Cyber Briefing: 2026.07.07
AI-powered malware, router backdoors, and a crypto wallet shutdown expose growing security risks. Concise
Welcome to Cyber Briefing, your daily source for all things cybersecurity. We bring you the latest advisories, alerts, incidents, and news every weekday.
Recent security discoveries highlight critical vulnerabilities in both cutting-edge AI environments and consumer hardware. Researchers at the Hong Kong University of Science and Technology developed “SkillCloak,” an obfuscation technique that bypassed AI coding agent malware scanners over 90% of the time, prompting the need for runtime checkers. Meanwhile, CERT/CC disclosed an unpatched, hardcoded firmware backdoor (CVE-2026-11405) in several Tenda router models that grants attackers full administrative access regardless of configured user credentials. On the operational side, Ctrl Wallet announced it will permanently shut down by August 3, 2026, following a severe June 23 security exploit that compromised its Cardano wallets.
Enterprise environments and industry sectors are facing notable shifts in policy, data management, and technological capabilities. Microsoft announced that Windows 11 version 26H2 will enable cloud-based settings backup by default for Entra-joined enterprise systems, raising potential data governance and compliance concerns for IT administrators. In governance news, the UK government launched a voluntary Cyber Resilience Pledge with 60 initial signatories, including past breach victims like Marks & Spencer and Capita, to enforce board-level oversight and supplier security certifications. Finally, in tech industry growth, Europe’s first publicly traded quantum computing company, IQM Quantum Computers, acquired key software and intellectual property assets from Quantistry to build hybrid classical-quantum solutions for sectors like aerospace and pharmaceuticals.
Listen to our podcast here ⏬
⚡THREAT LANDSCAPE
SkillCloak Evades AI Agent Malware Scanners
Researchers at Hong Kong University of Science and Technology demonstrated that malware scanners designed to detect malicious add-ons for AI coding agents can be bypassed using simple obfuscation techniques. Their most effective evasion method, called SkillCloak, defeated all tested scanners more than 90% of the time by making minor modifications that preserve malicious functionality. The research team also developed a runtime checker capable of catching most evasion attempts, highlighting the need for improved security measures as AI coding assistants become more widely adopted. Read more
Tenda Router Backdoor Grants Admin Access
CERT/CC has disclosed an unpatched backdoor vulnerability (CVE-2026-11405) in multiple Tenda router models that allows attackers to bypass authentication and gain full administrative access using a hidden password hardcoded in the firmware. The backdoor affects FH1201, W15E, AC10, AC5, and AC6 firmware versions and grants admin privileges regardless of the owner’s configured credentials. Tenda has not responded to the disclosure, and users should immediately disable remote management and consider replacing affected devices. Read More
🚨INCIDENTS & REAL-WORLD IMPACT
Ctrl Wallet shuts down after June security exploit
Ctrl Wallet, a non-custodial multichain cryptocurrency wallet, announced it will shut down following a June 23 security exploit that affected Cardano wallets on the platform. Users have until August 3, 2026, to withdraw their assets, after which all wallet functions except exporting recovery phrases will be disabled. The wallet entered maintenance mode immediately after the incident to protect remaining user funds while the engineering team investigated. Read More
🔓 EXECUTIVE RISK & CYBERNOMICS
Microsoft enables Windows backup by default
Microsoft will enable the Windows settings backup and restore tool by default on enterprise systems joined to Microsoft Entra (formerly Azure AD) after upgrading to Windows 11 version 26H2. The feature automatically backs up system settings to the cloud, which may raise data governance and compliance concerns for organizations. IT administrators should review their backup policies and configure appropriate controls before the upgrade to maintain oversight of what data leaves their networks. Read More
🛡️ POLICY, REGULATION & LEGAL SIGNALS
UK Cyber Resilience Pledge gains 60 signatories
The UK government launched a voluntary Cyber Resilience Pledge with 60 initial signatories, including Marks & Spencer, which suffered a major breach last year. Companies commit to board-level cybersecurity oversight, joining the National Cyber Security Centre’s Early Warning service, and encouraging suppliers to achieve Cyber Essentials certification. Notable absences include Co-op, Harrods, and Jaguar Land Rover, all recent cyberattack victims, while Capita signed despite recent ICO fines and multiple security incidents. Read More
💻 CAREER ENABLEMENT
IQM acquires Quantistry assets for quantum solutions
IQM Quantum Computers, a Finland-based quantum hardware developer, has acquired selected assets from Berlin-based Quantistry, including proprietary software, intellectual property, algorithms, and core technical staff. The deal combines Quantistry’s cloud-based simulation workflow platform with IQM’s superconducting quantum computers to deliver hybrid classical-quantum solutions for aerospace, automotive, materials, chemicals, and pharmaceuticals sectors. The acquisition follows IQM’s recent public listing on Nasdaq, making it Europe’s first publicly traded quantum computing company. Read More
Copyright © 2026 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium








