{"uuid": "fd0b0a02-74a5-4f69-a6f9-7bf6cbe024e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-55040", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116918936175684697", "content": "New.\nThis quote is just the tip of the iceberg: \n\"AI has crossed from development aid to live attack operator. It now does the hands-on work inside live intrusions, from China-nexus espionage campaigns to a criminal breach of multiple Mexican government agencies and has spread from nation states to ordinary cyber criminals.\"\nCheck Point: AI Security Report 2026 https://research.checkpoint.com/2026/ai-security-report-2026/ \nAlso:\nRapid7: \nCVE-2026-55040: Microsoft SharePoint JWT Token Authentication Bypass (FIXED) https://www.rapid7.com/blog/post/ve-cve-2026-55040-microsoft-sharepoint-jwt-token-authentication-bypass-fixed/ @Rapid7Official \nVulncheck:\nMonsta FTP: An SSRF Blocklist That Forgot IPv6 Exists https://www.vulncheck.com/blog/monsta-ftp-ssrf-ipv6-blocklist-bypass @vulncheck \nAny.Run: \u200b\u200bKratos PhaaS Targets US and EU: How to Reduce Microsoft 365 Account Takeover Risk\u200b https://any.run/cybersecurity-blog/kratos-phaas-account-takeover/ @anyrun_app \nScam alert:\nGroup-IB: \nThe Scam Will Go On: Beware of Fake Offers for Celine Dion Concert Tickets https://www.group-ib.com/blog/fake-concert-ticket-scam-celine-dion/ #phishing #scam #infosec #threatresearch #cybercrime #Microsoft #vulnerability #threatintel #threatintelligence #Microsoft #malware", "creation_timestamp": "2026-07-14T15:03:05.193715Z"}