ENFR
8news

Tech • IA • Crypto

TodayTopicsVideosCryptoArchivesFavorites

Cybersecurity Update July 2, 2026: FortiBleed Ransomware Campaign and Critical SharePoint Vulnerability

CybersecThursday, July 2, 2026

50 articles analyzed by AI / 204 total

Key points

Audio player
0:00 / 0:00
  • Ransomware threat actors have intensified their use of advanced exploitation techniques including Citrix Bleed 2 vulnerabilities, BYOVD methods, and supply chain credential theft, complicating defense efforts across industries worldwide as of mid-2026.[The Hacker News][The Hacker News RSS]
  • The FortiBleed campaign, traced to INC and Lynx ransomware groups, involves coordinated credential theft operations that continue to pose severe risks to organizations, revealing complex cybercriminal collaboration and active attack campaigns.[Cybersecurity Dive][Cybersecurity Dive][The Hacker News][The Hacker News RSS]
  • U.S. government agency CISA added the critical SharePoint RCE vulnerability CVE-2026-45659, rated 8.8 on the CVSS scale, to its Known Exploited Vulnerabilities list following reports of active exploitation, signaling urgent need for patching across affected systems.[The Hacker News RSS][The Hacker News]
  • Navient confirmed a cybersecurity incident compromising borrower data of thousands, highlighting significant exposure risks in the financial services sector and emphasizing the vulnerability of sensitive personal information to cyberattacks.[GuruFocus][GuruFocus]
  • In a high-profile law enforcement effort, the FBI seized hundreds of domains linked to NetNut, an Israeli residential proxy service accused of facilitating cybercrime, marking a major disruption to criminal infrastructure supporting illicit online activities.[Krebs on Security RSS]
  • ToddyCat-linked Umbrij malware leverages OAuth abuse via the Google API to secretly infiltrate Gmail accounts, representing an advanced threat vector targeting corporate email communications with sophisticated malware.[The Hacker News RSS]
  • Ransomware continues to pose a threat to critical infrastructure as demonstrated by the Gentleman Ransomware attack against a major European NATO contractor, underlining the persistent cybersecurity risks facing defense-related organizations.[Cybersecurity Insiders]
  • Phishing attacks remain a major delivery method for ransomware, with cybercriminals distributing malicious payloads through counterfeit Interpol emails, illustrating ongoing challenges in combating social engineering threats.[Cybersecurity Insiders]

Relevant articles