📰 DAILY THREAT BRIEFING
Friday, July 10, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of July 10, 2026.

  1. OpenMandriva Linux says contributor tried to sabotage the project
    — Bleeping Computer

    The OpenMandriva Linux project announced that it was the target of an attempted act of internal sabotage after a dispute among contributors.…
  2. Iran's Cyber Crosshairs Focus Beyond Critical Infrastructure
    — Dark Reading

    Obscurity isn't a defense. If your company has any Internet-facing vulnerability, you're at risk from multiple threats.
  3. Microsoft Reins in RoguePlanet Zero-Day Threat
    — Dark Reading

    The researcher known as "Nightmare-Eclipse" published a proof-of-concept (PoC) exploit for the Windows Defender vulnerability in early June …
  4. Injective SDK on npm infected with cryptocurrency wallet stealer
    — Bleeping Computer

    Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manage…
  5. AI Agents Are a New Kind of Identity & Most Organizations Aren't Ready
    — Dark Reading

    If you're handling them like a service account or API token, consider yourself behind. AI agents need a fundamentally different approach.
  6. Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
    — The Hacker News

    Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repo…
  7. New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware
    — The Hacker News

    Microsoft has taken apart a destructive Windows backdoor it calls GigaWiper. What stands out is how it is built: not one tool but three olde…
  8. New Helix vishing group emerges in SharePoint data theft attacks
    — Bleeping Computer

    A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code phishing, and multi-…
  9. npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk
    — The Hacker News

    GitHub has officially announced the release of npm version 12 with install scripts disabled by default, along with deprecating granular acce…
  10. ISC Stormcast For Thursday, July 9th, 2026 https://isc.sans.edu/podcastdetail/10000, (Thu, Jul 9th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
  11. _HELP_ME_ESCAPE_FROM_BELARUS_PLEASE_ [Guest Diary], (Tue, Jul 7th)
    — SANS ISC

    [This is a Guest Diary by Jason Callahan, an ISC intern as part of the SANS.edu BACS program]
  12. Felons, Fraudsters Flog Offensive Cybersecurity Startup
    — Krebs on Security

    A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of fa…

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7365 in last 30 days).
Critical: 2 · High: 9 · Medium: 7 · Low: 1. View full dashboard →

  1. CVE-2026-54771
    — CVSS 8.1 (HIGH)

    Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.3, a Langroid application exposing a chat interface to untrusted users may allow direct tool invocation via raw JSON p…
  2. CVE-2026-54769
    — CVSS 10.0 (CRITICAL)

    Langroid is a framework for building large-language-model-powered applications. Versions prior to 0.65.2 are vulnerable to a critical Sandbox Escape leading to Remote Code Execution (RCE) in its `TableChatAgent` and `Vec…
  3. CVE-2026-50181
    — CVSS 7.1 (HIGH)

    Langroid is a framework for building large-language-model-powered applications. Prior to version 0.64.0, Langroid's `ReadFileTool` and `WriteFileTool` appear to treat `curr_dir` as the intended working-directory boundary…
  4. CVE-2026-15317
    — CVSS 6.3 (MEDIUM)

    A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. Affected by this vulnerability is the function WebFetchTool.Execute of the file pkg/tools/integration/web.go of the component Guarded Web Fetch Flow. Th…
  5. CVE-2026-15311
    — CVSS 3.5 (LOW)

    A vulnerability was identified in NousResearch hermes-agent up to 2026.5.29.2. Affected by this issue is the function MatrixAdapter._markdown_to_html of the file gateway/platforms/matrix.py of the component Matrix Adapte…
  6. CVE-2026-12598
    — CVSS 8.1 (HIGH)

    The LoginPress Pro plugin for WordPress is vulnerable to authentication bypass in versions up to and including 6.2.3 via the Spotify Social Login addon. This is due to the loginpress_on_spotify_login() function trusting …
  7. CVE-2026-12597
    — CVSS 8.1 (HIGH)

    The LoginPress Pro plugin for WordPress is vulnerable to Authentication Bypass via the GitHub OAuth callback in versions up to, and including, 6.2.3. The vulnerability exists in the loginpress_on_github_login() function,…
  8. CVE-2026-12595
    — CVSS 8.1 (HIGH)

    The LoginPress Pro plugin for WordPress is vulnerable to Authentication Bypass via Unverified OAuth Email in all versions up to and including 6.2.3. The vulnerability exists in the loginpress_on_discord_login() Discord O…
  9. CVE-2026-59854
    — CVSS 4.9 (MEDIUM)

    SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacker-supplied absolute source paths and relies on util.IsSensitivePath in kernel/util/path.go, who…
  10. CVE-2026-59853
    — CVSS 6.5 (MEDIUM)

    SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns saved search criteria from data/storage/criteria.json without the publish-access filtering used…
  11. CVE-2026-59834
    — CVSS 7.5 (HIGH)

    SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the block search endpoint POST /api/search/fullTextSearchBlock concatenates attacker-controlled paths values into SQL predicates used by non-…
  12. CVE-2026-59832
    — CVSS 7.7 (HIGH)

    SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /snippets/*filepath route handler serveSnippets in kernel/server/serve.go joins a single-decoded request path with the snippets directory…
  13. CVE-2026-59831
    — CVSS 4.4 (MEDIUM)

    GitHub CLI (gh) is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL s…
  14. CVE-2026-57501
    — CVSS 0.0 (NONE)

    Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the …
  15. CVE-2026-44342
    — CVSS 5.3 (MEDIUM)

    New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0-alpha.1, the email and WeChat account binding endpoints GET /api/oauth/email/bind and GET /api/oaut…
  16. CVE-2026-33655
    — CVSS 7.7 (HIGH)

    New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0-alpha.1, the default SSRF protection configuration did not apply IP filtering to hostnames; with Ap…
  17. CVE-2026-59828
    — CVSS 5.3 (MEDIUM)

    Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions se…
  18. CVE-2026-58144
    — CVSS 5.4 (MEDIUM)

    Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle paramete…
  19. CVE-2026-58143
    — CVSS 8.8 (HIGH)

    Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a for…
  20. CVE-2026-58123
    — CVSS 9.8 (CRITICAL)

    Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary shell commands by accessing the embedded terminal API endpoints without crede…

Source: NVD CVE API 2.0


Generated by CryptXNet.ai Threat Intelligence Platform · July 10, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com