CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities… Read MoreThe Hacker News
Two Scattered Spider Hackers Get 5.5 Years Each for £29 Million TfL Hack
Owen Flowers, 18, and Thalha Jubair, 20, were each sentenced to five and a half years at Woolwich Crown Court on Thursday, 16 July 2026,… Read MoreThe Hacker News
ThreatsDay: Game Cheat Spyware, 24-Hour Ransomware, Chrome Sync Stalking + 12 More Stories
A lot of this week’s trouble starts with something that looks close enough. A familiar repo. A useful installer. A harmless sync setting. Then the… Read MoreThe Hacker News
n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer
n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one external token issuer, it… Read MoreThe Hacker News
New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands
Cybersecurity researchers have called attention to a new modular malware called TELEPUZ that’s been spreading via websites infected with ClickFix lures since late April 2026.… Read MoreThe Hacker News
Zoom Patches Critical Windows Flaw That Could Enable Account Takeover
Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover. The vulnerability, tracked as CVE-2026-53412… Read MoreThe Hacker News
TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development
Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance… Read MoreThe Hacker News
OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps
A malware framework called OkoBot has been running on Windows machines since April 2025, and one of its modules is built to con hardware wallet… Read MoreThe Hacker News
Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published. The vulnerabilities are listed… Read MoreThe Hacker News
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.
For years, routing traffic through cloud proxies was good enough. Then work moved to the browser, AI entered the workflow, and the inspection model stopped… Read MoreThe Hacker News