DJBSEC's CyberNews 2026-07-14

Today’s daily news covers the following categories: Threat Intelligence Vulnerability Malware


Anthropic Extends Claude Fable 5 Access Through July 19

Threat Intelligence Anthropic has extended free access to its Claude Fable 5 model for paid subscribers through July 19 as it works to expand compute capacity and stabilize service availability. The company says the additional time will allow more infrastructure to come online while maintaining uninterrupted access for existing users. Claude Fable 5 has gained significant attention for its advanced capabilities in software engineering, vulnerability analysis, and cybersecurity research. Industry observers say the extension reflects both the growing demand for AI-assisted security tools and the infrastructure challenges of deploying increasingly capable models. Anthropic continues to emphasize safeguards intended to balance powerful defensive capabilities with responsible AI use. Read More

KittySploit Brings a New Open-Source Penetration Testing Framework

Threat Intelligence Researchers are highlighting KittySploit, a new open-source penetration testing framework designed to streamline authorized security assessments. The framework includes modules for reconnaissance, exploitation, privilege escalation, post-exploitation, and reporting, making it a comprehensive toolkit for security professionals. Like other offensive security frameworks, KittySploit is intended for ethical testing but could also be abused by malicious actors if used without authorization. Security teams are encouraged to monitor for the presence of penetration testing tools in environments where they are not expected. The release reflects the continued evolution of open-source tooling available to both defenders and attackers. Read More

Progress Urges ShareFile Customers to Immediately Shut Down Vulnerable Servers

Vulnerability Progress has instructed customers running affected on-premises ShareFile servers to immediately disconnect them from the internet following the discovery of a critical security issue. The company believes attackers may already be attempting to exploit the vulnerability, making rapid isolation essential while remediation efforts continue. Customers are being advised to apply vendor guidance before returning affected systems to production. Because file-sharing platforms often contain sensitive business documents, successful exploitation could have significant consequences. The incident underscores the importance of responding quickly to vendor advisories involving actively exploited enterprise software. Read More

CISA Adds iCagenda and Balbooa Forms Flaws to Known Exploited Vulnerabilities Catalog

Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency has added vulnerabilities affecting iCagenda and Balbooa Forms to its Known Exploited Vulnerabilities (KEV) Catalog after confirming active exploitation. Federal agencies must remediate the flaws within required timelines, while private organizations are strongly encouraged to prioritize patching. Inclusion in the KEV Catalog indicates attackers are already exploiting the vulnerabilities in real-world attacks. Security experts recommend treating KEV additions as high-priority remediation events rather than routine software updates. The announcement serves as another reminder that known vulnerabilities remain one of the most common entry points for cyberattacks. Read More

Compromised Jscrambler NPM Package Highlights Supply Chain Risk

Malware Researchers have discovered that version 8.14.0 of the Jscrambler NPM package was compromised and distributed with malicious code. Developers who installed the affected release may have unknowingly exposed build environments, credentials, or application infrastructure to attackers. The incident demonstrates how software supply chain attacks continue targeting widely trusted open-source ecosystems to maximize downstream impact. Security teams are advised to identify affected installations, rotate exposed credentials, and verify the integrity of software dependencies. The compromise reinforces the need for continuous dependency monitoring and stronger protections throughout the software development lifecycle. Read More




Enjoy Reading This Article?

Here are some more articles you might like to read next:

  • DJBSEC's CyberNews 2026-07-16
  • DJBSEC's CyberNews 2026-07-15
  • DJBSEC's CyberNews 2026-07-13
  • DJBSEC's CyberNews 2026-07-10
  • DJBSEC's CyberNews 2026-07-09