Daily DefSec Brief Titelbild

Daily DefSec Brief

Daily DefSec Brief

Von: Jerry Bell
Jetzt kostenlos hören, ohne Abo

A daily podcast covering the important cyber security news that IT and security teams need to know.

2026 Jerry Bell
Politik & Regierungen
  • Daily DefSec Brief - Cyber Security News for July 10 2026
    Jul 10 2026
    1. Initial access broker weaponizing CitrixBleed 2 to deploy Dragonforce ransomware — CVE-2025-5777 (referencing CVE-2023-4966, CVE-2026-4368) — Huntress — https://www.huntress.com/blog/citrixbleed-2-dragonforce-ransomware 2. Django SQL injection actively exploited in GeoDjango deployments — CVE-2026-1207 — Cyber Security News — https://cybersecuritynews.com/django-sql-injection-vulnerability-exploited/ 3. Microsoft tells customers to shorten patch deployment windows because of AI — no CVE — Help Net Security — https://www.helpnetsecurity.com/2026/07/10/microsoft-windows-update-deployment-timelines/ ; BleepingComputer — https://www.bleepingcomputer.com/news/microsoft/microsoft-expects-more-windows-security-updates-from-ai-discovered-flaws/ 4. Network of 200-plus GitHub repos delivering Windows malware (Operation Muck and Load) — no CVE — SecurityWeek — https://www.securityweek.com/network-of-200-github-repositories-used-for-malware-infection/ Also mentioned: - Injective SDK npm package compromised (v1.20.21) — BleepingComputer — https://www.bleepingcomputer.com/news/security/injective-sdk-on-npm-infected-with-cryptocurrency-wallet-stealer/ - Dormant GitHub accounts reactivated to map corporate orgs via API — The Hacker News — https://thehackernews.com/2026/07/dormant-github-accounts-help-attackers.html - "HalluSquatting" turns AI hallucinations into botnet delivery — SecurityWeek — https://www.securityweek.com/hallusquatting-turns-ai-hallucinations-into-botnet-delivery-mechanism/ - Binarly finds six U-Boot signature verification flaws going back to 2013 — Cyber Security News — https://cybersecuritynews.com/u-boot-fit-signature-verification/ - Bitwarden authentication bypass https://ccb.belgium.be/advisories/warning-bitwarden-server-auth-bypass-allows-vault-takeover-patch-immediately
    Mehr anzeigen Weniger anzeigen
    5 Min.
  • Daily Defsec Brief - Cyber Security News for July 9 2026
    Jul 9 2026
    Apologies for the dog barking. She was mad that she had not yet received her morning allotment of cheese. 1. Microsoft patches the RoguePlanet Defender zero-day after a month of public exploit code — CVE-2026-50656 (related: CVE-2026-33825, CVE-2026-41091, CVE-2026-45498) — BleepingComputer https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-rogueplanet-defender-zero-day-vulnerability/ · SecurityWeek https://www.securityweek.com/microsoft-patches-defender-rogueplanet-vulnerability/ 2. GodDamn ransomware uses a Microsoft-signed driver to blind EDR via BYOVD — no CVE — Dark Reading https://www.darkreading.com/cyberattacks-data-breaches/goddamn-ransomware-byovd-smite-companies 3. Vishing campaign enrolls attacker-controlled passkeys on Microsoft 365 accounts — no CVE — BleepingComputer https://www.bleepingcomputer.com/news/security/entra-passkey-enrollment-vishing-targets-microsoft-365-users/ 4. Fake Paysafe, Skrill, and Neteller SDKs on npm and PyPI steal developer credentials — no CVE — BleepingComputer https://www.bleepingcomputer.com/news/security/fake-paysafe-skrill-sdks-on-npm-and-pypi-steal-credentials/ Also mentioned: - Chrome 150 patches 27 vulnerabilities, including two critical use-after-free bugs — SecurityWeek https://www.securityweek.com/chrome-150-update-patches-27-vulnerabilities/ - GitLab patches eight Community and Enterprise Edition flaws, including a high-severity XSS — Cyber Security News https://cybersecuritynews.com/gitlab-patches-security-vulnerabilities/ - Lurking Lizard runs 230-plus lookalike domains pushing a trojanized 7-Zip installer that turns machines into residential proxy nodes — The Hacker News https://thehackernews.com/2026/07/fake-7-zip-installers-turn-devices-into.html - Fake LetsVPN installer bundles a real signed VPN with a hidden RAT called GoodPersonRAT — Cyber Security News https://cybersecuritynews.com/goodpersonrat-uses-fake-letsvpn-installer/
    Mehr anzeigen Weniger anzeigen
    5 Min.
  • Daily DefSec Brief - Cyber Security News for July 8 2026
    Jul 8 2026
    1. CISA adds ColdFusion, Langflow, and two Joomla plugins to KEV — patch by Friday — CVE-2026-48282, CVE-2026-55255, CVE-2026-48908, CVE-2026-56290 — CISA KEV: https://www.cisa.gov/known-exploited-vulnerabilities-catalog · BleepingComputer: https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-prioritize-patching-langflow-auth-bypass-flaw/ · SecurityWeek: https://www.securityweek.com/cisa-urges-immediate-patching-of-exploited-coldfusion-langflow-joomla-flaws/ 2. Ubiquiti patches max-severity command injection in UniFi Connect — CVE-2026-50746 (plus CVE-2026-50747, -50748, -54400, -54402, -55115, -55116) — BleepingComputer: https://www.bleepingcomputer.com/news/security/ubiquiti-warns-of-new-max-severity-unifi-os-vulnerability/ 3. Critical Gitea auth bypass under active exploitation — CVE-2026-20896 — SecurityWeek: https://www.securityweek.com/critical-gitea-flaw-under-active-exploitation-researchers-warn/ 4. GhostLock: 15-year-old Linux kernel flaw gives root and container escape — CVE-2026-43499 — The Hacker News: https://thehackernews.com/2026/07/15-year-old-ghostlock-flaw-enables-root.html Also mentioned: - China-linked UAT-7810 expands ORB network with LONGLEASH malware via Ruckus routers — Cisco Talos via BleepingComputer: https://www.bleepingcomputer.com/news/security/chinese-hackers-develop-longleash-malware-to-expand-orb-network/ - GitLost prompt-injection leaks private GitHub repo data via public issues — The Hacker News: https://thehackernews.com/2026/07/public-github-issue-could-trick-github.html - Malvertising campaign drops Vidar stealer and XMRig miner via fake cracked software — Unit 42: https://unit42.paloaltonetworks.com/vidar-stealer-xmrig-miner-campaign-analysis/ - Hardcoded backdoor password in Tenda router firmware (CVE-2026-11405) — CERT/CC via BleepingComputer: https://www.bleepingcomputer.com/news/security/hidden-backdoor-in-tenda-router-firmware-grants-admin-access/
    Mehr anzeigen Weniger anzeigen
    5 Min.
adbl_web_anon_alc_button_suppression_t1
Noch keine Rezensionen vorhanden