tue jul 7 · 2026-07-07

jul 7, 2026

5 links from the engineering internet.

bleepingcomputer.com
systems

adobe coldfusion max-severity rce cve-2026-48282 now exploited in the wild

attackers began hitting cve-2026-48282, a max-severity unauthenticated path-traversal rce in adobe coldfusion, within hours of public disclosure. shadowserver tracks nearly 800 exposed instances and adobe urges admins to patch within 72 hours.

thehackernews.com
web

china-aligned hackers exploit roundcube flaws at us and canadian universities

proofpoint says a china-aligned cluster it tracks as unk_masstraction chained roundcube flaws cve-2024-42009 and cve-2025-49113 to steal credentials and drop the vshell tool, hitting physics and engineering departments with national-security ties.

theregister.com

uk cyber resilience pledge lands 60 signatories including m&s and capita

marks & spencer and 59 other organisations signed the uk government's new voluntary cyber resilience pledge, committing to board-level security ownership, enrolling in ncsc early warning, and pushing suppliers toward cyber essentials.

cnbc.com
ai

chinese open models gain us ground as openai and anthropic costs surge

cnbc reports us firms now route 30 to 46 percent of openrouter tokens through chinese open models that run 60 to 90 percent cheaper. lindy shifted 100 percent of its traffic off claude to deepseek, citing costs crashing to the ground.

github.com
ai

llama.cpp build b9894 fixes a vulkan set_rows f16 crash

the inference engine tags build b9894 with a vulkan fix that checks the src0 type in ggml_op_set_rows to avoid failures from unimplemented f16 support, one of several builds cut through the day.

Command Palette

Search for a command to run...