📰 DAILY THREAT BRIEFING
Tuesday, July 14, 2026
12 News Items
HN · BleepingComputer · Krebs · Dark Reading · SANS · THN Intel · Unit 42 · Security.com

📰 Cybersecurity News Headlines

Top stories from leading cybersecurity publications as of July 14, 2026.

  1. Weak Security Continues to Fuel Russian Cyberattacks
    — Dark Reading

    In a first, the UK and the EU jointly impose sanctions on Russian individuals and entities for cyberattacks and disinformation campaigns in …
  2. Japan's largest taxi operator shuts systems after cyberattack
    — Bleeping Computer

    Japan's largest taxi operator, Nihon Kotsu, announced that its systems were compromised in a cyberattack, forcing the company to shut down p…
  3. Hackers backdoor Jscrambler npm package with infostealer malware
    — Bleeping Computer

    The Jscrambler client-side web security company disclosed that a threat actor published a malicious version of its npm package that has been…
  4. New CrashStealer malware poses as Apple crash reporting tool
    — Bleeping Computer

    A new macOS information-stealing malware called CrashStealer pretends to be Apple's crash-reporting tool to steal credentials, keychain data…
  5. 'Yellow Teams' Are Defining the Future of AI Security
    — Dark Reading

    In some companies, engineers are building defense and attack tools to test the potential of artificial intelligence for cybersecurity — an…
  6. CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
    — The Hacker News

    Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that's capable of harvesting sensitive data from …
  7. Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
    — The Hacker News

    Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, aft…
  8. GigaWiper Lets Threat Actors Choose Their Own Destructive Attack
    — Dark Reading

    A modular implant borrows from various malware families to combine both backdoor and wiper activities to maximize impact and minimize operat…
  9. ⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More
    — The Hacker News

    Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The ca…
  10. Lessons Learned from CISA’s Recent GitHub Leak
    — Krebs on Security

    The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of…
  11. Someone Is Scanning for Your MCP Servers and AI Assistant Credentials, (Mon, Jul 13th)
    — SANS ISC

    The setup
  12. ISC Stormcast For Monday, July 13th, 2026 https://isc.sans.edu/podcastdetail/10004, (Mon, Jul 13th)
    — SANS ISC

    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

🪲 NVD — Last 20 Scored Vulnerabilities

Latest scored CVEs from the National Vulnerability Database (7439 in last 30 days).
Critical: 1 · High: 12 · Medium: 6 · Low: 1. View full dashboard →

  1. CVE-2026-15619
    — CVSS 6.3 (MEDIUM)

    A weakness has been identified in mosaxiv clawlet up to 0.2.10. The impacted element is the function web_fetch of the file tools/tool_web_fetch.go of the component IPv4 Handler. This manipulation of the argument url caus…
  2. CVE-2026-15618
    — CVSS 6.3 (MEDIUM)

    A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. The affected element is the function guardExecCommand of the file tools/tool_exec.go of the component exec Safety Guard. The manipulation results in pr…
  3. CVE-2026-57856
    — CVSS 8.8 (HIGH)

    Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php sanitizes the bucket name with preg_replace('/[^a-zA-Z0-…
  4. CVE-2026-57855
    — CVSS 8.8 (HIGH)

    Cockpit CMS contains a missing authorization vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php executes bucket commands (ls, upload, removefiles…
  5. CVE-2026-15607
    — CVSS 4.3 (MEDIUM)

    A vulnerability was detected in tanstack db up to 0.6.8. Affected by this vulnerability is the function select of the file src/query/compiler/select.ts of the component Alias Path Handler. The manipulation results in imp…
  6. CVE-2026-15605
    — CVSS 3.1 (LOW)

    A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipu…
  7. CVE-2026-62328
    — CVSS 7.5 (HIGH)

    9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can en…
  8. CVE-2026-62327
    — CVSS 9.1 (CRITICAL)

    9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to retrieve plaintext API keys for all connected AI provider accounts by sending a single unauth…
  9. CVE-2026-62242
    — CVSS 8.6 (HIGH)

    Spring Boot Admin Server before 4.1.2 contains a server-side request forgery vulnerability that allows unauthenticated attackers to register instances with attacker-controlled healthUrl and managementUrl parameters witho…
  10. CVE-2026-62240
    — CVSS 7.4 (HIGH)

    CrewAI before 1.15.1 contains a server-side request forgery vulnerability in the validate_url function that performs one-shot DNS resolution and blocklist checks before returning the original URL unchanged. Attackers can…
  11. CVE-2026-62239
    — CVSS 6.6 (MEDIUM)

    FlashAttention through 2.8.3.post1, fixed in commit 0816ef1, contains a symlink attack vulnerability in the download_and_copy() function within hopper/setup.py that extracts NVIDIA toolchain archives without validating s…
  12. CVE-2026-62200
    — CVSS 8.8 (HIGH)

    OpenClaw versions before 2026.6.1 contain a flaw in host exec environment filtering that could allow Git ext transport to be abused. When the affected feature is enabled and reachable, a lower-trust caller or configured …
  13. CVE-2026-62199
    — CVSS 8.8 (HIGH)

    OpenClaw versions before 2026.6.6 contain a flaw in host exec environment filtering that can miss interpreter startup variables. When the affected feature is enabled and reachable, a lower-trust caller or configured inpu…
  14. CVE-2026-62198
    — CVSS 4.3 (MEDIUM)

    OpenClaw versions 2026.5.28 before 2026.6.6 contain an authorization bypass vulnerability in native web search that allows lower-trust callers to perform actions requiring stronger policy checks. Attackers can exploit mi…
  15. CVE-2026-62197
    — CVSS 8.5 (HIGH)

    OpenClaw before 2026.6.6 contains a policy bypass vulnerability in browser CDP discovery that accepts blocked WebSocket URLs. Attackers with lower-trust access can reach network destinations that should have been blocked…
  16. CVE-2026-62196
    — CVSS 8.3 (HIGH)

    OpenClaw versions 2026.3.22 before 2026.6.6 contain an authorization bypass vulnerability where WhatsApp group IDs can satisfy elevated sender allowlists. Attackers with lower-trust access can perform actions requiring s…
  17. CVE-2026-62195
    — CVSS 8.3 (HIGH)

    OpenClaw versions 2026.5.20 before 2026.6.6 contain an authorization bypass vulnerability in the MCP loopback feature that allows lower-trust callers to execute owner-only tools. Attackers can bypass authorization checks…
  18. CVE-2026-62194
    — CVSS 8.8 (HIGH)

    OpenClaw versions 2026.5.20 before 2026.6.9 contain a privilege escalation vulnerability in plugin install commands that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attac…
  19. CVE-2026-62193
    — CVSS 4.9 (MEDIUM)

    OpenClaw versions 2026.6.5 before 2026.6.9 contain a vulnerability in the plugin install wrappers that could skip the install policy (authorization) check. When the affected feature is enabled and reachable, a lower-trus…
  20. CVE-2026-62192
    — CVSS 8.1 (HIGH)

    OpenClaw versions 2026.6.6 before 2026.6.9 contain an authorization bypass vulnerability in Discord guild actions that allows lower-trust callers to perform actions requiring stronger authorization checks. Attackers can …

Source: NVD CVE API 2.0


Generated by CryptXNet.ai Threat Intelligence Platform · July 14, 2026 · Sources: The Hacker News, Bleeping Computer, Krebs on Security, Dark Reading, SANS ISC, THN Threat Intel, Unit 42, Security.com