Iran is geotracking US military personnel's phones, while naval defense contractor TKMS was hit by ransomware and macOS infostealer CrashStealer emerged. The TKMS breach exposes defense-industrial supply chain risk as submarine and warship production data may be at stake.
SecurityWeek
· 18h ago
· Read full article →
Beijing and Pyongyang exchanged high-level diplomatic visits as China moves to maintain influence over North Korea amid its deepening military partnership with Russia. The visits signal Beijing's concern that the Pyongyang-Moscow axis is shifting the Northeast Asian balance without Chinese primacy.
The Diplomat
· 20h ago
· Read full article →
China-linked GoldenEyeDog subgroup CylindricalCanine compromised DigiCert in April 2026, stealing code-signing certificates. Trusted certificate theft enables downstream supply-chain attacks, extending a pattern this group previously ran against gambling and gaming targets.
The Hacker News
· 16h ago
· Read full article →
North Korean actors behind Contagious Interview concealed four-stage OtterCookie-aligned payloads inside SVG flag images delivered via fake coding tests, harvesting browser credentials, crypto wallets, and files.
The Hacker News
· 19h ago
· Read full article →
Major General Yevhenii Khmara, architect of Ukraine's long-range strike campaign against Russia, replaces outgoing defense minister amid active war. The appointment signals Ukraine is prioritizing offensive deep-strike and intelligence operations at the ministry's highest level.
The Record
· 20h ago
· Read full article →
US forces launched overnight strikes against Iran on day six of continuous combat operations, with Iranian state media confirming hits on multiple sites. Sustained bilateral strikes mark the most prolonged direct US-Iran military exchange on record.
Just Security
· 20h ago
· Read full article →
Both U.S. and Iranian forces targeted civilian infrastructure including bridges, power plants, and desalination facilities, attacks that legal analysts say may constitute war crimes.
Foreign Policy
· 11h ago
· Read full article →
Beijing is co-opting veneration of the sea goddess Mazu, worshipped across Taiwan and coastal China, to advance cross-strait unification propaganda. The operation targets cultural and religious identity as a soft-power vector to erode Taiwanese political will.
Foreign Policy
· 13h ago
· Read full article →
The Trump administration alleges Cuba has acquired Iranian drones, a claim analysts say is designed to manufacture justification for US military action against Havana. If true, Iranian drone proliferation to the Western Hemisphere would mark a significant strategic red line crossed.
Foreign Policy
· 16h ago
· Read full article →
Ukraine is mobilizing borscht as a symbol of national identity to counter Russian narratives that claim the dish—and Ukrainian culture broadly—as Russian. The soft-power contest over food heritage reflects Kyiv's broader strategy of cultural resistance alongside kinetic defense.
Foreign Policy
· 14h ago
· Read full article →
The US, UK, and NATO are accelerating autonomous weapons deployment at commercial speed, outpacing the secure data infrastructure needed to underpin AI-driven battlefield decisions. The gap between operational deployment and trusted information assurance creates exploitable vulnerabilities in autonomous command chains.
The Hacker News
· 21h ago
· Read full article →
Both Trump and Xi have systematically gutted the institutions and personnel that historically managed US-China crisis communication and de-escalation. The erosion of back-channel capacity raises the probability that the next flashpoint—Taiwan Strait, South China Sea—escalates without a diplomatic circuit-breaker.
Foreign Policy
· 18h ago
· Read full article →
The week of July 11 saw China introduce new AI regulations, the Trump administration briefly impose transit fees on the Strait of Hormuz, and Congo's Ebola outbreak expand. Each development carries independent escalation potential across technology governance, energy markets, and global health security.
Foreign Policy
· 15h ago
· Read full article →
The U.S. and Iran signed a memorandum of understanding on nuclear terms that analysts say is riddled with ambiguity and unverifiable commitments.
Foreign Policy
· 16h ago
· Read full article →
Authorities sanctioned Russian-based cybercriminals, attackers deployed Starland malware, and 300 counterfeit GitHub repositories distributed the BoryptGrab infostealer. The GitHub campaign scales supply chain infection by hijacking developer trust in open-source ecosystems.
SentinelOne
· 16h ago
· Read full article →
Armenia detained Russian national Aleksandr Ermakov at Yerevan's Zvartnots airport June 28 on a U.S. extradition warrant targeting a REvil ransomware suspect of the same name; his family says it is the wrong man. The case tests Armenia's willingness to extradite Russian nationals to the U.S.
The Hacker News
· 21h ago
· Read full article →
Ernst & Young is notifying clients after attackers compromised a third-party IT support-ticket system used by its personnel. The incident highlights persistent supply-chain risk where a single vendor's system becomes the entry point into a Big Four firm's client data.
BleepingComputer
· 17h ago
· Read full article →
Thalha Jubair and Owen Flowers, leaders of the Scattered Spider subset of The Com, were sentenced to 66 months in the UK; U.S. authorities linked Jubair alone to at least 120 attacks.
CyberScoop
· 18h ago
· Read full article →
🏴☠️ Scattered Spider · Multi-national
Seven malicious npm packages targeting the Vite ecosystem deploy a remote access trojan through a four-tier blockchain-based C2 spanning the Tron network, dubbed ChainVeil by Checkmarx.
The Hacker News
· 13h ago
· Read full article →
Researcher 'Nightmare Eclipse' published a working exploit called LegacyHive that achieves local privilege escalation on fully patched Windows systems; no CVE assigned at time of reporting.
BleepingComputer
· 21h ago
· Read full article →
Get this in your inbox
Free daily briefing. No spam. Unsubscribe anytime.
Subscribe Now