# Archive

Browse past daily curated stories

Jul 07 Jul 05 Jul 04 Jul 03 Jul 02 Jul 01 Jun 30 Jun 27 Jun 26 Jun 25 Jun 24 Jun 23 Jun 21 Jun 20 Jun 19 Jun 18 Jun 17 Jun 16 Jun 15 Jun 14 Jun 13 Jun 12 Jun 11 Jun 10 Jun 09 Jun 08 Jun 07 Jun 06 Jun 02 May 31

Tuesday, July 07, 2026

  1. 1
    0
    Dark Reading general
    CitrixBleed-ing Again? NetScaler Vulnerability Under Attack

    A newly disclosed memory disclosure vulnerability in Citrix NetScaler products is already under active exploitation following publication of a proof-of-concept exploit, echoing the pattern seen with CitrixBleed (CVE-2023-4966). NetScaler appliances are widely deployed in enterprise environments, making rapid exploitation of this flaw a critical concern for security teams managing perimeter infrastructure.

  2. 2
    0
    The Hacker News general
    16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

    CVE-2026-53359, dubbed 'Januscape,' is a 16-year-old use-after-free vulnerability in Linux KVM's shadow MMU code affecting both Intel and AMD x86 systems. A public PoC currently causes host kernel panics, but the researcher claims a separate unreleased exploit achieves full guest-to-host escape, making this a high-severity threat for virtualization environments and cloud infrastructure operators.

  3. 3
    0
    BleepingComputer general
    Max severity Adobe ColdFusion flaw now exploited in attacks

    A maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282 is now being actively exploited in attacks, according to a warning from the Canadian Centre for Cyber Security (CCCS). ColdFusion servers are frequently used in enterprise web applications, and max-severity exploitation within days of disclosure demands immediate patching priority.

  4. 4
    0
    Dark Reading general
    JadePuffer: The First Complete LLM-Driven Ransomware Attack

    Sysdig documented the first known case of LLM-driven agentic ransomware, dubbed 'JadePuffer,' in which an AI agent exploited a Langflow vulnerability to exfiltrate data from a production database and encrypt additional systems in late June 2026. The attack demonstrates that autonomous AI agents can reduce operator complexity and accelerate attack tempo in end-to-end ransomware campaigns without human intervention at each step.

  5. 5
    0
    The Hacker News general
    Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

    CVE-2026-20896 (CVSS 9.8) in Gitea Docker images — which allows unauthenticated privilege escalation by trusting the X-WEBAUTH-USER HTTP header from any IP — saw active exploitation attempts by threat actors just 13 days after public disclosure, per Sysdig research. The critical severity and rapid weaponization of this DevOps platform flaw pose significant supply chain risk to development pipelines.

  6. 6
    0
    SecurityWeek general
    North Korean Hackers Target Open Source Developers in Supply Chain Attacks

    North Korean threat actors behind the 'PolinRider' campaign have compromised over 100 legitimate open source packages and repositories to deliver a backdoor and information stealer targeting software developers. The supply chain attack vector — poisoning trusted open source dependencies — puts any developer consuming affected packages at risk of silent compromise.

  7. 7
    0
    SecurityWeek general
    Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability

    A proof-of-concept exploit has been released for the Linux 'Bad Epoll' local privilege escalation vulnerability, enabling root access on affected systems and dramatically lowering the bar for exploitation. Security teams running unpatched Linux systems should treat this as an urgent remediation priority given the public availability of working exploit code.

  8. 8
    0
    The Hacker News general
    Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

    Operation DragonReturn, attributed by Seqrite Labs to a suspected China-nexus threat cluster, uses spear-phishing emails impersonating India's Income Tax Department to deliver DcRAT — a remote access trojan designed for sensitive data theft — targeting Indian taxpayers, tax professionals, and corporate finance teams. The campaign's use of a fake tax filing utility as a lure demonstrates continued abuse of government-themed social engineering against high-value financial targets.

  9. 9
    0
    Schneier on Security threat-intel
    France to Stop Certifying Non-Quantum-Safe Encryption

    France's national cybersecurity agency ANSSI announced it will halt certifications for security products lacking quantum-resistant encryption starting in 2027, and is urging businesses to purchase only quantum-safe products immediately. The policy shift by a major G7 nation's cyber authority signals an accelerating regulatory timeline for post-quantum cryptography migration across government and critical infrastructure sectors.

  10. 10
    0
    The Record threat-intel
    Major medical device manufacturer notifies nearly 4 million of breach

    A major medical device manufacturer disclosed a data breach affecting nearly 4 million individuals, with compromised data including Social Security numbers and health-related information. Despite the company's claim of no evidence of public exposure, the scale and sensitivity of the healthcare data involved makes this a significant incident for compliance and identity theft risk monitoring.