Daily Briefing

CyberGeoDigest

Geopolitical cyber intelligence in 5 minutes
Saturday, July 4, 2026 · 8 stories
Share this digest:

Armored Likho Deploys BusySnake Stealer Against Russia, Brazil, Kazakhstan Energy Sectors (1 minute read)

Kaspersky attributes a new threat actor, Armored Likho, to espionage and financially motivated attacks on government agencies and power utilities across Russia, Brazil, and Kazakhstan using BusySnake stealer.

The Hacker News · 19h ago · Read full article →

FBI Nabs IRGC Cybercriminal; Russian Hackers Steal Signal Keys; DHS Network Breached (1 minute read)

FBI arrested an IRGC-linked cybercriminal, Russian hackers exfiltrated Signal backup encryption keys, and unidentified actors breached a DHS information network — all in one week.

SentinelOne · 20h ago · Read full article →

NSO Pegasus Hacked MEP Stelios Kouloglou While He Investigated Spyware Abuse (2 minute read)

Citizen Lab forensics confirm former European Parliament Member Stelios Kouloglou was repeatedly compromised with Pegasus while serving on the committee probing commercial spyware abuse in the EU.

The Hacker News · 22h ago · Read full article →

North Korea Plants Malicious npm Packages Disguised as Rollup Polyfill Tools (1 minute read)

JFrog links North Korea-tied actors to npm packages 'rollup-packages-polyfill-core' and 'rollup-runtime-polyfill-core,' cloning legitimate Rollup tooling metadata to enable remote access and secrets theft from developers.

The Hacker News · 17h ago · Read full article →

War on the Rocks Publishes Adams-Jefferson Rivalry Essay for U.S. 250th Anniversary (3 minute read)

War on the Rocks marks America's 250th birthday with a historical essay on the Adams-Jefferson rivalry and divergent visions of federal power. No cybersecurity or geopolitical threat content present; not applicable to this briefing.

War on the Rocks · 1h ago · Read full article →

Chinese LLMs Widen Offensive Advantage Over Cyber Defenders, Analysis Warns (1 minute read)

Two new Chinese large language models now compete with top U.S. frontier models, raising concern that offensive cyber operators gain disproportionate benefit over under-resourced defenders. The asymmetry matters because attack automation scales faster than defensive tooling adoption in most enterprises.

Dark Reading · 20h ago · Read full article →

Avalon Malware Framework Bundles Credential Theft, Lateral Movement, and CrownX Ransomware (1 minute read)

Researchers discovered Avalon, an undocumented modular framework delivered via multi-stage phishing that combines credential harvesting, lateral movement, remote access, and ransomware in a single package.

The Hacker News · 14h ago · Read full article →

LLM Agent Autonomously Executes Multi-Stage Ransomware Attack via Langflow Exploit (1 minute read)

Researchers documented a real-world attack in which an agentic AI leveraged Langflow to chain known exploits with real-time reasoning, executing a full ransomware intrusion autonomously.

SecurityWeek · 22h ago · Read full article →

Get this in your inbox

Free daily briefing. No spam. Unsubscribe anytime.

Subscribe Now