Cyber Briefing: 2026.07.13
From the massive 10-million driver's license breach at AssuranceAmerica and TPWD to Russian GRU sanctions and the rise of "PromptSpy" runtime AI malware.
Welcome to Cyber Briefing, your daily source for all things cybersecurity. We bring you the latest advisories, alerts, incidents, and news every weekday.
A malicious actor recently used an AI-generated PowerShell script to aggressively map an Active Directory environment and exfiltrate data, while the state-sponsored group APT-C-60 targeted Japanese organizations with SpyGlace malware via weaponized Proton Drive links. On the defensive and threat intelligence front, the Debian Project rolled out critical security fixes in version 13.6, the EU and UK jointly sanctioned Russian GRU hackers (including the Turla and Sandworm groups) for infrastructure sabotage, and the ESET H1 2026 report highlighted a sharp rise in “ClickFix” social engineering tactics and runtime AI-powered Android malware.
Major corporate and institutional data breaches took center stage as a massive compromise at U.S. auto insurer AssuranceAmerica exposed the driver’s license numbers and personal details of nearly 7 million individuals. A similar high-profile breach simultaneously hit the Texas Parks and Wildlife Department, exposing millions more driver’s licenses and reinforcing a broader trend where cybercriminals heavily prioritize the theft of high-value identity verification data.
Listen to our podcast here ⏬
⚡THREAT LANDSCAPE
AI-Generated Script Maps Active Directory
Cybersecurity researchers discovered an intrusion where a threat actor utilized an AI-generated PowerShell script to aggressively map an Active Directory environment. After gaining access via pre-compromised credentials, the attacker executed the noisy script to harvest network data before archiving and exfiltrating the information to a remote server. Read More
APT-C-60 Uses Proton Drive for SpyGlace
The APT-C-60 threat actor is targeting Japanese organizations using spear-phishing emails containing malicious Proton Drive links to deliver SpyGlace malware. The multi-stage infection chain abuses trusted Windows utilities like mshta.exe and legitimate developer platforms to execute obfuscated scripts while blending into normal system activity. Read More
🚨INCIDENTS & REAL-WORLD IMPACT
AssuranceAmerica Breach Exposes 7M Licenses
A major data breach at U.S. auto insurer AssuranceAmerica has exposed the driver’s license numbers, names, and contact details of nearly 7 million individuals. The incident, which marks the largest theft of American driver’s license information in 2026, occurred after hackers compromised an employee credential to access the company’s IT systems. Read More
🔓 EXECUTIVE RISK & CYBERNOMICS
Debian 13.6 Rolls Out Vital Security Fixes
The Debian Project has officially launched Debian 13.6, delivering a comprehensive collection of security patches and critical bug corrections for the stable “trixie” distribution. This point release consolidates previous updates, allowing administrators to easily bring their existing systems or new installation media up to date via standard package managers. Read More
🛡️ POLICY, REGULATION & LEGAL SIGNALS
EU and UK sanction Russian GRU cyber hackers
The European Union and the United Kingdom have jointly issued new sanctions targeting dozens of Russian military intelligence (GRU) officers, cybercriminals, and entities accused of orchestrating extensive cyberattacks across Europe. These coordinated measures directly hit state-sponsored networks, including the notorious Turla and Sandworm hacking groups, which have spent years conducting espionage and attempting to sabotage European critical infrastructure and energy grids. Read More
💻 CAREER ENABLEMENT
ESET H1 2026 Report and Major Data Breaches
The ESET H1 2026 threat report details an escalation in defense evasion, highlighted by a surge in “ClickFix” social engineering tactics and the emergence of runtime AI-powered Android malware. Concurrently, massive data breaches at AssuranceAmerica and the Texas Parks and Wildlife Department have exposed millions of driver’s licenses, underscoring the immense value attackers place on identity verification data. Read More
Copyright © 2026 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium








