Table of Contents
July 3, 2026 | Read Online
Flock surveillance expansion, NetNut proxy network disruption, and AI training data poisoning…
Executive Summary
Cybersecurity threats continue to evolve with malicious actors adapting to disruptions. The recent Flock Cameras surveillance expansion highlights concerns over private data collection without consent. Meanwhile, the NetNut proxy network disruption has cut off access for millions of compromised devices. Additionally, AI training data poisoning has become a growing concern as attackers exploit trust mechanisms.
Top Articles
Flock Cameras Can Surveil Cars Without License Plates Flock’s “Vehicle Fingerprint” feature allows law enforcement to gather information on vehicles without license plates. This raises concerns over private data collection and surveillance. Schneier
Fake Google and Cloudflare Verification Pages Spread StealC, HijackLoader, and NetSupport Malware Threat actors are exploiting sophisticated social engineering campaigns to distribute malware families, including StealC, HijackLoader, and NetSupport RAT. GBHackers
Microsoft Exchange SSRF Vulnerability Lets Low-Privileged Attackers Read Arbitrary Files A newly disclosed vulnerability in Microsoft Exchange exposes a critical server-side request forgery (SSRF) flaw, allowing low-privileged users to access and read arbitrary files. GBHackers
New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android A newly disclosed Linux kernel flaw called Bad Epoll lets an ordinary user with no special access take full control of a machine as root. The Hacker News
Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices Security firm runZero has disclosed seven vulnerabilities in FatFs, a small filesystem library used in millions of embedded devices. The Hacker News
PamStealer macOS Infostealer Uses Rust Payload to Validate and Steal Passwords A newly discovered macOS infostealer, dubbed PamStealer, disguises itself as the popular open-source clipboard manager Maccy while quietly harvesting credentials. CyberPress
Scammers Use Fake App Store Listings and Reviews to Trick Users Into Installing Gambling PWAs Cybercriminals are leveraging fake social media advertisements, forged app store listings, and Progressive Web Apps (PWAs) to trick users into installing online gambling platforms. CyberPress
NetNut proxy network disrupted, 2 million infected devices cut off A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices. BleepingComputer
ARToken PhaaS exposes EvilTokens’ Microsoft 365 phishing toolkit A new phishing-as-a-service (PhaaS) platform dubbed “ARToken” appears to operate as an affiliate of the EvilTokens phishing platform, giving researchers a glimpse into an extensive toolkit designed to compromise Microsoft 365. BleepingComputer
In Other News: Canadian Hacker Jailed, Open Source Zero-Days, Two Sentenced for ATM Jackpotting Noteworthy stories that might have slipped under the radar include a jailed Canadian hacker, researcher drops zero-days in open source projects, and Venezuelans sentenced in the US over ATM jackpotting. SecurityWeek
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.
