HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of July 3, 2026.
-
Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
— Dark Reading
Improved institutional safeguards and stricter regulations have pushed the burdens of protection and risk reduction on to Australian busines… -
How We Added WebAuthn to a Browser-Based RDP Client
— Unit 42
A look inside the reverse-engineering journey of building the first RDP client outside of Windows to support WebAuthn redirection. The post … -
Apple Reverses Age-Old Patch Policy to Keep Up With AI
— Dark Reading
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit. -
FBI Seizes NetNut Proxy Platform, Popa Botnet
— Krebs on Security
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a… -
FortiBleed Actors Collaborating With Inc, Lynx Ransomware Gangs
— Dark Reading
After gaining a foothold in thousands of Fortinet firewalls, the attackers are starting to monetize that access, and are also piling on a Ne… -
Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices
— The Hacker News
Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic.… -
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
— The Hacker News
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability… -
ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories
— The Hacker News
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in … -
Google loses final appeal to overturn €4.1 billion EU fine
— Bleeping Computer
Court of Justice of the European Union (CJEU) has dismissed Google's final appeal against a €4.1 billion ($4.7 billion) antitrust fine ove… -
ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
— Bleeping Computer
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA bypass tactics… -
Microsoft fixes bug that removed Copilot buttons in Outlook
— Bleeping Computer
Microsoft has fixed a known issue causing the Copilot Chat or Copilot buttons in Classic Outlook to disappear for Windows users with the Cop… -
ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
— SANS ISC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
🪲 NVD — Last 20 Scored Vulnerabilities
Latest scored CVEs from the National Vulnerability Database (8037 in last 30 days).
Critical: 6 · High: 6 · Medium: 8 · Low: 0. View full dashboard →
-
CVE-2026-55726
— CVSS 5.3 (MEDIUM)
The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container. -
CVE-2026-54477
— CVSS 5.4 (MEDIUM)
The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks. -
CVE-2026-13768
— CVSS 10.0 (CRITICAL)
Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke an IoTHub Registry Manager function which returns connection information for all Gardyn Home Kit and Studio dev⦠-
CVE-2026-57100
— CVSS 9.9 (CRITICAL)
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network. -
CVE-2026-54998
— CVSS 8.8 (HIGH)
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. -
CVE-2026-45499
— CVSS 9.9 (CRITICAL)
Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network. -
CVE-2026-41106
— CVSS 9.3 (CRITICAL)
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network. -
CVE-2026-26145
— CVSS 4.8 (MEDIUM)
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network. -
CVE-2026-50722
— CVSS 8.1 (HIGH)
Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A rem⦠-
CVE-2026-50721
— CVSS 8.1 (HIGH)
Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as pe⦠-
CVE-2026-12413
— CVSS 7.5 (HIGH)
An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown o⦠-
CVE-2026-58460
— CVSS 7.7 (HIGH)
react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted _display_name value c⦠-
CVE-2026-52830
— CVSS 9.4 (CRITICAL)
fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1, fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram⦠-
CVE-2026-59102
— CVSS 5.4 (MEDIUM)
Forgejo before 15.0.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary JavaScript in other users' browsers by setting a full name containing an HTML payload an⦠-
CVE-2026-59101
— CVSS 5.8 (MEDIUM)
AutoBangumi before 3.2.8 contains a server-side request forgery (SSRF) vulnerability that allows unauthenticated remote attackers to probe internal network services by supplying arbitrary host values to an unprotected se⦠-
CVE-2026-59100
— CVSS 5.0 (MEDIUM)
LobeChat through 2.2.9 contains a broken object level authorization vulnerability that allows authenticated attackers to access and modify other users' chat-group agent data by supplying arbitrary group identifiers. Atta⦠-
CVE-2026-59099
— CVSS 9.1 (CRITICAL)
Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the s⦠-
CVE-2026-59098
— CVSS 6.5 (MEDIUM)
LobeChat through 2.2.9 contains a broken access control vulnerability in the retrieval-augmented-generation semantic search functionality that allows authenticated attackers to access other users' data by exploiting miss⦠-
CVE-2026-59097
— CVSS 5.3 (MEDIUM)
Taiga before 6.10.2 contains a missing authorization vulnerability that allows unauthenticated remote attackers to create default due-date records in any project by exploiting unprotected POST endpoints on the user-story⦠-
CVE-2026-59096
— CVSS 7.5 (HIGH)
Dapr Sentry's OIDC discovery endpoint derives the issuer and jwks_uri of the /.well-known/openid-configuration document from the request Host, honoring an attacker-controlled X-Forwarded-Host header without validation whâ¦
Source: NVD CVE API 2.0
Generated by CryptXNet.ai Threat Intelligence Platform · July 3, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com
Leave a Comment