{"id":285004,"date":"2026-07-02T11:24:00","date_gmt":"2026-07-02T15:24:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/07\/02\/threatsday-ai-compute-hijacking-apple-email-flaw-bluehammer-ransomware-14-stories\/"},"modified":"2026-07-02T13:30:10","modified_gmt":"2026-07-02T17:30:10","slug":"threatsday-ai-compute-hijacking-apple-email-flaw-bluehammer-ransomware-14-stories","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/07\/02\/threatsday-ai-compute-hijacking-apple-email-flaw-bluehammer-ransomware-14-stories\/","title":{"rendered":"ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/07\/threatsday-ai-compute-hijacking-apple.html\">ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/07\/threatsday-ai-compute-hijacking-apple.html\">https:\/\/thehackernews.com\/2026\/07\/threatsday-ai-compute-hijacking-apple.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-07-02 11:24:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Jul 02, 2026<\/span><\/span><span class=\"p-tags\">Hacking News \/ Cybersecurity News<\/span><\/p>\n<p>This week\u2019s security news is mostly about weak spots.<\/p>\n<p>Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through.<\/p>\n<p>This is not one big break. It is small permissions, weak checks, open systems, and normal tools doing things they were allowed to do. That same pattern runs through the stories below.<\/p>\n<ol class=\"td-timeline\" role=\"list\">\n<li class=\"td-item\">\n  <span aria-hidden=\"true\" class=\"td-dot\"\/><\/p>\n<p>    <span class=\"td-punch\">Ransomware phishing lure<\/span><\/p>\n<p class=\"td-desc\">\n      A phishing campaign is targeting small businesses across Europe, Asia, the Middle East, and the U.S. with fake investigation emails impersonating law enforcement officials. &#8220;The emails claim to contain evidence of suspicious company activity and pressure recipients into opening a password-protected archive,&#8221; Bitdefender said. &#8220;Recipients are directed to a Proton Drive-hosted file that ultimately delivers ransomware. The ransomware appears to be a custom-built payload rather than a known ransomware family.&#8221;\n    <\/p>\n<\/li>\n<li class=\"td-item\">\n  <span aria-hidden=\"true\" class=\"td-dot\"\/><\/p>\n<p>    <span class=\"td-punch\">Sandbox root escape<\/span><\/p>\n<p class=\"td-desc\">\n      New research from Armadin has discovered an attack chain affecting Claude Cowork on Windows. The attack allows an attacker with local code execution to plant a malicious file in Claude Desktop&#8217;s application directory, hijacking a trusted process to communicate with Cowork&#8217;s underlying VM service. &#8220;An attacker with local code execution could run arbitrary commands as root in Claude Cowork&#8217;s sandbox without network egress restrictions,&#8221; the company said. The exploit takes advantage of two unvalidated parameters in the service&#8217;s interface that allow the attacker to run commands as root and bypass network filtering entirely, thereby allowing sensitive data to be exfiltrated to attacker-controlled infrastructure. Following responsible disclosure on May 29, 2026, Anthropic said it does not consider it to be a security issue because exploitation requires pre-existing&#8230;<\/p>\n<\/li>\n<\/ol>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/07\/threatsday-ai-compute-hijacking-apple.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories https:\/\/thehackernews.com\/2026\/07\/threatsday-ai-compute-hijacking-apple.html Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":285005,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjMzwXbN53zy07KSkFJL7uOzty4Pj7VgKS6lSwWWGSCppX0wEX5eY0ZLur2NiFcs-ByBBhbd1WZ270Y4VMMGL6WkvOIZ5MhyphenhyphenkDX2B45wiQue-W88oiF_-RZs0HxvrvcxCHI8Zhhv1-fqHDgnX-VLWk00gt463rQhyKY7Mzcd5STMCYeCUcyVri3aBSUpl2t\/s1600\/threatsday-board.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,25],"class_list":["post-285004","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-phishing"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/285004"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=285004"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/285004\/revisions"}],"predecessor-version":[{"id":285006,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/285004\/revisions\/285006"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/285005"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=285004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=285004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=285004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}