HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com
📰 Cybersecurity News Headlines
Top stories from leading cybersecurity publications as of July 6, 2026.
-
Flipper Zero firmware development continues with community help
— Bleeping Computer
Flipper Devices says development of the Flipper Zero firmware will continue, albeit with a smaller internal team and greater reliance on com… -
JadePuffer ransomware used AI agent to automate entire attack
— Bleeping Computer
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large l… -
U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case
— The Hacker News
A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for… -
North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign
— The Hacker News
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser… -
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices
— The Hacker News
Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library that lets a device read and write the FAT … -
NetNut proxy network disrupted, 2 million infected devices cut off
— Bleeping Computer
A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android dev… -
Chinese LLMs Broaden the Gap Between Attackers & Defenders
— Dark Reading
Two new models from Chinese firms compete with top US mainstream and frontier models. Should cyber-defenders be worried? -
Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
— Dark Reading
Improved institutional safeguards and stricter regulations have pushed the burdens of protection and risk reduction on to Australian busines… -
How We Added WebAuthn to a Browser-Based RDP Client
— Unit 42
A look inside the reverse-engineering journey of building the first RDP client outside of Windows to support WebAuthn redirection. The post … -
Apple Reverses Age-Old Patch Policy to Keep Up With AI
— Dark Reading
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit. -
FBI Seizes NetNut Proxy Platform, Popa Botnet
— Krebs on Security
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a… -
ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)
— SANS ISC
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
🪲 NVD — Last 20 Scored Vulnerabilities
Latest scored CVEs from the National Vulnerability Database (7424 in last 30 days).
Critical: 0 · High: 7 · Medium: 12 · Low: 1. View full dashboard →
-
CVE-2026-14783
— CVSS 4.3 (MEDIUM)
A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skill_view of the file tools/skills_tool.py. Executing a manipulation of the argument Name can lead to path tr⦠-
CVE-2026-14778
— CVSS 7.3 (HIGH)
A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajax_enroll.php of the component Enrollment Management. The manip⦠-
CVE-2026-14777
— CVSS 6.3 (MEDIUM)
A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead ⦠-
CVE-2026-14776
— CVSS 6.3 (MEDIUM)
A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /upload_files.php of the component Filename Ex⦠-
CVE-2026-14775
— CVSS 6.3 (MEDIUM)
A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /process_lesson.php. Such manipulation of the argument user_id leads to unr⦠-
CVE-2026-14774
— CVSS 6.3 (MEDIUM)
A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The att⦠-
CVE-2026-14773
— CVSS 6.3 (MEDIUM)
A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be ⦠-
CVE-2026-10657
— CVSS 3.7 (LOW)
Zephyr's DNS resolver detects mDNS (.local) queries in dns_resolve_name_internal() (subsys/net/lib/dns/resolve.c) with memcmp(strrchr(query, '.'), ".local", 7), which always reads a fixed 7 bytes from the suffix pointer.⦠-
CVE-2026-10656
— CVSS 4.6 (MEDIUM)
The MAX32xxx USB device controller driver (drivers/usb/udc/udc_max32.c, compatible adi_max32_usbhs) dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udc_event_x⦠-
CVE-2026-59520
— CVSS 4.3 (MEDIUM)
Cross-Site Request Forgery (CSRF) vulnerability in properfraction CrawlWP SEO allows Cross Site Request Forgery.This issue affects CrawlWP SEO: from n/a through 3.0.16.
-
CVE-2026-59519
— CVSS 5.3 (MEDIUM)
Insertion of Sensitive Information Into Sent Data vulnerability in Softaculous FormLayer allows Retrieve Embedded Sensitive Data.This issue affects FormLayer: from n/a through 1.0.6.
-
CVE-2026-59511
— CVSS 5.3 (MEDIUM)
Insertion of Sensitive Information Into Sent Data vulnerability in Tim Strifler Exclusive Addons Elementor allows Retrieve Embedded Sensitive Data.This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.9â¦
-
CVE-2026-14772
— CVSS 7.3 (HIGH)
A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /edit_course1.php. The manipulation of the argument ID leads to sql in⦠-
CVE-2026-14771
— CVSS 7.3 (HIGH)
A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The affected element is an unknown function of the file /edit_exam1.php. Executing a manipulation of the argument ID can lead to sql in⦠-
CVE-2026-14770
— CVSS 7.3 (HIGH)
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_room.php. Performing a manipulation of the argument ID results in sql injection. It ⦠-
CVE-2026-14769
— CVSS 7.3 (HIGH)
A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads to sql injection. The⦠-
CVE-2026-14768
— CVSS 7.3 (HIGH)
A weakness has been identified in code-projects Real State Services 1.0. This vulnerability affects unknown code of the file /builderHome.php. This manipulation of the argument loc causes sql injection. The attack is pos⦠-
CVE-2026-14767
— CVSS 6.3 (MEDIUM)
A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. The manipulation of th⦠-
CVE-2026-14766
— CVSS 6.3 (MEDIUM)
A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter H⦠-
CVE-2026-14764
— CVSS 7.3 (HIGH)
A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. This impacts an unknown function of the file /admin/add_event.php of the component Event Management Page. Such manipulation of the argumeâ¦
Source: NVD CVE API 2.0
Generated by CryptXNet.ai Threat Intelligence Platform · July 6, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com
Leave a Comment