CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities… Read MoreThe Hacker News

Read More

Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack

Owen Flowers, 18, and Thalha Jubair, 20, were each sentenced to five and a half years at Woolwich Crown Court on Thursday, 16 July 2026,… Read MoreThe Hacker News

Read More

ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories

A lot of this week’s trouble starts with something that looks close enough. A familiar repo. A useful installer. A harmless sync setting. Then the… Read MoreThe Hacker News

Read More

n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer

n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one external token issuer, it… Read MoreThe Hacker News

Read More

New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands

Cybersecurity researchers have called attention to a new modular malware called TELEPUZ that’s been spreading via websites infected with ClickFix lures since late April 2026.… Read MoreThe Hacker News

Read More

Zoom Patches Critical Windows Flaw That Could Enable Account Takeover

Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover. The vulnerability, tracked as CVE-2026-53412… Read MoreThe Hacker News

Read More

TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development

Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance… Read MoreThe Hacker News

Read More

OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps

A malware framework called OkoBot has been running on Windows machines since April 2025, and one of its modules is built to con hardware wallet… Read MoreThe Hacker News

Read More

Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws

Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published. The vulnerabilities are listed… Read MoreThe Hacker News

Read More

SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.

For years, routing traffic through cloud proxies was good enough. Then work moved to the browser, AI entered the workflow, and the inspection model stopped… Read MoreThe Hacker News

Read More