IT Security Newsletter

IT Security Newsletter - 7/2/2026

Written by Cadre | Thu, Jul 2, 2026

FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks

FortiBleed, the large-scale credential-harvesting operation targeting organizations in 150 countries, has led to the deployment of INC Ransom and Lynx ransomware families, SOCRadar reports. Uncovered in mid-June, FortiBleed has been targeting over 430,000 FortiGate firewalls for the deployment of a network sniffer dubbed FortigateSniffer to capture the traffic passing through them and extract cleartext credentials and password hashes for future compromise. READ MORE...

Pacemaker manufacturer Medtronic warns patients cybercrooks may have swiped health data

Medical device giant Medtronic is warning patients that their personal and health information may have been caught up in an April cyberattack in which intruders spent nearly a week inside parts of its corporate network. According to breach notification letters sent to affected individuals, the company detected unusual activity on April 15 and later determined an unauthorized party accessed certain corporate systems between April 13 and April 19. READ MORE...

Crafty Phishing Campaigns Auto-Adapt to Victim's Device, OS

Threat actors are moving away from spray-n-pray phishing attacks in favor of campaigns that can automatically adapt to a target's device and operating system. Today, anti-phishing security vendor Cofense published research covering the cutting-edge ways threat actors are upping their phishing game. As research post author Max Gannon of Cofense Intelligence explained, classic phishing attacks often have clumsy, simple emails and an attachment with a simple infection chain. READ MORE...

WinRAR flaw could allow attackers to take control of your computer

Rarlab has released a new version of the popular WinRAR tool to patch a vulnerability that can be abused in remote code execution attacks. The issue is fixed in WinRAR 7.23, but users must install the new version manually because WinRAR still does not offer automatic updates. They also need to make sure they download the version that matches their system and language preference. The vulnerability, tracked as CVE-2026-14191, affects the way WinRAR and UnRAR handle RAR5 files. READ MORE...

And the Winner in Dominant Malware Delivery? ClickFix

In the span of just two years, ClickFix has gone from an emerging social engineering technique to the overwhelming favorite among threat actors for malware delivery. That's according to research from ReliaQuest, which analyzed threat activity from March 1 to May 31 and found that ClickFix dominated initial access and defense-evasion categories. ClickFix tricks targeted individuals into copying and pasting malicious commands into system dialogs like Windows Terminal. READ MORE...

Cisco finally confirms attackers exploiting Unified CM flaw

Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in early June. Unified CM (formerly known as Cisco CallManager) is the central control system for Cisco IP telephony systems, handling call routing, device management, and telephony features. Threat actors without privileges can exploit the vulnerability (CVE-2026-20230) remotely in low-complexity server-side request forgery (SSRF) attacks by sending a crafted HTTP request. READ MORE...

CISA Warns of Actively Exploited Microsoft SharePoint Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday said threat actors have been exploiting a high-severity vulnerability in Microsoft SharePoint Server. Described as a deserialization of untrusted data bug, the exploited security defect allows authenticated attackers to execute arbitrary code on vulnerable SharePoint servers. The flaw is tracked as CVE-2026-45659 (CVSS score of 8.8) and was patched in late May, via an out-of-band security update. READ MORE...

  • ...in 1776, the Second Continental Congress, assembled in Philadelphia, formally adopts a resolution for independence from Great Britain.
  • ...in 1881, President James A. Garfield is shot by assassin Charles J. Guiteau. Garfield lived another 80 days before succumbing to his injuries.
  • ...in 1964, President Johnson signs the Civil Rights Act, prohibiting discrimination based on race, color, religion, sex, or national origin.
  • ...in 1992, Chevrolet builds the 1,000,000th Corvette. It is currently on display at the Corvette Museum.