Cyber Security News

Start. Stay. Grow.

Curated daily. The latest hacks, breaches, and cyber trends—humanized.

Daily cyber brief

Hacking Editorial Brief — July 9, 2026

Chinese APT Expands Infrastructure with LONGLEASH Malware; Active Exploitation Targets Adobe, Joomla

Chinese threat actor UAT-7810 is deploying new LONGLEASH malware to expand its Operational Relay Box (ORB) network by compromising internet-facing networking devices, primarily targeting unpatched Ruckus routers. The campaign represents an evolution in the group's infrastructure tactics, using compromised edge devices to facilitate follow-on operations. Meanwhile, CISA added four vulnerabilities to its Known Exploited Vulnerabilities catalog, including critical flaws in Adobe ColdFusion and Joomlack Page Builder actively exploited by threat actors. The catalog also includes a Langflow vulnerability and confirms ongoing targeting of enterprise platforms. Separately, researchers disclosed a new phishing technique called "Ghost Phishing" that uses AES-GCM encrypted HTML and Microsoft Device Code Phishing to evade traditional email security, with the EvilTokens campaign specifically targeting Microsoft 365 account takeovers.

Accenture Breach Confirmed; Windows Telemetry Aids Scattered Spider Investigation

Accenture confirmed an isolated security incident after a threat actor using the handle "888" claimed to be selling 35 GB of stolen data, including source code. The company has not disclosed the scope of compromised systems or the attack vector used. In a separate development, federal investigators used Windows device identifiers to track an alleged Scattered Spider member, raising operational security questions about enterprise telemetry data collection. The case demonstrates how device-level tracking mechanisms can provide law enforcement with forensic leads, though it also highlights privacy implications of Windows telemetry for organizations and threat actors alike.


Sources: The Hacker News · WIU Cybersecurity Center · CRN · Security Boulevard

Around the Web

Last Updated: N/A

Hacker icon

Hacks + Heists

Accenture Confirms Breach After Hackers Claim Source Code Theft | Security Magazine

The company confirmed a data breach after a hacker claimed to have taken 35GB of data, including source code. “The claimed theft of source code ...

Read more →

American Hackers-for-Hire Proposal Sparks Heavy Criticism

The United States could get its own hack-for-hire network of contractors deputized by the federal government to penetrate foreign adversaries ...

Read more →

Hacked, leaked, and held for ransom: The worst breaches of 2026 so far | TechCrunch

From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most ...

Read more →

A Hacker's Arrest Reveals Microsoft Can Track Users Via a Windows Device ID | PCMag

The FBI used a Microsoft device identifier, dubbed GDID, to link a teenager to a hack attributed to Scattered Spider, raising privacy red flags ...

Read more →

Major medical device manufacturer notifies nearly 4 million of breach

The Medtronic breach is just the latest example of a hacking gang targeting a company in the med tech sector. In March, the medical device firm ...

Read more →
Cybersecurity icon

Big Cyber

New Ghost Phishing Wave Is Breaking Traditional Email Security - The Hacker News

Cybersecurity Webinars. Control Rogue AI. How to Secure AI Agents Before They Go Rogue. Learn how to secure AI agents with practical controls for ...

Read more →

Mexico's New Cyber Plan Faces Its First Real Test - Dark Reading

The Latin American nation's cybersecurity plan — still in the expansion phase — has to survive its own knockout round during the FIFA World Cup.

Read more →

Federal government organizations must double down efforts to combat 'living off the land' attacks

LotL attacks represent a new frontier in cybersecurity, where adversaries use trusted system tools to carry out malicious activities.

Read more →

Breach Transparency Remains Cybersecurity's Toughest Governance Problem

Cybersecurity is entering a new phase. It's one where the gap between awareness and operational execution is becoming the industry's biggest ...

Read more →
Technology icon

Hard Tech

React2Shell (CVE-2025-55182)

A 10.0 critical severity vulnerablility affecting server-side use of React.js, tracked as CVE-2025-55182 in React.js and CVE-2025-66478 specifically f...

Read more →

Breaking Into a Brother (MFC-J1010DW): Three Security Flaws in a Seemingly Innocent Printer

We discovered three vulnerabilities that when chained together, allow for complete remote compromise:

Read more →

Check Point - Wrong Check Point (CVE-2024-24919)

Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This ...

Read more →

Backdoor in XZ Utils allows RCE: everything you need to know - CVE-2024-3094

Detect and mitigate CVE-2024-3094, a critical supply chain compromise, affecting XZ Utils Data compression library. Organizations should patch urgentl...

Read more →

Loading...

The Cybersecurity Chronicles

‘The Cybersecurity Chronicles: 2024‘ pulls back the curtain on the digital threats that shaped our world last year, revealing the human stories behind the headlines. From art galleries frozen by ransomware to prison tablets hacked with a minus sign, from British Library archivists racing to protect centuries of knowledge to Spotify users meticulously curating their digital identities – these stories illuminate how cybersecurity touches every aspect of modern life.

Author Mark Nole weaves together intimate portraits of the people on all sides of the digital battlefield: the defenders working through sleepless nights to protect critical infrastructure, the victims grappling with stolen identities and lost savings, and even the attackers themselves, operating from nondescript offices with project management software and performance metrics.

Through detailed reporting and narrative storytelling, Nole reveals how 2024 became the year when cybersecurity stopped being just a technical problem and emerged as a fundamentally human challenge. Whether you’re a security professional or simply someone trying to understand our increasingly digital world, these chronicles offer an unprecedented look at how technology shapes – and sometimes betrays – our trust, our privacy, and our lives.

Mark Nole Book Cover for Cybersecurity book

Stay Updated with Cyber Security News

Get the latest cybersecurity headlines, breaking news, and expert insights delivered directly to your inbox. Stay ahead of threats and informed about the digital landscape.

Join thousands of cybersecurity professionals and enthusiasts. No spam, just valuable insights.