Cyber Security Newsletter & Bulletin Weekly – 16-Year-Old Linux, Ubiquiti Flaws, Accenture Breach, Android 17 Exploit +20 Stories
https://cybersecuritynews.com/cyber-security-news-bulletin-weekly-july/
Publish Date: 2026-07-12 09:22:00
Source Domain: cybersecuritynews.com
This week’s bulletin exposes just how long dangerous flaws can hide in plain sight, with a 16-year-old Linux KVM escape bug and a 15-year-old kernel privilege escalation flaw both surfacing after more than a decade undetected.
Enterprise infrastructure took a hit too, with Ubiquiti disclosing 25 vulnerabilities across its UniFi ecosystem and Accenture facing claims of a 35 GB source code theft.
Add a one-click Android 17 root exploit, a novel air-gap data theft technique, and fresh flaws in Microsoft Edge, OpenSSH, PHP, and Palo Alto’s PAN-OS, and it’s clear attackers are finding new angles across every layer of the stack.
Here’s a roundup of the 20+ most significant threats, vulnerabilities, and research findings from the past week.
Operationalizing Threat Intelligence
A persistent gap exists between purchasing threat intelligence feeds and actually operationalizing them into SOC detection and response workflows . The article breaks down why most feeds sit unused due to lack of context and slow update cycles, and outlines what a fully integrated, bidirectional intelligence pipeline looks like across SIEM, SOAR, firewall, and EDR platforms . Read more
TrojPix Air-Gap Data Theft Attack
Researchers unveiled TrojPix, a novel electromagnetic covert-channel attack that can exfiltrate data from already-compromised air-gapped computers from up to 208 meters away, even through concrete walls, by exploiting pixel-level HDMI signal leakage . The technique achieves a peak throughput of 8.1 Mbps with near-100% accuracy while remaining completely invisible to the human eye. Read more
Multiple PHP Flaws Enable DoS
Two PHP vulnerabilities, CVE-2026-12184 and CVE-2026-14355, allow attackers to trigger denial-of-service conditions and memory corruption in widely deployed web applications. The more severe flaw affects PHP’s HTTP stream wrapper and can crash PHP-FPM entirely, while the second corrupts memory via a…