Moscow may bypass direct satellite technology transfers to Pyongyang, instead sharing raw intelligence from its existing orbital network. This arrangement circumvents proliferation tripwires while delivering strategic ISR value to North Korea at minimal Russian cost.
The Diplomat
· 18h ago
· Read full article →
China-linked Silver Fox group deployed MODBEACON, a Rust-based RAT using gRPC streaming for encrypted command-and-control, spread via SEO-poisoned fake installers. The gRPC channel blends into legitimate enterprise traffic, significantly complicating network-based detection.
The Hacker News
· 19h ago
· Read full article →
Both Chinese and Indian threat actors independently breached Balochistan police systems between February 2024 and April 2026, in some cases compromising identical targets simultaneously.
The Record
· 19h ago
· Read full article →
Declassified history reveals Britain's double agent Kim Philby burned CIA-backed parachute infiltrations into communist Albania, dooming the West's first covert regime-change attempt. The failure established a template for how mole penetration can neutralize an entire covert action program before launch.
Foreign Policy
· 14h ago
· Read full article →
SentinelOne found that both Chinese and Indian state-linked threat actors independently compromised the Balochistan Police force over at least two years. The overlap reveals Pakistan's provincial security services as a contested intelligence collection target for rival regional powers simultaneously.
SecurityWeek
· 20h ago
· Read full article →
China conducted a missile test during the week of July 4 as Turkey hosted NATO leaders and the Philippines opened an impeachment trial. The concurrent pressure points across three theaters illustrate compounding stress on U.S. alliance commitments in the Indo-Pacific and Europe.
Foreign Policy
· 15h ago
· Read full article →
Regional powers are pressing Washington and Tehran to restore a pause in strikes and preserve diplomatic channels for nuclear negotiations. The breakdown raises the risk that military escalation forecloses a negotiated settlement on Iran's nuclear program.
Foreign Policy
· 13h ago
· Read full article →
Regional mediators including Qatar and Pakistan conducted multiple diplomatic calls July 9 with U.S. and Iranian officials seeking de-escalation and renewed negotiations. The parallel mediation tracks reflect fractured direct communication channels and signal both sides are managing escalation without formal dialogue.
Just Security
· 20h ago
· Read full article →
Tibet now anchors China's renewable energy expansion across wind, solar, and hydropower, with resources directed by Beijing and profits flowing outward from the region. The arrangement replicates extractive colonial economics under a green-energy framework, reinforcing Tibetan political marginalization.
The Diplomat
· 20h ago
· Read full article →
Near-future AI surveillance will track public and private behavior in real time, tie violations to government records, and alert authorities and potentially the public automatically.
Schneier on Security
· 21h ago
· Read full article →
Microsoft's July 2026 SFI update details advances in secure-by-default engineering, AI-assisted defense, and long-term resilience investments following post-Storm-0558 commitments. Progress metrics remain self-reported, limiting independent verification of whether systemic security debt has been materially reduced.
Microsoft Threat Intelligence
· 16h ago
· Read full article →
CISA released a forensic report detailing institutional failures following a significant credential leak discovered by an external researcher, outlining new protections and incident response plans. The leak exposed systemic gaps in how a top U.S. cyber agency safeguards its own sensitive materials.
CyberScoop
· 13h ago
· Read full article →
The European Parliament approved Chat Control 2.0, compelling Google, Meta, and Microsoft to scan private user messages for child sexual abuse material. The law sets a binding legal precedent for client-side scanning that privacy advocates warn creates infrastructure replicable for broader state surveillance.
The Record
· 13h ago
· Read full article →
The updated Pentagon CMC list designates Tencent, Alibaba, DJI, and Unitree as Chinese Military Companies, exposing them to U.S. procurement restrictions and investor pressure. Labeling major consumer and tech brands sets a precedent for broader economic decoupling beyond traditional defense contractors.
The Diplomat
· 15h ago
· Read full article →
A DHS database was compromised, AssuranceAmerica exposed 7 million records, and Canada disrupted ransomware operations in the same week NSA quietly reconstituted its elite Tailored Access Operations unit. TAO's revival signals NSA is rebuilding offensive cyber capacity amid escalating adversary activity.
SecurityWeek
· 17h ago
· Read full article →
A Ryuk ransomware operator pleaded guilty in Oregon federal court to conspiracy and computer fraud, while a BlackCat/AlphV affiliate received a 70-month federal prison sentence in Florida for multi-victim extortion. The paired prosecutions signal sustained DOJ momentum in converting ransomware arrests into convictions.
The Record
· 15h ago
· Read full article →
A 34-year-old Armenian national pleaded guilty in U.S. federal court to hacking American companies and deploying Ryuk ransomware. The prosecution extends the U.S. legal reach into the Ryuk ecosystem, which extorted hundreds of millions from hospitals, governments, and enterprises.
BleepingComputer
· 15h ago
· Read full article →
Threat actors are actively exploiting an unspecified critical authentication bypass in the official Gitea Docker image, allowing impersonation of any user including administrators. Any organization running self-hosted Gitea via Docker is exposed to full repository compromise.
BleepingComputer
· 17h ago
· Read full article →
A nearly three-decade-old vulnerability in the Squid proxy daemon can leak HTTP request contents to unauthorized parties. The age of the flaw means it is embedded across a vast range of network infrastructure with slow patch adoption rates.
Schneier on Security
· 11h ago
· Read full article →
Researchers disclosed six vulnerabilities in the widely deployed U-Boot bootloader allowing attackers to execute code at boot time, bypass security protections, and install persistent malware below the OS layer.
BleepingComputer
· 10h ago
· Read full article →
Get this in your inbox
Free daily briefing. No spam. Unsubscribe anytime.
Subscribe Now