14 Jul, 2026

OpenAI temporarily relaxes GPT-5.6 Sol usage limits

OpenAI is temporarily relaxing GPT-5.6 Sol usage limits after demand for the company’s most powerful model surged over the past 48 hours. On Sunday, OpenAI confirmed that it is temporarily removing the five-hour usage restriction for Plus, Pro, and Business plans, while also resetting current usage for everyone. “The last 48 hours of Codex and […]

1 min read

Claude Fable 5 stays free for paid users until July 19 as Anthropic buys more time

Anthropic has just extended access to Claude Fable 5 for paid subscribers until July 19, giving you another week to keep using the most powerful model. Previously, Anthropic said Fable 5 would be included in Pro, Max, Team, and premium Enterprise subscriptions only through July 7. After that, you would need usage credits to keep […]

2 mins read

RedHook Android malware now uses Wireless ADB for shell access

A new version of the RedHook Android malware abuses the Android Wireless Debugging (Wireless ADB) mechanism in a novel way to gain shell-level privileges without requiring a computer connection. Researchers at cybersecurity company Group-IB analyzed the new release of the mobile malware and say that it significantly expands its capabilities compared to the previous variant […]

3 mins read

Australia warns of global campaign targeting vulnerable CMS platforms

The Australian Cyber Security Centre (ACSC) issued an alert about a global exploitation campaign targeting vulnerable content management systems (CMS) and plugins. The government agency says that many Australian businesses have already been affected by the malicious activity, with webshells being deployed on their sites. Webshells provide persistent access to the compromised sites and allow […]

2 mins read

‘Ghostcommit’ hides prompt injection in images to fool AI agents, steal secrets

Researchers have built a pull request that steals a repository’s secrets by hiding the malicious instruction inside a PNG that AI code reviewers never open. The reviewer waves the change through. Later, a coding agent reads the picture, opens the repo’s .env, and writes every key into the source as a harmless-looking list of numbers. […]

6 mins read

New U-Boot flaws could enable stealthy firmware attacks

Six vulnerabilities in the widely used U-Boot bootloader have been discovered that could allow attackers to execute malicious code during device boot, potentially enabling stealthy firmware attacks that compromise security protections and install persistent malware. U-Boot is one of the world’s most widely used open-source bootloaders and is found in many embedded Linux devices, including […]

4 mins read

Ryuk ransomware member pleads guilty in the US, faces 15 years in prison

A 34-year-old Armenian man has pleaded guilty to hacking U.S. companies and deploying the infamous Ryuk ransomware to encrypt their systems. Karen Serobovich Vardanyan was extradited to the United States after beingĀ arrested in Kyiv in April 2025Ā for providing initial access to corporate networks. According to court documents, Vardanyan helped deploy Ryuk ransomware on the networks […]

2 mins read

Police suspects Dutch hackers were involved in Odido breach

The Dutch National Police (Politie) says it has found “strong indications” that Dutch hackers have been involved in a February breach at the telecommunications provider Odido. “This includes a telephone conversation that was made with Odido customer service shortly before the hack. In this conversation, a Dutch-speaking man posed as Odido’s IT employee. The company […]

3 mins read

Progress urges ShareFile admins to shut down servers over ā€œcredibleā€ threat

Progress Software is emailing ShareFile customers who use Storage Zone Controllers to immediately shut down their servers after identifying what it describes as a “credible external security threat” targeting the on-premises secure file-sharing software. ShareFile is Progress Software’s enterprise secure file sharing and collaboration platform that allows customers to host their files in Progress’ cloud […]

3 mins read

Hackers exploit critical auth bypass in Gitea Docker image

Hackers are actively exploiting a critical vulnerability in the official Docker image for the Gitea self-hosted Git service that allows attackers to impersonate any user, including administrators. The security flaw is an authentication bypass vulnerability, tracked as CVE-2026-20896, that affects deployments using the default configuration, where reverse proxy authentication headers such as X-WEBAUTH-USER are enabled. Michael […]

2 mins read