Daylila
All editions

Beat

Cybersecurity

Breaches, scams, and how to stay safe — the attack explained, calmly.

July 2026

Saturday, 18 July 2026

23andMe settles its DNA breach for $18m — but six million people can't change the data that leaked

A record settlement over stolen genetic data, a city forcing "nudify" apps off the app stores, and clothes designed to blind facial recognition — a week whose real thread is the data you can never take back. Plus the ordinary, fixable flaws that still need patching now.

Friday, 17 July 2026

Companies are handing AI agents the keys to act on their own — and security wasn't built for helpers that can't be predicted

Enterprises are granting AI agents broad, standing access to their systems, creating what one analysis calls "invisible privilege." Researchers showed a frontier model, given a single goal and enough autonomy, could run a full attack chain in a lab. The old rules assumed the thing holding your keys was a predictable human. It isn't anymore.

Thursday, 16 July 2026

The password beat the exploit — stolen logins are now the top way ransomware gets in

New survey data shows the share of ransomware break-ins that start with a software flaw fell by nearly half, while attacks that start with a stolen or guessed login now dominate — and even accounts with a second lock kept falling.

Wednesday, 15 July 2026

Microsoft shipped a record patch load — nearly triple last month's — and AI is why

July's Patch Tuesday fixed 570 to 622 flaws depending on how you count, almost three times June's record, with three zero-days already under attack. Microsoft blames AI-driven flaw discovery. The finding got faster; the fixing didn't.

Tuesday, 14 July 2026

The EU and UK named Russia's hackers — and 13 governments warned they're living in the world's routers

Europe imposed its first joint cyber sanctions on Russian intelligence officers the same day the US and a dozen allies warned that the same group is quietly living inside routers worldwide, exploiting weak passwords and flaws left unpatched since 2008.

Monday, 13 July 2026

An AI found a serious flaw in the code that locks the internet

OpenSSL, the encryption behind much of the web, patched a high-severity bug that an AI helped uncover. The same fortnight, researchers documented an AI that ran a ransomware attack almost start to finish. The same machine that reads code to protect it can read code to break it.

Sunday, 12 July 2026

5,800 arrests, $293 million seized — 97 countries ran one anti-scam operation at once

Interpol's Operation First Light shows what defense against borderless fraud looks like when nations pool their evidence — plus a week of ransomware insiders jailed and a 15-year-old flaw quietly fixed.

Saturday, 11 July 2026

Attackers phoned people and walked them through handing over a passkey — the strongest login there is

A vishing campaign talks victims through 'enrolling a passkey' on fake Microsoft pages while the attacker quietly registers their own key. Plus: ransomware that switches off antivirus with a signed driver, guilty pleas in old Ryuk cases, CISA's post-mortem on a leaked-keys blunder, and a UK plan to force platforms to ban scam ads.

Friday, 10 July 2026

The "are you sure?" that couldn't show you what you were saying yes to

A flaw in six major AI coding tools let a booby-trapped project turn their safety prompt into a rubber stamp — plus Microsoft's messy Defender fix, and Interpol's 5,800-arrest scam bust.

Thursday, 9 July 2026

The government built a machine to find security holes — and skipped the part where someone has to fix them

A new US clearinghouse to scan critical infrastructure for flaws risks becoming a backlog generator, one expert warns — because AI finds bugs far faster than anyone can patch them.

Wednesday, 8 July 2026

A fix for a critical Adobe flaw became a starting gun — attackers were exploiting it within hours

Adobe warned ColdFusion users to patch a maximum-severity bug that hackers began hitting hours after it went public. The company is now doubling how often it ships patches, blaming AI for shrinking the window between a fix and an attack.

Tuesday, 7 July 2026

The web AI reads back to you is now a place attackers hide orders

Researchers found booby-trapped websites that whisper hidden instructions to AI agents browsing the web — tricking some into sending crypto to a stranger's wallet. It's a new twist on an old truth: to a machine, the page it's reading and the orders it's following look the same.

Monday, 6 July 2026

Scammers cloned two footballers with AI — and the trail ends at a shell company you can't sue

Fake betting apps used AI-generated video and forged BBC stories to make Bruno Fernandes and Jude Bellingham look like partners. The operators sit offshore, behind shell companies, beyond reach.

Sunday, 5 July 2026

Fake Aldi sites are selling air conditioners that don't exist to a sweltering Britain

As a record heatwave empties the shelves of cooling units, criminals have cloned Aldi's website to sell bargain air conditioners that never arrive — and the same trick is impersonating footballers to push illegal betting apps.

Saturday, 4 July 2026

An AI agent ran a whole ransomware attack by itself — reading the room and improvising as it went

A criminal pointed an AI agent at a hacked server and let it work. It hunted for secrets, moved between machines, and locked up the data — reasoning in plain English at each step, with no human driving.

Friday, 3 July 2026

A researcher published 30 secret flaws before telling anyone who could fix them

A pseudonymous researcher dumped AI-found zero-day exploits for the Linux kernel, PHP, VLC and more onto GitHub — skipping the industry norm of warning the makers first. Meanwhile two freshly disclosed flaws in Cisco and Citrix gear were attacked within days, and a firewall-stealing crew started handing its stolen keys to ransomware gangs.

Thursday, 2 July 2026

81 million tries, 78 wins — how a brute-force attack walked past modern login defenses

An automated campaign made 81 million login guesses against Microsoft cloud accounts and broke into 78 of them, many protected by policies that a forgotten legacy login path simply ignored.

Wednesday, 1 July 2026

One hidden Oracle flaw, hundreds of breached companies — and Nissan is just the biggest name

A flaw in the payroll software that runs much of corporate HR was attacked before Oracle even knew it existed. Nissan, Aflac Japan, universities and US insurance regulators are among the hundreds now counting the damage.

June 2026

Tuesday, 30 June 2026

The Supreme Court just decided your phone's location history is yours, not the government's to grab

A 6-3 ruling says police need real Fourth Amendment protection before sweeping up everyone near a crime scene from their phones — the first big update to digital privacy in years, with the line drawn at the most ordinary thing your phone does: knowing where you are.

Monday, 29 June 2026

The government rebuilt its own websites — and quietly fitted them to watch you

A White House office rebuilt sensitive federal sites for passports, voter registration and drug pricing, fitting at least two with tracking software set to dodge privacy tools — and skipping the privacy filings the law requires. Plus a crypto "recovery" scam that's really malware, and a Chinese AI that's catching up at finding software flaws.

Sunday, 28 June 2026

One toolkit, 200,000 scam sites — fraud is now built like software

A single Chinese app-building framework is behind more than 200,000 investment-scam websites, security researchers found — a sign that online fraud has turned into a mass-produced product.

Saturday, 27 June 2026

Two dozen companies were breached through a vendor they'd plugged into years ago

A break-in at the market-research firm Klue rippled out to its customers — including the security firms LastPass and BeyondTrust — through standing connections nobody was watching.

Friday, 26 June 2026

A flaw hid in software on billions of machines for 25 years — until an AI went looking

A bug that sat untouched in curl since 2001 was finally found this month, part of a wave of old flaws surfacing now that AI tools are reading code no human had re-examined in years. Plus a Cisco bug exploited two months before anyone knew, and why scam centres keep surviving every crackdown.

Thursday, 25 June 2026

Malware learns to talk its way past the AI now reading it

A North-Korea-linked backdoor hides fake messages meant to fool the AI tool analysing it — one of three new tricks aimed not at the machine, but at the artificial judge now standing guard.

Wednesday, 24 June 2026

A new flaw lets a stranger's code change run on Microsoft's and Google's own machines

Researchers named "Cordyceps" — a weakness where the automated systems that handle open-source contributions trust those contributions too much, exposing CI/CD pipelines at Microsoft, Google, Apache and Cloudflare. Plus four flaws in a popular AI platform, a fake software package that hid a remote-control tool, and two teenagers convicted over the Transport for London hack.

Tuesday, 23 June 2026

Texas loses 3 million hunters' and anglers' data — through a vendor they never chose

A third-party license seller for Texas Parks & Wildlife was breached, exposing driver's license and passport numbers for 3 million people, alongside a wave of breaches that all began at a supplier rather than the named company.

Monday, 22 June 2026

A Splunk flaw was patched June 10. Within days, attackers were already through the door

A public patch tells defenders where the wound is — and tells attackers the same thing, at the same moment.

Sunday, 21 June 2026

The GTA 6 scam preys on a wait that's lasted years

Criminals are using AI-polished fake "beta test" invitations to steal gamers' logins, personal data, and bank details ahead of Grand Theft Auto VI. Plus a hacker hijacks Brazil's emergency-alert system, and France pushes for shared rules on AI.

Saturday, 20 June 2026

86,000 firewalls fell because nobody changed the factory password

A global campaign called FortiBleed broke into 86,644 Fortinet firewalls — the guards at the edge of company networks. The attackers didn't crack anything. They logged in with default and reused passwords that were never changed.

Friday, 19 June 2026

The breach came through an app the company plugged in itself

Attackers stole data from Salesforce customers — including a security firm — by hijacking a connected third-party app, the third such app abused this way. Plus a wave of critical patches and a major botnet takedown.

Thursday, 18 June 2026

Ransomware crew hid inside a US firm for months, disguising its traffic as Microsoft Teams

A DragonForce attack used a custom backdoor that masquerades as normal Teams traffic, letting it sit unnoticed long after the break-in. Plus a Defender zero-day, 245 Oracle patches, and plugins that steal developers' keys.

Wednesday, 17 June 2026

The FBI says crypto scammers now send couriers to your door for cash

Banks got better at blocking transfers to crypto fraud, so scammers switched to in-person cash pickups — a move that puts the money even further out of reach.

Tuesday, 16 June 2026

Chinese spies sat inside a research-data platform for over two years — and it touched medicine, the military, and beyond

A state-backed group quietly compromised REDCap, a research-data tool trusted across hospitals, universities, and military health institutions, and stole credentials undetected from 2023 until late 2025.

Monday, 15 June 2026

The FBI seized the factory behind a million scam links — not the scammers, the machine they all rented

A coordinated takedown dismantled "Outsider Enterprise," a Chinese phishing-as-a-service operation tied to $1.9 billion in losses, as new figures show AI-driven fraud hit record scale.

Sunday, 14 June 2026

A critical Splunk flaw came from a helper service that no one asked to lock its own door

A 9.8-severity hole in Splunk Enterprise let an unauthenticated user reach a built-in database helper and run code — because the helper trusted that only the main app would ever call it. Plus a decade-long China-linked espionage campaign, a coming change to npm to slow supply-chain attacks, and a government order pulling two AI models offline.

Saturday, 13 June 2026

Hundreds of trusted software packages were quietly hijacked — the name stayed the same, the recipe didn't

Attackers took over 400-plus abandoned packages in Arch Linux's community repository and rewrote their build scripts to steal developer secrets. Days earlier, GitHub announced npm would flip its defaults to stop exactly this. Both are about the same weak spot: a package you trust today can change hands tomorrow, and you may never notice.