📰 DAILY THREAT BRIEFING
Saturday, July 4, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of July 4, 2026.

  1. Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
    — The Hacker News

    Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT …
  2. New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android
    — The Hacker News

    A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a ma…
  3. New Avalon Malware Framework Packs CrownX Ransomware Capabilities
    — The Hacker News

    Cybersecurity researchers have discovered a previously undocumented modular malware framework codenamed Avalon that's distributed by means o…
  4. NetNut proxy network disrupted, 2 million infected devices cut off
    — Bleeping Computer

    A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android dev…
  5. ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
    — Bleeping Computer

    A new phishing-as-a-service (PhaaS) platform dubbed "ARToken" appears to operate as an affiliate of the EvilTokens phishing platform, givi…
  6. Chinese LLMs Broaden the Gap Between Attackers & Defenders
    — Dark Reading

    Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried?
  7. Claude Fable 5 isn’t permanently leaving subscriptions, Anthropic says
    — Bleeping Computer

    Anthropic says Claude Fable 5 won't be accessible via Claude subscriptions after July 7, but it's not a permanent change, and the company ex…
  8. Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
    — Dark Reading

    Improved institutional safeguards and stricter regulations have pushed the burdens of protection and risk reduction on to Australian busines…
  9. How We Added WebAuthn to a Browser-Based RDP Client
    — Unit 42

    A look inside the reverse-engineering journey of building the first RDP client outside of Windows to support WebAuthn redirection. The post …
  10. Apple Reverses Age-Old Patch Policy to Keep Up With AI
    — Dark Reading

    Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit.
  11. FBI Seizes NetNut Proxy Platform, Popa Botnet
    — Krebs on Security

    The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a…
  12. ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (8068 in last 30 days).
Critical: 1 · High: 11 · Medium: 7 · Low: 1. View full dashboard →

  1. CVE-2026-58523
    — CVSS 6.5 (MEDIUM)

    Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network.
  2. CVE-2026-14617
    — CVSS 3.1 (LOW)

    A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer._filter_and_accumulate of the file gateway/stream_consumer.py of the component Strea…
  3. CVE-2026-58597
    — CVSS 4.3 (MEDIUM)

    Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
  4. CVE-2026-58524
    — CVSS 5.4 (MEDIUM)

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
  5. CVE-2026-58522
    — CVSS 6.8 (MEDIUM)

    Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.
  6. CVE-2026-58426
    — CVSS 9.6 (CRITICAL)

    Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write
  7. CVE-2026-58424
    — CVSS 8.9 (HIGH)

    Permanent Fork PR Workflow Approval Gate Bypass
  8. CVE-2026-58423
    — CVSS 7.7 (HIGH)

    LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories
  9. CVE-2026-58418
    — CVSS 6.5 (MEDIUM)

    SSRF via HTTP Redirect in Repository Migration
  10. CVE-2026-58300
    — CVSS 6.2 (MEDIUM)

    Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.
  11. CVE-2026-58299
    — CVSS 7.5 (HIGH)

    Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.
  12. CVE-2026-58298
    — CVSS 7.2 (HIGH)

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
  13. CVE-2026-58297
    — CVSS 7.1 (HIGH)

    Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.
  14. CVE-2026-58296
    — CVSS 7.1 (HIGH)

    Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.
  15. CVE-2026-58295
    — CVSS 8.3 (HIGH)

    Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
  16. CVE-2026-58294
    — CVSS 7.5 (HIGH)

    Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
  17. CVE-2026-58293
    — CVSS 8.1 (HIGH)

    External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
  18. CVE-2026-58292
    — CVSS 7.5 (HIGH)

    Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
  19. CVE-2026-58291
    — CVSS 6.1 (MEDIUM)

    Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.
  20. CVE-2026-58290
    — CVSS 7.5 (HIGH)

    Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Source: NVD CVE API 2.0


Generated by CryptXNet.ai Threat Intelligence Platform · July 4, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com