OSINT communities have outpaced traditional intelligence in tracking China's next-generation fighter development, exposing gaps in classified collection. The PLA's deliberate opacity on one key capability remains the last meaningful blind spot.
Foreign Policy
· 6h ago
· Read full article →
๐จ๐ณ PLA ยท China
Iranian threat actors are broadening attacks to any internet-facing vulnerability regardless of sector, discarding the prior logic of targeting only critical infrastructure. The shift means obscurity-by-irrelevance is no longer a viable risk posture for mid-market organizations.
Dark Reading
· 13h ago
· Read full article →
Three weeks after signing, the U.S.-Iran MOU is collapsing as both sides continue tit-for-tat military exchanges despite an April ceasefire. A failed agreement normalizes escalation cycles and weakens the credibility of future diplomatic frameworks.
War on the Rocks
· 16h ago
· Read full article →
GigaWiper merges standalone wiping, ransomware encryption, and multi-pass wiping into a single backdoor platform, drawing code from several previously distinct malware families. The modular assembly model lowers the barrier for sophisticated destructive operations and complicates attribution.
Microsoft Threat Intelligence
· 19h ago
· Read full article →
GigaWiper bundles a standalone wiper, ransomware encryption, and multi-pass wiping commands into one operational tool capable of system-level sabotage. Combining denial-of-recovery with data destruction marks an escalation in adversarial payload design.
SecurityWeek
· 1h ago
· Read full article →
The June 15 U.S.-Iran framework agreement unexpectedly included a commitment to terminate military operations in Lebanon after Washington failed to keep it as a separate track.
War on the Rocks
· 2h ago
· Read full article →
Microsoft identified GigaWiper, a modular Windows backdoor merging disk-wiping, file-scrambling fake ransomware, and spyware into operator-selectable payloads. Bundling destructive tools into one framework lowers attacker costs and complicates attribution by blurring ransomware and sabotage intent.
The Hacker News
· 16h ago
· Read full article →
Both the U.S. and Iran are escalating direct strikes as prospects for renewed diplomatic talks dim. Sustained kinetic exchange between the two raises the threshold for what follows any future negotiation and increases miscalculation risk across the Gulf.
Foreign Policy
· 13h ago
· Read full article →
Chinese scholars claimed Batanes Islands are a "natural geographical extension" of Taiwan and therefore Chinese territory; the Philippine Defense Chief publicly dismissed the assertion. The claim signals an emerging Chinese legal-narrative effort to extend South China Sea logic northward toward Taiwan's periphery.
The Diplomat
· 5h ago
· Read full article →
On July 7, 2026, the UK government released an agentic AI defense plan paired with an industry commitment to raise baseline cybersecurity levels. The dual announcement reflects government recognition that AI-driven attack automation has outpaced existing defensive frameworks.
SecurityWeek
· 20h ago
· Read full article →
Myanmar Foreign Minister Tin Maung Swe meets ASEAN counterparts this weekend seeking diplomatic normalization for the military government in Naypyidaw. The meeting tests ASEAN's Five-Point Consensus and whether Southeast Asian bloc will reward the junta with legitimacy.
The Diplomat
· 8h ago
· Read full article →
NSA renamed its Office of Computer Network Operations back to Tailored Access Operations, restoring the TAO brand made infamous by the Snowden disclosures and Shadow Brokers leaks. The rebranding signals institutional pride in offensive capability at a moment of intensifying great-power cyber competition.
The Record
· 21h ago
· Read full article →
The European Commission brought four member states to court for failing to transpose the NIS2 Directive into national law more than 20 months past the deadline. Non-implementation leaves critical infrastructure across four major EU economies outside the bloc's unified cyber baseline.
The Record
· 21h ago
· Read full article →
GodDamn ransomware, first spotted May 21, 2026, and assessed as a Beast ransomware rebrand, uses the PoisonX kernel driver to disable endpoint defenses before encryption. Kernel-level defense neutralization is now a commodity ransomware feature, not an APT-exclusive technique.
The Hacker News
· 23h ago
· Read full article →
Unknown hackers exploited a zero-day in a third-party system to access KDDI's ISP email platform, compromising 12 million users. Japan's largest telcos remain high-value targets as third-party supply-chain vectors bypass direct defenses.
SecurityWeek
· 22h ago
· Read full article →
A foreign, financially motivated group hit state-owned Latvijas Valsts Mezi with ransomware, leaving systems offline weeks later. Attacks on state-owned natural resource enterprises signal expanding ransomware targeting of government-adjacent economic assets in EU member states.
The Record
· 20h ago
· Read full article →
A former DigitalMint incident-response employee was sentenced to 70 months for conducting BlackCat/ALPHV ransomware attacks against U.S. companies he was positioned to help. The case exposes insider-threat risk inside the ransomware recovery industry and potential double-dealing with criminal affiliates.
BleepingComputer
· 2h ago
· Read full article →
Researcher "Nightmare-Eclipse" published a proof-of-concept exploit for a Windows Defender zero-day in early June after previously releasing multiple Microsoft zero-days. Serial public PoC drops by a single researcher signal a deliberate pressure campaign forcing accelerated vendor patch timelines.
Dark Reading
· 14h ago
· Read full article →
Microsoft's Malware Protection Engine update resolves CVE-2026-50656, a privilege escalation flaw dubbed 'RoguePlanet' in Windows Defender. A security bypass in the primary endpoint defense layer carries outsized risk across Microsoft's install base.
SecurityWeek
· 23h ago
· Read full article →
Microsoft shipped a fix for the Windows Defender zero-day weeks after exploit code tied to threat actor Nightmare Eclipse became public. The delay between public exploit availability and patch release left enterprise endpoints exposed during a critical window.
The Register Security
· 20h ago
· Read full article →
Get this in your inbox
Free daily briefing. No spam. Unsubscribe anytime.
Subscribe Now