Cybersecurity News | Daily Recap [01 Jul 2026]

Cybersecurity News | Daily Recap [01 Jul 2026]
Daily Recap, Citrix patched multiple NetScaler issues, including a new HTTP/2 Bomb and bugs tied to CitrixBleed, while Progress Kemp LoadMaster faced active exploitation attempts for a pre-auth RCE flaw. Across AI and threats, Microsoft warned that poisoned MCP tool descriptions can lure AI agents into leaking data, and security researchers reported Azure CLI password-spraying against at least 78 Microsoft accounts, with additional supply-chain abuse via malicious PyPI packages targeting Telegram bot servers.
#Citrix #NetScaler #HTTP2Bomb #CitrixBleed #ProgressKemp #LoadMaster #PreAuthRCE #Mythos #Fable #MythosFable #MCP #BioShocking #Monero #Langflow #AzureCLI #PasswordSpray #RustDuck #PyPI #Telegram #CISA #CIA #RussellVought #Ratcliffe

Vulnerabilities & Patches

  • Citrix patched multiple NetScaler flaws, including a new HTTP/2 Bomb issue and another bug with echoes of CitrixBleed, while Progress Kemp LoadMaster is facing active exploitation attempts for a pre-auth RCE flaw. – NetScaler Fixes, NetScaler Flaw, LoadMaster RCE
  • Adobe released patches for critical ColdFusion and Campaign Classic vulnerabilities, and Google fixed 382 Chrome vulnerabilities. – Adobe Patches, Chrome Fixes

AI, Cloud & Platform Security

  • The U.S. lifted export control restrictions on Anthropic’s Mythos and Fable, and Anthropic restored Claude Fable 5 after the policy change tied to jailbreak concerns. – Export Controls, Claude Restored
  • Microsoft warned that poisoned MCP tool descriptions can trick AI agents into leaking data, while a new BioShocking attack can manipulate AI browsers into theft. – MCP Warning, BioShocking
  • Langflow RCE was exploited to deploy a Monero miner on exposed AI app endpoints, showing continued abuse of misconfigured AI services. – Langflow Exploit
  • Microsoft is accelerating its quantum-safe roadmap as post-quantum risks grow, signaling earlier adoption of cryptographic defenses. – Quantum-Safe Roadmap
  • Security experts urged enterprises to ask vendors tougher questions about frontier AI risk, governance, and deployment controls. – Frontier AI

Threats, Malware & Exploitation

  • A massive Azure CLI password-spray campaign hit at least 78 Microsoft accounts using more than 81M attempts, highlighting large-scale credential abuse. – Azure Spray
  • RustDuck botnet was rebuilt in Rust to hijack routers and servers for DDoS, expanding its offensive infrastructure. – RustDuck Botnet
  • Malicious PyPI packages were found taking over Telegram bot servers, underscoring supply-chain risk in open-source ecosystems. – PyPI Abuse

Phishing & Fraud

  • A phishing kit described as more like BEC-as-a-service points to increasingly commoditized business email compromise tooling. – BEC Kit
  • Research on underground tradecraft shared lessons on how to better defend against Business Email Compromise. – BEC Lessons
  • A fake Perplexity extension in the Chrome Web Store was caught tracking searches, adding another browser-based privacy threat. – Fake Extension

Government & Intelligence

  • Russell Vought signaled openness to re-staffing CISA after prior budget cuts, while CIA chief Ratcliffe highlighted major shifts in the agency’s technology approach. – CISA Staffing, CIA Tech Shift

Cybersecurity News | Daily Recap – hendryadrian.com