Cyber Security Newsletter & Bulletin Weekly – 16-Year-Old Linux, Ubiquiti Flaws, Accenture Breach, Android 17 Exploit +20 Stories

Cyber Security Newsletter & Bulletin Weekly – 16-Year-Old Linux, Ubiquiti Flaws, Accenture Breach, Android 17 Exploit +20 Stories

Cyber Security Newsletter & Bulletin Weekly – 16-Year-Old Linux, Ubiquiti Flaws, Accenture Breach, Android 17 Exploit +20 Stories

https://cybersecuritynews.com/cyber-security-news-bulletin-weekly-july/

Publish Date: 2026-07-12 09:22:00

Source Domain: cybersecuritynews.com

This week’s bulletin exposes just how long dangerous flaws can hide in plain sight, with a 16-year-old Linux KVM escape bug and a 15-year-old kernel privilege escalation flaw both surfacing after more than a decade undetected.

Enterprise infrastructure took a hit too, with Ubiquiti disclosing 25 vulnerabilities across its UniFi ecosystem and Accenture facing claims of a 35 GB source code theft.

Add a one-click Android 17 root exploit, a novel air-gap data theft technique, and fresh flaws in Microsoft Edge, OpenSSH, PHP, and Palo Alto’s PAN-OS, and it’s clear attackers are finding new angles across every layer of the stack.

Here’s a roundup of the 20+ most significant threats, vulnerabilities, and research findings from the past week.

Operationalizing Threat Intelligence

A persistent gap exists between purchasing threat intelligence feeds and actually operationalizing them into SOC detection and response workflows . The article breaks down why most feeds sit unused due to lack of context and slow update cycles, and outlines what a fully integrated, bidirectional intelligence pipeline looks like across SIEM, SOAR, firewall, and EDR platforms . Read more

TrojPix Air-Gap Data Theft Attack

Researchers unveiled TrojPix, a novel electromagnetic covert-channel attack that can exfiltrate data from already-compromised air-gapped computers from up to 208 meters away, even through concrete walls, by exploiting pixel-level HDMI signal leakage . The technique achieves a peak throughput of 8.1 Mbps with near-100% accuracy while remaining completely invisible to the human eye. Read more

Multiple PHP Flaws Enable DoS

Two PHP vulnerabilities, CVE-2026-12184 and CVE-2026-14355, allow attackers to trigger denial-of-service conditions and memory corruption in widely deployed web applications. The more severe flaw affects PHP’s HTTP stream wrapper and can crash PHP-FPM entirely, while the second corrupts memory via a…

Source