Mastodon Mastodon Mastodon Mastodon

Cybersecurity News

Stay informed about the latest cybersecurity incidents, vulnerabilities, and threat landscape changes. We cover data breaches, ransomware campaigns, critical CVEs, and regulatory updates – with context on what it means for you and how to protect yourself.

SAP logo shield with warning icons illustrating vulnerability risks.

Three Critical SAP Vulnerabilities Patched in July 2026 Release

CyberSecureFox Editorial Team

SAP has released the July 2026 security update bundle, which fixes three critical vulnerabilities: memory corruption in SAP NetWeaver Application ...

Visual representation of Zoom's security vulnerability and patch announcement.

Emergency Zoom Updates Fix Critical Windows Account Takeover Bug

CyberSecureFox Editorial Team

Zoom has released emergency security updates addressing critical vulnerability CVE-2026-53412 with a CVSS score of 9.8 in the Zoom Workplace ...

Graphic illustrating cyberattack on Transport for London featuring a broken screen.

Five-Year Sentences for TfL Cyberattack Linked to Scattered Spider

CyberSecureFox Editorial Team

On 16 July 2026, Woolwich Crown Court sentenced Owen Flowers (18) and Talha Jubair (20) to five and a half ...

Visual representation of AI-assisted attacks on networks, featuring servers and users.

How AI Is Accelerating Real-World Attacks on Active Directory and AWS

CyberSecureFox Editorial Team

In early June 2025, researchers at Huntress documented an incident in which an unknown attacker used a PowerShell script, apparently ...

Diagram illustrating Microsoft 365 phishing tactics using Evilginx.

How Lexfo uncovered dual MFA-bypass phishing for Microsoft 365

CyberSecureFox Editorial Team

The French company Lexfo discovered three active phishing campaigns against Microsoft 365 after taking advantage of one operator’s mistake: they ...

Diagram illustrating Forg365 phishing as a service targeting Microsoft 365.

Inside the Forg365 phishing-as-a-service platform for Microsoft 365

CyberSecureFox Editorial Team

Researchers from ZeroBAC have disclosed details of a new phishing-as-a-service (PhaaS) platform called Forg365, which targets Microsoft 365 accounts. Distributed ...

Joomla interface highlighting critical RCE vulnerabilities with warnings.

Critical iCagenda and Balbooa Forms RCE Flaws Actively Exploited

CyberSecureFox Editorial Team

On July 10, 2026, CISA added two maximum‑severity vulnerabilities to the KEV catalog — CVE-2026-48939 and CVE-2026-56291 — affecting the ...

ModHeader extension graphic highlighting privacy concerns and browser icons.

ModHeader HTTP header editor found with dormant data exfiltration code

CyberSecureFox Editorial Team

Google and Microsoft have removed the popular HTTP header editing tool ModHeader (around 1.6 million installations on Chrome and Edge) ...

Digital illustration depicting a shattered shield symbolizing cyber threat.

RoguePlanet in Microsoft Defender: CVE-2026-50656 Fixed, New DoS Concerns

CyberSecureFox Editorial Team

Microsoft has fixed the critical privilege escalation vulnerability CVE-2026-50656 (RoguePlanet) in Microsoft Defender, rated 7.8 on the CVSS scale, but ...

Illustration of a computer screen showcasing XSS vulnerability in an email.

Zimbra 10.1.19: Mitigating Stored XSS via Malicious Emails

CyberSecureFox Editorial Team

Zimbra has released an update, Zimbra Collaboration Suite 10.1.19, that fixes a stored XSS vulnerability in the Classic Web Client ...