Dutch intelligence reports at least one Russian agency is compromising internet-connected cameras across Europe to surveil NATO military logistics and Ukrainian personnel movements. The operation signals systematic Russian ISR collection against alliance supply chains supporting Ukraine.
The Record
· 19h ago
· Read full article →
Beijing's assertion of sovereignty over the Philippines' Batanes Islands has prompted Taiwan to amplify shared Austronesian heritage with Manila as a soft-power counter. The move reflects Taipei's strategy of building sub-sovereign regional alignments to complicate PRC territorial expansion in the South China Sea.
The Diplomat
· 20h ago
· Read full article →
Iran has concentrated covert and proxy pressure on Bahrain and Kuwait, judging both states too militarily weak and politically constrained to retaliate effectively.
Foreign Policy
· 12h ago
· Read full article →
US and allied governments warn multiple Russian state-sponsored APTs are exploiting poorly secured routers inside critical infrastructure networks across member states. The joint advisory signals coordinated pre-positioning for potential disruption operations beyond espionage.
SecurityWeek
· 22h ago
· Read full article →
NATO's 36th summit in Ankara produced surface unity on Ukraine and Iran while masking deep disagreements over burden-sharing and European strategic autonomy. Even Trump's participation failed to resolve structural tensions that weaken collective deterrence.
War on the Rocks
· 15h ago
· Read full article →
A decade after the Permanent Court of Arbitration invalidated China's nine-dash line claim, the Philippines is actively expanding its military posture in the South China Sea. Beijing's continued rejection of the ruling has shifted Manila from legal reliance toward hard security investment and US alliance deepening.
Foreign Policy
· 4h ago
· Read full article →
A War on the Rocks essay examines how MOLLE gear's evolution reflects the growing cultural gap between American civilians and an all-volunteer military. The divide has strategic consequences for recruitment, public legitimacy, and political will to sustain prolonged conflicts.
War on the Rocks
· 1h ago
· Read full article →
China's government issued new regulations targeting the fast-growing AI companion industry, imposing content and behavioral controls on platforms. The rules extend Beijing's pattern of capturing emerging consumer-AI markets under state supervision before Western governance frameworks can set norms.
Foreign Policy
· 10h ago
· Read full article →
Beijing is deploying a broader range of economic and diplomatic countermeasures against adversaries, with fewer of the self-restraints that previously capped escalation.
Foreign Policy
· 14h ago
· Read full article →
US Treasury designated VPN provider 1VPNS, its alleged Ukrainian administrator, and a Belarusian cryptor vendor accused of helping ransomware gangs evade detection. The action marks the first OFAC designation of a VPN service as ransomware infrastructure, setting enforcement precedent.
CyberScoop
· 17h ago
· Read full article →
Federal prosecutors charged Russians behind St. Petersburg-based Media Land and ML Cloud with providing bulletproof hosting infrastructure and technical support to cybercriminal gangs. Indicting the hosting layer rather than end attackers targets a chokepoint enabling ransomware, fraud, and malware campaigns globally.
The Record
· 13h ago
· Read full article →
US prosecutors charged three Russian nationals operating bulletproof hosting services that enabled ransomware gangs causing over $62 million in victim losses worldwide. The case dismantles infrastructure that insulated multiple criminal groups from takedown by cycling IP space and ignoring abuse complaints.
BleepingComputer
· 1h ago
· Read full article →
The D1R group claims to have stolen sensitive data from semiconductor EDA giant Synopsys and industrial conglomerate Bosch, threatening public release without ransom payment; Synopsys says it finds no evidence of a breach.
SecurityWeek
· 14h ago
· Read full article →
An unattributed threat actor created nearly 300 GitHub repositories mimicking legitimate software and security tools to deliver infostealer malware to developers and researchers.
BleepingComputer
· 13h ago
· Read full article →
SonicWall confirmed active exploitation of CVE-2026-15409 (CVSS 10.0 SSRF enabling unauthenticated remote command execution) and a second zero-day in SMA 1000 series appliances. Edge device zero-days on enterprise VPN gateways remain a primary initial-access vector for state and criminal actors.
The Hacker News
· 3h ago
· Read full article →
Microsoft's July Patch Tuesday addressed 570 security vulnerabilities, nearly triple last month's record-breaking count, with the company attributing the surge to AI-aided discovery. AI-accelerated vuln finding is outpacing patch absorption capacity, compressing defender response windows industry-wide.
Krebs on Security
· 13h ago
· Read full article →
SonicWall confirmed threat actors are actively exploiting CVE-2026-15409 and CVE-2026-15410 in SMA1000 appliances as zero-days and released emergency patches. Unpatched SMA1000 devices represent direct network ingress points into enterprise and government environments.
BleepingComputer
· 11h ago
· Read full article →
Progress Software confirmed a high-severity zero-day in ShareFile Storage Zone Controllers forced an emergency shutdown and has issued patches. Unscheduled shutdowns of enterprise file-transfer infrastructure signal active exploitation, echoing the MOVEit pattern of targeting managed-file-transfer products.
BleepingComputer
· 17h ago
· Read full article →
SonicWall issued an urgent patch advisory for two zero-days, CVE-2026-15409 and CVE-2026-15410, in SMA1000 appliances allowing unauthenticated remote code execution. SMA appliances are a recurring target for state-sponsored actors; unpatched edge devices remain the dominant initial-access vector in enterprise breaches.
SecurityWeek
· 3h ago
· Read full article →
Microsoft's July 2026 Patch Tuesday addresses 570 vulnerabilities—a record—including two actively exploited zero-days and one publicly disclosed. The volume signals expanding Windows attack surface and will strain enterprise patch cycles, extending the window of exposure across global deployments.
BleepingComputer
· 15h ago
· Read full article →
Get this in your inbox
Free daily briefing. No spam. Unsubscribe anytime.
Subscribe Now