Close Menu

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Companies Are Throttling Employees’ AI Use Because It’s Too Expensive

    July 2, 2026

    Infosec News Nuggets — July 2, 2026 – AboutDFIR

    July 2, 2026

    Alleged Scattered Spider hacker extradited to the United States

    July 2, 2026
    Facebook X (Twitter) Instagram
    • Demos
    • Technology
    • Gaming
    • Buy Now
    Facebook X (Twitter) Instagram Pinterest Vimeo
    Canadian Cyber WatchCanadian Cyber Watch
    • Home
    • News
    • Alerts
    • Tips
    • Tools
    • Industry
    • Incidents
    • Events
    • Education
    Subscribe
    Canadian Cyber WatchCanadian Cyber Watch
    Home»News»Infosec News Nuggets — July 2, 2026 – AboutDFIR
    News

    Infosec News Nuggets — July 2, 2026 – AboutDFIR

    adminBy adminJuly 2, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges

    Peter Stokes, a 19-year-old dual U.S.-Estonian citizen accused of belonging to the prolific Scattered Spider hacking group, was extradited from Finland and made his first Chicago federal court appearance this week on charges of conspiracy, computer intrusion, and fraud. Prosecutors say Scattered Spider has been tied to more than 100 network intrusions generating over $100 million in ransom payments, and that Stokes specifically breached a luxury jewelry retailer last May, demanding $8 million in cryptocurrency before the company’s security team expelled the intruders, though it still absorbed roughly $2 million in disruption and recovery costs.

     

    Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

    A critical OS command injection vulnerability in Progress Kemp LoadMaster, tracked as CVE-2026-8037 with a CVSS score of 9.6, is now being actively targeted by attackers after exploitation attempts began on June 29. The flaw stems from a function that fails to properly null-terminate sanitized input, creating an out-of-bounds heap read that lets an unauthenticated attacker send crafted requests to run arbitrary commands on affected load balancer appliances; administrators are urged to patch immediately given that a proof-of-concept exploit is now circulating.

     

    Hackers breached DHS information-sharing network, people familiar say

    An unknown threat actor accessed the Homeland Security Information Network, a platform used by federal, state, local, and private-sector partners to share sensitive but unclassified information, sometime between late May and early June. Investigators targeted HSIN servers and a linked SharePoint collaboration system, and while DHS says classified networks were unaffected and the platform remains operational, the timing has raised concern given the department’s role coordinating security for World Cup events currently underway across the country.

     

    Sandbox bypass flaws in Cursor IDE highlight prompt injection as an RCE vector

    Researchers at Cato Networks disclosed two vulnerabilities, dubbed DuneSlide and tracked as CVE-2026-50548 and CVE-2026-50549, that let a prompt injection delivered through an MCP server or poisoned web result trick the Cursor AI coding assistant into escaping its command execution sandbox and achieving full remote code execution with no user interaction required. The flaws exploited a parameter that let attackers redirect file operations outside the project directory and a symlink-resolution fallback that bypassed path restrictions; both were patched in Cursor 3.0, but researchers say similar isolation-layer weaknesses likely exist across other AI-assisted coding tools.

     

    ScreenConnect abused to deploy AsyncRAT in widespread campaign

    Kaspersky identified a large, multi-language campaign using more than 90 spoofed domains to distribute installers disguised as popular software like OBS Studio and Bandicam, which sideload a rogue library to silently deploy the ScreenConnect remote access tool. From there a PowerShell script disables Defender protections and User Account Control before extracting and launching the AsyncRAT trojan via process hollowing, giving attackers covert remote control, data theft, and screen-recording capability, with persistence maintained through a scheduled task that restarts the chain every two minutes and after reboots.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleAlleged Scattered Spider hacker extradited to the United States
    Next Article Companies Are Throttling Employees’ AI Use Because It’s Too Expensive
    admin
    • Website

    Related Posts

    News

    Companies Are Throttling Employees’ AI Use Because It’s Too Expensive

    July 2, 2026
    News

    Alleged Scattered Spider hacker extradited to the United States

    July 2, 2026
    News

    Kubota says hackers had month-long access to network systems

    July 2, 2026
    Add A Comment

    Comments are closed.

    Demo
    Top Posts

    Catchy & Intriguing

    March 17, 202677 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views

    Defending Canada’s Digital Frontier: Combating Phishing, Social Engineering, Ransomware, and Malware

    March 23, 202632 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    85
    Featured

    Pico 4 Review: Should You Actually Buy One Instead Of Quest 2?

    January 15, 2021 Featured
    8.1
    Uncategorized

    A Review of the Venus Optics Argus 18mm f/0.95 MFT APO Lens

    January 15, 2021 Uncategorized
    8.9
    Editor's Picks

    DJI Avata Review: Immersive FPV Flying For Drone Enthusiasts

    January 15, 2021 Editor's Picks

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Demo
    Most Popular

    Catchy & Intriguing

    March 17, 202677 Views

    IP Address Investigations and Local OSINT

    March 20, 202633 Views

    Defending Canada’s Digital Frontier: Combating Phishing, Social Engineering, Ransomware, and Malware

    March 23, 202632 Views
    Our Picks

    Companies Are Throttling Employees’ AI Use Because It’s Too Expensive

    July 2, 2026

    Infosec News Nuggets — July 2, 2026 – AboutDFIR

    July 2, 2026

    Alleged Scattered Spider hacker extradited to the United States

    July 2, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • Home
    • Technology
    • Gaming
    • Phones
    • Buy Now
    © 2026 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.