Infosec bits for 2026 week 28
Heloise Meyer
| July 10, 2026, 3 p.m.
Cybersecurity News:
Which industry & country has the worst email security? An analysis of 5,800+ domains for SPF, DMARC, DKIM & MTA-STS protocols [Rebecca Moody, Comparitech]
Hackers exploit Roundcube flaw to spy on academic researchers [Bill Toulas, BleepingComputer]
Statistical Report on Malware Targeting Linux SSH Servers in the Second Quarter of 2026 [ASEC, ASEC]
Non-interactive SSH attacks dominate after login [Sinisa Markovic, HelpNetSecurity]
Malware:
GodDamn Ransomware: Latest Beast Rebrand Uses Malicious Driver to Disable Defenses [Symantec and Carbon Black, Symantec]
Cyberattacks & Breaches:
Accenture Confirms Data Breach After Hacker Claims Source Code Theft [Ionut Arghire, SecurityWeek]
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs [Ravie Lakshmanan, The Hacker News]
Vulnerabilities and Patches:
Critical bugs enable hackers to take control of Ubiquiti devices [Ernestas Naprys, Cybernews]
New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android [Swati Khandelwal, The Hacker News]
Foxit PDF Reader Flaws Enable Arbitrary Code Execution [Do Son, Daily CyberSecurity]
Microsoft Reins in RoguePlanet Zero-Day Threat [Rob Wright, DarkReading]
Chrome 150 Update Patches 27 Vulnerabilities [Ionut Arghire, SecurityWeek]