NeoShield Security logo NeoShield Security Quantum X

// GLOBAL CYBER DEFENSE FEED

Latest worldwide cybersecurity updates with instant mitigation guidance.

Auto-refreshes from official public security feeds and falls back safely if the remote feed is unavailable.

live Updated 2026-07-06 18:07
18

Tracked items

0

Critical alerts

1h

Cache refresh cycle

Live cyber update stream

highThe Hacker News

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Threat actors have been observed attempting to exploit a recently patched critical security flaw in Gitea Docker images, according to Sysdig. The vulnerability in question is CVE-2026-20896 (CVSS score: 9.8), a vulnerability that stems from the DevOps platform trusting the "X-WEBAUTH-USER" header from any source IP address, effectively allowing an unauthenticated internet client to get elevated

Mitigation: Confirm exposure, apply vendor patches, add temporary WAF/IPS rules, and run post-patch vulnerability validation.

Open source →

lowBleepingComputer

Software Is Now Written at the Speed of Thought. Security Isn't.

Every evolution in software development has reduced the friction between an idea and a deployable application. AI may remove the final barrier, but it also removes many of the moments where security decisions have traditionally taken place. [...]

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highSANS ISC

RCS and DNS: The NAPTR Record, (Mon, Jul 6th)

Over the last year, with recent updates to iOS and Android, RCS (Rich Communication Services) has become an increasingly used protocol [1]. RCS is supposed to eventually replace SMS, and in addition to richer formatting, provides added (but optional) security. RCS messages may be end-to-end encrypted and digitally signed. Unlike SMS, which was "bolted on" to existing voice-focused phone standards. The SMS s

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highBleepingComputer

Max severity Adobe ColdFusion flaw now exploited in attacks

Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to vulnerability intelligence company KEVIntel. [...]

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highThe Hacker News

⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More

A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part this week: the risky pieces were ordinary. Home devices became a routing cover. Clean code pulled dirt from a dependency. Identity shortcuts aged badly. AI systems trusted the wrong instructions. Same soft spot throughout: trust

Mitigation: Verify immutable backups, block known IOCs, isolate affected hosts, and review EDR detections for lateral movement.

Open source →

lowSANS ISC

ISC Stormcast For Monday, July 6th, 2026 https://isc.sans.edu/podcastdetail/9994, (Mon, Jul 6th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

lowThe Hacker News

How to Evaluate an AI SOC Platform in 2026: 6 Capabilities That Separate Leaders from Bolt-On AI solutions

Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical label sit very different products, from chat assistants bolted onto a legacy SIEM to agent platforms that run detection, triage, investigation, and response on their own data foundation. Whether a platform will materially change outcomes for

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

lowThe Hacker News

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

A suspected China-nexus threat activity cluster has been observed targeting Indian taxpayers, tax professionals, and corporate finance teams to deliver a remote access trojan designed to steal sensitive data from compromised hosts. The multi-stage campaign, codenamed Operation DragonReturn by Seqrite Labs, involves sending spear-phishing emails impersonating the Income Tax Department of India.

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highThe Hacker News

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode. But TrojPix works only once malware is already on the target machine, so it

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

lowBleepingComputer

Flipper Zero firmware development continues with community help

Flipper Devices says development of the Flipper Zero firmware will continue, albeit with a smaller internal team and greater reliance on community contributions. [...]

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highBleepingComputer

JadePuffer ransomware used AI agent to automate entire attack

Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) agent. [...]

Mitigation: Verify immutable backups, block known IOCs, isolate affected hosts, and review EDR detections for lateral movement.

Open source →

lowBleepingComputer

NetNut proxy network disrupted, 2 million infected devices cut off

A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including smart TVs and streaming boxes. [...]

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highKrebs on Security

FBI Seizes NetNut Proxy Platform, Popa Botnet

The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highCISA News

CubeSpace CW0057 Reaction Wheel

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious firmware to the device. The following versions of CubeSpace CW0057 Reaction Wheel are affected: CW0057 Reaction Wheel CVSS Vendor Equipment Vulnerabilities v3 6.1 CubeSpace CubeSpace CW0057 Reaction Wheel Improper Verification of Cryptographic Signature Background Critical Infrastructure Sectors: Comm

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highCISA News

Gardyn IoT Hub

View CSAF Summary Successful exploitation of these vulnerabilities could allow unauthenticated users to access and control IoT Hub managed devices. The following versions of Gardyn IoT Hub are affected: Home Firmware Studio Firmware Cloud API <2.12.2026 (CVE-2026-13768, CVE-2026-55726, CVE-2026-54477) CVSS Vendor Equipment Vulnerabilities v3 10 Gardyn Gardyn IoT Hub Use of Hard-coded Credentials, Exposure of Sensi

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highCISA News

ST Engineering iDirect iQ-Series Terminals

View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to device information or cause a denial-of-service condition. The following versions of ST Engineering iDirect iQ-Series Terminals are affected: Evolution iQ‑Series terminals <=4.5.2.1 (CVE-2026-38059, CVE-2026-38057) 3315‑Series terminals <=4.5.2.1 (CVE-2026-38059, CVE-2026-38057) 9‑Series ter

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

lowSANS ISC

ISC Stormcast For Thursday, July 2nd, 2026 https://isc.sans.edu/podcastdetail/9992, (Thu, Jul 2nd)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Mitigation: Triage affected assets, validate exposure, apply available mitigations, increase logging, and document evidence for incident review.

Open source →

highNVD

CVE-2026-57723 · CVSS 7.4

Cross-Site Request Forgery (CSRF) vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows Path Traversal. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.12.

Mitigation: Confirm exposure, apply vendor patches, add temporary WAF/IPS rules, and run post-patch vulnerability validation.

Open source →