alto Networks
Palo Alto Networks and AT&T - Delivering Quantum-Resilient SASE Fabric
Malwarebytes
The backlash against Flock cameras is spreading
MIT Technology Review
The Download: OpenAI unveils GPT-Red and heat pumps rise in the US
CISA Alerts & Advisories
Siemens SICAM 8
CISA Alerts & Advisories
Rockwell Automation FactoryTalk DataMosaix
CISA Alerts & Advisories
Rockwell Automation Flex 5000 Adapter
CISA Alerts & Advisories
Rockwell Automation CompactLogix, ControlLogix, Compact GuardLogix and GuardLogix
CISA Alerts & Advisories
SALTO ProAccess Space
CISA Alerts & Advisories
Rockwell Automation 1756-EN2, 1756-EN3, and 1756-ENBT
CISA Alerts & Advisories
AutomationDirect Productivity Suite
CISA Alerts & Advisories
NASA Core Flight System (cFS) Health & Safety (HS) Application
CISA Alerts & Advisories
Rockwell Automation Arena
Talos Intelligence
The Hunter's Paradox: Is it time to embrace automated threat hunting?
Talos Intelligence
UAT-11795 deploys novel Starland RAT and bespoke WLDR C2 implant in financially motivated campaign
MIT Technology Review
Why heat pumps are still so hot in the US
Malwarebytes
Samsung backs down on threat to delete health data
Hunt and Hackett
The greatest cyber risk lies in what organizations cannot see
Dark Reading
Police Disrupt a €140M Cyber Fraud Ring in Spain
TrustedSec
CMMC is (Not) Cancelled
Microsoft Security
Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery
Step Security
Coordinated AsyncAPI Supply Chain Attack: Miasma RAT Delivered via Compromised CI/CD Pipelines in Two Repositories
Step Security
Runtime Security for Third-Party GitHub Actions Runners: Bitrise, Blacksmith, Depot, Namespace, and Warp
Okta Security
OpenSSL HollowByte: A DoS Hiding in 11 Bytes
Elastic Security Labs
TELEPUZ: a modular MaaS malware spreading via CLICKFIX-VIDAR chains
2026-07-15
Dark Reading
Forgotten Bootloaders Expose Secure Boot Blind Spot
Ars Technica Security
Windows 0-day drops the same day Microsoft releases record number of patches
MIT Technology Review
Meet GPT-Red: an LLM super-hacker OpenAI built to make its models safer
Microsoft Security
Turning threat intelligence into decisive action with Defender Experts
Black Hills Info Sec
KAPE 101: A Kroll Artifact Parser and Extractor Cheatsheet
MIT Technology Review
The Download: a useful quantum machine and a record-breaking subsea tunnel
CISA Alerts & Advisories
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Alerts & Advisories
Establishing a Coordinated Vulnerability Disclosure Program to Work With Security Researchers
Schneier on Security
A Video Screen That Is Also a Camera
Searchlight Cyber
July 14th – This Week’s Top Cybersecurity and Dark Web Stories
Amazon Security
ICYMI: June 2026 @AWS Security
Troy Hunt
Weekly Update 512: IoT Lockout Fail
Teleport Blog
The Room Where V2 Happens
Hacktron
Breaking Into PostHog Prod Database
2026-07-14
Ars Technica Security
Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
Rapid7
Patch Tuesday - July 2026
Talos Intelligence
Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities
Dark Reading
6 GHz Wi-Fi Flaws Could Disrupt Critical Systems
Krebs on Security
Microsoft Patches a Record 570 Security Flaws
Zero Day Initiative
The July 2026 Security Update Review
Dark Reading
Manage Vendor Risk in a Few Practical Steps
Schneier on Security
Upcoming Speaking Engagements
The Citizen Lab
Canada’s Electronic Spy Agency Conducted Cyberattacks on Criminals Brokering Fentanyl Ingredients, Report Says
Cloudflare
A broken DNSSEC rollover took down .al. Now 1.1.1.1 tells you when validation is bypassed
Bishop Fox Security
Introducing snowpick: Testing ServiceNow for Public Data Exposure
MIT Technology Review
The Download: Claude’s inner workings, and the future of world models
CISA Alerts & Advisories
ABB Advant Master Online Builder
CISA Alerts & Advisories
CISA Urges SharePoint Hardening After New Exploitations
CISA Alerts & Advisories
ABB T-MAC Plus
CISA Alerts & Advisories
ABB Ability Edgenius
CISA Alerts & Advisories
Rockwell Automation 1715-AENTR EtherNet/IP Adapter
CISA Alerts & Advisories
CISA Adds Four Known Exploited Vulnerabilities to Catalog
Schneier on Security
Vulnerability in FIFA’s Network
Talos Intelligence
[Video] Where protection starts: Cisco Talos Intelligence Integrations
Talos Intelligence
The serpent’s tongue: Luring the Python out of its den
Malwarebytes
The inside job that cost ransomware victims millions
MIT Technology Review
PsiQuantum has a plan to make a massive quantum computer out of light
ISC SANS
ISC Stormcast For Tuesday, July 14th, 2026 https://isc.sans.edu/podcastdetail/10006, (Tue, Jul 14th)
Infernux Blog
Configuring Sentinel Protected Tables
Fastly
MoQ in the Fast Lane
Hacktron
Watching GPT-5.6 Sol Ultra Write a Chrome Exploit: Exploit Development as We Know It Is Dead
2026-07-13
Microsoft Security
Defending SaaS-based applications against ShinyHunters OAuth abuse
Dark Reading
Weak Security Continues to Fuel Russian Cyberattacks
Ars Technica Security
The US government warns that Russia state hackers are coming after your router
MIT Technology Review
What Anthropic’s latest AI discovery does—and doesn’t—show
Microsoft Security
Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID
Ars Technica Security
Now, defenders are embracing the prompt injection, too
Krebs on Security
Lessons Learned from CISA’s Recent GitHub Leak
Amazon Security
New compliance guidance available: HITRUST i1 on AWS
MIT Technology Review
The Download: a donor conception cap and world models for AI
CISA Alerts & Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
CISA Alerts & Advisories
Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting
Schneier on Security
AI Data Centers and the Concentration of Wealth
Malwarebytes
A week in security (July 6 – July 12)
ISC SANS
ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)
Rosecurify
Seclog - #186
2026-07-10
Schneier on Security
Friday Squid Blogging: “Squidbleed” Vulnerability
Microsoft Security
Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative
ISC SANS
My Stack Simulator, (Wed, Jul 8th)
Dark Reading
Fresh ATM Crypto Software Bugs: Jackpot or Bust?
Zero Day Initiative
CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys
Dark Reading
More Countries Jump on the Social Media 'Ban Wagon'
MIT Technology Review
The Download: Claude’s inner workings and OpenAI’s “super app”
CISA Alerts & Advisories
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Malwarebytes
How mule betting scams recruit ordinary people
Schneier on Security
AI Surveillance and Social Progress
MIT Technology Review
Sperm donors need limits, says a European fertility group
2026-07-09
Amazon Security
Introducing OAuth Support for AWS MCP Server
Ars Technica Security
Patch for Windows Defender 0-day could allow attackers to fill hard disk
Dark Reading
Microsoft Reins in RoguePlanet Zero-Day Threat
Talos Intelligence
WolfSSL, GeoVision, VTK vulnerabilities
Talos Intelligence
Winning 54% of the time