Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

Security researcher Chaotic Eclipse released a new proof-of-concept exploit called LegacyHive, which leverages a Windows User Profile Service vulnerability to achieve arbitrary hive load elevation of privileges. The exploit works on all supported Windows versions, including those patched in the latest July 2026 update, and allows non-admin users to modify registry hives of other accounts, posing a significant privilege escalation risk. Microsoft is investigating the vulnerability and committed to addressing it, while the incident highlights ongoing challenges in coordinated vulnerability disclosure and security patching.

https://thehackernews.com/2026/07/researcher-drops-new-windows-zero-day.html

Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution

A flaw in the Cursor IDE on Windows allows arbitrary code execution when opening a cloned repository containing a malicious git.exe file in its root, as the IDE automatically runs this binary without prompts or warnings. Reported by AI security firm Mindgard in December 2025, the vulnerability remains unpatched and unacknowledged by Cursor despite full disclosure and repeated follow-ups. Similar issues affecting other AI/code tools highlight a persistent threat where malicious binaries in project folders execute automatically, emphasizing the need for defensive measures like application controls or sandboxing when opening untrusted repositories.

https://thehackernews.com/2026/07/cursor-flaw-lets-malicious-cloned.html

The Memory Heist

A security researcher demonstrated a method to exfiltrate personal data from the AI assistant Claude by exploiting its web browsing feature and memory system. By creating a malicious website that mimics a legitimate service and leverages Claude's ability to navigate hyperlinks, the researcher tricked Claude into leaking sensitive user information such as full name, employer, and hometown without user consent. Following responsible disclosure, Anthropic mitigated the vulnerability by restricting Claude's web navigation capabilities.

https://www.ayush.digital/blog/the-memory-heist

Warning: Scammers Are Using FaceTime to Empty Bank Accounts

Scammers are exploiting FaceTime to conduct social engineering attacks, impersonating Apple Support or banks to trick users into revealing sensitive information or installing remote-access software, potentially leading to drained bank accounts. Apple urges users to avoid sharing personal data during unsolicited calls, keep devices updated, and report suspicious FaceTime calls to help mitigate these threats.

https://www.malwarebytes.com/blog/news/2026/07/warning-scammers-are-using-facetime-to-empty-bank-accounts

Microsoft’s Secure Boot Has Been Broken for a Decade and No One Noticed Until Now

Researchers at security firm ESET discovered that Microsoft’s Secure Boot, designed to prevent malicious firmware infections, has been bypassable for 13 years due to old, vulnerable “shim” binaries that were never revoked despite known defects. This flaw affects both Windows and Linux devices by allowing attackers to load malicious firmware at boot time, persisting even after OS reinstallation; Microsoft only revoked the faulty shims after ESET’s report in June 2026. The incident highlights inherent complexity and trust issues in the Secure Boot model, which depends heavily on Microsoft’s oversight and has struggled to handle revocations and scaling effectively.

https://arstechnica.com/security/2026/07/microsoft-secure-boot-has-been-broken-for-most-of-its-existence/

Microsoft Patches Record 622 Flaws, Including Two Zero-Days Under Active Attack

Microsoft released its largest Patch Tuesday to date, addressing 622 vulnerabilities, including two zero-day elevation-of-privilege flaws actively exploited in SharePoint Server (CVE-2026-56164) and Active Directory Federation Services (CVE-2026-56155). Organizations are urged to prioritize these patches despite their moderate severity ratings, as both affect critical identity and collaboration infrastructure, and attackers are currently exploiting them. The update also ends support for SharePoint Server 2016 and 2019, and continues Kerberos RC4 hardening, which may cause authentication issues if service accounts still rely on RC4.

https://thehackernews.com/2026/07/microsoft-patches-record-622-flaws.html

New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email

Researchers have demonstrated a novel “MemGhost” attack that injects persistent false memories into AI personal assistants through a single crafted email, causing the AI to save deceptive information without alerting the user. Targeting assistants like OpenClaw that maintain memory files and access user inboxes, the attack stealthily alters the assistant’s knowledge base, influencing future interactions while evading detection by existing filters and user oversight. The study highlights a critical vulnerability where AI memory writes from untrusted inputs remain unregulated, urging the need for provenance tracking, user approval, and audit logging to mitigate such persistent memory poisoning risks.

https://thehackernews.com/2026/07/new-memghost-attack-plants-persistent.html

Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking

A study analyzing 281 free Android VPN apps from the Google Play Store found widespread security failures, including traffic leaks, unencrypted data transmission, and extensive user tracking, affecting apps with over 2.4 billion installs. The researchers identified serious vulnerabilities like tunnel hijacking and DNS leaks, with many apps failing to encrypt configuration files or disguising VPN traffic, while most also connected to known tracking servers, compromising user privacy despite VPN claims. The findings underscore persistent weak engineering in free VPN apps and highlight the importance of trusting reputable providers with proven security audits.

https://thehackernews.com/2026/07/study-of-281-free-android-vpn-apps.html

Apple’s MacOS Security Gap Lets Users Disable Security Tools

Researchers at XM Cyber discovered a macOS vulnerability that allows standard users to disable security tools like CrowdStrike Falcon EDR and Kandji MDM by exploiting flaws in how the OS caches and trusts application cryptographic hashes (CDHash). This issue enables attackers to impersonate trusted app components and invoke privileged Cross-Process Communication (XPC) services without administrator privileges, impacting numerous macOS applications relying on XPC. While some vendors have patched the flaw, Apple reportedly does not plan to fix the underlying OS issue, leaving developers to implement their own mitigations.

https://www.darkreading.com/application-security/apple-macos-security-gap-users-disable-security-tools

Evolving Windows Vulnerability Management to Meet the Speed of AI-powered Discovery

Microsoft is enhancing Windows vulnerability management by leveraging AI-powered tools like the multi-model agentic scanning harness (MDASH) to accelerate discovery, prioritization, and remediation of security issues across its codebase. The company integrates AI into its engineering and validation processes to speed up fixes while maintaining update quality, and provides customers with tools and guidance to deploy timely security updates safely, supporting a shift toward continuous, risk-based patching to reduce exposure amid growing AI-driven vulnerability discovery.

https://blogs.windows.com/windowsexperience/2026/07/09/evolving-windows-vulnerability-management-to-meet-the-speed-of-ai-powered-discovery/

Lone Attacker Uses AI to Breach AWS Cloud Environment in 72 Hours

A lone attacker leveraged AI-driven workflows to quickly exploit multiple weaknesses across an AWS cloud environment, conducting extensive reconnaissance, credential harvesting, and deployment pipeline abuse within 72 hours, leading to financial extortion of a major Amazon customer. The attacker chained together vulnerabilities in applications, cloud resources, and CI/CD pipelines to systematically steal secrets, create backdoors, and disrupt operations, demonstrating an accelerated attack tempo enabled by AI. Security experts warn organizations must enhance automated detection, response capabilities, and containment procedures to address the increased speed and scale of AI-assisted cloud attacks.

https://www.darkreading.com/cloud-security/lone-attacker-ai-breach-aws-cloud-environment

Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Researchers demonstrated a proof-of-concept attack called “Friendly Fire” that tricks AI coding agents like Anthropic's Claude Code and OpenAI's Codex, running in autonomous modes, into executing malicious code hidden in untrusted third-party repositories. The attack exploits these agents' design, leading them to run disguised payloads—such as a script suggested in a README file—without user approval, highlighting significant security risks when using AI agents to vet external code. Experts recommend avoiding giving such AI agents command execution capabilities over untrusted code and caution against relying solely on model updates or sandboxing as defenses.

https://thehackernews.com/2026/07/friendly-fire-ai-agents-built-to-catch.html

Patch for Windows Defender 0-Day Could Allow Attackers to Fill Hard Disk

A patch released by Microsoft to fix a zero-day vulnerability (CVE-2026-50656) in the Windows Defender malware protection engine may cause affected Windows machines to write excessively large files that can fill the hard disk. Researcher NightmareEclipse reported that new defense-in-depth mitigations introduced in the patch cause the engine to leak data when handling certain files and their associated Zone.Identifier metadata, potentially allowing attackers to exhaust disk space via specially crafted SMB server responses. Microsoft has not yet confirmed the disk-filling behavior, while the researcher’s ongoing public disclosures highlight a continued dispute with Microsoft over vulnerability handling.

https://arstechnica.com/security/2026/07/patch-for-windows-defender-0-day-could-allow-attackers-to-fill-hard-disk/

Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges

Microsoft has released a security update to patch a privilege escalation vulnerability known as RoguePlanet (CVE-2026-50656) in its Malware Protection Engine, which could allow attackers to gain SYSTEM-level privileges and execute arbitrary code. The flaw, disclosed by researcher Chaotic Eclipse, exploited a race condition and affected fully patched Windows systems, but Microsoft’s update has mitigated the issue along with adding defense-in-depth improvements. Additionally, the researcher identified a potential new data leak caused by the patch that requires further investigation.

https://thehackernews.com/2026/07/microsoft-patches-rogueplanet-defender.html

New Ghost Phishing Wave Is Breaking Traditional Email Security

A new “ghost phishing” campaign called EvilTokens uses encrypted phishing pages that only decrypt and display malicious content within the victim's browser, bypassing traditional email and URL security checks. This technique primarily targets Microsoft 365 users across industries in the US and Europe, enabling account takeover without stealing passwords directly and complicating detection and response efforts. Security teams are urged to adopt browser-level sandboxing tools that reveal hidden phishing behaviors in real time to shorten exposure windows and improve incident containment.

https://thehackernews.com/2026/07/new-ghost-phishing-wave-is-breaking.html

Scroll to Top