📰 DAILY THREAT BRIEFING
Wednesday, July 8, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of July 8, 2026.

  1. Accenture confirms breach after hacker offers stolen data for sale
    — Bleeping Computer

    IT services giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and…
  2. Vidar Stealer Unmasked: Code Signing Abuse, Go Loaders and File Inflation
    — Unit 42

    A cybercrime campaign combined a loader-as-a-service framework and DLL sideloading via a Go-compiled fake MpClient.dll, a novel evasion laye…
  3. Big Brand Jobs Scam Targets Marketing Pros' Google Accounts
    — Dark Reading

    The phishing campaign uses several tactics, including nested redirects, to evade detection and steal credentials from unsuspecting targets.
  4. Dialogflow CX 'Rogue Agent' Flaw Enabled AI Chatbot Data Theft
    — Dark Reading

    Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a fresh look at their AI Infras…
  5. Chinese hackers develop LONGLEASH malware to expand ORB network
    — Bleeping Computer

    Chinese hackers tracked as 'UAT-7810' are actively evolving their malware to expand their Operational Relay Box (ORB) network by compromisin…
  6. Hidden backdoor in Tenda router firmware grants admin access
    — Bleeping Computer

    A hidden authentication backdoor has been found in multiple Tenda router firmware versions, potentially allowing an attacker to gain adminis…
  7. RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service
    — The Hacker News

    A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill cr…
  8. Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots
    — The Hacker News

    A critical flaw in Google's Dialogflow CX could have let an attacker with edit rights on one Code Block-enabled agent compromise other Code …
  9. 'GitLost' Flaw Leaks Private Data From GitHub's Agentic Workflows
    — Dark Reading

    The flaw allows an unauthenticated attacker to craft a GitHub Issue in an org's public repository and then silently pull data from its priva…
  10. DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts
    — The Hacker News

    A Microsoft 365 device code phishing campaign has been observed leveraging collaboration-themed lures to take control of victim accounts bet…
  11. How We Added WebAuthn to a Browser-Based RDP Client
    — Unit 42

    A look inside the reverse-engineering journey of building the first RDP client outside of Windows to support WebAuthn redirection. The post …
  12. FBI Seizes NetNut Proxy Platform, Popa Botnet
    — Krebs on Security

    The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7718 in last 30 days).
Critical: 3 · High: 6 · Medium: 10 · Low: 1. View full dashboard →

  1. CVE-2026-9842
    — CVSS 7.5 (HIGH)

    The Backstage – Customizer Demo Access plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.2. This is due to the plugin assigning the `manage_options` capability to the `b…
  2. CVE-2026-9701
    — CVSS 9.8 (CRITICAL)

    The Eventer plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 4.4.2. The plugin stores a plaintext copy of the password reset key in the `eventer_verificatio…
  3. CVE-2026-14487
    — CVSS 9.1 (CRITICAL)

    The Simple Coherent Form plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the removeUploadDir function in all versions up to, and including, 2.4.13. This makes it …
  4. CVE-2026-14482
    — CVSS 8.8 (HIGH)

    The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. The vulnerability exists due to a missing capability and nonce check on a directly web-ac…
  5. CVE-2026-14244
    — CVSS 7.5 (HIGH)

    The Jssor Slider by jssor.com plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.1.24 via the 'url' parameter parameter. This makes it possible for unauthenticated attackers…
  6. CVE-2026-14158
    — CVSS 8.8 (HIGH)

    The Widget Logic Visual plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.52 via the widget_logic_visual_check_visibility function. This is due to missing capability chec…
  7. CVE-2026-60002
    — CVSS 7.7 (HIGH)

    ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
  8. CVE-2026-60001
    — CVSS 6.5 (MEDIUM)

    sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
  9. CVE-2026-60000
    — CVSS 3.7 (LOW)

    sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.
  10. CVE-2026-59999
    — CVSS 5.9 (MEDIUM)

    In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.
  11. CVE-2026-59998
    — CVSS 4.8 (MEDIUM)

    sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.
  12. CVE-2026-59997
    — CVSS 4.2 (MEDIUM)

    internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an …
  13. CVE-2026-59996
    — CVSS 4.2 (MEDIUM)

    scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations.
  14. CVE-2026-59995
    — CVSS 4.2 (MEDIUM)

    sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server.
  15. CVE-2026-56843
    — CVSS 9.9 (CRITICAL)

    Incorrect authorization in the XML-RPC API of WebPros Plesk before 18.0.78.4 allows a low-privileged authenticated customer to look up domains they do not own, because ownership is enforced only for certain lookup filter…
  16. CVE-2026-55438
    — CVSS 5.8 (MEDIUM)

    Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, Coder's subdomain-based workspace app proxy allowed the same-owner CORS check …
  17. CVE-2026-55437
    — CVSS 5.4 (MEDIUM)

    Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, the `AgentLogLine` dashboard component instantiated `ansi-to-html` without `es…
  18. CVE-2026-55436
    — CVSS 7.4 (HIGH)

    Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy (`aibridgeproxyd`) created a goproxy…
  19. CVE-2026-55433
    — CVSS 5.4 (MEDIUM)

    Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only…
  20. CVE-2026-55432
    — CVSS 5.4 (MEDIUM)

    Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the `CreateSubAgent` RPC did not validate a requested app sharing level against…

Source: NVD CVE API 2.0


Generated by CryptXNet.ai Threat Intelligence Platform · July 8, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com