Latest Analysis
Cybersecurity intelligence, threat analysis, and national security reporting.

Hackers Exploit Microsoft 365 Flaws with 81 Million Login Attempts
In just two weeks, a massive password-spraying campaign racked up over 81 million login attempts, compromising 78 Microsoft 365 accounts across 64 organizations and highlighting a dramatic surge in cyber threats. This alarming trend saw a 155-fold increase in attacks, with organizations now facing an average of 1,964 failed login attempts per month.

Cursor Flaws Expose Developers to Zero-Click Attacks
Beware of DuneSlide, a pair of high-severity flaws that could let a single, innocent-looking prompt hijack your Cursor environment and unleash a zero-click attack on your computer - update to Cursor 3.0 now to stay safe!

Adobe Fixes CVSS 10.0 Flaws in ColdFusion and Campaign Classic
Adobe is racing against the clock to keep you safe, with emergency updates for ColdFusion and Campaign Classic that squash critical flaws allowing hackers to wreak havoc. The timely patches fix vulnerabilities that could lead to devastating attacks, from code execution to security breaches.

Ousaban Trojan Targets Iberian Bank Users with Sophisticated PDF Lures
Meet the Ousaban Trojan, a sneaky malware targeting banking customers in Spain and Portugal with clever PDF tricks. This sophisticated threat steals logins, hijacks sessions, and even takes remote control of infected computers.

AI-Generated Ransomware Exploits Chromium API in Browser Attacks
A groundbreaking AI-generated ransomware attack has been detected, cleverly exploiting the Chromium API to launch a devastating browser-based assault, stealing credentials, exfiltrating data, and holding files hostage. This alarming first-of-its-kind threat, dubbed InfernoGrabber v9.0, marks a chilling new frontier in cybercrime.

Ousaban Trojan Expands to Spain, Portugal with Advanced Evasion Tactics
Meet Ousaban, a sneaky banking Trojan that's evolved from decade-old tactics to target unsuspecting customers in Spain and Portugal, starting with a clever phishing PDF disguised as a broken file. This highly optimized threat profiles its victims before striking, making it a force to be reckoned with.

Progress LoadMaster Flaw Sees Active Exploitation Attempts
A critical vulnerability in Progress Kemp LoadMaster, tracked as CVE-2026-8037, is under active exploitation attempts, with Canadian cybersecurity firm eSentire's Threat Response Unit detecting and thwarting attacks starting June 29, 2026. The attacks, though unsuccessful, raise concerns about potential future breaches given the vulnerability's high CVSS score of 9.6.

Google Blogspot Abused to Deploy Fileless Infostealer
Cybercriminals are selling stolen credentials on underground marketplaces, giving other threat actors easy access to compromised accounts and environments. This latest threat, known as Veil#Drop, uses a sneaky fileless chain to infect victims who unknowingly download a malicious script disguised as a harmless document.

Criminal IP Enhances OpenCTI with Contextual Threat Intelligence Integration
Unlock the full potential of your threat intelligence with Criminal IP's integration with OpenCTI, providing rich contextual insights to supercharge investigation, correlation, and decision-making. By adding dual-perspective risk scoring, analysts gain a more nuanced view of IP risks, with separate signals for inbound and outbound threats.

Cybersecurity Awareness Outpaces Resilience
Despite having a high awareness of cyber risks, many organizations are struggling to build operational resilience, with gaps in visibility, capability, priorities, and culture hindering their ability to effectively manage threats. The 2026 Bitdefender Cybersecurity Assessment reveals a concerning disconnect between knowing the risks and taking action to mitigate them.

Oracle E-Business Flaw Exploited in Ongoing Attacks
A critical flaw in Oracle E-Business, known as CVE-2026-46817, is being exploited by attackers, allowing them to take over vulnerable systems with just HTTP network access. This highly severe vulnerability, with a CVSS score of 9.8, has now been targeted in real-world attacks, with security researchers observing exploitation attempts on Oracle E-Business honeypots.

Anthropic Bolsters AI Models with Enhanced Security Guardrails
Anthropic is stepping up its AI security game with enhanced guardrails, but acknowledges a trade-off: its new classifier may flag more harmless requests during everyday coding and debugging tasks. The company is moving forward with redeploying its advanced models, Claude Mythos 5 and Claude Fable 5, starting July 1.

Microsoft Accelerates Post-Quantum Cryptography Migration to 2029
Microsoft is speeding up its transition to post-quantum cryptography, aiming to integrate quantum-safe security into its critical products and services by 2029, in response to rapid advancements in quantum computing. This accelerated timeline is part of its effort to stay ahead of emerging threats and secure trust chains.

Microsoft Restores GIF Functionality in Windows Emoji Panel After Provider Shutdown
Microsoft has restored GIF functionality in the Windows Emoji Panel after a brief outage caused by the retirement of the Tenor GIF service, and has since switched to a new provider, GIPHY, to keep the fun going. The update, KB5095093, fixes the issue that left some users seeing a "GIF service is not available" message.

Microsoft Accelerates Post-Quantum Cryptography Push by 2029
Microsoft is speeding up its post-quantum cryptography push, aiming to complete the transition by 2029, as advances in quantum research increase the urgency to protect against potential cyber threats. The move is driven by the risk of cryptographically relevant quantum computers emerging sooner than expected, capable of cracking current encryption methods.

Amazon Fined $2.25M for Withholding Fraud Evidence
Amazon has been fined $2.25 million for allegedly blocking identity-theft victims from accessing records of fraudulent transactions, violating the Fair Credit Reporting Act. The company reportedly told some consumers that they couldn't access the requested records, adding to the frustration of those trying to recover from scams.

Aflac Japan Discloses Data Breach Compromising Millions
Aflac Japan has suffered a massive data breach, exposing sensitive personal and financial information of nearly 4.4 million customers after a mysterious hacker gained access to company systems for 10 days in June. The breach, confined to Aflac's Japanese operations, has sparked an ongoing investigation into its full impact.

AI Models Expose Millions to Phantom Squatting Phishing Threat
Millions are now at risk of falling prey to a new, rapidly evolving phishing threat called phantom squatting, where attackers exploit AI-generated links to create malicious websites that can evade detection. By registering domains invented by large language models, hackers can create seemingly trustworthy sites that are actually designed to steal sensitive information or spread malware.

US Lifts Export Controls on Anthropic's AI Model Fable 5
Big news: the US has lifted export controls on Anthropic's AI model Fable 5, allowing it to be accessible to users worldwide again after a brief shutdown. This comes after Anthropic made significant strides in curbing a concerning technique, successfully stopping it in over 99% of attempts.

Adobe Fixes Seven High-Risk Flaws in ColdFusion, Campaign Platforms
Adobe is urging administrators to act fast and install a critical security update within 72 hours to patch seven high-risk vulnerabilities in its ColdFusion and Campaign Classic platforms that are being targeted by hackers. This update fixes maximum-severity flaws that could put your systems at risk if left unaddressed.

Researcher Exposes API-Driven Malware Delivery in ClickFix Campaigns
Security researcher Bert-Jan Pals' in-depth analysis of 3,000 live payloads reveals that the ClickFix campaign's API-driven malware delivery method is rapidly evolving, making it a persistent threat that's hard to defend against. This sneaky tactic moves malicious actions off the page and into backend services, issuing commands on demand with fresh disguises on every request.

Azure CLI Hit by Massive Password Spray Attack Targeting 78 Accounts
In a staggering display of cyber aggression, a threat actor launched a massive password spray attack on Microsoft's Azure CLI, racking up over 81 million login attempts and breaching at least 78 accounts across 64 organizations in just two weeks. The relentless campaign, which unfolded between June 12 and June 26, successfully compromised accounts at an alarming rate of two to four per day, with some days seeing spikes of up to 30 breaches.

China Unveils Mobile Electromagnetic Aircraft Catapult in Action
China is taking a giant leap forward with its cutting-edge Electromagnetic Aircraft Catapult, now showcased in action on a mobile, three-truck system that's capable of launching drones and potentially even manned aircraft. The country is even eyeing an ambitious production target of 2,000 of these innovative systems per year.

Sweden Bolsters Ukraine's Air Defense with Gripen E Fighter Jets
Sweden is taking a powerful stance in support of Ukraine's defense with the provision of 16 cutting-edge Gripen E fighter jets, a game-changing addition to the Ukrainian Air Force's capabilities. This historic deal, valued at approximately $2.5 billion, marks a significant boost to Ukraine's air defense.