<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 7/11/2026

SHARE

Top News

Initial access broker linked to weaponization of CitrixBleed2 flaw

An initial access broker weaponized a critical vulnerability known as CitrixBleed 2 in a series of attacks during the first half of 2026 across multiple organizations, according to a report released Thursday by the security company Huntress. After exploiting the vulnerability, the hackers escalated privileges, created rogue local administrator accounts and established persistence with legitimate remote access tools, including ScreenConnect and Zoho Assist. READ MORE...


US and allies warn of Russian critical infrastructure attacks

Cybersecurity agencies from the United States and eight other countries have issued a joint warning that Russian state hackers are targeting vulnerable and poorly configured routers to infiltrate critical infrastructure networks. The joint advisory, co-authored by the NSA, FBI, and CISA, along with 15 other agenciess, attributes the attacks to hackers from the Russian Federal Security Service (FSB) Center 16. READ MORE...

Breaches

Centers Laboratory Data Breach Affects 540,000 Individuals

Healthcare diagnostics company Centers Laboratory (Centers Lab NJ LLC) has informed the US government that a data breach discovered nearly one year ago affects more than 540,000 individuals. According to a data breach notice posted on its website, the New Jersey-based provider of testing and laboratory services for healthcare organizations discovered an intrusion in its IT environment in August 2025. READ MORE...

Hacking

Ghostcommit attack hides malicious AI instructions in images

Ghostcommit is a proof of concept that shows how AI assistants used to review software code can be tricked by hidden instructions embedded in images. The academic ASSET Research Group showed that an attacker can place instructions inside an image file, point to it in an AGENTS.md file, and get an AI coding agent to follow those instructions during a later task. While AI-assisted code review is becoming part of everyday development, Ghostcommit exposes a weakness many teams have not considered. READ MORE...

Malware

This new Windows malware can take over your PC and wipe it clean

Microsoft published new research on GigaWiper, a modular Golang backdoor for Windows that combines robust remote access with multiple ways to permanently destroy systems and data. GigaWiper is a Windows backdoor that Microsoft has observed in intrusions since October 2025. Rather than being a single-purpose wiper, it's an operational platform that blends command-and-control (C2), data destruction, and remote access options in a single piece of malware. READ MORE...

Information Security

Copy-paste might be the riskiest thing your enterprise employees do all day

Copy-paste, the unremarkable, almost reflexive keyboard shortcut, hasn't always registered as the cybersecurity risk it is now. Today, as enterprise employees move sensitive data in and out of LLMs, the behavior is being more widely recognized as a serious cybersecurity threat, right up there with misconfigured cloud buckets and phishing attacks. Enterprise employees are pasting sensitive data into and out of AI tools like ChatGPT, Claude and Gemini. READ MORE...

Exploits/Vulnerabilities

Fresh ATM Crypto Software Bugs: Jackpot or Bust?

A researcher has discovered nine vulnerabilities in an ATM and corporate security program. The researcher and major ATM manufacturer Diebold Nixdorf disagree, though, about whether it could allow attackers to steal cash or not. At Black Hat USA 2026, Matt Burch, principal security researcher for Atredis Partners, will present nine new vulnerabilities he discovered in CryptWare CryptoPro Secure Disk. READ MORE...


Progress orders emergency ShareFile server shutdown over mystery security threat

Progress Software has ordered some ShareFile customers to pull the plug on their own servers after detecting what it describes as a "credible external security threat" targeting the on-premises component of its enterprise file-sharing platform. The emergency warning, sent by email and seen by The Register, instructed organizations running ShareFile Storage Zone Controllers to take the unusual step of manually shutting down the Windows servers that host the software. READ MORE...


New U-Boot flaws could enable stealthy firmware attacks

Six vulnerabilities in the widely used U-Boot bootloader have been discovered that could allow attackers to execute malicious code during device boot, potentially enabling stealthy firmware attacks that compromise security protections and install persistent malware. U-Boot is one of the world's most widely used open-source bootloaders and is found in many embedded Linux devices. including enterprise servers' Baseboard Management Controllers (BMCs), networking equipment and more. READ MORE...

On This Date

  • ...in 1923, the Hollywood sign (which read "Hollywoodland" until 1949) is officially dedicated in Los Angeles.
  • ...in 1940, actor Sir Patrick Stewart ("Star Trek: The Next Generation", "X-Men") is born in Yorkshire, England.
  • ...in 1942, actor Harrison Ford ("Raiders of the Lost Ark", "Star Wars") is born in Chicago, IL.
  • ...in 1973, Queen release their self-titled debut album.