HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of July 5, 2026.
-
JadePuffer ransomware used AI agent to automate entire attack
— Bleeping Computer
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large l… -
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
— The Hacker News
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for… -
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
— The Hacker News
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser… -
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
— The Hacker News
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT … -
NetNut proxy network disrupted, 2 million infected devices cut off
— Bleeping Computer
A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android dev… -
ARToken PhaaS exposes EvilTokens' Microsoft 365 phishing toolkit
— Bleeping Computer
A new phishing-as-a-service (PhaaS) platform dubbed "ARToken" appears to operate as an affiliate of the EvilTokens phishing platform, givi… -
Chinese LLMs Broaden the Gap Between Attackers & Defenders
— Dark Reading
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? -
Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
— Dark Reading
Improved institutional safeguards and stricter regulations have pushed the burdens of protection and risk reduction on to Australian busines… -
How We Added WebAuthn to a Browser-Based RDP Client
— Unit 42
A look inside the reverse-engineering journey of building the first RDP client outside of Windows to support WebAuthn redirection. The post … -
Apple Reverses Age-Old Patch Policy to Keep Up With AI
— Dark Reading
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit. -
FBI Seizes NetNut Proxy Platform, Popa Botnet
— Krebs on Security
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a… -
ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
— SANS ISC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
🪲 NVD — Last 20 Scored Vulnerabilities
Latest scored CVEs from the National Vulnerability Database (7511 in last 30 days).
Critical: 0 · High: 5 · Medium: 10 · Low: 5. View full dashboard →
-
CVE-2026-14695
— CVSS 7.3 (HIGH)
A vulnerability was found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_client of the file classes/Users.php of the component Registration Handler. The manipulation o⦠-
CVE-2026-14694
— CVSS 6.3 (MEDIUM)
A vulnerability has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this issue is the function cancel_order of the file classes/Master.php of the component POST Parameter Handl⦠-
CVE-2026-14693
— CVSS 5.4 (MEDIUM)
A flaw has been found in SourceCodester Multi-Vendor Online Grocery Management System 1.0. Affected by this vulnerability is the function cancel_order of the file classes/Master.php. Executing a manipulation can lead to ⦠-
CVE-2026-14692
— CVSS 6.3 (MEDIUM)
A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function save_shop_type of the file classes/Master.php of the component POST Parameter Handler. Per⦠-
CVE-2026-14691
— CVSS 6.3 (MEDIUM)
A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update_settings_info of the file classes/SystemSettings.php of the component Setti⦠-
CVE-2026-14690
— CVSS 7.3 (HIGH)
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function save_users of the file classes/Users.php. This manipulation causes improper authorization. Rem⦠-
CVE-2026-14689
— CVSS 6.3 (MEDIUM)
A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulation of the argument apa⦠-
CVE-2026-14688
— CVSS 7.3 (HIGH)
A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email leads to sql injection. ⦠-
CVE-2026-14687
— CVSS 5.3 (MEDIUM)
A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function _deduplicate_results of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a man⦠-
CVE-2026-14686
— CVSS 3.3 (LOW)
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range C⦠-
CVE-2026-14685
— CVSS 3.3 (LOW)
A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogra⦠-
CVE-2026-14684
— CVSS 3.3 (LOW)
A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of⦠-
CVE-2026-14683
— CVSS 3.3 (LOW)
A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistog⦠-
CVE-2026-14660
— CVSS 7.3 (HIGH)
A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a manipulation of the argument txtUser/txtPass results in sql injection. The⦠-
CVE-2026-14659
— CVSS 6.3 (MEDIUM)
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /patientappointment.php. Such manipulation of the argument patiente leads to sql injection. The a⦠-
CVE-2026-14658
— CVSS 6.3 (MEDIUM)
A vulnerability was detected in code-projects Assessment Management 1.0. This vulnerability affects unknown code of the file /lecturer/marking-scheme.php. The manipulation of the argument smarksrange[] results in sql inj⦠-
CVE-2026-14657
— CVSS 6.3 (MEDIUM)
A flaw has been found in code-projects Assessment Management 1.0. This issue affects some unknown processing of the file /lecturer/marking-scheme.php of the component Database Query Handler. This manipulation of the argu⦠-
CVE-2026-14656
— CVSS 4.3 (MEDIUM)
A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cross site scripting. I⦠-
CVE-2026-14655
— CVSS 2.4 (LOW)
A weakness has been identified in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file admin/view-users.php. Executing a manipulation of the argument User can lead to ⦠-
CVE-2026-14654
— CVSS 7.3 (HIGH)
A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the argument user_id leads tâ¦
Source: NVD CVE API 2.0
Generated by CryptXNet.ai Threat Intelligence Platform · July 5, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com
Leave a Comment