2026-07-16
Elastic Security Labs
TELEPUZ: a modular MaaS malware spreading via CLICKFIX-VIDAR chains
2026-07-15
MIT Technology Review
Meet GPT-Red: an LLM super-hacker OpenAI built to make its models safer
Microsoft Security
Turning threat intelligence into decisive action with Defender Experts
Black Hills Info Sec
KAPE 101: A Kroll Artifact Parser and Extractor Cheatsheet
MIT Technology Review
The Download: a useful quantum machine and a record-breaking subsea tunnel
CISA Alerts & Advisories
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Alerts & Advisories
Establishing a Coordinated Vulnerability Disclosure Program to Work With Security Researchers
Schneier on Security
A Video Screen That Is Also a Camera
Searchlight Cyber
July 14th – This Week’s Top Cybersecurity and Dark Web Stories
Amazon Security
ICYMI: June 2026 @AWS Security
Troy Hunt
Weekly Update 512: IoT Lockout Fail
2026-07-14
Ars Technica Security
Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
Rapid7
Patch Tuesday - July 2026
Step Security
Coordinated AsyncAPI Supply Chain Attack: Miasma RAT Delivered via Compromised CI/CD Pipelines in Two Repositories
Talos Intelligence
Microsoft Patch Tuesday for July 2026 — Snort rules and prominent vulnerabilities
Dark Reading
6 GHz Wi-Fi Flaws Could Disrupt Critical Systems
Krebs on Security
Microsoft Patches a Record 570 Security Flaws
Zero Day Initiative
The July 2026 Security Update Review
Dark Reading
Manage Vendor Risk in a Few Practical Steps
Schneier on Security
Upcoming Speaking Engagements
The Citizen Lab
Canada’s Electronic Spy Agency Conducted Cyberattacks on Criminals Brokering Fentanyl Ingredients, Report Says
Bishop Fox Security
Introducing snowpick: Testing ServiceNow for Public Data Exposure
Cloudflare
A broken DNSSEC rollover took down .al. Now 1.1.1.1 tells you when validation is bypassed
MIT Technology Review
The Download: Claude’s inner workings, and the future of world models
CISA Alerts & Advisories
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Alerts & Advisories
CISA Urges SharePoint Hardening After New Exploitations
CISA Alerts & Advisories
Rockwell Automation 1715-AENTR EtherNet/IP Adapter
CISA Alerts & Advisories
ABB Advant Master Online Builder
CISA Alerts & Advisories
ABB T-MAC Plus
CISA Alerts & Advisories
ABB Ability Edgenius
Schneier on Security
Vulnerability in FIFA’s Network
Talos Intelligence
[Video] Where protection starts: Cisco Talos Intelligence Integrations
Talos Intelligence
The serpent’s tongue: Luring the Python out of its den
Malwarebytes
The inside job that cost ransomware victims millions
MIT Technology Review
PsiQuantum has a plan to make a massive quantum computer out of light
ISC SANS
ISC Stormcast For Tuesday, July 14th, 2026 https://isc.sans.edu/podcastdetail/10006, (Tue, Jul 14th)
Fastly
MoQ in the Fast Lane
Infernux Blog
Configuring Sentinel Protected Tables
Hacktron
Watching GPT-5.6 Sol Ultra Write a Chrome Exploit: Exploit Development as We Know It Is Dead
2026-07-13
Microsoft Security
Defending SaaS-based applications against ShinyHunters OAuth abuse
Dark Reading
Weak Security Continues to Fuel Russian Cyberattacks
Ars Technica Security
The US government warns that Russia state hackers are coming after your router
MIT Technology Review
What Anthropic’s latest AI discovery does—and doesn’t—show
Microsoft Security
Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID
Ars Technica Security
Now, defenders are embracing the prompt injection, too
Krebs on Security
Lessons Learned from CISA’s Recent GitHub Leak
Amazon Security
New compliance guidance available: HITRUST i1 on AWS
MIT Technology Review
The Download: a donor conception cap and world models for AI
CISA Alerts & Advisories
Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting
CISA Alerts & Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
Schneier on Security
AI Data Centers and the Concentration of Wealth
Malwarebytes
A week in security (July 6 – July 12)
ISC SANS
ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)
Rosecurify
Seclog - #186
2026-07-10
Schneier on Security
Friday Squid Blogging: “Squidbleed” Vulnerability
Microsoft Security
Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative
ISC SANS
My Stack Simulator, (Wed, Jul 8th)
Dark Reading
Fresh ATM Crypto Software Bugs: Jackpot or Bust?
Zero Day Initiative
CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys
Dark Reading
More Countries Jump on the Social Media 'Ban Wagon'
MIT Technology Review
The Download: Claude’s inner workings and OpenAI’s “super app”
CISA Alerts & Advisories
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Malwarebytes
How mule betting scams recruit ordinary people
Schneier on Security
AI Surveillance and Social Progress
MIT Technology Review
Sperm donors need limits, says a European fertility group
ISC SANS
ISC Stormcast For Friday, July 10th, 2026 https://isc.sans.edu/podcastdetail/10002, (Fri, Jul 10th)
2026-07-09
Amazon Security
Introducing OAuth Support for AWS MCP Server
Ars Technica Security
Patch for Windows Defender 0-day could allow attackers to fill hard disk
MIT Technology Review
Anthropic found a hidden space where Claude puzzles over concepts
Dark Reading
Microsoft Reins in RoguePlanet Zero-Day Threat
Talos Intelligence
WolfSSL, GeoVision, VTK vulnerabilities
Talos Intelligence
Winning 54% of the time
Github Security Blog
How GitHub gave every repository a durable owner
Microsoft Security
GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
Hybrid Analysis Blog
Suspected Russian Threat Actor Impersonates Legitimate Crypto Wallets to Deploy Remote Utilities
Dark Reading
AI Gateways Offer Attackers the Keys to the Kingdom
Eclypsium
The Two BIOS Passwords Everyone Confuses
MIT Technology Review
The Download: a nuclear landmark, and China eyes Nvidia chips
CISA Blog
Lessons from CISA’s Cyber Incident
CISA Alerts & Advisories
Schneider Electric PowerChute Serial Shutdown
CISA Alerts & Advisories
Schneider Electric Easergy MiCOM Px40 Series
CISA Alerts & Advisories
OpenPLC v3
Malwarebytes
Microsoft fixes RoguePlanet zero-day in Defender
Schneier on Security
The Language of AI Could Change How Humans Speak
Sicuranext Blog
Why the HTTP QUERY Method Is a Good Idea but Accept-Query Is Not
Sicuranext Blog
Why the HTTP QUERY Method Is a Good Idea but Accept-Query Is Not
TrustedSec
Vulnify: Giving Your Agents a CVE Brain
mez0 Blog
Vulnify: Giving Your Agents a CVE Brain
2026-07-08
Dark Reading
Mexico's New Cyber Plan Faces Its First Real Test
Ars Technica Security
Google pays $250K for Linux vulnerability allowing guest VM escapes