2026-07-14
Zero Day Initiative
The July 2026 Security Update Review
Dark Reading
Manage Vendor Risk in a Few Practical Steps
Step Security
Coordinated AsyncAPI Supply Chain Attack: Miasma RAT Delivered via Compromised CI/CD Pipelines in Two Repositories
Schneier on Security
Upcoming Speaking Engagements
The Citizen Lab
Canada’s Electronic Spy Agency Conducted Cyberattacks on Criminals Brokering Fentanyl Ingredients, Report Says
Cloudflare
A broken DNSSEC rollover took down .AL. Now 1.1.1.1 tells you when validation is bypassed
MIT Technology Review
The Download: Claude’s inner workings, and the future of world models
CISA Alerts & Advisories
ABB Ability Edgenius
CISA Alerts & Advisories
ABB Advant Master Online Builder
CISA Alerts & Advisories
Rockwell Automation 1715-AENTR EtherNet/IP Adapter
CISA Alerts & Advisories
CISA Urges SharePoint Hardening After New Exploitations
CISA Alerts & Advisories
ABB T-MAC Plus
Schneier on Security
Vulnerability in FIFA’s Network
Talos Intelligence
[Video] Where protection starts: Cisco Talos Intelligence Integrations
Talos Intelligence
The serpent’s tongue: Luring the Python out of its den
Malwarebytes
The inside job that cost ransomware victims millions
MIT Technology Review
PsiQuantum has a plan to make a massive quantum computer out of light
ISC SANS
ISC Stormcast For Tuesday, July 14th, 2026 https://isc.sans.edu/podcastdetail/10006, (Tue, Jul 14th)
Infernux Blog
Configuring Sentinel Protected Tables
Fastly
MoQ in the Fast Lane
2026-07-13
Microsoft Security
Defending SaaS-based applications against ShinyHunters OAuth abuse
Dark Reading
Weak Security Continues to Fuel Russian Cyberattacks
Ars Technica Security
The US government warns that Russia state hackers are coming after your router
MIT Technology Review
What Anthropic’s latest AI discovery does—and doesn’t—show
Microsoft Security
Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID
Ars Technica Security
Now, defenders are embracing the prompt injection, too
Krebs on Security
Lessons Learned from CISA’s Recent GitHub Leak
Amazon Security
New compliance guidance available: HITRUST i1 on AWS
MIT Technology Review
The Download: a donor conception cap and world models for AI
CISA Alerts & Advisories
Improve Router Hygiene to Protect Against Russian State-Sponsored Targeting
CISA Alerts & Advisories
CISA Adds One Known Exploited Vulnerability to Catalog
Schneier on Security
AI Data Centers and the Concentration of Wealth
Malwarebytes
A week in security (July 6 – July 12)
ISC SANS
ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)
Rosecurify
Seclog - #186
2026-07-10
Schneier on Security
Friday Squid Blogging: “Squidbleed” Vulnerability
Microsoft Security
Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative
ISC SANS
My Stack Simulator, (Wed, Jul 8th)
Dark Reading
Fresh ATM Crypto Software Bugs: Jackpot or Bust?
Zero Day Initiative
CVE-2026-47291: Remote Code Execution in the Windows HTTP.sys
Dark Reading
More Countries Jump on the Social Media 'Ban Wagon'
MIT Technology Review
The Download: Claude’s inner workings and OpenAI’s “super app”
CISA Alerts & Advisories
CISA Adds Two Known Exploited Vulnerabilities to Catalog
Malwarebytes
How mule betting scams recruit ordinary people
Schneier on Security
AI Surveillance and Social Progress
MIT Technology Review
Sperm donors need limits, says a European fertility group
ISC SANS
ISC Stormcast For Friday, July 10th, 2026 https://isc.sans.edu/podcastdetail/10002, (Fri, Jul 10th)
2026-07-09
Amazon Security
Introducing OAuth Support for AWS MCP Server
Ars Technica Security
Patch for Windows Defender 0-day could allow attackers to fill hard disk
MIT Technology Review
Anthropic found a hidden space where Claude puzzles over concepts
Dark Reading
Microsoft Reins in RoguePlanet Zero-Day Threat
Talos Intelligence
WolfSSL, GeoVision, VTK vulnerabilities
Talos Intelligence
Winning 54% of the time
Github Security Blog
How GitHub gave every repository a durable owner
Microsoft Security
GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
Hybrid Analysis Blog
Suspected Russian Threat Actor Impersonates Legitimate Crypto Wallets to Deploy Remote Utilities
Dark Reading
AI Gateways Offer Attackers the Keys to the Kingdom
Eclypsium
The Two BIOS Passwords Everyone Confuses
MIT Technology Review
The Download: a nuclear landmark, and China eyes Nvidia chips
CISA Alerts & Advisories
Schneider Electric Easergy MiCOM Px40 Series
CISA Alerts & Advisories
OpenPLC v3
CISA Alerts & Advisories
Schneider Electric PowerChute Serial Shutdown
CISA Blog
Lessons from CISA’s Cyber Incident
Malwarebytes
Microsoft fixes RoguePlanet zero-day in Defender
Schneier on Security
The Language of AI Could Change How Humans Speak
Sicuranext Blog
Why the HTTP QUERY Method Is a Good Idea but Accept-Query Is Not
Sicuranext Blog
Why the HTTP QUERY Method Is a Good Idea but Accept-Query Is Not
MIT Technology Review
Four nuclear reactors hit a big milestone in the US
TrustedSec
Vulnify: Giving Your Agents a CVE Brain
ISC SANS
ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)
mez0 Blog
Vulnify: Giving Your Agents a CVE Brain
2026-07-08
Dark Reading
Mexico's New Cyber Plan Faces Its First Real Test
Ars Technica Security
Google pays $250K for Linux vulnerability allowing guest VM escapes
Amazon Security
Designing for the inevitable: System prompt leakage and mitigations in generative AI applications
Microsoft Security
Protecting Microsoft at AI speed: How SFI proactively hardens our cloud
MIT Technology Review
EmTech AI 2026: The Rise of the AI Platform
Black Lantern Security
BBOT 3.0
Amazon Security
The CISO’s guide to post-quantum mandates and migrations
Black Hills Info Sec
Finding the “Goldilocks” Zone: A Practical Approach to Alert Triage
Bishop Fox Security
Cracking Firmware with Claude: Senior-Level Skill, Junior-Level Autonomy
Krebs on Security
Felons, Fraudsters Flog Offensive Cybersecurity Startup
Malwarebytes
Your next car could be watching your face
Sicuranext Blog
Protect Your WordPress Using Claude Code and Karna
Sicuranext Blog
Protect Your WordPress Using Claude Code and Karna
Searchlight Cyber
July 7th – This Week’s Top Cybersecurity and Dark Web Stories
Schneier on Security
Cybersecurity and the Gap Between Skill and Ability
Trail of Bits
Mutation testing comes to DAML
Escape DAST
Product Updates: Quick fix issues by prompting your agents and follow a live tree of agents in your pentest
Ars Technica Security
Hackers can use 9 of the most popular AI tools to assemble massive botnets
DarkRelay
Nmap for Pentester: Host Discovery Guide
Arch Cloud Labs
Kexec & Btrfs Subvolumes for Kernel Testing
ISC SANS
ISC Stormcast For Wednesday, July 8th, 2026 https://isc.sans.edu/podcastdetail/9998, (Wed, Jul 8th)
Datadog HQ
Monitor your .NET MAUI apps with Datadog RUM
Teleport Blog
When AI Agents Call AWS, Who Does AWS Think They Are?
Elastic Security Labs
ClickFix to Cash-Out: Anatomy of a Mexican Banking-Fraud Toolkit