DJBSEC's CyberNews 2026-07-13

Today’s daily news covers the following categories: Threat Intelligence Vulnerability Malware


Anthropic Extends Free Access to Claude Fable 5 for Paid Subscribers

Threat Intelligence Anthropic has extended free access to its Claude Fable 5 model for paid subscribers through July 19 while it continues expanding compute capacity. The company says the extension will give users uninterrupted access as additional infrastructure comes online to support demand. Claude Fable 5 is designed for advanced reasoning, software engineering, and cybersecurity workflows, making it popular among security researchers and developers. The decision reflects the growing demand for AI models capable of assisting with defensive cybersecurity tasks. It also highlights the infrastructure challenges AI providers face as increasingly powerful models see widespread adoption. Read More

KittySploit Offers New Open-Source Penetration Testing Framework

Threat Intelligence Researchers have highlighted KittySploit, a new open-source penetration testing framework designed to assist security professionals with vulnerability assessments and exploitation testing. The platform includes modules for reconnaissance, exploitation, post-exploitation, and reporting, positioning it as an alternative to existing offensive security tools. While intended for authorized security testing, experts note that publicly available frameworks can also be adopted by threat actors if misused. Organizations are encouraged to monitor for indicators associated with commonly used penetration testing tools and ensure only authorized assessments are conducted. The release reflects the continued evolution of open-source security tooling. Read More

Progress Urges ShareFile Customers to Shut Down Vulnerable Servers

Vulnerability Progress has advised ShareFile customers to immediately take vulnerable on-premises servers offline after identifying a serious security issue affecting the platform. The company warned that attackers may already be exploiting the flaw, making rapid action essential to prevent unauthorized access and potential data compromise. Customers are being instructed to isolate affected systems while patches and remediation guidance are applied. Security researchers stress that internet-facing file sharing platforms remain attractive targets because they often contain sensitive business information. The incident underscores the importance of responding quickly to vendor advisories involving actively exploited vulnerabilities. Read More

CISA Adds Two New Vulnerabilities to Known Exploited Vulnerabilities Catalog

Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency has added vulnerabilities affecting iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities (KEV) Catalog after confirming active exploitation in the wild. Federal agencies are required to remediate the flaws within established deadlines, and private organizations are strongly encouraged to do the same. Inclusion in the KEV Catalog signals that attackers are actively leveraging these vulnerabilities against real-world targets. Security experts recommend prioritizing remediation ahead of routine patch cycles. The update serves as another reminder that known vulnerabilities remain one of the most common avenues for successful cyberattacks. Read More

Compromised Jscrambler NPM Release Raises Supply Chain Concerns

Malware Researchers have discovered that a compromised release of the Jscrambler NPM package was modified to include malicious code capable of affecting downstream developers. The tampered package highlights the continuing threat of software supply chain attacks targeting open-source ecosystems and developer workflows. Anyone who installed the affected version may have unknowingly exposed credentials, build environments, or application infrastructure to attackers. Security experts recommend verifying package integrity, enabling dependency monitoring, and reviewing systems that used the compromised release. The incident reinforces the importance of securing software dependencies throughout the development lifecycle. Read More




Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • DJBSEC's CyberNews 2026-07-16
  • DJBSEC's CyberNews 2026-07-15
  • DJBSEC's CyberNews 2026-07-14
  • DJBSEC's CyberNews 2026-07-10
  • DJBSEC's CyberNews 2026-07-09