Microsoft tops last month’s record with 622 Patch Tuesday CVEs

Remember last month when we were awed by Microsoft’s record-setting Patch Tuesday that addressed 206 CVEs? That was a quaint era compared to this month: Redmond just rolled out patches for 622 CVEs specific to its products, slightly more than tripling last Read More …

Two Chrome updates in two days fix critical vulnerabilities

Updating Chrome is becoming an almost daily task lately. But it’s too important to ignore. On Wednesday, July 8, Google released another Chrome update, just one day later after the previous one. Between them, the two updates fixed 27 security vulnerabilities, including two Read More …

Microsoft has fixed the “RoguePlanet” zero-day in Microsoft Defender

Microsoft has quietly fixed the “RoguePlanet” zero-day in Microsoft Defender, closing the latest hole exposed by security researcher Nightmare Eclipse after months of public sparring over the company’s handling of vulnerability reports. The vulnerability, tracked as CVE-2026-50656, was addressed through an Read More …

WinRAR flaw could allow attackers to take control of your computer

Rarlab has released a new version of the popular WinRAR tool to patch a vulnerability that can be abused in remote code execution attacks. The issue is fixed in WinRAR 7.23, but users must install the new version manually because WinRAR still does not Read More …

FBI: Cyber Criminal Group TeamPCP

The Federal Bureau of Investigation (FBI) is releasing this FLASH to highlight the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with the cyber criminal group TeamPCP. TeamPCP actors have conducted large-scale software supply chain compromises by Read More …

Hackers breached DHS information-sharing network

A key Department of Homeland Security information-sharing database was accessed by an unknown threat actor in recent weeks, potentially exposing sensitive data exchanged between federal, state, local and industry partners, according to two people familiar with the matter. DHS investigators Read More …

Apple releases security patches for iOS, MacOS Tahoe, Safari

Apple has released security updates for more than two dozen security vulnerabilities across iPhone, iPad, and Mac. The updates for iOS/iPadOS, MacOS Tahoe, and Safari were issued after testing on iOS 26.6 and iPadOS 26.6 betas. What stands out in the update Read More …

Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk

The CVE-2024-2658 vulnerability was discovered in 2024 within the FlexNet Publisher component of the Schneider Electric Floating License Manager. This software handles license management across various Schneider Electric products used for comprehensive industrial automation ranging from PLC programming to centralized control Read More …

Cisco SD-WAN make-me-root bug under attack

Cisco today issued a fix for a Catalyst SD-WAN Manager bug that attackers have already spotted and exploited to get root privileges, according to both the networking vendor and the feds. The vulnerability, tracked as CVE-2026-20262, is in the web UI of Read More …

Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime

The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for Read More …