Cyber Security News

Start. Stay. Grow.

Curated daily. The latest hacks, breaches, and cyber trends—humanized.

Daily cyber brief

Hacking Editorial Brief — July 3, 2026

NSO Group's Pegasus Used Against EU Lawmaker Investigating Surveillance Abuses

Multiple investigations confirmed that former Member of the European Parliament Stelios Kouloglou was repeatedly hacked with NSO Group's Pegasus spyware while serving on Parliament's committee investigating abusive surveillance practices. The targeting of a lawmaker actively investigating spyware abuses represents a direct operational overlap—Kouloglou was investigating the same tool being used against him during his inquiry. Researchers documented multiple intrusion attempts during his tenure on the committee, raising questions about who authorized the surveillance and whether it was intended to compromise the investigation itself. The disclosure adds to mounting evidence of Pegasus deployments against journalists, activists, and political figures across Europe.

ToddyCat Deploys OAuth-Abusing Malware; DHS Network Breached; North Korean Groups Drive Crypto Theft

Kaspersky identified a new malware strain called Umbrij, linked to the ToddyCat advanced persistent threat group, that abuses OAuth tokens to access Gmail accounts through Google's API—bypassing traditional authentication controls. Separately, threat actors breached a Department of Homeland Security network used to coordinate security and emergency response information across government agencies for major events including World Cup and other high-profile U.S. security operations. Analysis from multiple sources indicates North Korean-linked hacking groups were responsible for approximately two-thirds of global cryptocurrency theft losses in the first half of 2026, continuing Pyongyang's pattern of using cybercrime to generate regime revenue. Meanwhile, CISA added SharePoint RCE vulnerability CVE-2026-45659 to its Known Exploited Vulnerabilities catalog after Microsoft discovered active exploitation during a ransomware investigation, with federal agencies ordered to patch by July 4. Researchers also documented the first practical AI-generated browser-based ransomware, created using DeepSeek, that abuses Chromium APIs across Windows, Linux, macOS, and Android platforms.


Sources: The Guardian · POLITICO · The Hacker News · Inc · Chosun Biz

Around the Web

Last Updated: N/A

Hacker icon

Hacks + Heists

Nightmare-Eclipse: Individual Threat Actor Releasing Windows Zero-Day Exploits in Retaliatory Campaign Against Microsoft

A malicious actor has released six Windows zero-day exploits since early April 2026 in an escalating retaliatory campaign against Microsoft, with the ...

Read more →

Researcher Drops Giant Cache of Zero-Day Exploits for 15 Major Open-Source Projects

An anonymous researcher using the pseudonym Bikini published proof-of-concept exploits for more than a dozen zero-day vulnerabilities affecting popula...

Read more →

Politician who investigated spyware abuses had his phone hacked with Pegasus spyware

A government customer of NSO Group used the company's Pegasus spyware to hack into the phone of a European politician, who at the time was serving ...

Read more →

Suspected Member of “Scattered Spider” Hacking Group Extradited to US From Finland, DOJ Says

July 1 (Reuters) - A 19-year-old man accused of being a ⁠member ⁠of the criminal hacking group "Scattered ⁠Spider" was extradited to the U.S. from ...

Read more →

Aflac Japan: Hack Detected Last Week Affects Nearly 4.4M - GovInfoSecurity

Aflac is notifying regulators and nearly 4.4 million Aflac Life Insurance Japan customers of a hacking incident detected last week potentially ...

Read more →
Cybersecurity icon

Big Cyber

Old Dominion University Launches First Ph.D. in Cybersecurity in Virginia

The Ph.D. program will highlight the interdisciplinary nature of the rapidly evolving field of cybersecurity, with artificial intelligence and ...

Read more →

282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study

Embed it in the app, and it is exposed with every request the app makes. Cybersecurity. All 282 fell into one of three groups: Plaintext keys (54 apps...

Read more →

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

It never enforced an upper bound. Cybersecurity. The size calculation adds packet_length to a couple of small values using 32-bit arithmetic, so a ...

Read more →

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware ...

Read more →
Technology icon

Hard Tech

React2Shell (CVE-2025-55182)

A 10.0 critical severity vulnerablility affecting server-side use of React.js, tracked as CVE-2025-55182 in React.js and CVE-2025-66478 specifically f...

Read more →

Breaking Into a Brother (MFC-J1010DW): Three Security Flaws in a Seemingly Innocent Printer

We discovered three vulnerabilities that when chained together, allow for complete remote compromise:

Read more →

Check Point - Wrong Check Point (CVE-2024-24919)

Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This ...

Read more →

Backdoor in XZ Utils allows RCE: everything you need to know - CVE-2024-3094

Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgentl...

Read more →

Loading...

The Cybersecurity Chronicles

‘The Cybersecurity Chronicles: 2024‘ pulls back the curtain on the digital threats that shaped our world last year, revealing the human stories behind the headlines. From art galleries frozen by ransomware to prison tablets hacked with a minus sign, from British Library archivists racing to protect centuries of knowledge to Spotify users meticulously curating their digital identities – these stories illuminate how cybersecurity touches every aspect of modern life.

Author Mark Nole weaves together intimate portraits of the people on all sides of the digital battlefield: the defenders working through sleepless nights to protect critical infrastructure, the victims grappling with stolen identities and lost savings, and even the attackers themselves, operating from nondescript offices with project management software and performance metrics.

Through detailed reporting and narrative storytelling, Nole reveals how 2024 became the year when cybersecurity stopped being just a technical problem and emerged as a fundamentally human challenge. Whether you’re a security professional or simply someone trying to understand our increasingly digital world, these chronicles offer an unprecedented look at how technology shapes – and sometimes betrays – our trust, our privacy, and our lives.

Mark Nole Book Cover for Cybersecurity book

Stay Updated with Cyber Security News

Get the latest cybersecurity headlines, breaking news, and expert insights delivered directly to your inbox. Stay ahead of threats and informed about the digital landscape.

Join thousands of cybersecurity professionals and enthusiasts. No spam, just valuable insights.