📰 DAILY THREAT BRIEFING
Thursday, July 2, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of July 2, 2026.

  1. FortiBleed credential-theft campaign linked to Lynx ransomware
    — Bleeping Computer

    The massive FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet c…
  2. Kubota says hackers had month-long access to network systems
    — Bleeping Computer

    Kubota North America Corporation disclosed that hackers had access to some of its network systems for more than a month earlier this year. […
  3. Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS
    — Dark Reading

    Attackers fingerprint victims through user-agent data to deliver OS-specific payloads, increasing compromise rates and campaign profitabilit…
  4. New ChocoPoC malware targets researchers via trojanized PoC exploits
    — Bleeping Computer

    Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC…
  5. And the Winner in Dominant Malware Delivery? ClickFix
    — Dark Reading

    Researchers say the highly effective social engineering technique is no longer the exception for malware attacks — it's now the rule.
  6. Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
    — The Hacker News

    Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenti…
  7. 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
    — The Hacker News

    A teenager accused of belonging to the hacking group Scattered Spider has been extradited from Finland to face U.S. charges of conspiracy, c…
  8. SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
    — The Hacker News

    Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT. Kaspersky said the activi…
  9. 'Phantom Squatting': An Emerging AI-Driven Supply Chain Threat
    — Dark Reading

    LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect …
  10. Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)
    — SANS ISC

    This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extensio…
  11. ISC Stormcast For Wednesday, July 1st, 2026 https://isc.sans.edu/podcastdetail/9990, (Wed, Jul 1st)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  12. Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector
    — Unit 42

    Attackers can exploit LLM domain hallucinations through phantom squatting to target supply chains. Read the analysis to learn more. The post…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7995 in last 30 days).
Critical: 11 · High: 7 · Medium: 0 · Low: 0. View full dashboard →

  1. CVE-2026-14429
    — CVSS 8.3 (HIGH)

    Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
  2. CVE-2026-14428
    — CVSS 8.3 (HIGH)

    Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craft…
  3. CVE-2026-14427
    — CVSS 8.3 (HIGH)

    Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security …
  4. CVE-2026-14425
    — CVSS 9.6 (CRITICAL)

    Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
  5. CVE-2026-14424
    — CVSS 9.6 (CRITICAL)

    Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
  6. CVE-2026-14423
    — CVSS 9.6 (CRITICAL)

    Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
  7. CVE-2026-14420
    — CVSS 9.6 (CRITICAL)

    Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
  8. CVE-2026-14419
    — CVSS 9.6 (CRITICAL)

    Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
  9. CVE-2026-14417
    — CVSS 9.6 (CRITICAL)

    Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
  10. CVE-2026-14416
    — CVSS 9.6 (CRITICAL)

    Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
  11. CVE-2026-14413
    — CVSS 8.3 (HIGH)

    Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se…
  12. CVE-2026-14412
    — CVSS 8.3 (HIGH)

    Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pa…
  13. CVE-2026-14411
    — CVSS 9.6 (CRITICAL)

    Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
  14. CVE-2026-14405
    — CVSS 9.6 (CRITICAL)

    Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
  15. CVE-2026-14401
    — CVSS 8.3 (HIGH)

    Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craf…
  16. CVE-2026-14400
    — CVSS 8.3 (HIGH)

    Out of bounds write in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security …
  17. CVE-2026-14398
    — CVSS 9.6 (CRITICAL)

    Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
  18. CVE-2026-14397
    — CVSS 9.6 (CRITICAL)

    Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Source: NVD CVE API 2.0


Generated by CryptXNet.ai Threat Intelligence Platform · July 2, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com