AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

Ravie LakshmananJul 02, 2026Hacking News / Cybersecurity News

This week’s security news is mostly about weak spots.

Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through.

This is not one big break. It is small permissions, weak checks, open systems, and normal tools doing things they were allowed to do. That same pattern runs through the stories below.

  1. Ransomware phishing lure

    A phishing campaign is targeting small businesses across Europe, Asia, the Middle East, and the U.S. with fake investigation emails impersonating law enforcement officials. “The emails claim to contain evidence of suspicious company activity and pressure recipients into opening a password-protected archive,” Bitdefender said. “Recipients are directed to a Proton Drive-hosted file that ultimately delivers ransomware. The ransomware appears to be a custom-built payload rather than a known ransomware family.” One interesting aspect of the campaign is the absence of a fixed ransom demand. Instead, victims are instructed to contact the attackers through a Tox chat channel. It’s only when the victim contacts the attackers that ransom negotiations start. This also allows threat actors to tailor the final ransom amount based on the size of the organization, the perceived value of its data, and its ability to pay.

The lesson this week is simple: attackers do not need the front door when the side door is already open. A copied command, an exposed server, a trusted bot, a weak check. Small things become entry points when nobody treats them like one.

So read the list with that in mind. The loud part is the breach. The useful part is the quiet mistake that made it possible. Until next ThreatsDay.

Leave a Reply