BleepingComputer.com
"Australia warns of global campaign targeting vulnerable CMS platforms."
Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 11 July 2026, 1636 UTC.
Content and Source: "BleepingComputer.com."
URL--https://www.bleepingcomputer.com/
Please check URL or scroll down to read your selections. Thanks for joining us today.
Russ Roberts (https://www.hawaiicybersecurityjournal.net).
-
Australia warns of global campaign targeting vulnerable CMS platforms
The Australian Cyber Security Centre (ACSC) issued an alert about a global exploitation campaign targeting vulnerable content management systems (CMS) and plugins.
- July 11, 2026
- 10:18 AM
0
-
ESET NOD32 antivirus just dropped a 1-year subscription to $20
Antivirus software shouldn't make your computer harder to use. Some security tools eat up system resources and slow everything down while they're supposedly protecting you. ESET NOD32 Antivirus takes a different approach by focusing on accurate threat detection without the performance hit, and a 1-year subscription is on sale for $19
- July 11, 2026
- 08:12 AM
0
-
[Webinar] Device code phishing in 2026: live demos, real kits, and where it's headed next

18 kits, a 37x spike in detections, and every major AiTM vendor adding it to their platform: device code phishing has gone from espionage-grade to criminal commodity. Join Push Security's VP of R&D Luke Jennings for attacker-side demos and a breakdown of the kits and campaigns we're tracking in the wild.
-
'Ghostcommit' hides prompt injection in images to fool AI agents, steal secrets
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers CodeRabbit and Bugbot, which never open image files at all, then convinced a coding agent to read a repo's .env and write every secret into the code as a list of numbers.
- July 11, 2026
- 05:03 AM
0
-
New U-Boot flaws could enable stealthy firmware attacks
Six vulnerabilities in the widely used U-Boot bootloader have been discovered that could allow attackers to execute malicious code during device boot, potentially enabling stealthy firmware attacks that compromise security protections and install persistent malware.
- July 10, 2026
- 05:59 PM
0
-
Ryuk ransomware member pleads guilty in the US, faces 15 years in prison
A 34-year-old Armenian man has pleaded guilty to hacking U.S. companies and deploying the infamous Ryuk ransomware to encrypt their systems.
- July 10, 2026
- 01:46 PM
0
-
Police suspects Dutch hackers were involved in Odido breach
The Dutch National Police (Politie) says it has found "strong indications" that Dutch hackers have been involved in a February breach at the telecommunications provider Odido.
- July 10, 2026
- 12:37 PM
0
-
Progress urges ShareFile admins to shut down servers over “credible” threat
Progress Software is emailing ShareFile customers who use Storage Zone Controllers to immediately shut down their servers after identifying what it describes as a "credible external security threat" targeting the on-premises secure file-sharing software.
- July 10, 2026
- 12:26 PM
0
-
Hackers exploit critical auth bypass in Gitea Docker image
Hackers are actively exploiting a critical vulnerability in the official Docker image for the Gitea self-hosted Git service that allows attackers to impersonate any user, including administrators.
- July 10, 2026
- 11:48 AM
0
-
Money launderer accused of stealing seized crypto while in prison
A Bulgarian national has been charged with stealing $290,000 in government-seized cryptocurrency while serving 121 months in prison for helping launder millions stolen from American fraud victims.
- July 10, 2026
- 11:30 AM
1
-
The Replicant in Your Directory: AI Agents and the Identity Security Gap
AI agents are accelerating the growth of non-human identities, making it harder for organizations to understand what exists, who owns it, and what it can access. Netwrix explains why stronger visibility and identity governance are essential as AI expands the enterprise attack surface.
- July 10, 2026
- 10:00 AM
0
-
Zimbra urges customers to patch critical web client XSS flaw
The Zimbra security team urged customers to patch a critical vulnerability affecting the Classic Web Client used to access the Zimbra Collaboration suite.
- July 10, 2026
- 07:47 AM
0
-
This $60 educational kids’ app makes learning fun
Looking for a way to keep kids learning this summer? Pok Pok offers a screen-time option you won't feel guilty about that combines learning and fun for little ones ages 2-8. Right now, you can even lock in a lifetime subscription to Pok Pok for just $59.99 (reg. $250).
- July 10, 2026
- 07:09 AM
0
-
Former ransomware negotiator gets 4 years for BlackCat attacks
A former employee of cybersecurity incident response company DigitalMint was sentenced to 70 months in prison for targeting U.S. companies in BlackCat (ALPHV) ransomware attacks.
- July 10, 2026
- 04:17 AM
0
-
OpenMandriva Linux says contributor tried to sabotage the project
The OpenMandriva Linux project announced that it was the target of an attempted act of internal sabotage after a dispute among contributors.
- July 09, 2026
- 06:14 PM
0
-
Injective SDK on npm infected with cryptocurrency wallet stealer
Hackers compromised the Injective Labs SDK project's GitHub repository and used it to publish a malicious package on the Node Package Manager (npm) that stole cryptocurrency wallet private keys and mnemonic seed phrases.
- July 09, 2026
- 04:10 PM
0
-
Store up to 1TB of files for life with Koofr cloud storage for $130
Cloud storage has become essential, but so have the recurring subscription costs that come with it. Get a 1TB of Koofr Cloud Storage for life for a one-time payment of $129.99 with promo code KOOFR through July 13.
- July 09, 2026
- 02:05 PM
0
-
New Helix vishing group emerges in SharePoint data theft attacks
A new data-extortion group called Helix is using identity-focused tactics such as voice phishing (vishing), device code phishing, and multi-factor authentication (MFA) abuse to steal data from SharePoint environments.
- July 09, 2026
- 01:08 PM
0
-
Microsoft expects more Windows security updates from AI-discovered flaws
Microsoft says Windows users should expect to see an increase in security updates as the company increasingly relies on artificial intelligence to discover vulnerabilities in its codebase.
- July 09, 2026
- 01:00 PM
2
-
New Forg365 phishing platform uses AI to target Microsoft 365 accounts
A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining adversary-in-the-middle (AiTM) and device code methods with AI-assisted lure generation.
- July 09, 2026
- 10:39 AM
0
-
The Hidden Security Risks of Reduced Summer IT Coverage
Security operations don't slow down when IT teams take vacation, but staffing levels often do. Kaseya explains how AI-driven automation can help organizations maintain consistent security operations and reduce reliance on manual processes year-round.
- July 09, 2026
- 10:02 AM
0

Comments
Post a Comment
Please leave a comment about our recent post.