CybersecurityJuly 5, 2026· via Security Affairs

Weekly security roundup: AI ransomware, government breaches, and fresh flaws

Weekly security roundup: AI ransomware, government breaches, and fresh flaws

Image : Security Affairs

This week’s security roundup brings fresh warnings, new attack vectors, and record fines that underscore how fast the threat landscape is shifting.

When the bill comes due: governments and ransomware

A U.S. government agency recently paid a seven-figure sum to the extortion group Kairos, highlighting the persistent dilemma facing public bodies when data is locked or exposed. While exact figures remain undisclosed, the payment underscores the financial pressure on agencies facing operational disruption. Meanwhile, researchers at Citizen Lab found evidence that Pegasus spyware was deployed against a Member of the European Parliament investigating its use, revealing how surveillance tools continue to target high-profile figures.

AI meets extortion: the rise of end-to-end ransomware

A new operation dubbed JADEPUFFER has emerged as one of the first end-to-end AI-driven ransomware campaigns, automating key stages from initial access to negotiation. Security teams are advised to monitor AI tooling closely, as threat actors increasingly blend automation with traditional tactics to scale attacks.

Supply chains and shadow IT: lessons from 2026

The fallout from the 2026 Vercel breach offers a cautionary tale about shadow AI supply chains. Investigators traced a compromise back to unvetted third-party integrations, prompting calls for stricter vetting of AI-powered components in development pipelines.

Patch Tuesday and known exploits

CISA added a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog, urging immediate patching across federal and private networks. Separately, Oracle confirmed active exploitation of a flaw in E-Business Suite, while Apple rolled out fixes for WebKit bugs in iOS and macOS, with AI-assisted testing speeding up discovery and remediation.


Source: Security Affairs. AI-assisted editorial synthesis — TechnoExpress.

Read the original source on Security Affairs →

← Back to home