A China-linked threat cluster is actively exploiting unpatched Roundcube servers at North American universities to steal credentials and deploy backdoor malware. Targeting academic institutions signals sustained Chinese intelligence collection against research and IP pipelines.
BleepingComputer
· 15h ago
· Read full article →
Cisco identified three new backdoors—LongLeash, DogLeash, and JarLeash—added to the China-linked LapDogs campaign targeting SOHO routers. The toolkit expansion confirms a maturing, persistent effort to compromise edge infrastructure as a persistent access and espionage platform.
SecurityWeek
· 18h ago
· Read full article →
Taiwanese prosecutors charged two businessmen whose company leased LINE messaging accounts to Chinese intelligence operatives for covert communications. The case exposes commercial infrastructure being weaponized for PRC espionage inside Taiwan's own digital ecosystem.
The Record
· 17h ago
· Read full article →
Iran struck three commercial vessels in the Strait of Hormuz, prompting U.S. retaliatory strikes in an escalating exchange as of July 8, 2026. Attacks on commercial shipping at the world's most critical oil chokepoint raise immediate global energy-supply and freedom-of-navigation stakes.
Just Security
· 22h ago
· Read full article →
Trump declared nuclear peace talks a "waste of time" as strikes between the U.S. and Iran resumed, ending a brief ceasefire. Renewed hostilities raise immediate escalation risk in the Gulf and put allied basing, shipping lanes, and regional proxy networks back on a war footing.
Foreign Policy
· 13h ago
· Read full article →
The U.S.-Iran deal has collapsed into renewed conflict, threatening a sharp upward shock to global oil prices. Energy markets that had priced in a diplomatic resolution must now reprice Strait of Hormuz disruption risk across forward curves.
Foreign Policy
· 15h ago
· Read full article →
Iranian sea mines deployed in the Strait of Hormuz inflicted significant damage on commercial shipping and global trade flows during the conflict. The weapons create a persistent, low-cost area-denial threat that outlasts any ceasefire and requires active, expensive clearance operations before normal transit resumes.
Foreign Policy
· 17h ago
· Read full article →
China's national vulnerability database flagged Anthropic's Claude Code for an alleged monitoring mechanism capable of forwarding Chinese users' data to remote servers. The move accelerates Beijing's push to purge foreign AI tooling from domestic development environments.
The Register Security
· 20h ago
· Read full article →
Trump's June 2026 executive order and NSPM-11 demand rapid AI adoption across the national security enterprise, but no new funding mechanisms back the directives. The gap between ambition and appropriations risks turning policy into theater as adversaries accelerate their own military AI programs.
War on the Rocks
· 2h ago
· Read full article →
Five Eyes national security agencies jointly warned that AI models now pose meaningful autonomous hacking risk, while recommending largely conventional mitigations.
Schneier on Security
· 23h ago
· Read full article →
A Just Security expert collection examines U.S. policy on Greenland across legal, political, and NATO dimensions, including congressional oversight gaps. Greenland's strategic Arctic position makes U.S. ambitions a fault line for alliance cohesion and international law precedent.
Just Security
· 22h ago
· Read full article →
The Kremlin is publicly claiming and arming its sanctions-evading shadow tanker fleet, discarding previous deniability. Europe faces a direct challenge to enforcement credibility: continued inaction normalizes state-sponsored sanctions evasion and emboldens further Kremlin hybrid operations in European waters.
Foreign Policy
· 20h ago
· Read full article →
Spanish authorities arrested a man linked by FBI intelligence to CyberArmy of Russia Reborn, Z-Pentest, and NoName057(16). The arrest marks rare law-enforcement action against the pro-Russian hacktivist ecosystem operating under Kremlin-aligned cover.
The Record
· 20h ago
· Read full article →
A cybersecurity startup offering millions for zero-day vulnerabilities is operated by two convicted felons with histories of fake intelligence firms and an AI lobbying platform run under assumed identities. The scheme raises serious concerns about zero-day market integrity and potential exploitation of researchers.
Krebs on Security
· 21h ago
· Read full article →
Attackers breached an email platform shared by five Japanese ISPs under KDDI, exposing email addresses and passwords for over 12 million customers. The scale and ISP-layer targeting suggest potential for downstream credential-stuffing campaigns across Japan's consumer and business sectors.
BleepingComputer
· 23h ago
· Read full article →
Threat actor Lurking Lizard has operated a residential proxy network via 230+ lookalike domains since at least August 2022, silently converting victim devices into proxy nodes.
The Hacker News
· 6h ago
· Read full article →
Microsoft issued an out-of-band patch for the RoguePlanet zero-day in Windows Defender, disclosed after the June 2026 Patch Tuesday cycle. The post-cycle disclosure compresses defender response windows and signals active-exploitation pressure between scheduled patch releases.
BleepingComputer
· 4h ago
· Read full article →
Microsoft fixed CVE-2026-50656 (CVSS 7.8) in mpengine.dll nearly a month after public disclosure, allowing local privilege escalation to SYSTEM. Delayed patching of a publicly known flaw in Windows Defender's core engine extends exposure across the entire Windows endpoint install base.
The Hacker News
· 1h ago
· Read full article →
CVE-2026-11405 in Tenda firmware lets unauthenticated attackers reach the web management interface with no patch available. Unpatched SOHO router backdoors are a persistent entry point for botnet recruitment and network pivoting, particularly in SME and home-office environments.
SecurityWeek
· 5h ago
· Read full article →
Researchers demonstrated HalluSquatting: attackers pre-register package names that AI coding assistants reliably hallucinate, then serve malware when the assistant fetches them automatically.
The Hacker News
· 19h ago
· Read full article →
Get this in your inbox
Free daily briefing. No spam. Unsubscribe anytime.
Subscribe Now