HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of July 1, 2026.
-
Anthropic to restore Claude Fable access on Wednesday
— Bleeping Computer
Anthropic has confirmed that the Department of Commerce has lifted export controls on Claude's two most powerful models, Fable 5 and Mytho… -
Anthropic rolls out Sonnet 5 with near-Opus 4.8 performance at a lower price
— Bleeping Computer
Anthropic is now rolling out Sonnet 5, and it's almost as good as the Opus range, but it is designed to be cheaper than the company's flagsh… -
New BioShocking attack manipulates AI browser into data theft
— Bleeping Computer
A new prompt injection attack dubbed "BioShocking" could trick AI-powered browsers into treating real-world risky actions as part of a ficti… -
Fake Bug Report Hijacks AI Coding Agents at Scale
— Dark Reading
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and … -
Attackers Hijack Exposed AI Endpoints to Power Offensive Ops
— Dark Reading
Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is. -
Why Identity Security Is Your Cyber Career Entry Point
— Dark Reading
As AI reshapes cybersecurity workflows, John Paul Cunningham, CISO at SIlverfort, says the technology is creating opportunities rather than … -
Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data
— The Hacker News
New Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool descr… -
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS
— The Hacker News
A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitch… -
Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints
— The Hacker News
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurren… -
June 2026 Apple Updates, (Tue, Jun 30th)
— SANS ISC
Apple released updates for iOS/iPadOS, macOS, and Safari on Monday. There have been no updates for other Apple operating systems (visionOS, … -
ISC Stormcast For Tuesday, June 30th, 2026 https://isc.sans.edu/podcastdetail/9988, (Tue, Jun 30th)
— SANS ISC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. -
Adding some Automation to the favicon.ico method of Host Recon, (Mon, Jun 29th)
— SANS ISC
I'm in the throes of target host recon for another pentest, and thought I'd share some workflow / auto…
🪲 NVD — Last 20 Scored Vulnerabilities
Latest scored CVEs from the National Vulnerability Database (8008 in last 30 days).
Critical: 3 · High: 2 · Medium: 9 · Low: 6. View full dashboard →
-
CVE-2026-54592
— CVSS 7.5 (HIGH)
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj::Doc#each_child, when invoked recursively over a deeply nested JSON document, overflows a fixed-size stac⦠-
CVE-2026-54500
— CVSS 5.3 (MEDIUM)
Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.3, Oj.load in :object mode reads uninitialized stack memory (and, for long keys, reads out of bounds) when pars⦠-
CVE-2026-57995
— CVSS 8.8 (HIGH)
phpMyFAQ before 4.1.5 contains a privilege escalation vulnerability in GroupController::updatePermissions that allows GROUP_EDIT administrators to grant arbitrary rights to groups without verifying they hold those rights⦠-
CVE-2026-56777
— CVSS 5.0 (MEDIUM)
n8n before 2.25.7 and 2.26.x before 2.26.2 contains an abstract syntax tree (AST) security validator bypass in the Python Code node. An authenticated user with permission to create or modify workflows containing a Python⦠-
CVE-2026-56700
— CVSS 9.8 (CRITICAL)
Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls – in SchedulerJobQueue, FrameworkCacheAdapterFileCache, and Session – deserialize untrusted data without⦠-
CVE-2026-56415
— CVSS 10.0 (CRITICAL)
Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a ⦠-
CVE-2026-56413
— CVSS 10.0 (CRITICAL)
Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthe⦠-
CVE-2026-56399
— CVSS 5.0 (MEDIUM)
Open WebUI before 0.6.27 contains a server-side request forgery vulnerability in the /api/v1/retrieval/process/web endpoint that allows authenticated users to bypass SSRF protections. Attackers can manipulate URL paramet⦠-
CVE-2026-56377
— CVSS 3.3 (LOW)
ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversi⦠-
CVE-2026-56369
— CVSS 3.7 (LOW)
ImageMagick before 7.1.2-22 contains an information disclosure vulnerability in the PasskeyEncipherImage method due to AES-CTR nonce reuse. Attackers can exploit nonce reuse in the cipher implementation to recover plaint⦠-
CVE-2026-56365
— CVSS 3.7 (LOW)
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service. -
CVE-2026-56364
— CVSS 1.9 (LOW)
ImageMagick before 7.1.2-13 contains a memory leak vulnerability in LoadOpenCLDeviceBenchmark() function when parsing malformed OpenCL device profile XML files with unclosed device elements. Attackers with write access t⦠-
CVE-2026-56363
— CVSS 3.3 (LOW)
ImageMagick before 7.1.2-22 contains a division by zero vulnerability in binomial kernel processing that allows attackers to cause denial of service. An attacker can supply a large binomial kernel value causing integer o⦠-
CVE-2026-56361
— CVSS 3.3 (LOW)
ImageMagick before 7.1.2-19 contains an off-by-one error in morphology validation allowing out-of-bounds heap buffer reads. Attackers can trigger heap buffer overflow by providing incorrect morphology parameters causing ⦠-
CVE-2026-56356
— CVSS 5.4 (MEDIUM)
n8n contains a stored cross-site scripting vulnerability in the Chat Trigger node's Custom CSS field due to a misconfiguration of the sanitize-html library. Affected releases are those before 1.123.27, the 2.0.0 through ⦠-
CVE-2026-56350
— CVSS 6.3 (MEDIUM)
n8n before 2.8.0 contains an authentication bypass vulnerability allowing authenticated SSO users to disable SSO enforcement through the API. Attackers can create local password credentials to authenticate directly, bypa⦠-
CVE-2026-56334
— CVSS 4.3 (MEDIUM)
Capgo before 12.128.2 lacks an UPDATE row-level security policy for the build_requests table, preventing API-key and anonymous access from persisting builder status updates. Attackers can exploit this missing policy to c⦠-
CVE-2026-56333
— CVSS 4.3 (MEDIUM)
Capgo before 12.128.2 contains a server-side validation bypass vulnerability in organization security settings that allows authenticated org admins to persist invalid security policy state. Attackers can bypass backend v⦠-
CVE-2026-56331
— CVSS 5.3 (MEDIUM)
Capgo before 12.128.2 contains improper error handling in the /private/accept_invitation endpoint that returns HTTP 500 instead of safe 4xx errors when magic_invite_string is invalid. Attackers can trigger this vulnerabi⦠-
CVE-2026-56328
— CVSS 6.5 (MEDIUM)
Capgo before 12.128.2 allows multiple public channels for the same app and platform to coexist simultaneously, while unnamed /updates requests without defaultChannel implicitly resolve to a single hidden winner channel. â¦
Source: NVD CVE API 2.0
Generated by CryptXNet.ai Threat Intelligence Platform · July 1, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com
Leave a Comment