The PhantomEnigma campaign compromised over 20 Brazilian government websites to serve as active malware delivery infrastructure, exposing previously undocumented backdoor behavior. State-branded domains used as attack vectors erode public trust and complicate takedown efforts.
The Hacker News
· 21h ago
· Read full article →
A China-linked threat actor redeployed the Daxin kernel-mode rootkit inside a Taiwanese manufacturing firm four years after its 2022 exposure, pairing it with a previously unreported backdoor called Stupig.
The Hacker News
· 21h ago
· Read full article →
U.S. Central Command confirmed a fifth wave of overnight strikes hitting targets around Tehran and northern Iran, with Iranian state media acknowledging multiple impact sites.
Just Security
· 20h ago
· Read full article →
President Zelensky dismissed Defense Minister Mykhailo Fedorov, the architect of Ukraine's drone integration and digital warfighting strategy mid-conflict.
The Record
· 17h ago
· Read full article →
Operational technology environments running legacy systems face an unresolvable tension between vulnerability disclosure norms and real-world safety constraints that prevent rapid patching.
SecurityWeek
· 17h ago
· Read full article →
An intelligence official reviewing Trump's declassified election-interference materials finds the documents show foreign threats but do not support his allegation of an intelligence community cover-up.
Just Security
· 4h ago
· Read full article →
Beijing is declining to sell Pakistan its fifth-generation J-35 stealth fighter, judging that the geopolitical and technology-exposure ramifications exceed those of any prior Chinese arms transfer. Withholding the platform signals China treats J-35 as a strategic equity, not yet a tool of alliance-building.
The Diplomat
· 19h ago
· Read full article →
Foreign Policy argues NATO's multinational command structure is too slow and politically unwieldy for modern high-intensity warfare, calling for Germany to develop independent warfighting capability.
Foreign Policy
· 17h ago
· Read full article →
A documented attempt by a woman to stand for mahalla chairperson in Uzbekistan exposes how informal power networks nullify formal democratic reforms at the community level.
The Diplomat
· 19h ago
· Read full article →
Deepening divisions among UN Security Council members have paralyzed enforcement of North Korean nuclear sanctions, giving Pyongyang expanded room to accelerate its weapons program and illicit revenue operations.
Foreign Policy
· 19h ago
· Read full article →
UAT-11795, a financially motivated Russian threat actor, is distributing trojanized WebEx and Zoom installers to deploy the Starland RAT backdoor for credential and cryptocurrency theft. Targeting trusted enterprise collaboration tools signals a deliberate escalation in supply-chain-adjacent delivery tactics.
BleepingComputer
· 22h ago
· Read full article →
Two senior Scattered Spider members received 5.5-year prison sentences each for the 2024 cyberattack on Transport for London that caused £29 million in damages.
The Record
· 21h ago
· Read full article →
🏴☠️ Scattered Spider · Multi-national
Two core Scattered Spider members were sentenced to five years and six months in prison for hacking Transport for London in 2024. The convictions demonstrate Anglo-American law enforcement coordination against loosely structured cybercriminal collectives and raise the legal cost of high-profile infrastructure attacks.
BleepingComputer
· 20h ago
· Read full article →
🏴☠️ Scattered Spider · Multi-national
Owen Flowers, 18, and Thalha Jubair, 20, sentenced at Woolwich Crown Court for the 2024 hack that knocked out 148 TfL systems and forced 27,000 employees to reset passwords in person.
The Hacker News
· 16h ago
· Read full article →
🏴☠️ Scattered Spider · Multi-national
Thalha Jubair and Owen Flowers convicted and sentenced in the UK for the 2024 Transport for London cyberattack. The prosecutions mark a rare successful criminal accountability action against Scattered Spider, a group that has largely evaded sustained law enforcement pressure.
SecurityWeek
· 19h ago
· Read full article →
🏴☠️ Scattered Spider · Multi-national
Newly identified ransomware actor Spirals completed full intrusion-to-encryption operations, including data theft, in under 24 hours in at least one confirmed corporate breach.
BleepingComputer
· 23h ago
· Read full article →
CISA added CVE-2026-58644, a CVSS 9.8 critical deserialization flaw in Microsoft SharePoint Server, to its Known Exploited Vulnerabilities catalog, requiring FCEB agencies to patch by July 19, 2026.
The Hacker News
· 2h ago
· Read full article →
Mandiant's M-Trends 2026 report records a mean time-to-exploit of -7 days, meaning attackers routinely weaponize vulnerabilities before patches exist, driving security teams toward LLM-assisted automated discovery.
Google Threat Intelligence
· 19h ago
· Read full article →
CISA issued an emergency directive requiring federal agencies to immediately patch two actively exploited vulnerabilities in Fortinet's FortiSandbox platform.
BleepingComputer
· 2h ago
· Read full article →
CISA ordered federal agencies to patch a critical vulnerability in Oracle E-Business Suite financial software by Saturday amid active exploitation. Oracle's EBS handles sensitive financial transactions across government, making unpatched instances a direct threat to federal financial data integrity.
BleepingComputer
· 22h ago
· Read full article →
Get this in your inbox
Free daily briefing. No spam. Unsubscribe anytime.
Subscribe Now