Friday · July 10, 2026 Vol. I · No. 190
Independent · Aggregated · Daily
"All the news that's worth your time"
Established 2026
The

Krull Report

A Daily News Brief · Curated by Vladimir Krull
Live
Luzardo struts stuff as newly minted All-Star with 7 scoreless in Cincy Wildfires in southern Spain kill 12 amid soaring temperatures 'Cool in 90 seconds' - the fake portable air conditioners sweeping the internet Skenes vs. Misiorowski -- the perfect All-Star Game appetizer South Korean chip giant SK Hynix raises $26.5bn in US share sale Valencia becomes 10th Tiger to homer in first MLB at-bat Here is a look at each club's best Draft pick from the past 10 years Here is a look at each club's best Draft pick from the past 10 years Luzardo struts stuff as newly minted All-Star with 7 scoreless in Cincy Wildfires in southern Spain kill 12 amid soaring temperatures 'Cool in 90 seconds' - the fake portable air conditioners sweeping the internet Skenes vs. Misiorowski -- the perfect All-Star Game appetizer South Korean chip giant SK Hynix raises $26.5bn in US share sale Valencia becomes 10th Tiger to homer in first MLB at-bat Here is a look at each club's best Draft pick from the past 10 years Here is a look at each club's best Draft pick from the past 10 years

Cybersecurity

Technology · Cybersecurity

Most Remediation Programs Never Confirm the Fix Actually Worked

Security teams have never had better visibility into their environments and never been worse at confirming what they fix stays fixed. Mandiant's M-Trends 2026 report puts the mean…

Technology · Cybersecurity

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Microsoft on Tuesday released patches for 138 security vulnerabilities spanning its product portfolio, although none of them have been listed as publicly known or under active att…

Technology · Cybersecurity

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

Cybersecurity researchers are calling attention to a new campaign dubbed GemStuffer that has targeted the RubyGems repository with more than 150 gems that use the registry as a da…

Technology · Cybersecurity

Android Adds Intrusion Logging for Sophisticated Spyware Forensics

Google on Tuesday unveiled a new opt-in Android feature called Intrusion Logging for storing forensic logs to better analyze sophisticated spyware attacks. Intrusion Logging, avai…

Technology · Cybersecurity

New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an…

Technology · Cybersecurity

RubyGems Suspends New Signups After Hundreds of Malicious Packages Are Uploaded

RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." …

Technology · Cybersecurity

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed…

Technology · Cybersecurity

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help

Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dang…

Technology · Cybersecurity

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

TeamPCP, the threat actor behind the recentsupply chain attack spree, has been linked to the compromise of the npm and PyPI packages from TanStack, UiPath, Mistral AI, OpenSearch,…

Technology · Cybersecurity

Why Agentic AI Is Security's Next Blind Spot

Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningfu…

Technology · Cybersecurity

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached…

Technology · Cybersecurity

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations…

Technology · Cybersecurity

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

Apple on Monday officially released iOS 26.5 with support for end-to-end encryption (E2EE) to Rich Communication Services (RCS) in beta as part of a "cross-industry effort" to rep…

Technology · Cybersecurity

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. "If you are using Checkmarx Jenkins AST plugin, you need to ens…

Technology · Cybersecurity

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised enviro…

Technology · Cybersecurity

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marki…

Technology · Cybersecurity

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that shoul…

Technology · Cybersecurity

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room

Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can u…

Technology · Cybersecurity

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to deliver a Rust-based infor…