Cyber Security News

Start. Stay. Grow.

Curated daily. The latest hacks, breaches, and cyber trends—humanized.

Daily cyber brief

Hacking Editorial Brief — July 17, 2026

Microsoft Patches Record 570 Vulnerabilities, Two Actively Exploited

Microsoft's July 2026 Patch Tuesday addressed a historic 570 vulnerabilities across its product portfolio, including two actively exploited zero-days and one publicly disclosed flaw. The exploited vulnerabilities affect SharePoint Server (CVE-2026-56164) and Active Directory Federation Services, both enabling unauthorized access and remote code execution in active attack campaigns. CISA issued a supplemental alert urging immediate SharePoint hardening following confirmed exploitation in the wild. Hours after the patch release, a researcher published a functional Windows zero-day proof-of-concept affecting all supported desktop and server versions, following a disclosure dispute with Microsoft. Security researchers attribute the unprecedented vulnerability count to AI-driven bug hunting tools, marking a shift in how software flaws are being discovered at scale.

Scattered Spider Members Sentenced for Transport for London Attack

Two members of the Scattered Spider threat group—Owen Flowers and Thalha Jubair, both teenagers at the time of the attack—were sentenced to five and a half years in prison for hacking Transport for London in 2024. The cyberattack, which was live-streamed by the perpetrators, caused £29 million in losses and could have resulted in widespread operational disruption before TfL's IT team forcibly logged out all staff to contain the breach. The case represents one of the first significant prison sentences tied to Scattered Spider, a loosely organized collective known for social engineering and SIM-swapping tactics. Separately, BitSight released a threat actor profile on TeamPCP, a group that has compromised multiple developer and security tools including Trivy, KICS, and LiteLLM, with suspected ties to the Vect ransomware-as-a-service operation.


Sources: Bleeping Computer · The Hacker News · CISA · Help Net Security · BitSight

Around the Web

Last Updated: N/A

Hacker icon

Hacks + Heists

Breaking Out of the 'We're Too Boring to Hack' Myth | Manufacturing.net

The plants getting burned are not those with the most valuable data - they're the ones that believed they had none.

Read more →

AI Music App Suno Got Hacked, Giving a Glimpse of Just How Much Music It Scraped

Per 404 Media, the hacker was able to get their hands on source code from Suno between 2023 and 2024, which seems to include scraping instructions and...

Read more →

Source Code Hack Reveals Suno's AI Was Trained on Millions of YouTube Songs - CNET

The hack allegedly confirms the suspicions of record labels and artists that their music is used in the creation of AI music.

Read more →

Finland issues wanted notice for hacker behind massive psychotherapy data breach

The Supreme Court's decision leaves in place a February Court of Appeal ruling that sentenced Kivimäki to nearly seven years in prison for hacking ...

Read more →

What leaked messages tell us about global hacking gang Conti - BBC

Conti, one of the world's largest ransomware groups, spent years hacking people. But in 2022 the tables turned when the criminal gang imploded and ...

Read more →
Cybersecurity icon

Big Cyber

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly patched security flaw impacting Microsoft SharePoint ...

Read more →

CISA Adds Two Known Exploited Vulnerabilities to Catalog

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding .....

Read more →

Cybersecurity Risks Grow for Agriculture - Red River Farm Network

As farms become more connected, cybersecurity is becoming a bigger concern. Chris Sherman, founder of Tech Support Farm, says many attacks ...

Read more →

Air Force network lockouts hit troops and civilians | Federal News Network

Air Force employees are being locked out of their computers as cybersecurity quarantines tied to software updates disrupt work across bases and ...

Read more →
Technology icon

Hard Tech

React2Shell (CVE-2025-55182)

A 10.0 critical severity vulnerablility affecting server-side use of React.js, tracked as CVE-2025-55182 in React.js and CVE-2025-66478 specifically f...

Read more →

Breaking Into a Brother (MFC-J1010DW): Three Security Flaws in a Seemingly Innocent Printer

We discovered three vulnerabilities that when chained together, allow for complete remote compromise:

Read more →

Check Point - Wrong Check Point (CVE-2024-24919)

Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This ...

Read more →

Backdoor in XZ Utils allows RCE: everything you need to know - CVE-2024-3094

Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgentl...

Read more →

Loading...

The Cybersecurity Chronicles

‘The Cybersecurity Chronicles: 2024‘ pulls back the curtain on the digital threats that shaped our world last year, revealing the human stories behind the headlines. From art galleries frozen by ransomware to prison tablets hacked with a minus sign, from British Library archivists racing to protect centuries of knowledge to Spotify users meticulously curating their digital identities – these stories illuminate how cybersecurity touches every aspect of modern life.

Author Mark Nole weaves together intimate portraits of the people on all sides of the digital battlefield: the defenders working through sleepless nights to protect critical infrastructure, the victims grappling with stolen identities and lost savings, and even the attackers themselves, operating from nondescript offices with project management software and performance metrics.

Through detailed reporting and narrative storytelling, Nole reveals how 2024 became the year when cybersecurity stopped being just a technical problem and emerged as a fundamentally human challenge. Whether you’re a security professional or simply someone trying to understand our increasingly digital world, these chronicles offer an unprecedented look at how technology shapes – and sometimes betrays – our trust, our privacy, and our lives.

Mark Nole Book Cover for Cybersecurity book

Stay Updated with Cyber Security News

Get the latest cybersecurity headlines, breaking news, and expert insights delivered directly to your inbox. Stay ahead of threats and informed about the digital landscape.

Join thousands of cybersecurity professionals and enthusiasts. No spam, just valuable insights.