Callum Dare encouraged others to carry out dangerous hoaxes, made mini-movies from the footage
Researchers at KU Leuven tested 85 of the most popular crypto wallets that run as browser extensions and found that the wallets themselves leak enough to link and track the people using them. The...
AI security agents are starting to influence real security decisions. They summarize findings, prioritize remediation, recommend next steps, and help teams move faster. But most still rely on...
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry. The activity allows users to...
This is a current list of where and when I am scheduled to speak: I’m speaking (virtually) at the Policy-Relevant Privacy Research Workshop in Calgary, Canada, on Monday, July 20, 2026. I’m...
Veeam security advisory (AV26-694)
Research fellow Bill Robinson speaks with The Globe and Mail about CSE spending. The post Canada’s Electronic Spy Agency Conducted Cyberattacks on Criminals Brokering Fentanyl Ingredients, Report...
The designations hit 1VPNS, its alleged Ukrainian administrator and a Belarusian who allegedly sold “cryptors” to disguise ransomware and other malware. The post Treasury sanctions First VPN...
ServiceNow security advisory (AV26-693)
Researcher confirms the uploads have stopped, but says xAI's privacy command was not what fixed them
xAI's Grok Build coding CLI was uploading entire Git repositories, full commit history and all, to a Google Cloud Storage bucket run by xAI, not just the files a coding task needed. A researcher...
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe After Effects is a digital visual effects and motion...
Mozilla security advisory (AV26-692)
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these...
56Critical510Important3Moderate0LowMicrosoft addresses 569 CVEs in the largest Patch Tuesday release yet. This month’s release includes three zero-days, two of which were exploited in the...
HPE security advisory (AV26-691)
Human did 10% of the job, AI did 90%
Michigan public health investigators say they are zeroing in on lettuce and other salad greens as potential sources of a massive outbreak of cyclosporiasis that has infected at least 2,640 people...
SAP security advisory – July 2026 monthly rollup (AV26-690)
Last month’s record-breaking heat wave killed thousands across Western Europe, making it one of the continent’s deadliest climate disasters. Preliminary official mortality data and researchers’...
Dutch intelligence officials report that at least one Russian agency is compromising internet-connected cameras across Europe to spy on military logistics and Ukrainian personnel.
Just two years ago, hackers were tapping into generative artificial intelligence to probe targets, translate technical material and troubleshoot malicious code. The technology sped up some key...
[Control systems] Siemens security advisory (AV26-689)
The Trump administration’s abrupt firing of Election Assistance Commission commissioners last week and a Department of Justice warning threatening states with criminal prosecution have created new...
OAuth client ID spoofing lets attackers test Entra accounts and stolen passwords without successful sign-ins, leaving application names blank in logs.
Global cyber attacks rose over 10% in June, according to new research from Check Point, with one particular group accounting for a growing portion. The uptick in attacks comes in the wake of what...
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has designated two individuals and a VPN service provider for enabling ransomware actors' and other cybercriminals' malicious...
Cyberattack attempts against the South Korean military reached nearly 19,000 last year, marking the highest figure in five years, a lawmaker said Sunday. The military was targeted in 18,951...
This year, the U.S. military’s use of artificial intelligence (AI) in its targeting has burst into the spotlight. In February, the Wall Street Journal reported that the military used the Anthropic...
Department of Homeland Security personnel twice dismissed signs of cyber intruders inside the agency’s Homeland Security Information Network as harmless activity, allowing hackers to remain...