Double espresso in hand. This week James returned to a theme that has defined 2026 in cybersecurity and it is not AI, not zero-days, and not nation-state sophistication. It is operational execution gaps. Attackers keep winning through problems we already know how to solve.

Splunk made CISA’s KEV for the first time ever days after disclosure, with public PoC code available within 48 hours. FortiBleed expanded to 86,644 verified Fortinet credentials across 194 countries, harvested not through a new vulnerability but through infostealer logs and stale default accounts. The Klue supply chain breach cascaded into HackerOne, Huntress, Recorded Future, Tanium, Snyk, LastPass, Jamf, OneTrust, and more tracing back to a pilot-project credential left active for four years after the pilot ended. Cisco Unified Communications Manager is being actively exploited despite a patch available for three weeks. And three Ubiquiti UniFi vulnerabilities carrying CVSS 10.0 scores were confirmed under automated mass exploitation with federal agencies facing a June 26 remediation deadline.

Operation Endgame delivered the week’s most significant positive news disrupting Amadey and StealC infrastructure across 326 servers, 142 domains, $47 million in seized cryptocurrency, and 27 million recovered stolen credentials. The DOJ announced the largest healthcare fraud takedown in U.S. history. And the Five Eyes alliance issued a direct warning: AI-accelerated cyber attacks are not a future scenario, they are the present state.

James’s through-line across all four episodes this week: “The basics are still the battlefield. Default Fortinet credentials. Unauthenticated Postgres endpoints. OAuth tokens nobody scoped down. None of this is exotic. All of it is preventable.”

Let’s get into it.

🌐 Infrastructure & Network Exploitation

Three Ubiquiti UniFi CVSS 10.0 Vulnerabilities: Automated Exploitation, June 26 Federal Deadline

Three critical Ubiquiti UniFi OS vulnerabilities all carrying perfect CVSS 10.0 scores are now confirmed under active exploitation and added to CISA’s KEV with a federal remediation deadline of June 26. Bishop Fox demonstrated a complete unauthenticated RCE chain: authentication bypass → path traversal exposing credentials and configuration files → command injection granting root-level execution. Researchers are already observing automated scanning creating unauthorized administrator accounts named “John Sim,” indicating mass internet exploitation is underway. Patches have been available since May 21. Upgrade to UniFi OS 5.0.8 or later immediately, restrict management interfaces to dedicated administrative VLANs, block external access to UniFi controller ports, and use Bishop Fox’s published detection tools to identify exposed systems before attackers do.

Cisco SD-WAN: Seventh Zero-Day — Mandiant Documents Full Enterprise Compromise

“Seven actively exploited zero-days in a single product line in six months isn’t bad luck. That’s structural failure.”

Mandiant published a detailed forensic analysis of a Cisco SD-WAN compromise at a communications provider, documenting exactly how attackers converted multiple vulnerabilities into complete network control over several months. Stage one: authentication bypass to establish administrative access and extract full SD-WAN configuration covering controllers, edge devices, and network architecture. Stage two: command injection via malicious CSV upload through tenant management interface, creating a hidden root account named “Truth” and achieving unrestricted management plane control. Once the management plane was owned, attackers could push malicious configurations across every connected branch and edge device. This is the seventh actively exploited Cisco SD-WAN zero-day of 2026. Security teams operating Cisco SD-WAN should treat this as an active incident response, not a routine patch cycle investigate administrator accounts, unauthorized configuration changes, NetConf activity, and unexpected peering relationships now.

Splunk CVE-2026-20253: First Splunk Vulnerability Added to CISA KEV

Splunk Enterprise administrators face urgent remediation after CISA added CVE-2026-20253, affecting Splunk’s PostgreSQL sidecar service to the KEV catalog just days after public disclosure, with public PoC exploit code appearing within 48 hours. The flaw enables unauthenticated arbitrary file operations chainable into full RCE. Splunk often serves as the backbone of enterprise detection and response, a compromise could allow log manipulation, detection disabling, forensic evidence erasure, and environment pivoting. This marks the first time a Splunk vulnerability has been added to CISA’s KEV. Upgrade to supported versions immediately, review all Splunk activity since June 10, and treat any unpatched internet-accessible instances as potentially compromised.

Cisco Unified Communications Manager CVE-2026-20230: Active Exploitation, Patch Available Three Weeks

Cisco warned that CVE-2026-20230, a CVSS 8.6 SSRF vulnerability in the Unified Communications Manager Web Dialer component, is under active exploitation, despite a patch being available since June 3rd. Unauthenticated attackers can write arbitrary files to the OS through crafted HTTP requests, then escalate to root-level control. Attackers can obtain required hostname information directly from the system before exploitation, significantly lowering the barrier. Reconnaissance and test-file-creation activity is already observed. CUCM is deployed across enterprise voice, collaboration, and call center environments globally. If you haven’t patched yet, you are operating on borrowed time. Patch immediately and audit all internet-facing Web Dialer deployments.

NGINX Critical Vulnerabilities: HTTP/3 Memory Corruption and Heap Buffer Overflow

F5 released patches for two critical NGINX vulnerabilities (both CVSS 9.2), an HTTP/3 processing memory corruption flaw and a heap-based buffer overflow in proxy and gRPC modules under specific configurations. Both are remotely exploitable without authentication and may enable RCE. NGINX underpins a significant percentage of internet-facing applications, APIs, and cloud-native services. Patch immediately and disable HTTP/3 functionality where updates cannot be deployed quickly.

Lantronix EDS5000 Added to CISA KEV: Legacy OT Bridge Devices

A critical command injection vulnerability in Lantronix EDS5000 Serial-to-Ethernet servers was added to CISA’s KEV. These devices frequently bridge legacy industrial equipment into modern IP networks, creating OT exposure pathways. Update firmware immediately and isolate management interfaces.

SolarWinds Serv-U CISA KEV: June 19 Federal Deadline

SolarWinds Serv-U FTP software remains in the KEV with a June 19 federal deadline. Upgrade to version 15.5.4 Hotfix 1 and verify all internet-facing deployments are fully updated.

🔥 Credential Exposure & Authentication Failures

“The basics are still the battlefield. Default Fortinet credentials. Unauthenticated Postgres endpoints. OAuth tokens nobody scoped down. None of this is exotic. All of it is preventable. And that’s the real warning. Patch what you can. Rotate what you should. Audit those third-party integrations. Security is ninety percent hygiene, ten percent fancy rules.”

FortiBleed: 86,644 Fortinet Devices Across 194 Countries — No New Vulnerability Required

The FortiBleed campaign expanded dramatically a Russian-speaking threat actor compiled a verified database of 86,644 active Fortinet administrative and SSL VPN credentials across 194 countries, representing roughly half of all internet-facing Fortinet firewalls discoverable through Shodan. The methodology was sophisticated: automated credential stuffing + packet sniffers intercepting VPN authentication hashes in transit + dedicated 45-GPU password-cracking infrastructure recycling recovered credentials. The most alarming finding from Hudson Rock: many recovered passwords exceeded 25 characters and fully complied with complexity requirements. They were not cracked. They were harvested directly from infostealer logs. Password complexity does not protect credentials that have already been stolen. Rotate all Fortinet administrative and VPN credentials immediately, remove all default and generic administrator accounts, verify migration to stronger password hashing mechanisms, enforce phishing-resistant MFA on all internet-facing management interfaces, and rotate any Active Directory credentials potentially associated with perimeter devices.

Scattered Spider Members Plead Guilty: Transport for London, £39M Recovery Cost

Two Scattered Spider members 20-year-old Tahala Jubair and 18-year-old Owen Flowers pleaded guilty to conspiracy charges related to the Transport for London attack. The breach forced password resets for 28,000 employees, exposed Oyster card refund data for approximately 10 million customers, and generated recovery costs estimated at £29–39 million. Evidence included screenshots showing active system access and video recordings of portions of the intrusion. The demographics continue to be remarkable: Scattered Spider repeatedly demonstrates that some of the most damaging global cyberattacks are conducted by teenagers. Authorities estimate approximately one in five UK children aged 10–16 has engaged in activities technically violating computer misuse laws. The next generation of cybercrime talent is already forming.

🧬 Supply Chain & Third-Party Trust

Klue/Icarus Supply Chain Campaign: LastPass, HackerOne, Huntress, Recorded Future, Tanium, Snyk, and More

The Klue supply chain breach escalated into one of the most significant SaaS-based compromises of 2026. The initial compromise originated from a credential issued to a third party during a limited pilot project in 2022, left active for four years after the pilot ended. Attackers used the dormant credential to access Klue’s infrastructure, steal OAuth tokens connected to Salesforce and Gong, and pivot into customer environments extracting CRM data, business intelligence, pricing information, opportunity notes, and sales strategies. The Icarus extortion group has now claimed victims including HackerOne, Huntress, Recorded Future, Tanium, Snyk, Jamf, OneTrust, Gong, Sprout Social, and LastPass. LastPass confirmed attackers accessed customer contact information, phone numbers, email addresses, physical addresses, and support case information stored in Salesforce password vaults were not compromised, but the stolen contextual intelligence enables precision phishing, executive impersonation, and social engineering campaigns. This is the third major Salesforce OAuth supply chain attack in less than a year. Audit every Salesforce connected application and OAuth permission, remove any integration your team cannot explain the current business purpose of, and rotate all tokens associated with Klue integrations.

North Korean npm Supply Chain: 60+ Packages Targeting Developer Credentials

Microsoft attributed a supply chain attack involving more than 60 npm packages to North Korean threat actors in the Sapphire Sleet cluster targeting developer credentials and cryptocurrency wallets through typosquatted dependencies. Review development environments and dependency trees immediately.

GentleKiller EDR-Killing Framework: 400+ Security Processes Across 48 Vendors

Researchers identified GentleKiller, an EDR-killing framework used by the Gentleman ransomware operation. The malware disables more than 400 security processes across 48 vendors using vulnerable signed drivers in classic bring-your-own-vulnerable-driver attacks. Enable Microsoft’s vulnerable driver block list and implement strict driver allow-listing controls.

Joomla JCE Editor and LiteSpeed Under Active Exploitation

Attackers are actively exploiting critical vulnerabilities in Joomla’s JCE Editor and LiteSpeed cPanel plugins enabling RCE and privilege escalation. Patch immediately.

Polyfill.io Resurfacing on Toshiba, Muji, Samsung Smart TV Sites

The compromised Polyfill.io JavaScript CDN continues resurfacing on websites associated with major brands. Remove all remaining Polyfill.io references from web properties.

🤖 AI Security & Development Ecosystem

Five Eyes Advisory: AI-Powered Cyberattacks Are Present State, Not Future Scenario

The Five Eyes intelligence alliance; U.S., UK, Australia, Canada, and New Zealand issued a joint advisory stating that AI is already being used offensively and that frontier models will soon accelerate vulnerability discovery, exploitation development, reconnaissance, and attack automation at unprecedented speed. Unlike previous theoretical warnings, this advisory is direct: the organizations struggling with basic cybersecurity today will be the least prepared for AI-accelerated attacks. The advisory recommended five foundational focus areas: reduce attack surface exposure, accelerate patch management, eliminate unsupported legacy systems, strengthen identity controls, and regularly test incident response capabilities. The timing coincides with a reported 400% increase in cyber activity targeting satellite operators following geopolitical tensions. The message: prepare now or face disproportionate impact later.

Trump Signs Post-Quantum Cryptography Executive Order

President Trump signed Executive Order 14409 establishing federal deadlines for post-quantum cryptography migration: high-value federal systems must adopt quantum-resistant key establishment by December 31, 2030, and quantum-resistant digital signatures by December 31, 2031. Federal contractors will face similar expectations. Begin post-quantum cryptography inventory and planning immediately.

Atomic macOS Stealer Expands ClickFix Campaigns Against Mac Users

A new ClickFix campaign targets macOS users victims are tricked into opening Terminal and executing malicious commands installing the Atomic macOS Stealer, which targets browsers, cryptocurrency wallets, Apple Keychain, Telegram, Discord, and hardware wallet software. No legitimate website should ever instruct users to paste commands into Terminal or PowerShell. Train users on this specific social engineering pattern.

OpenAI Daybreak Cybersecurity Initiative Expands

OpenAI announced major updates to its Daybreak cybersecurity initiative through partnerships with HackerOne and Trail of Bits, focusing on patch deployment and open-source software security acceleration.

OpenAI Custom AI Inference Chip “Jalapeño” Introduced

OpenAI unveiled its first internally designed inference processor built on TSMC’s 3-nanometer process. Custom AI silicon introduces new supply chain considerations for organizations evaluating AI infrastructure security.

Anthropic Mythos Expands to 150 Organizations Including NATO

Anthropic’s Project Glasswing added 150 organizations across 15 countries including NATO, ENISA, Samsung, healthcare providers, utilities, and critical infrastructure operators to the Mythos vulnerability discovery platform. AI-assisted vulnerability discovery is becoming a strategic defensive advantage.

🔓 Data Breaches & Identity Exposures

Tata Electronics Breach: Apple and Tesla Supply Chain Intelligence Stolen

Tata Electronics confirmed a breach by the WorldLeaks ransomware group allegedly stealing more than 630 gigabytes including Apple supplier documentation, Tesla manufacturing records, internal SAP data, corporate email communications, and operational engineering information. Tata assembles Apple products, supplies semiconductor components, and supports Tesla operations. As manufacturing ecosystems become more strategically important as part of China diversification strategies, they become more attractive cyber targets. Supply chain security now extends from software code to semiconductor fabrication and physical product assembly.

Texas Parks and Wildlife: Three Million Records via Third-Party Vendor

A third-party vendor supporting Texas Parks and Wildlife disclosed a breach exposing driver’s license numbers, passport information, email addresses, phone numbers, and physical addresses for more than three million individuals. The affected vendor has not yet been publicly identified, reinforcing ongoing third-party risk management challenges.

iPhone Unpatchable BootROM Exploit: USBlitter-V8 Targeting A12/A13 Chipsets

Paradigm Shift disclosed USBlitter-V8, a BootROM exploit targeting Apple’s SecureROM in A12 and A13 chipsets including iPhone XS, XR, and iPhone 11 lines and Apple cannot patch it, as the flaw resides in immutable silicon. Physical access and specialized hardware are required, limiting widespread exploitation. However, this represents a hardware lifecycle issue: devices approaching a decade in service carry risks that software updates can no longer address. Hardware refresh timelines matter as a security control.

Oxford Career Connect: Second Breach This Year

Oxford’s Career Connect platform suffered its second successful compromise of 2026, exposing student records, email addresses, degree information, and employment application history enabling highly targeted job-related phishing.

⚖️ Law Enforcement, Policy & Industry

Operation Endgame: Amadey and StealC Infrastructure Dismantled

International law enforcement, Europol, Microsoft, IBM X-Force, and Proofpoint dismantled infrastructure supporting the Amadey loader and StealC infostealer, disrupting 326 servers, seizing 142 malicious domains, identifying $47 million in criminal cryptocurrency assets, and recovering approximately 27 million stolen credentials from 385,000+ compromised systems. Microsoft’s Digital Crimes Unit used AI-assisted analysis to connect shared infrastructure, while Proofpoint and IBM X-Force identified weaknesses within the StealC C2 platform that law enforcement leveraged during the takedown. Operation Endgame’s strategy of targeting cybercrime infrastructure rather than individual actors is producing measurable, compounding results.

SocGholish Infrastructure Disrupted: 106 Servers Seized, 15,000 WordPress Sites Remediated

Authorities from the U.S., Canada, Germany, and Netherlands seized 106 servers and remediated nearly 15,000 compromised WordPress websites associated with SocGholish a major initial access broker feeding Evil Corp and RansomHub operations. Portions of the infrastructure are expected to reemerge.

DOJ Healthcare Fraud Takedown: $6.5 Billion, 455 Defendants

The DOJ announced charges against 455 defendants across 56 federal districts for more than $6.5 billion in fraudulent Medicare and Medicaid claims with $182 million in assets seized. Patient data breaches do not simply create privacy risks, they become raw material for organized financial crime at scale.

DraftKings Credential Stuffing: 18-Month Prison Sentence

A Minnesota man received an 18-month prison sentence for participating in the 2022 DraftKings credential stuffing campaign that compromised approximately 60,000 accounts and stole $600,000. Reinforces growing federal enforcement against credential stuffing fueled by breached password databases.

International Cybercrime Marketplace Operator Extradited to U.S.

Spanish authorities extradited Algerian national Abdullah Balami to the U.S. — accused of operating Market Zero Day and Spoxy cybercrime marketplaces facilitating stolen credentials, exploits, and cybercrime services.

Google Workspace Passkey Mandatory Migration: September 30 Deadline

Google announced all Workspace administrator accounts must transition to passkey-based authentication by September 30. Begin migration planning immediately to avoid last-minute operational challenges.

Massachusetts Consumer Data Privacy Act Passes Unanimously

Massachusetts unanimously passed the MCDPA with restrictions on geolocation tracking, biometric data collection, data minimization, and private rights of action. Assess compliance exposure for organizations with Massachusetts operations.

UK NCSC: 200+ Critical Infrastructure Incidents, 75% Nation-State Linked

The UK’s NCSC reported handling more than 200 critical infrastructure incidents over the past year, with approximately 75% linked to Russia, China, and Iran. Officials warned AI will accelerate vulnerability exploitation by 2028.

Accenture Acquires Dragos, RunZero, and NetRise in $4.1B OT Security Expansion

Accenture announced a $4.1 billion transaction combining a Dragos majority stake with RunZero and NetRise acquisitions. The deal signals growing institutional demand for integrated OT security as industrial environments face increasing cyber threats.

WhyNoPasskeys.com Launched by Scott Helme and Troy Hunt

Security researchers launched WhyNoPasskeys.com highlighting major consumer platforms still not supporting passkey authentication, calling attention to password-only services that remain vulnerable to credential stuffing and phishing.

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Upgrade Ubiquiti UniFi OS to 5.0.8 or later — CVSS 10.0 x3, CISA KEV June 26 federal deadline, mass automated exploitation confirmed with “John Sim” unauthorized admin accounts being created

• Patch Cisco Unified Communications Manager CVE-2026-20230 immediately — patch available three weeks, active exploitation underway, recon activity already observed

• Rotate all Fortinet administrative and VPN credentials without exception — 86,644 devices exposed, many via infostealer logs, complexity requirements are irrelevant if credentials are already stolen

• Upgrade Splunk Enterprise — first Splunk KEV addition, public PoC within 48 hours, review all activity since June 10

• Treat Cisco SD-WAN as active incident response — audit all admin accounts, investigate unauthorized configuration changes, NetConf activity, and unexpected peering relationships

• Patch NGINX Open Source and NGINX Plus — CVSS 9.2, HTTP/3 memory corruption and heap buffer overflow, disable HTTP/3 where patches cannot be deployed immediately

• Audit every Salesforce connected application and OAuth permission — revoke any the team cannot explain current business purpose for; rotate all tokens associated with Klue integrations

• Remove all default and generic Fortinet administrator accounts and verify migration to current password hashing mechanisms

• Patch Joomla JCE Editor and LiteSpeed environments under active exploitation

• Update Lantronix EDS5000 firmware and isolate management interfaces — CISA KEV

Short-Term (This Month)

• Enforce phishing-resistant MFA on all internet-facing management interfaces — Fortinet, Cisco, Splunk, and all perimeter devices

• Restrict UniFi management interfaces to dedicated administrative VLANs with no internet exposure

• Review all temporary vendor credentials and pilot program accounts — Klue breach traced to a four-year-old forgotten credential

• Rotate dormant API keys and OAuth tokens across all SaaS integrations

• Alert executives and customer-facing teams to phishing risks from Klue/Icarus breach — LastPass contact data and sales intelligence are in attacker hands

• Audit npm dependencies for North Korean typosquatted packages — 60+ packages attributed to Sapphire Sleet

• Enable Microsoft’s vulnerable driver block list — GentleKiller EDR-killing framework targets 400+ security processes across 48 vendors

• Train users on ClickFix / Terminal-based social engineering — Atomic macOS Stealer is expanding

• Remove all Polyfill.io references from web properties

• Begin planning Google Workspace administrator passkey migration for September 30 deadline

Strategic (This Quarter)

• Begin post-quantum cryptography inventory within the next 90 days — EO 14409 sets December 31, 2030 federal deadline for quantum-resistant key establishment

• Assess hardware refresh timelines for older Apple A12/A13 devices — BootROM exploit is unpatchable through software

• Develop third-party credential lifecycle management processes — Klue/Icarus and FortiBleed both trace to governance failures around stale credentials

• Implement management plane segmentation across all network infrastructure — Cisco SD-WAN Mandiant analysis is the operational case study

• Assess compliance exposure for Massachusetts Consumer Data Privacy Act

• Train employees at all levels on Five Eyes AI advisory recommendations — reduce attack surface, patch faster, eliminate legacy systems, strengthen identity, test IR

🎙️ James Azar’s CISO’s Take

When I look across this week’s four episodes, the most consistent story is that attackers keep succeeding through problems we already know how to solve. FortiBleed wasn’t powered by a new exploit it was powered by default credentials and stale accounts. The Klue breach didn’t start with a sophisticated attack chain it started with a vendor offboarding process that never happened. Cisco CUCM is being exploited despite a patch available for three weeks. Ubiquiti UniFi systems with perfect-10 CVSS scores are being mass-scanned by automated tools. None of these failures require advanced adversary capabilities to exploit. They require only that defenders continue to deprioritize hygiene in favor of the next security tool on the evaluation list. The fundamentals are not optional. They are the floor. And right now, too many organizations are operating below it.

The second takeaway is structural: the attack surface has expanded permanently into third-party integrations, credential ecosystems, manufacturing supply chains, and hardware trust anchors in ways most security programs have not fully internalized. The Icarus/Klue cascade hitting LastPass, HackerOne, Huntress, and Recorded Future simultaneously demonstrates that one forgotten pilot-project credential can become a weapon against dozens of downstream organizations. The Five Eyes are not issuing theoretical warnings about AI-accelerated threats anymore, they are describing the present operational environment. The organizations that treat the fundamentals as survival requirements rather than aspirational best practices are the ones that will still be standing when AI compression of attack timelines becomes fully operational at scale.

Stay Cyber Safe. 🔐

📋 Week in Summary

This was the week the fundamentals asserted themselves as the defining variable in cybersecurity — not zero-days, not nation-state sophistication, not AI tools. The FortiBleed campaign compiled 86,644 valid credentials without exploiting a single new vulnerability. The Klue/Icarus cascade that compromised LastPass, HackerOne, Huntress, and Recorded Future began with a four-year-old forgotten pilot credential. Splunk made the CISA KEV for the first time with a vulnerability that received public PoC code within 48 hours of disclosure. Cisco CUCM is being actively exploited three weeks after a patch was available. And Ubiquiti UniFi systems with perfect-10 CVSS scores are being automatically scanned and compromised at internet scale with a federal remediation deadline of June 26.

Against that backdrop, Operation Endgame delivered one of the most significant positive enforcement outcomes of the year recovering 27 million stolen credentials, disrupting 326 servers, and seizing $47 million in criminal assets by targeting cybercrime infrastructure rather than individual actors. The Five Eyes issued their most direct AI cybersecurity warning to date. The Trump administration established federal post-quantum cryptography deadlines. And the DOJ announced the largest healthcare fraud takedown in U.S. history. Progress is real. But it remains outpaced by the volume of preventable failures that attackers continue to exploit with remarkable efficiency. The organizations that will navigate what is coming AI-accelerated exploitation, quantum cryptographic risks, cascading supply chain trust failures are the ones building their security programs on a foundation of executed fundamentals today.

Stay informed. Stay prepared. Stay Cyber Safe. 🔐

© CyberHub Podcast | Subscribe on Substack | Watch on YouTube | Follow on LinkedIn

Today’s headlines were dominated by attacks against the network edge. Three critical Ubiquiti UniFi vulnerabilities with perfect CVSS scores are now being actively exploited just days before the federal remediation deadline. Mandiant released a detailed forensic analysis showing exactly how attackers compromised Cisco Catalyst SD-WAN environments and escalated to root access across enterprise management planes. Meanwhile, Operation Endgame delivered one of the largest coordinated law enforcement victories against the cybercrime ecosystem, dismantling hundreds of servers supporting the Amadey and StealC malware operations.

We also saw the Department of Justice announce the largest healthcare fraud takedown in U.S. history, highlighting how cybercrime, stolen identities, and financial fraud continue to converge.

The message throughout today’s show was clear: if attackers control your infrastructure, they control your business.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s cybersecurity landscape focused almost entirely on infrastructure resilience.

Attackers continue concentrating their efforts against network edge devices, management platforms, and identity infrastructure because those systems provide the fastest route to enterprise-wide compromise. Cisco, Ubiquiti, and legacy industrial communication systems all demonstrated how weaknesses in centralized management platforms create disproportionate organizational risk.

On the positive side, Operation Endgame continues producing measurable disruption against cybercriminal ecosystems by targeting not individual threat actors, but the infrastructure enabling ransomware, credential theft, and malware-as-a-service operations.

The battle is increasingly shifting away from individual malware campaigns and toward dismantling the infrastructure that allows cybercrime to scale globally.

📰 Top Stories & Deep Dive Analysis

🚨 Three Critical Ubiquiti UniFi Vulnerabilities Now Under Active Exploitation

The most urgent story today involves three critical vulnerabilities affecting Ubiquiti UniFi OS, all carrying perfect CVSS 10.0 severity ratings and all now confirmed to be under active exploitation after their inclusion in CISA’s Known Exploited Vulnerabilities catalog. Federal agencies face a remediation deadline of June 26, underscoring the urgency of the situation.

Researchers at Bishop Fox demonstrated that the vulnerabilities can be chained together into a complete unauthenticated remote code execution attack. The exploit sequence begins with an authentication bypass, followed by a path traversal vulnerability that exposes sensitive configuration files and credentials, and concludes with a command injection flaw that grants full root-level execution on vulnerable systems.

Threat researchers have already observed automated attacks creating unauthorized administrator accounts named “John Sim,” suggesting mass internet scanning is well underway.

UniFi devices are widely deployed across enterprise campuses, branch offices, SMBs, and home office environments. That broad deployment significantly expands the potential attack surface.

The patches have been available since May 21, yet many organizations remain exposed. If UniFi management interfaces are still internet accessible, the opportunity for attackers is substantial.

Organizations should immediately upgrade to UniFi OS version 5.0.8 or later, restrict management interfaces to dedicated administrative networks, block external access to UniFi controller ports, and leverage Bishop Fox’s published detection tools to identify vulnerable systems before attackers do.

⚠️ Mandiant Reveals How Cisco SD-WAN Zero-Day Became Full Enterprise Compromise

Mandiant published one of the most detailed forensic analyses of a Cisco SD-WAN compromise to date, documenting exactly how attackers transformed multiple vulnerabilities into complete control of a communications provider’s network infrastructure.

“Seven actively exploited zero-days in a single product line in six months isn’t bad luck. That’s structural failure.” James Azar

The attack unfolded in multiple stages over several months. Threat actors first exploited authentication bypass vulnerabilities to establish administrative access, quietly changed default administrator passwords to avoid detection, and extracted SD-WAN configuration data covering controllers, edge devices, templates, and network architecture.

Months later, they leveraged a newly discovered command injection vulnerability by uploading a malicious CSV file through Cisco’s tenant management interface. That payload created a hidden root account named “Truth,” allowing attackers to obtain unrestricted administrative control over the SD-WAN management plane.

With management plane access established, attackers gained the ability to push malicious configurations across every connected branch office and edge device managed by the platform.

Perhaps the most concerning aspect of the investigation is the trend itself.

This represents the seventh actively exploited Cisco SD-WAN zero-day disclosed during 2026.

At some point, organizations must ask whether repeated vulnerabilities within the same product family represent isolated software defects—or deeper architectural challenges.

Security teams operating Cisco SD-WAN environments should approach this as an active incident response effort rather than a routine patch cycle. Administrator accounts, unauthorized configuration changes, NetConf activity, and unexpected peering relationships all warrant immediate investigation.

🌍 Operation Endgame Strikes the Amadey and StealC Malware Ecosystem

International law enforcement agencies, Europol, Microsoft, IBM X-Force, Proofpoint, and numerous private-sector partners announced another major success under Operation Endgame, dismantling infrastructure supporting the Amadey loader and StealC information-stealing malware.

The scale of the operation is remarkable.

Authorities disrupted 326 servers, seized 142 malicious domains, identified more than $47 million in criminal cryptocurrency assets, and recovered approximately 27 million stolen credentials harvested from over 385,000 compromised systems worldwide.

“The cybercrime supply chain only works because the infrastructure behind it keeps operating. Break the infrastructure, and you break the business model.” James Azar

The operation targeted an entire cybercrime business model rather than a single malware family.

Amadey functioned as an initial access platform, delivering secondary malware such as ransomware and remote access trojans. StealC then harvested browser credentials, session cookies, cryptocurrency wallets, messaging data, and authentication tokens that were sold to other criminal organizations or used to facilitate enterprise intrusions.

Microsoft’s Digital Crimes Unit even employed AI-assisted analysis to connect infrastructure shared between both malware families, while Proofpoint and IBM X-Force identified weaknesses within the StealC command-and-control platform itself that law enforcement ultimately leveraged during the takedown.

Rather than arresting individual operators, Operation Endgame continues attacking the infrastructure that makes cybercrime profitable.

That strategy appears to be producing meaningful results.

🏥 DOJ Announces Largest Healthcare Fraud Takedown in U.S. History

The Department of Justice announced charges against 455 defendants across 56 federal districts, involving more than $6.5 billion in fraudulent Medicare and Medicaid claims. Authorities also seized approximately $182 million in assets connected to the schemes.

While primarily a financial crime story, the cybersecurity implications are significant.

Large-scale healthcare fraud increasingly depends upon compromised provider credentials, stolen patient identities, fraudulent billing systems, and automated digital infrastructure capable of processing enormous volumes of false claims.

Investigators highlighted the role of AI, cloud computing, and advanced analytics in identifying suspicious billing activity before payments were issued. Several defendants were arrested overseas, reflecting the increasingly international nature of healthcare fraud operations.

This case reinforces an important reality for healthcare security teams.

Patient data breaches do not simply create privacy risks.

They frequently become the raw material fueling organized financial crime.

⚡ Need to Know

🖥️ Lantronix EDS5000 Vulnerability Carries Critical Risk

A critical command injection vulnerability affecting Lantronix EDS5000 Serial-to-Ethernet servers is now included in CISA’s Known Exploited Vulnerabilities catalog. These systems frequently bridge legacy industrial equipment into modern IP networks, making them particularly important within operational technology environments. Organizations should update firmware immediately and isolate management interfaces wherever possible.

🍎 Atomic macOS Stealer Expands ClickFix Campaigns

Researchers uncovered a new ClickFix campaign targeting macOS users with Atomic macOS Stealer. Victims are tricked into opening Terminal and executing malicious commands that install credential-stealing malware targeting browsers, cryptocurrency wallets, Apple Keychain, Telegram, and Discord. No legitimate website should ever instruct users to paste commands into Terminal.

🔐 Passkeys Still Lag Across Major Platforms

Security researchers Scott Helme and Troy Hunt launched WhyNoPasskeys.com, highlighting major online services that still do not support passkey authentication. Despite growing adoption by Apple, Google, and Microsoft, several high-profile consumer platforms continue relying exclusively on passwords.

🤖 OpenAI Introduces Custom AI Inference Chip

OpenAI unveiled its first internally designed inference processor, codenamed Jalapeño, built using TSMC’s 3-nanometer manufacturing process. While primarily a business development story, custom AI silicon introduces new supply chain considerations for organizations evaluating AI infrastructure security.

🚆 German Rail Outage Traced to Equipment Failure

Germany’s national rail communications network experienced a nationwide outage caused by failure during replacement of a GSM-R communications component. Authorities confirmed the incident was not the result of a cyberattack, although the disruption renewed attention on aging communications infrastructure supporting critical services.

🎯 DraftKings Credential Stuffing Case Ends in Prison Sentences

A Minnesota man received an 18-month prison sentence for participating in the 2022 DraftKings credential stuffing campaign that compromised approximately 60,000 user accounts and stole roughly $600,000. The case reinforces growing federal enforcement against credential stuffing operations fueled by breached password databases.

🎯 Key Takeaway

Today’s show wasn’t about malware.

It wasn’t about ransomware.

It was about infrastructure.

The routers.
The controllers.
The management planes.
The edge devices.
The systems responsible for connecting everything else.

When attackers compromise infrastructure, every downstream security control becomes less effective.

Protecting the management plane is no longer simply an operational best practice.

It’s one of the most important cybersecurity priorities organizations have.

🧠 James Azar’s CISOs Take

What stood out to me today is that nearly every major story revolved around infrastructure rather than endpoints. The UniFi vulnerabilities demonstrate how quickly attackers automate exploitation once proof-of-concept code becomes available. The Cisco SD-WAN investigation showed that management platforms remain among the highest-value targets in enterprise environments because they provide centralized control over hundreds or even thousands of devices. If an attacker owns your management plane, they’ve effectively inherited your network.

The second lesson is that we should pay close attention to what Operation Endgame is accomplishing. For years we’ve measured success by arrests, but today’s operation reminds us that dismantling cybercrime infrastructure often delivers greater long-term impact. Recovering millions of stolen credentials, disrupting malware distribution, and removing command-and-control servers directly raises operational costs for cybercriminals. Defenders need to adopt the same mindset internally focus less on reacting to individual attacks and more on eliminating the infrastructure weaknesses that allow attacks to succeed repeatedly.

🛠️ Action Items

• Patch UniFi OS to version 5.0.8 or later immediately

• Restrict UniFi management interfaces to dedicated administrative VLANs

• Use Bishop Fox detection tools to identify exposed UniFi deployments

• Treat Cisco SD-WAN environments as active incident response investigations

• Audit privileged NetAdmin accounts across SD-WAN infrastructure

• Review configuration changes and unauthorized peering activity

• Update Lantronix EDS5000 firmware where deployed

• Train users to recognize ClickFix and Terminal-based social engineering

• Review passkey adoption across enterprise applications

• Rotate credentials recovered from previous breach datasets

• Assess management plane segmentation for all network infrastructure

🔥 Stay Cyber Safe.

Today’s episode revolved around a theme that the cybersecurity industry knows all too well but still struggles to execute consistently:

The gap between what we know we should do and what we actually do.

Today’s stories weren’t centered around sophisticated nation-state tradecraft or groundbreaking zero-day discoveries. Instead, they highlighted familiar failures: unpatched systems, forgotten credentials, abandoned vendor integrations, poor access governance, and delayed remediation. A Cisco vulnerability patched three weeks ago is now under active exploitation. The Klue supply chain breach continues expanding, with LastPass becoming the latest confirmed victim. The Five Eyes alliance issued a stark warning that AI-driven cyberattacks are arriving faster than most organizations are prepared for. Meanwhile, members of the notorious Scattered Spider group pleaded guilty in connection with one of the most disruptive attacks in the United Kingdom’s recent history.

The lesson is straightforward. The fundamentals still determine outcomes.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s threat landscape revealed a recurring pattern.

Organizations continue suffering significant incidents not because they lack security tools, but because known risks remain unresolved long after they’ve been identified. Whether it’s Cisco systems left unpatched for weeks, OAuth credentials surviving years after pilot projects end, or identity controls failing to keep pace with modern threats, attackers continue finding success through operational gaps rather than technical brilliance.

At the same time, governments are beginning to prepare for the next era of cybersecurity. The Five Eyes alliance warned that AI will dramatically accelerate offensive cyber operations, while the United States formally established deadlines for federal post-quantum cryptography adoption.

The future is arriving quickly.

The challenge is that many organizations are still struggling with yesterday’s security problems.

📰 Top Stories & Deep Dive Analysis

🚨 Cisco Unified Communications Manager Vulnerability Under Active Exploitation

Cisco issued an urgent warning that CVE-2026-20230, a high-severity server-side request forgery vulnerability affecting Unified Communications Manager and Unified Communications Manager Session Management Edition, is now being actively exploited in the wild. The vulnerability carries a CVSS score of 8.6 and was originally patched on June 3rd.

The flaw exists within the Web Dialer component and allows unauthenticated attackers to write arbitrary files to the underlying operating system through crafted HTTP requests. Once file write access is achieved, attackers can escalate privileges and gain root-level control of the server.

Researchers demonstrated that attackers can obtain required hostname information directly from the system before exploitation begins, significantly lowering the barrier to entry. Threat intelligence firms have already observed reconnaissance activity, including attempts to create test files designed to identify vulnerable targets.

What makes this story notable is not the vulnerability itself.

It’s the timing.

Organizations have had access to a patch for more than three weeks, yet attackers are still finding enough vulnerable systems to justify active exploitation campaigns. Given how widely Cisco Unified Communications Manager is deployed across enterprise voice, collaboration, and call center environments, the potential impact is significant.

If you’re running CUCM and haven’t patched yet, you’re operating on borrowed time.

🔗 Klue Supply Chain Breach Expands as LastPass Becomes Latest Victim

The Klue supply chain incident continues to evolve into one of the most significant SaaS-based breaches of 2026. New details reveal that the initial compromise originated from a credential issued to a third party during a limited pilot project in 2022. The credential remained active for four years after the pilot ended and ultimately became the entry point for attackers.

Attackers used the dormant credential to access Klue’s infrastructure, steal OAuth tokens connected to Salesforce and Gong environments, and pivot into customer systems where they extracted sensitive CRM data.

Today’s major development is the confirmation that LastPass was among the impacted organizations.

“The Klue breach didn’t start with Icarus. It started with a vendor offboarding process that never actually happened.” James Azar

According to LastPass, attackers accessed customer contact information, phone numbers, email addresses, physical addresses, support case information, and sales-related records stored within Salesforce. The company emphasized that password vaults were not compromised.

However, that distinction may provide little comfort to affected customers.

The stolen information provides attackers with exactly the type of contextual intelligence needed to launch highly targeted phishing campaigns, executive impersonation attacks, and sophisticated social engineering operations.

This incident marks the third major Salesforce OAuth-focused supply chain attack in less than a year.

At some point, the issue is no longer the attackers.

It’s the industry’s inability to properly govern third-party trust relationships.

⚖️ Scattered Spider Members Plead Guilty in Transport for London Attack

Two members of the notorious Scattered Spider cybercrime collective pleaded guilty on the opening day of their trial in the United Kingdom. Twenty-year-old Tahala Jubair and eighteen-year-old Owen Flowers admitted to conspiracy charges related to the cyberattack against Transport for London.

The attack caused widespread operational disruption, forced password resets for approximately 28,000 employees, exposed Oyster card refund data affecting roughly 10 million customers, and generated recovery costs estimated between £29 million and £39 million.

The evidence against the pair was substantial. Investigators recovered screenshots showing active access to Transport for London systems along with video recordings documenting portions of the intrusion.

The broader significance of this case lies in the demographics.

Scattered Spider continues to demonstrate that some of the most damaging cyberattacks globally are being conducted by individuals barely old enough to vote. Previous arrests and convictions have already impacted several core members of the group, including Tyler Buchanan and Noah Urban.

Yet despite these arrests, the pipeline remains active.

Authorities estimate that approximately one in five children between the ages of 10 and 16 in the United Kingdom have engaged in activities that technically violate computer misuse laws.

The next generation of cybercrime talent is already forming.

The question is whether defenders can adapt quickly enough.

🤖 Five Eyes Warns AI-Powered Cyberattacks Are Months Away, Not Years

The Five Eyes intelligence alliance, consisting of the United States, United Kingdom, Australia, Canada, and New Zealand, issued a joint advisory warning that advanced AI systems are poised to fundamentally transform the cyber threat landscape.

Unlike previous warnings that focused on theoretical future risks, this advisory is remarkably direct.

“The Five Eyes aren’t warning us about a future scenario. They’re describing the present state.” James Azar

The agencies involved including CISA and the NSA state that AI is already being used offensively and that frontier models will soon accelerate vulnerability discovery, exploitation development, reconnaissance, and attack automation at unprecedented speed.

The advisory emphasizes that cybersecurity must be treated as a board-level business risk rather than solely an IT responsibility.

Organizations were urged to focus on five foundational areas:

• Reduce attack surface exposure

• Accelerate patch management

• Eliminate unsupported legacy systems

• Strengthen identity controls

• Regularly test incident response capabilities

The timing of this advisory is notable given the reported 400% increase in cyber activity targeting satellite operators and space-sector organizations following recent geopolitical tensions involving Iran.

The message from Five Eyes is clear.

The organizations struggling with basic cybersecurity today will be the least prepared for AI-accelerated attacks tomorrow.

⚡ Need to Know

🍎 New Atomic macOS Stealer Campaign Targets Apple Users

Researchers identified a new ClickFix campaign targeting macOS users. Victims are tricked into opening Terminal and executing malicious commands that install the Atomic macOS Stealer. The malware targets browsers, cryptocurrency wallets, Apple Keychain, Telegram, Discord, and hardware wallet software. No legitimate website should ever instruct users to paste commands into Terminal.

🔐 Trump Signs Post-Quantum Cryptography Executive Order

President Trump signed Executive Order 14409 establishing deadlines for federal migration to post-quantum cryptography. High-value federal systems must adopt quantum-resistant key establishment mechanisms by December 31, 2030, and quantum-resistant digital signatures by December 31, 2031. Federal contractors will face similar expectations.

🛠️ OpenAI Expands Cybersecurity Initiative

OpenAI announced major updates to its Daybreak cybersecurity initiative, focusing on patch deployment and open-source software security. Through partnerships with HackerOne and Trail of Bits, the program aims to accelerate remediation efforts across critical open-source projects.

🌐 International Cybercrime Marketplace Operator Extradited

Spanish authorities extradited Algerian national Abdullah Balami to the United States. He is accused of operating cybercrime marketplaces known as Market Zero Day and Spoxy, which allegedly facilitated the sale of stolen credentials, exploits, and cybercrime services.

🚗 Israeli Defense Sector Removes Chinese Vehicles

Israeli defense contractor Elbit Systems has begun replacing Chinese-made vehicles within its corporate fleet due to concerns surrounding surveillance, connectivity, and supply chain risks. Other critical infrastructure operators in Israel are reviewing similar policies.

🎯 Key Takeaway

Today’s show wasn’t about advanced persistent threats.

It wasn’t about artificial intelligence.

And it wasn’t even about zero-days.

It was about execution.

A Cisco patch available for three weeks.
A credential left active for four years.
An OAuth token nobody reviewed.
An identity relationship nobody questioned.

The cybersecurity industry spends enormous resources discussing emerging threats.

Yet attackers continue succeeding through problems we already know how to solve.

🧠 James Azar’s CISOs Take

What stood out to me today is how many of these incidents trace back to governance failures rather than technology failures. The Cisco vulnerability had a patch. The Klue breach started with a credential that should have been removed years ago. The Scattered Spider intrusions repeatedly relied on social engineering rather than sophisticated exploitation. We continue investing heavily in advanced security technologies while leaving basic operational controls under-managed. Attackers notice that imbalance, and they exploit it relentlessly.

The second takeaway is that the timeline for cyber risk continues shrinking. The Five Eyes warning wasn’t written for future generations of security leaders. It was written for today’s leadership teams. AI-driven attack acceleration is happening now. Quantum-resistant cryptography deadlines are already being established. Organizations that cannot maintain credential hygiene, patch management discipline, and access governance today will struggle even more in an environment where attackers operate faster and at greater scale. The fundamentals are no longer simply best practices. They’re survival requirements.

Leave a comment

🛠️ Action Items

• Patch Cisco Unified Communications Manager immediately

• Audit all internet-facing Cisco Web Dialer deployments

• Review temporary vendor credentials and pilot program accounts

• Audit Salesforce OAuth integrations and connected applications

• Rotate dormant API keys and OAuth tokens

• Alert executives and customer-facing teams to phishing risks from the Klue breach

• Strengthen help desk verification procedures against social engineering

• Review organizational readiness for AI-assisted cyber threats

• Begin post-quantum cryptography inventory and planning efforts

• Train users against ClickFix and Terminal-based phishing attacks

• Assess third-party trust relationships and vendor offboarding procedures

🔥 Stay Cyber Safe.

Today’s show highlighted a reality that every security leader needs to understand:

Today’s stories demonstrated just how interconnected cybersecurity risk has become. A Russian-speaking threat actor assembled a database containing working credentials for roughly half of the internet-facing Fortinet firewalls visible on Shodan. A new extortion group called Icarus expanded a Salesforce-focused supply chain campaign impacting multiple cybersecurity vendors. Researchers disclosed an unpatchable exploit affecting millions of older iPhones, while a major Apple and Tesla supplier confirmed a breach exposing hundreds of gigabytes of manufacturing and operational data.

The common thread across every story was trust. Attackers aren’t simply targeting vulnerabilities anymore. They’re targeting the trust relationships organizations depend on every day.

Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s threat landscape revealed three major themes.

First, credentials remain one of the most valuable assets in cybersecurity. The FortiBleed campaign demonstrates that password complexity means little once credentials appear in infostealer databases.

Second, SaaS integrations continue becoming one of the largest unmanaged attack surfaces in enterprise environments. The Clu breach and resulting Icarus extortion campaign illustrate how a single third-party integration can provide access to dozens of downstream organizations.

Finally, supply chain security now extends well beyond software. Manufacturing ecosystems, hardware providers, semiconductor companies, and electronics suppliers increasingly represent attractive targets for adversaries seeking strategic intelligence.

The attack surface isn’t growing. It’s converging.

📰 Top Stories & Deep Dive Analysis

🔥 FortiBleed Exposes More Than 86,000 Active Fortinet Devices Across 194 Countries

The biggest story of the day continues to be FortiBleed, and the latest details make the situation significantly worse than originally believed. Researchers now confirm that a Russian-speaking threat actor compiled a verified database containing 86,644 active Fortinet administrative and SSL VPN credentials affecting organizations across 194 countries.

The scale is extraordinary. Researchers estimate the affected devices represent roughly half of all internet-facing Fortinet firewalls discoverable through Shodan.

What makes this campaign unique is the methodology. Attackers didn’t simply rely on brute force attacks. Instead, they built an automated ecosystem that combined credential stuffing, password harvesting, packet sniffing, and infostealer data. Once attackers gained access to Fortinet devices, they deployed custom packet sniffers that intercepted VPN authentication hashes in transit. Those hashes were then cracked using a dedicated 45-GPU password-cracking environment before being recycled back into the attack framework.

Perhaps the most alarming finding came from Hudson Rock. Many of the recovered passwords exceeded 25 characters and fully complied with complexity requirements. They weren’t cracked at all. They were harvested directly from infostealer logs.

That’s a critical lesson for security leaders. Password complexity does not protect credentials that have already been stolen.

Fortinet emphasized that no new vulnerability was exploited. Technically, that’s true. Operationally, however, the distinction matters very little when attackers possess valid credentials capable of providing direct access to perimeter infrastructure.

Organizations should assume any internet-facing Fortinet environment is a target and immediately rotate administrative credentials, VPN passwords, and any Active Directory credentials potentially associated with those systems.

🎭 Icarus Expands Salesforce Supply Chain Campaign

The fallout from the Clu breach continues to expand as a newly identified extortion group known as Icarus claims responsibility for stealing data from multiple organizations through compromised Salesforce integrations.

The list of confirmed victims now includes several major cybersecurity companies and SaaS providers, including HackerOne, Huntress, Recorded Future, Tanium, Snyk, Jamf, OneTrust, Gong, and Sprout Social.

The attack chain began with something remarkably simple: a forgotten testing account.

“Attackers don’t need a zero-day when your Salesforce instance hands them a skeleton key through a vendor you forgot you onboarded.”

Attackers gained access using a dormant credential that should have been decommissioned years earlier. From there, they inserted malicious code into Clu’s backend environment and harvested OAuth tokens connected to customer Salesforce instances and other SaaS applications.

Armed with those tokens, attackers launched large-scale extraction operations through Salesforce APIs, generating thousands of requests and pulling business intelligence, customer relationship information, pricing data, opportunity tracking notes, and sales strategy information.

This incident marks the third significant Salesforce OAuth supply chain attack in less than a year.

That statistic alone should concern every security leader.

Organizations spend enormous effort securing their Salesforce environments while often overlooking the dozens of third-party applications granted broad access through OAuth permissions. Those integrations frequently become the weakest link in the chain.

The lesson here is simple: if your team cannot explain why a connected application has access to Salesforce, that access should probably be removed.

📱 Researchers Disclose Unpatchable iPhone BootROM Exploit

Researchers at Paradigm Shift disclosed a new exploit known as USBlitter-V8 that targets Apple’s SecureROM, the foundational code executed when affected devices power on.

The significance of this vulnerability lies in one uncomfortable reality.

Apple cannot patch it.

Because the flaw resides within immutable silicon rather than software, no operating system update can fully remediate the issue.

The exploit impacts devices built on Apple’s A12 and A13 chipsets, including the iPhone XS, XR, and iPhone 11 product lines, along with certain Apple Watch models.

The attack requires physical access and specialized hardware, limiting widespread abuse. However, in the hands of nation-state actors, forensic specialists, or sophisticated adversaries, the exploit enables compromise of the device’s secure boot chain from the very first instruction executed during startup.

For most organizations, this is not an emergency.

But it does serve as another reminder that hardware lifecycle management remains a critical component of cybersecurity. Devices approaching a decade in service often carry risks that software updates can no longer address.

🏭 Tata Electronics Breach Impacts Apple and Tesla Supply Chain

Tata Electronics confirmed a significant data breach after threat actors associated with the WorldLeaks ransomware group allegedly stole more than 630 gigabytes of internal information.

The breach has implications far beyond a single company.

Tata has become one of the most strategically important manufacturers in India’s technology ecosystem, assembling Apple products, supplying semiconductor components, and supporting Tesla operations.

Researchers reviewing samples from the leaked dataset identified:

• Apple supplier documentation

• Tesla manufacturing records

• Internal SAP data

• Corporate email communications

• Operational and engineering information

Apple has reportedly launched an investigation while Tata continues evaluating the scope of the incident.

What makes this breach especially important is the broader context. Governments and corporations have spent years attempting to diversify manufacturing operations away from China. Tata has emerged as one of the largest beneficiaries of that transition.

As manufacturing ecosystems become more strategically important, they also become more attractive cyber targets.

Supply chain security increasingly extends from software code all the way to semiconductor fabrication and physical product assembly.

⚡ Need to Know

🌐 International Law Enforcement Disrupts SocGholish Infrastructure

Authorities from the United States, Canada, Germany, and the Netherlands seized 106 servers and remediated nearly 15,000 compromised WordPress websites associated with the SocGholish malware ecosystem. SocGholish has long served as an initial access broker feeding ransomware operations including Evil Corp and RansomHub. While the disruption is significant, researchers expect portions of the infrastructure to reemerge.

Share

🔑 Gravity SMTP Plugin Under Active Exploitation

Attackers are actively exploiting vulnerabilities in the Gravity SMTP WordPress plugin to steal API keys, credentials, and sensitive configuration information. Administrators should patch immediately and rotate any exposed secrets.

🔐 Google Sets Mandatory Passkey Deadline

Google announced that all Workspace administrator accounts must transition to passkey-based authentication by September 30. Organizations should begin planning migration efforts immediately to avoid last-minute operational challenges.

🎧 Apple Patches Beats Bluetooth Vulnerability

Apple released firmware updates addressing a high-severity Bluetooth pairing vulnerability affecting Beats Studio Buds. Organizations with large mobile workforces should encourage prompt updates.

🖥️ RemotePC Abused for Persistence

Threat actors are increasingly abusing the legitimate RemotePC remote administration tool alongside PowerShell-based payloads to establish persistence inside enterprise environments. Security teams should monitor for unauthorized installations of remote management software.

🚨 False Emergency Alerts Trigger Panic in Brazil

Authorities in Brazil are investigating a suspected cyber incident that triggered unauthorized emergency alerts nationwide, highlighting the ongoing fragility of public warning infrastructure and the importance of securing trusted communication systems.

🎯 Key Takeaway

Today’s episode wasn’t about malware.

It wasn’t about ransomware.

And it wasn’t even really about vulnerabilities.

It was about trust.

The trust organizations place in credentials.
The trust they place in SaaS integrations.
The trust they place in suppliers.
The trust they place in hardware platforms.

Every major breach discussed today succeeded because attackers found a trusted relationship and exploited it.

That’s increasingly where modern cybersecurity battles are won and lost.

🧠 James Azar’s CISOs Take

What stood out to me today is how consistently trust relationships continue driving successful compromises. The FortiBleed campaign wasn’t powered by a breakthrough exploit. It was powered by credentials that should have been rotated years ago. The Clu breach wasn’t a Salesforce failure. It was an OAuth governance failure. The Tata breach wasn’t simply a ransomware incident. It was an attack against a strategically important manufacturing ecosystem. Every one of these stories demonstrates that attackers increasingly target relationships rather than technology.

The second takeaway is that security leaders need to rethink what constitutes critical infrastructure. For years we focused on servers, endpoints, and firewalls. Today, critical infrastructure includes SaaS integrations, supplier networks, manufacturing ecosystems, hardware trust anchors, and cloud identity platforms. If we continue defining our attack surface too narrowly, attackers will continue exploiting the areas we’ve chosen not to see. Visibility, governance, and trust validation are becoming just as important as patching and prevention.

🛠️ Action Items

• Rotate all Fortinet administrative and SSL VPN credentials immediately

• Review Active Directory accounts associated with perimeter devices

• Enforce phishing-resistant MFA on administrative accounts

• Audit all Salesforce connected applications and OAuth permissions

• Remove unused or undocumented third-party integrations

• Review supplier risk management programs for strategic vendors

• Evaluate hardware refresh timelines for older Apple devices

• Patch Gravity SMTP deployments and rotate associated secrets

• Prepare Google Workspace administrators for passkey migration

• Monitor environments for unauthorized RemotePC installations

• Review supply chain security controls for manufacturing partners

🔥 Stay Cyber Safe.

Today’s episode highlighted a harsh reality: attackers don’t need sophisticated zero-days when organizations continue struggling with the basics. Unpatched Splunk servers, stale Fortinet credentials, overprivileged SaaS integrations, and vulnerable web infrastructure are creating opportunities that threat actors continue exploiting at scale.

We also saw continued evidence that supply chain risk isn’t limited to software development environments. Business platforms, CRM systems, and third-party integrations have become high-value targets because they provide access to customer relationships, pricing strategies, and organizational intelligence.

If there was one theme that connected every story today, it was this: security hygiene remains the highest return-on-investment activity in cybersecurity.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

“Security is ninety percent hygiene and ten percent fancy rules.” James Azar

🧭 Executive Summary

Today’s cybersecurity landscape highlighted three persistent challenges.

First, attackers continue weaponizing vulnerabilities within security products themselves. Splunk, Fortinet, and endpoint security platforms remain prime targets because compromising defensive infrastructure creates asymmetric advantages.

Second, third-party integrations continue expanding enterprise attack surfaces in ways many organizations fail to monitor effectively. OAuth permissions, API connections, and SaaS ecosystems increasingly represent soft entry points into sensitive environments.

Finally, organizations continue underestimating the value of basic operational security controls such as credential rotation, access reviews, and configuration management.

The technology is changing rapidly.

The fundamentals are not.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🚨 Splunk Vulnerability Added to CISA KEV Days After Disclosure

Splunk Enterprise administrators face an urgent remediation requirement after CISA added CVE-2026-20253 to its Known Exploited Vulnerabilities catalog just days after public disclosure. The flaw affects Splunk’s PostgreSQL sidecar service and enables unauthenticated attackers to perform arbitrary file operations that can be chained into full remote code execution.

Researchers published proof-of-concept exploit code within forty-eight hours of disclosure, and Splunk confirmed active exploitation shortly afterward.

The vulnerability is particularly concerning because Splunk often serves as the backbone of enterprise detection and response programs. A successful compromise could allow attackers to manipulate logs, disable detections, erase forensic evidence, and pivot into additional environments.

This marks the first time a Splunk vulnerability has been added to CISA’s KEV catalog.

Organizations should immediately upgrade to supported versions, review all Splunk activity since June 10, and treat any unpatched internet-accessible instances as potentially compromised.

🔥 More Than 86,000 Fortinet Credentials Exposed

CISA warned organizations that over 86,000 Fortinet devices now appear in attacker credential databases, creating a significant risk for organizations relying on VPN and perimeter security infrastructure. Importantly, this campaign does not rely on a new vulnerability.

Instead, attackers are leveraging default accounts, stale credentials, and passwords recovered from previous breaches. Researchers found that generic administrative accounts represented approximately 35% of exposed credentials, while another 28% involved built-in Fortinet accounts.

Many organizations upgraded to newer FortiOS versions supporting stronger password hashing algorithms but never required administrators to log in again, leaving older password hashes intact.

This is not a technology failure. It’s a fundamentals failure.

Organizations should terminate active sessions, rotate all administrative and VPN credentials, verify migration to stronger password hashing mechanisms, and enforce phishing-resistant MFA across all internet-facing management interfaces.

🔗 KlueSupply Chain Breach Impacts Huntress and Recorded Future

Security vendors Huntress and Recorded Future confirmed they were impacted by a breach involving Klue, a market intelligence platform integrated into numerous sales and customer relationship workflows.

Attackers compromised Klue’s backend systems and distributed malicious code updates that harvested OAuth tokens connected to customer environments.

Affected integrations included:

• Salesforce

• HubSpot

• SharePoint

• Zoom

• Gong

• Clari

• Slack

• Google Drive

The attackers leveraged harvested tokens to query Salesforce environments and exfiltrate customer relationship data. While neither Huntress nor Recorded Future reported exposure of threat intelligence or engineering systems, the stolen data included customer contacts, pricing information, sales messaging, and contract details.

This incident reinforces an increasingly important lesson. Third-party SaaS integrations frequently hold broad permissions but receive limited security oversight. Organizations should audit OAuth scopes, review API access logs, and reassess the business necessity of every connected application.

🌐 Critical NGINX Vulnerabilities Could Enable Remote Code Execution

F5 released patches for two critical vulnerabilities affecting NGINX Open Source and NGINX Plus deployments. Both flaws carry CVSS scores of 9.2 and impact core web infrastructure used across enterprise environments.

The first vulnerability affects HTTP/3 processing and can trigger memory corruption through crafted sessions. The second involves a heap-based buffer overflow affecting proxy and gRPC modules when specific configurations are enabled.

Both vulnerabilities are remotely exploitable without authentication and may allow remote code execution under certain conditions. NGINX underpins a significant percentage of internet-facing applications, APIs, and cloud-native services.

Recent history suggests attackers move quickly when critical NGINX vulnerabilities become public. Organizations should prioritize patching immediately and disable HTTP/3 functionality where updates cannot be deployed quickly.

⚡ Need to Know

🛡️ GentleKiller Malware Targets EDR Platforms

Researchers identified a new EDR-killing framework used by the Gentlemen ransomware operation. The malware disables more than 400 security processes across 48 vendors by exploiting vulnerable signed drivers in classic bring-your-own-vulnerable-driver attacks. Enable Microsoft’s vulnerable driver block list and implement strict driver allow-listing controls.

📦 North Korea Targets npm Supply Chain

Microsoft attributed a supply chain attack involving more than 60 npm packages to North Korean threat actors associated with Sapphire Sleet. The campaign targeted developer credentials and cryptocurrency wallets through typosquatted dependencies. Organizations should review development environments and dependency trees immediately.

🖥️ Joomla and LiteSpeed Vulnerabilities Under Active Exploitation

Attackers are actively exploiting critical vulnerabilities affecting Joomla’s JCE Editor and LiteSpeed cPanel plugins. Both flaws enable remote code execution and privilege escalation against exposed hosting environments. Immediate patching is recommended.

🏞️ Texas Parks and Wildlife Breach Exposes 3 Million Records

A third-party vendor supporting Texas Parks and Wildlife disclosed a breach exposing driver’s license numbers, passport information, email addresses, phone numbers, and physical addresses belonging to more than three million individuals. The affected vendor has not yet been publicly identified.

🏭 Accenture Expands Into OT Security

Accenture announced a $4.1 billion transaction involving a majority stake in Dragos alongside acquisitions of RunZero and NetRise. The deal signals growing demand for integrated operational technology security capabilities as industrial environments face increasing cyber threats.

🇬🇧 UK Critical Infrastructure Faces Rising State Threats

The UK’s National Cyber Security Centre reported handling more than 200 critical infrastructure incidents over the past year, with approximately 75 percent linked to nation-state actors associated with Russia, China, and Iran. Officials warned AI will accelerate exploitation of known vulnerabilities by 2028.

🪖 Defense Spending Increases Cybersecurity Requirements

Proposed U.S. defense authorization legislation includes expanded CMMC requirements and additional AI security obligations for defense contractors, highlighting continued emphasis on supply chain security within the defense industrial base.

🎯 Key Takeaway

Today’s episode wasn’t about sophisticated attacks.

It was about neglected fundamentals.

Default credentials.
Overprivileged OAuth scopes.
Unpatched infrastructure.
Weak password hygiene.
Excessive third-party trust.

None of these problems require artificial intelligence to exploit.

They simply require defenders to ignore the basics long enough for attackers to notice.

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how consistently attackers continue winning through preventable failures. 86,000 Fortinet devices weren’t compromised because attackers discovered a revolutionary new technique. They succeeded because organizations failed to rotate credentials, remove default accounts, and validate upgrades. The Splunk issue reinforces the same lesson. Security tools themselves have become high-value targets, and defenders need to apply the same rigor to monitoring those platforms that they apply to every other critical asset.

The second takeaway is that third-party integrations have quietly become one of the largest unmanaged attack surfaces in enterprise environments. The Clu incident demonstrates how quickly OAuth tokens can become pathways into CRM systems, contract data, and customer intelligence. Organizations need to stop treating SaaS integrations as simple business enablement tools and start governing them like privileged infrastructure. Visibility into API permissions, token scopes, and application access is no longer optional.

🛠️ Action Items

• Patch Splunk Enterprise instances immediately

• Review Splunk activity logs dating back to June 10

• Rotate all Fortinet administrative and VPN credentials

• Remove default and generic administrator accounts

• Enforce phishing-resistant MFA on perimeter devices

• Audit all Salesforce and SaaS OAuth integrations

• Review API access logs for unusual activity

• Patch NGINX Open Source and NGINX Plus deployments

• Enable Microsoft’s vulnerable driver block list

• Audit npm dependencies for typosquatted packages

• Patch Joomla JCE Editor and LiteSpeed environments

• Review third-party vendor security requirements and data access permissions

Today’s episode delivered a stark reminder that cybersecurity isn’t a technology problem, it’s a trust problem.

Attackers continue targeting the systems we trust most: our VPNs, our SD-WAN controllers, our research platforms, our AI infrastructure, and the supply chains behind them all. Whether it’s a Chinese APT quietly siphoning medical and military research for years, threat actors exploiting Palo Alto VPN appliances to establish persistence inside enterprise networks, or attackers repeatedly targeting Cisco’s SD-WAN management plane, the common denominator remains the same.

They aren’t simply exploiting vulnerabilities.

They’re exploiting our reliance on critical infrastructure that was never designed to withstand this level of sustained adversarial pressure.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s threat landscape highlighted three accelerating trends.

First, network edge devices remain one of the most attractive targets for attackers. Palo Alto GlobalProtect and Cisco SD-WAN continue to experience active exploitation because they provide direct pathways into enterprise environments.

Second, nation-state actors increasingly prioritize long-term intelligence collection over disruptive attacks. China’s UNC6508 campaign demonstrates the value adversaries place on medical research, military readiness data, AI development, and public health information.

Finally, organizations continue deploying AI technologies faster than they can secure them. New vulnerabilities affecting AI model proxies and orchestration frameworks show how quickly emerging technologies become part of the enterprise attack surface.

The challenge for defenders is no longer finding vulnerabilities.

It’s understanding which trusted systems attackers value most.

📰 Top Stories & Deep Dive Analysis

🚨 Palo Alto GlobalProtect Authentication Bypass Under Active Exploitation

Palo Alto Networks issued an urgent warning confirming active exploitation of CVE-2026-0257, an authentication bypass vulnerability affecting GlobalProtect portal and gateway components running on PAN-OS. CISA added the flaw to its Known Exploited Vulnerabilities catalog in late May, but exploitation activity continues to expand.

The vulnerability stems from improper handling of authentication override cookies. When organizations enable the authentication override feature while reusing certificates across multiple services, attackers can forge authentication cookies and establish fully authenticated VPN sessions without valid credentials.

No username.
No password.
No MFA prompt.

Once inside, attackers immediately begin post-exploitation activity consistent with credential harvesting and lateral movement. Researchers observed threat actors establishing IPSec tunnels, conducting SMB reconnaissance, and generating NTLM authentication traffic within minutes of obtaining access.

This is not opportunistic scanning. It’s operational intrusion activity designed to achieve persistence.

Organizations running physical or virtual PAN-OS firewalls with GlobalProtect enabled should patch immediately, disable authentication override functionality where possible, rotate associated certificates, and review logs for suspicious VPN activity dating back to May.

⚠️ Cisco SD-WAN Suffers Its Eighth Zero-Day of 2026

Cisco released patches for CVE-2026-20262, another critical vulnerability affecting Catalyst SD-WAN Manager, formerly known as vManage. The flaw allows low-privileged authenticated users to upload crafted files and achieve root-level code execution.

This marks at least the eighth actively exploited SD-WAN vulnerability disclosed by Cisco in 2026.

Researchers tracking the threat cluster UAT-5918, believed to overlap with China’s Nexus Orb infrastructure, observed attackers repeatedly targeting SD-WAN environments using remarkably consistent techniques. After gaining access, threat actors inject SSH keys, enable root accounts, downgrade software to reintroduce older vulnerabilities, and restore original versions to obscure forensic evidence.

At this point, the issue extends beyond individual vulnerabilities.

When a single product line experiences eight actively exploited vulnerabilities within six months many affecting the same management plane components, organizations must begin asking harder questions about architecture, secure development practices, and long-term platform risk.

Organizations should patch immediately, review authorized SSH keys, inspect configuration changes, and verify the integrity of routing policies pushed throughout the SD-WAN fabric.

🇨🇳 UNC6508 Spent Years Harvesting U.S. Medical, Military, and AI Research

Google Threat Intelligence Group published details on UNC6508, a Chinese cyber espionage operation targeting medical providers, military health institutions, academic research organizations, and public health agencies across the United States and Canada.

The campaign focused heavily on organizations conducting:

• Clinical drug trials

• Molecular research

• Military health readiness programs

• Public health initiatives

• Artificial intelligence research

Initial access appears tied to unpatched REDCap deployments, a widely used research platform supporting clinical databases and survey collection.

Once inside, UNC6508 demonstrated exceptional patience.

In one case, attackers waited more than three months before deploying custom malware known as InfiniteRed. The malware established persistence, harvested credentials, and enabled command-and-control communications.

Perhaps most concerning was the group’s use of legitimate email compliance features to silently exfiltrate sensitive communications matching predefined research topics.

One intrusion reportedly lasted more than two years.

The takeaway is straightforward: if your organization conducts high-value research, assume you are already a target.

🌾 Ransomware Halts Australia’s Sugar Harvest

Australia’s second-largest sugar producer, Mackay Sugar, suffered a ransomware attack attributed to the group known as The Gentlemen, disrupting operations during the opening days of the country’s sugar crushing season.

The attack forced shutdowns across multiple processing facilities and disrupted logistics systems supporting approximately 1,300 family farms.

While business systems are slowly returning online, critical questions remain unanswered regarding potential impacts to operational technology environments.

Food production operates on unforgiving timelines. Sugarcane begins losing value immediately after harvest, meaning every day of downtime translates directly into financial losses for producers.

The incident underscores a growing trend.

Cyberattacks targeting food and agriculture increasingly create physical-world consequences that extend well beyond the directly affected organization.

If scheduling systems, logistics platforms, and industrial control environments share network connectivity, the resulting business impact can cascade rapidly.

Share CISO Talk by James Azar

⚡ Need to Know

🤖 LightLLM Vulnerabilities Expose AI Infrastructure

Researchers disclosed multiple critical vulnerabilities affecting LightLLM, a popular proxy used to route traffic to AI models including ChatGPT and Claude. The flaws enable privilege escalation, remote code execution, command injection, and API key generation. Organizations should upgrade immediately to version 1.8.3.14-stable or later.

🛠️ SimpleHelp Authentication Bypass Carries Perfect CVSS Score

CVE-2026-48558 affects SimpleHelp remote support deployments using OpenID Connect authentication. Attackers can forge identity tokens, bypass MFA, create technician accounts, and remotely access managed systems. Approximately 14,000 internet-facing instances remain exposed.

🎭 DOJ Seizes Deepfake Abuse Websites

The Department of Justice seized two websites hosting hundreds of thousands of non-consensual deepfake images in the first major action under the Take It Down Act. International law enforcement partners in France and Italy assisted with the operation.

🎣 Ghostwriter Targets Polish Gmail Accounts

Belarus-linked threat group Ghostwriter shifted operations toward personal Gmail accounts belonging to politicians, journalists, academics, and government personnel. The campaign uses adversary-in-the-middle techniques to bypass MFA protections.

📦 npm Moves to Restrict Install Scripts

npm version 12, expected next month, will disable automatic execution of dependency lifecycle scripts by default. The change directly addresses recent supply chain attacks involving Shai-Hulud and TeamTNT campaigns.

📱 UK Plans Social Media Restrictions for Children

The UK announced plans to restrict social media access for children under 16, creating significant implications for age verification, identity assurance, and privacy engineering.

⚽ Handala Claims FBI World Cup Drone Compromise

Iran-linked group Handala claimed it breached FBI surveillance drones supporting FIFA World Cup security operations. While investigators dispute portions of the evidence provided, the claim reflects increasing interest in major global events as cyber targets.

🌐 FCC Relaxes Restrictions on Chinese Network Equipment

The FCC announced changes allowing certain Chinese-manufactured networking equipment back into approved cable provider environments, reigniting debate around supply chain integrity and network hardware trust.

🎯 Key Takeaway

Today’s episode wasn’t really about vulnerabilities.

It was about persistence.

UNC6508 remained undetected for years.
Attackers exploiting GlobalProtect move immediately into credential harvesting.
Chinese actors repeatedly return to Cisco SD-WAN environments because the management plane remains valuable.
Ransomware groups understand exactly when operational disruption creates maximum leverage.

The organizations that succeed in this environment won’t necessarily be the ones that patch fastest.

They’ll be the ones that detect unauthorized access before attackers turn persistence into impact.

🧠 James Azar’s CISOs Take

What stood out to me today is how consistently attackers target authentication infrastructure and management planes. GlobalProtect, SD-WAN controllers, REDCap systems, AI proxies, these are all systems designed to facilitate access. Once compromised, they become force multipliers for attackers. Security teams need to stop treating these technologies as routine infrastructure and start treating them as crown jewels because that’s exactly how adversaries view them.

The second takeaway is that patience continues to favor sophisticated threat actors. UNC6508 waited months before deploying malware and years before being discovered. UAT-5918 repeatedly returns to Cisco environments because they understand defenders often focus on patching individual vulnerabilities instead of addressing root causes. Detection engineering, behavioral monitoring, and threat hunting are no longer advanced capabilities reserved for mature organizations. They’re baseline requirements for operating securely in 2026.

Leave a comment

🛠️ Action Items

• Patch PAN-OS GlobalProtect deployments immediately

• Disable authentication override functionality where possible

• Review GlobalProtect logs for suspicious activity dating back to May

• Patch Cisco Catalyst SD-WAN Manager without delay

• Audit authorized SSH keys and configuration changes

• Inventory and patch all REDCap deployments

• Hunt for InfiniteRed indicators of compromise

• Verify segmentation between IT and OT environments

• Upgrade LightLLM to supported versions

• Review SimpleHelp deployments using OpenID Connect

• Prepare development teams for npm install script changes

• Increase phishing awareness ahead of World Cup events

🔥 Stay Cyber Safe.

Today’s episode exposed a harsh reality many security teams are struggling to accept:

Today’s show featured two critical enterprise vulnerabilities with CVSS scores of 9.8 affecting platforms organizations rely on every day. Oracle’s PeopleSoft environments continue to be actively targeted by ShinyHunters, while Splunk Enterprise faces a pre-authentication remote code execution vulnerability that strikes at the heart of security operations infrastructure.

At the same time, Iranian hacktivists claimed responsibility for breaching a major California water utility, more than 400 Arch Linux packages were discovered distributing malware to developer environments, and a Chinese APT quietly maintained access to an air-gapped network for a decade.

If there was a single lesson from today’s show, it’s this: access remains the most valuable asset in cybersecurity. The question isn’t whether attackers can get in, it’s how quickly organizations can detect them before that access turns into impact.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s threat landscape highlights three critical trends shaping cybersecurity in 2026.

First, enterprise software vendors continue struggling with timely vulnerability disclosure. Oracle’s PeopleSoft customers were exposed for two weeks before receiving official guidance, while Splunk customers are rushing to patch a vulnerability affecting the very platform used to monitor threats.

Second, attackers increasingly target identity and authentication systems because controlling access provides far more value than compromising individual endpoints.

Finally, supply chain attacks continue moving deeper into developer ecosystems, while geopolitical tensions increasingly influence cyber operations against critical infrastructure.

The result is a threat environment where defenders must assume attackers are already exploiting newly disclosed vulnerabilities long before patches become widely deployed.

📰 Top Stories & Deep Dive Analysis

🏛️ ShinyHunters Exploits PeopleSoft Zero-Day Across More Than 100 Organizations

Oracle released an emergency out-of-band patch for CVE-2026-44712, a critical 9.8-rated remote code execution vulnerability affecting PeopleSoft Update Environment Management Hub. The flaw allows unauthenticated attackers to execute code over HTTP without credentials or user interaction.

The concern is not simply the vulnerability itself, it’s the timeline.

Threat intelligence researchers confirmed active exploitation began on May 27, yet Oracle’s advisory did not arrive until June 10, providing attackers with a fourteen-day head start. During that period, ShinyHunters reportedly compromised more than 300 PeopleSoft instances spanning over 100 organizations.

Nearly seventy percent of confirmed victims are higher education institutions. The University of Nottingham publicly acknowledged a breach after student and alumni records appeared on ShinyHunters’ leak site.

PeopleSoft environments frequently contain payroll information, financial aid records, employee data, student records, and other highly sensitive information. Researchers also identified evidence of outbound SMB traffic from compromised servers, suggesting attackers may be capturing NetNTLM hashes for credential relay attacks and lateral movement.

This incident reinforces a difficult truth for organizations operating large ERP platforms: vendor disclosure timelines rarely align with attacker timelines.

Organizations should assume compromise if their PeopleSoft instances were exposed between May 27 and June 10 and immediately begin incident response activities.

🚨 Splunk Enterprise Faces Critical Pre-Authentication Remote Code Execution

Splunk disclosed CVE-2026-44787, a critical vulnerability with a CVSS score of 9.8 that allows unauthenticated remote code execution through exposed backup and recovery endpoints.

Researchers demonstrated that attackers can abuse PostgreSQL sidecar services to perform arbitrary file operations and overwrite Python scripts executed by Splunk itself, transforming a file write capability into full server compromise.

Affected versions include Splunk Enterprise 10.0.0 through 10.0.6 and 10.2.0 through 10.2.3.

The irony is difficult to ignore.

Splunk serves as the security monitoring platform for countless organizations. A successful compromise could allow attackers to disable logging, tamper with detections, erase evidence, or use the platform as a pivot point into additional environments.

Organizations running AWS-hosted Splunk Enterprise deployments face elevated risk because the PostgreSQL sidecar service is enabled by default.

This vulnerability highlights an ongoing challenge across cybersecurity: the tools organizations rely on for defense increasingly represent high-value targets themselves.

Immediate patching should be considered mandatory.

💧 Iran-Linked Handala Claims Breach of California Water Utility

The Iran-linked hacktivist group Handala claimed responsibility for breaching California Water Service, one of the largest investor-owned water utilities in the United States, serving approximately two million customers.

The group published approximately five gigabytes of allegedly stolen data and framed the attack as retaliation for recent geopolitical developments involving Iran and the United States.

Analysis of the leaked material suggests attackers accessed customer billing databases and internal RTK base systems used for centimeter-level GPS positioning by field crews.

The leaked data reportedly includes customer names, addresses, account numbers, payment histories, administrative credentials, and GPS correction infrastructure information.

Importantly, researchers found no evidence that operational technology or industrial control systems were compromised.

Handala claims it could have disrupted water services but intentionally chose not to. While there is currently no evidence supporting those claims, the incident demonstrates how critical infrastructure operators continue facing elevated risk from ideologically motivated threat actors.

The greater concern may not be service disruption but rather the exposure of operational information that could facilitate future targeting efforts.

🐧 More Than 400 Arch Linux Packages Distribute Malware

Researchers discovered that more than 400 packages in the Arch User Repository were compromised to distribute Linux rootkits and credential-stealing malware.

The Arch User Repository remains one of the most popular community-driven package ecosystems for developers, researchers, and security practitioners.

The malware includes rootkits designed for persistence and infostealers targeting:

• Cloud credentials

• Session tokens

• Source code repositories

• CI/CD environments

• Developer authentication secrets

Developer workstations have become increasingly attractive targets because they provide access to production environments, cloud infrastructure, and software supply chains.

Compromising a developer endpoint often delivers significantly more value than compromising a traditional user workstation.

Organizations should treat any credentials recently used on affected Arch Linux systems as compromised and immediately rotate associated secrets.

⚡ Need to Know

🇨🇳 Velvet Ant Maintained Access to Air-Gapped Networks for Ten Years

Researchers disclosed that Chinese threat actor Velvet Ant maintained access to an organization’s authentication infrastructure for more than a decade, providing visibility into administrative activity across isolated environments. The case demonstrates that air gaps alone do not provide meaningful security without monitoring and authentication integrity controls.

🎣 FBI Dismantles Massive AI-Powered Phishing Platform

The FBI, working alongside Google and Black Lotus Labs, disrupted “LabHost,” a phishing-as-a-service operation responsible for more than one million malicious URLs and thousands of credential theft sites. The platform leveraged AI to accelerate phishing infrastructure deployment at scale.

💉 Novo Nordisk Discloses Clinical Trial Data Breach

Pharmaceutical giant Novo Nordisk confirmed attackers accessed systems containing pseudonymized patient data related to clinical trials. Exposed information includes patient identifiers, participation details, biomarkers, and lifestyle information. Core business operations remain unaffected.

🇰🇷 South Korea Issues Record Privacy Fine

South Korea’s privacy regulator imposed a record $409 million fine against e-commerce platform Coupang after a former employee allegedly stole authentication signing keys, exposing the personal information of more than 33 million individuals.

📝 Maine Breach Reporting Portal Abused

Maine’s public breach notification database was temporarily taken offline after unknown actors submitted fabricated breach reports falsely attributing incidents to major platforms. The incident raises concerns regarding the integrity of public breach reporting systems.

🤖 U.S. Restricts Access to Advanced AI Models

The U.S. government directed Anthropic to suspend access to its advanced Fable 5 and Mythos 5 models for certain foreign nationals due to national security and jailbreak concerns. The move reflects a broader trend toward treating frontier AI models as controlled technologies.

⚽ FBI Warns of World Cup Ticket Scams

With the FIFA World Cup underway, the FBI warned of increased activity involving fake ticket websites, fraudulent domains, and employment scams targeting fans and job seekers. Officials recommend purchasing tickets exclusively through FIFA’s official application.

🎯 Key Takeaway

Today’s episode wasn’t fundamentally about vulnerabilities.

It was about access.

Who has access.
Who shouldn’t.
How long attackers maintain that access.
And how quickly defenders can identify the difference.

Whether it was ShinyHunters exploiting PeopleSoft, Velvet Ant compromising authentication infrastructure, or Handala stealing utility credentials, the common thread remains unchanged.

Access without visibility becomes persistence.
Persistence without detection becomes impact.

🧠 James Azar’s CISOs Take

What stood out to me today is how consistently attackers focused on identity, authentication, and administrative control. ShinyHunters captured credentials through outbound SMB traffic. Velvet Ant compromised authentication systems directly. Handala targeted administrative access to utility infrastructure. Even the Arch Linux compromise focused on stealing developer credentials and session tokens. The lesson is clear: attackers increasingly care less about individual endpoints and more about the systems controlling trust.

The second takeaway is that organizations can no longer afford to operate on vendor timelines. Oracle’s delayed disclosure gave attackers a two-week advantage. Splunk customers are now rushing to patch the very platforms responsible for monitoring threats. AI models are becoming matters of national security, and supply chain attacks continue targeting developer ecosystems. Security teams must prioritize proactive threat hunting, independent validation, and rapid response capabilities because waiting for official guidance is increasingly becoming a losing strategy.

Leave a comment

🛠️ Action Items

• Immediately patch Oracle PeopleSoft CVE-2026-44712

• Hunt for indicators of compromise dating back to May 27

• Review outbound SMB traffic from PeopleSoft environments

• Upgrade Splunk Enterprise to supported fixed versions

• Restrict network access to Splunk management interfaces

• Rotate credentials associated with affected Arch Linux systems

• Audit authentication infrastructure for unauthorized persistence

• Validate phishing-resistant MFA deployment across critical systems

• Review segmentation between IT and OT environments

• Monitor World Cup-related phishing and fraud campaigns

• Assess AI governance policies for emerging export control requirements

🔥 Stay Cyber Safe.

Double espresso poured. This week’s briefing may be the most operationally dense we’ve produced in recent memory, four full episodes covering a threat landscape James described plainly: “Defenders are increasingly operating on attacker timelines rather than vendor timelines.”

This week that was not rhetorical. A federal whistleblower complaint alleged IBM and AT&T concealed APT10 federal cloud intrusions affecting billions in government contracts. Cisco disclosed its seventh SD-WAN zero-day of 2026, this time with no patch available. Hugging Face Transformers with 232 million installations received a critical RCE vulnerability disclosure where exploitation bypasses the control specifically designed to prevent it. The Miasma supply chain worm expanded into AI developer toolchains including Claude Code, Gemini CLI, and VS Code AI extensions. Check Point VPN attackers moved from initial access to domain controller compromise in under four hours. And researcher Nightmare Eclipse dropped “Rogue Planet,” a privilege escalation exploit achieving SYSTEM on fully patched Windows 10 and 11 effective even after June’s Patch Tuesday.

By the end of the week: Chrome logged its fifth actively exploited zero-day of 2026. SAP released a CVSS 9.9 NetWeaver SAML forgery vulnerability. ServiceNow disclosed unauthenticated API data access then revised its account. Veeam backup servers were found vulnerable to RCE by any authenticated domain user. ShinyHunters launched a large-scale PeopleSoft campaign hitting 300+ instances across 100+ organizations. And North Korea was attributed with 47% of all state-sponsored hands-on-keyboard intrusions in the technology sector.

The phrase that appeared more than any other across the week: “no patch currently available.”

James’s response: “Forget all the shiny tools. If we can’t do the fundamentals well, none of those tools are going to help. That’s the reality.”

Let’s get into it.

Subscribe now

🌐 Infrastructure & Network Exploitation

Cisco SD-WAN: Seventh Zero-Day of 2026 — Root Code Execution, No Patch

Cisco disclosed another critical SD-WAN vulnerability enabling root-level code execution — the seventh SD-WAN zero-day disclosed this year. No patch is currently available. SD-WAN platforms control routing, connectivity, segmentation, and network visibility across enterprises. Seven zero-days targeting one product line in six months raises legitimate questions about attack surface management, secure development practices, and long-term vendor strategy. Restrict management plane access immediately, implement all published compensating controls, and review long-term vendor strategy for this infrastructure tier.

SolarWinds Serv-U Added to CISA KEV: Federal Deadline June 19

CISA added SolarWinds Serv-U FTP software to the KEV catalog following confirmed active exploitation. The vulnerability allows unauthenticated denial-of-service through crafted requests. Federal agencies face a June 19 remediation deadline. Upgrade to Serv-U version 15.5.4 Hotfix 1 and verify all internet-facing deployments are updated.

Chrome CVE-2026-111645: Fifth Actively Exploited Zero-Day of 2026

Google released an emergency update addressing CVE-2026-111645, a high-severity out-of-bounds memory flaw in Chrome’s V8 JavaScript engine actively exploited in the wild enabling arbitrary code execution through nothing more than a victim visiting a compromised webpage. This is Chrome’s fifth actively exploited zero-day of 2026. The browser is now the operating system for modern work, holding SaaS access, authentication tokens, cloud credentials, and financial systems. Deploy Chrome version 149.0.7827.102 or later immediately and ensure browsers are actually restarted, not just updated in the background.

Chrome 149 Ships 429 Security Fixes Including CVSS 9.6 Sandbox Escape

Alongside the emergency zero-day patch, Google’s Chrome 149 delivered 429 total security fixes including a critical sandbox escape vulnerability carrying a CVSS score of 9.6. Force browser updates across all managed endpoints and verify deployment.

CISA KEV Additions: Cisco SD-WAN, Chrome V8, Arista EOS Tunnel Bypass

CISA added three actively exploited vulnerabilities this week. The Arista EOS flaw is particularly notable: it allows unexpected tunneled traffic to bypass intended protocol validation controls in tunnel endpoint configurations and Arista’s mitigation guidance relies entirely on access control lists because no patch is currently planned. No patch. No timeline. ACLs only.

Oracle WebLogic Added to CISA KEV: Cobalt Strike and Ransomware Deployment Confirmed

CISA confirmed active exploitation of CVE-2024-21182 in Oracle WebLogic attackers are using it to deploy Cobalt Strike and ransomware. Patch immediately and review exposed WebLogic services.

ASUS Router Critical Vulnerabilities: Patches Expected End of June

Two critical ASUS Wave 7 mesh router vulnerabilities expose credentials and allow persistent backdoor installation. No patches until later this month. Restrict management interfaces to trusted IP ranges and implement network segmentation as interim controls.

🇨🇳 Chinese Threat Activity

IBM and AT&T Accused of Concealing APT10 Federal Cloud Intrusions — 56,000 Breaches Alleged

A newly unsealed federal whistleblower complaint filed by former IBM security analyst William Barlow alleges that IBM and AT&T concealed extensive APT10 intrusions affecting federal cloud infrastructure between 2013 and 2016. The complaint claims APT10 breached IBM systems more than 56,000 times while targeting subsidiaries managing sensitive federal healthcare and financial workloads, and that IBM leadership chose not to disclose the activity in order to protect federal business relationships worth billions of dollars. These remain allegations in a whistleblower filing. However, if proven true, the implications extend far beyond a breach disclosure potentially involving deliberate concealment of nation-state compromises affecting federal systems and reshaping expectations around vendor transparency, breach notification, and federal contractor accountability. Vendor risk is not simply about security controls. It is also about disclosure culture and governance.

UNC5221 / Verdant Bamboo: 18 Months Inside Microsoft 365, Re-Compromise After Remediation

Researchers documented UNC5221 maintaining access inside Microsoft 365 environments for more than 18 months while deploying two previously undocumented malware families: Pleanit (.NET-based backdoor blending into legitimate Microsoft communications) and AgentPSD (Python-based reverse shell disguised as a PowerShell diagnostic utility). One victim was re-compromised after a complete remediation effort suggesting credentials were not fully rotated, persistence mechanisms were missed, or alternate pathways were retained. The campaign also leveraged MSP relationships, potentially expanding downstream exposure. MSP security reviews, tenant monitoring, identity hardening, and comprehensive credential rotation following IR are essential.

OP512: 75-Day ICS Persistence Before Primary Operation Phase

ReliaQuest documented OP512, a newly tracked Chinese threat cluster that maintained access to an IIS web server for 75 days before initiating its primary operation. The group targeted end-of-life .NET environments and deployed cryptographically unique web shells, timestamp manipulation, memory-only payloads, privilege escalation tooling, and in-memory persistence mechanisms including malware files designed to appear years older than they actually were to complicate forensic timeline reconstruction. Chinese operators continue winning not because of advanced exploits but because organizations continue running unsupported internet-facing infrastructure long after it should have been retired.

JDY Botnet Doubles: 1,500 Compromised Devices Feeding Chinese Intelligence Reconnaissance

A China-linked botnet known as JDY expanded from approximately 650 to more than 1,500 compromised devices targeting Ubiquiti, Hikvision, DrayTek, Linksys, and other internet-connected infrastructure, rapidly scanning newly disclosed vulnerabilities and feeding reconnaissance data to threat actors linked to Chinese intelligence operations.

🤖 AI Infrastructure Under Attack

“If vendors won’t compete on transparency voluntarily, make it a procurement requirement.”

Hugging Face Transformers CVE-2026-4372: 232 Million Installations, Exploit Bypasses Safety Control

CVE-2026-4372 in Hugging Face Transformers (versions 4.56.0 through 5.2.x) allows arbitrary code execution through a maliciously crafted configuration file during model loading — and exploitation remains possible even when “trust_remote_code” is explicitly disabled, the control specifically intended to prevent these scenarios. This is one of the most significant AI security disclosures of the year given 232 million affected installations. AI models, configuration files, dependencies, and repositories are software supply chain assets requiring the same governance as traditional applications. Upgrade to Transformers version 5.3.0 and review all model ingestion workflows for externally sourced AI artifacts.

Miasma Worm Expands Into AI Developer Toolchains: Claude Code, Gemini CLI, VS Code AI Extensions

The Miasma supply chain worm expanded its targeting to include AI developer toolchains including Claude Code, Gemini CLI, and VS Code AI extensions. Once installed through a compromised npm package, Miasma harvests API keys, session tokens, local credentials, and development secrets, then propagates by modifying additional projects found on the infected machine and pushing malicious commits upstream under the victim’s legitimate identity. Modern AI development environments contain direct cloud infrastructure access, source code repositories, CI/CD pipelines, and production credentials. A single infected developer workstation can cascade into an entire organization’s software supply chain.

Langflow CVE-2026-5027: 7,000 Internet-Accessible AI Agent Instances Under Active Attack

Attackers are actively exploiting CVE-2026-5027 in Langflow, a path traversal vulnerability enabling arbitrary file writes combined with the platform’s default unauthenticated auto-login behavior. Approximately 7,000 internet-accessible Langflow instances were identified. Langflow deployments typically contain AI model credentials, API tokens, cloud service access, development secrets, and proprietary business logic. Upgrade immediately, disable auto-login, implement authentication controls, and inventory whether development teams are running unauthorized AI infrastructure.

OpenClaw AI Agent: Five Zero-Days Patched

Five vulnerabilities in OpenClaw’s AI agent framework integrating with Slack, Teams, and Discord allowing user impersonation through identity handling weaknesses were patched. All updates applied.

OpenAI ChatGPT Lockdown Mode Launched

OpenAI introduced ChatGPT Lockdown Mode, disabling outbound communications and browsing capabilities to mitigate prompt injection and data exfiltration attacks for sensitive use cases including government, legal, and financial workloads.

OpenSSL Patches AI-Discovered Vulnerability

OpenSSL patched 18 vulnerabilities including CVE-2026-45447, a high-severity use-after-free in PKCS#7 verification discovered with assistance from Anthropic’s Claude AI. Update OpenSSL dependencies across all enterprise applications.

Anthropic Claude Fable 5 Jailbreak via Multi-Agent Decomposition

Researchers bypassed safety controls in Claude Fable 5 using multi-agent decomposition, Unicode manipulation, and narrative framing, exposing system instructions and generating exploit-related content. Highlights ongoing challenges in AI safety engineering as capabilities advance.

🧬 Supply Chain & Developer Ecosystem

Shai-Hulud Evolves: Miasma (npm) and Hades (PyPI) Infect 100+ Packages and 500+ Artifacts

Two new Shai-Hulud derivatives Miasma targeting npm via weaponized binding.gyp files that bypass post-install detection, and Hades targeting PyPI environments including machine learning, bioinformatics, and MCP ecosystems have infected more than 100 packages and nearly 500 compromised artifacts. A single infected developer workstation or CI/CD runner becomes a malware distribution point for countless downstream organizations. Hunt for Miasma and Hades indicators, restrict package installation scripts in CI/CD, and prepare for npm version 12’s upcoming default disabling of install scripts and remote dependency resolution.

Red Hat npm Miasma “Miasma” Campaign: 32 Packages, 117,000 Weekly Downloads

The “Miasma” campaign compromised 32 official Red Hat npm packages originating through a compromised Red Hat employee GitHub account, then leveraging GitHub Actions OIDC workflows to distribute malware through trusted pipelines. AWS, Azure, GCP credentials, GitHub tokens, SSH keys, and npm tokens harvested. Rotate all cloud and development credentials from affected packages and review all build pipelines for compromise indicators.

Gogs Zero-Day: Self-Hosted Git Repositories Vulnerable to Arbitrary Command Execution

A critical argument injection vulnerability in Gogs allows attackers to execute arbitrary commands as the Git user, potentially accessing every repository on the platform. Gogs is frequently deployed by development teams without the governance applied to enterprise platforms, yet hosted repositories often contain source code, IaC, API keys, credentials, and internal documentation. Update to version 0.14.3 and audit all self-hosted code repositories.

Polyfill.io Supply Chain Threat Returns on Toshiba, Muji, Samsung Smart TV Sites

The compromised JavaScript CDN Polyfill.io resurfaced on websites associated with Toshiba, Muji, and Samsung Smart TV platforms, presenting fake authentication prompts. Supply chain compromises can persist long after initial disclosure. Remove all remaining references to Polyfill.io from web properties.

💥 Ransomware & Destructive Operations

ShinyHunters PeopleSoft Campaign: 300+ Instances, 100+ Organizations, ERP Data Theft

ShinyHunters is actively targeting Oracle PeopleSoft environments through chained vulnerabilities combined with exposed administrative credentials attacking more than 300 PeopleSoft instances across 100+ organizations globally, including educational institutions. PeopleSoft contains employee records, payroll, tax data, financial operations, and student administration data. Attackers are establishing remote access via MeshCentral, running credential spraying against PSOFT/Oracle/Linux admin accounts, and creating long-term operational footholds not simply stealing data and leaving. Review published indicators of compromise, audit administrative accounts, search for unauthorized MeshCentral installations, and remove unnecessary PeopleSoft internet exposure immediately.

SAP NetWeaver CVE-2026-44748 CVSS 9.9: SAML Identity Forgery

SAP’s June patch day delivered 15 security notes including CVE-2026-44748 an XML Signature Wrapping vulnerability in NetWeaver’s SAML authentication framework allowing authenticated attackers to forge identity assertions while maintaining signature validation. Also notable: CVE-2026-27671 (CVSS 9.8), a memory corruption vulnerability in the SAP Kernel exploitable remotely without authentication. SAP systems control finance, procurement, logistics, and regulatory reporting. Prioritize these patches immediately and review SAML authentication configurations.

Veeam Backup CVE-2026-44963: Any Authenticated Domain User Achieves RCE

Veeam disclosed a CVSS 9.4 vulnerability in Backup & Replication servers any authenticated domain user can potentially achieve remote code execution against domain-joined backup infrastructure. Ransomware operators specifically target backup platforms to eliminate recovery options. Patch immediately.

NightSpire Ransomware: 175 Organizations, 28 Industries, Legitimate Tools Only

NightSpire continues through legitimate tooling only exposed RDP and FortiOS for entry; Chrome Remote Desktop, AnyDesk for persistence; MegaSync for exfiltration. No custom malware, no EDR triggers. Audit exposed RDP, unauthorized remote administration software, and FortiOS patching status.

🔓 Data Breaches & Identity Exposures

“Let’s say I’m a threat actor with this access and I can unlock all your doors. Now I can sell that access to a local crime group. They come in at midnight, raid your office, take everything they want and walk out. If I do that on a Friday night, you’re not going to find out until Monday morning. The connection between cyber threats and local gang monetization is one hundred percent real. Talk to your threat hunting team about this.”

ServiceNow Unauthenticated API Data Exposure — Then Narrative Revision

ServiceNow disclosed attackers queried customer data through an improperly configured API endpoint before a June 5 security update was deployed. Depending on organizational use, exposed data could include employee records, asset inventories, security incidents, support tickets, operational workflows, and credentials shared during troubleshooting. ServiceNow’s disclosure remained largely behind customer login portals while practitioners reconstructed attack paths through public forums. Later, ServiceNow revised its position attributing observed activity to bug bounty researchers rather than malicious actors though questions about disclosure timelines and transparency remain. Review logs, investigate API endpoint access, and rotate credentials that may have been shared through support cases.

Windows “Rogue Planet”: SYSTEM Privileges on Fully Patched Windows 10/11, No Patch Available

Researcher Nightmare Eclipse released “Rogue Planet,” a proof-of-concept privilege escalation exploit achieving SYSTEM on fully patched Windows 10 and Windows 11 systems through a race condition involving Microsoft Defender effective even after June Patch Tuesday updates. Multiple independent researchers validated successful exploitation. No patch is available. Previous disclosures from Nightmare Eclipse (Green Plasma, Yellow Key, Red Sun, Blue Hammer, Undefend) have subsequently appeared in active exploitation campaigns. Assume any successful local code execution could escalate to full SYSTEM-level compromise and adjust EDR monitoring accordingly.

Silent Ransom Group Targets Law Firms via Teams, Voice Phishing, 18-Country DNS Fast Flux

The Silent Ransom Group (Luna Moth) combined Microsoft Teams messaging, voice phishing, and DNS Fast Flux infrastructure spanning 18 countries to target law firms for data theft and extortion. Law firms hold M&A information, litigation strategies, attorney-client communications, and regulatory matters making them high-leverage targets. Security awareness programs focused exclusively on email are no longer aligned with today’s threat landscape. Teams-based phishing is an active, underdefended attack vector.

French Government Messaging Platform Tchap Breached: 650,000 Messages, 73,000 Users

France’s secure government messaging platform Tchap was compromised through a single account, allegedly exposing over 650,000 messages and 73,000 user records. One compromised identity creating disproportionate risk within centralized collaboration environments is a recurring pattern.

Oxford Career Connect: Second Breach This Year

Oxford University’s Career Connect platform suffered its second successful compromise of 2026, with attackers accessing student records, email addresses, degree information, and employment application history enabling highly targeted job-related phishing.

🌐 Geopolitical & Nation-State Threats

Check Point VPN: Domain Controller Compromise in Under Four Hours

Investigators documented attackers moving from Check Point VPN access to Domain Controller compromise in less than four hours. Historically, organizations measured dwell time in days or weeks. Sophisticated operators now achieve complete domain compromise within a single shift. Patch immediately, review logs, and implement additional authentication controls. VPN infrastructure must be treated as critical security infrastructure, not routine network equipment.

Ubiquiti Unifi Vulnerability Chain: Unauthenticated Root Access + Physical Security Convergence

Researchers disclosed a three-vulnerability chain in Ubiquiti Unifi OS allowing unauthenticated root-level access to controllers on the same network segment. Many organizations use Unifi to manage wireless networks, switching, security cameras, and physical access control systems simultaneously. Compromising the controller can provide operational control over doors, surveillance systems, and physical access infrastructure — not just network visibility. The convergence of cyber and physical security is no longer a future concern. Apply firmware updates, isolate management networks, and evaluate whether physical security systems share infrastructure with general IT operations.

Gamaredon Deploys USB Worm, Telegram C2, and Wiper Against Ukraine

Russia’s FSB-linked Gamaredon continued its WinRAR CVE-2025-8088 exploitation campaign delivering GammaLoad (downloader), GammaWorm (USB-propagating worm hiding via NTFS alternate data streams), GammaSteal (exfiltration to AWS S3 via Telegram C2), and GammaWipe (destructive wiper). Patch WinRAR for CVE-2025-8088, monitor Telegram outbound traffic, and watch for unexpected S3 uploads from endpoints.

Five Eyes Advisory: China Systematically Recruiting Government Insiders via LinkedIn

A joint advisory from intelligence agencies across the U.S., Canada, UK, Australia, and New Zealand documented Chinese intelligence systematically recruiting government employees, military personnel, contractors, and critical infrastructure workers through LinkedIn, Indeed, and Upwork — gradually escalating from harmless research to sensitive tasking, compensating through cryptocurrency and wire transfers, then migrating communications to Signal and Telegram. Classified access is not required. Facility layouts, contract details, budget information, and vendor relationships have significant intelligence value when aggregated. Communicate this advisory to all staff with sensitive access.

Mustang Panda Returns with PlugX via Fake Adobe Prompts

Chinese APT Mustang Panda resurfaced with fake Adobe Acrobat update prompts delivering PlugX malware using signed binaries and memory-only execution. Hunt for PlugX indicators across endpoints.

North Korea Attributed with 47% of State-Sponsored Tech Sector Intrusions

CrowdStrike attributed 47% of state-sponsored hands-on-keyboard intrusions against the technology sector to North Korean operators — many using deepfakes, stolen identities, and forged documentation to secure employment. Review hiring controls for remote technical positions and contractor onboarding procedures.

SafeLove Stealer: Ukrainian Intelligence Targets Russian Military Through Romantic Personas

Researchers disclosed SafeLove Stealer, targeting Russian military personnel through fake romantic personas to steal files, capture location data, access Telegram accounts, and activate microphones remotely for battlefield intelligence collection.

⚖️ Policy, Privacy & Industry

Anthropic Mythos Expands to 150 Organizations Including NATO, Critical Infrastructure

Anthropic’s Project Glasswing added 150 organizations across 15 countries — including NATO, ENISA, Samsung, healthcare providers, utilities, and critical infrastructure operators — to the Mythos vulnerability discovery platform. Mythos has identified 23,000+ potential vulnerabilities including thousands previously unknown. AI-assisted vulnerability discovery is becoming a strategic defensive advantage for organizations with access — and a structural risk for those without.

Trump Signs Voluntary AI Security Review Executive Order

President Trump signed an executive order establishing a voluntary 30-day federal review framework for advanced AI models, with national security risk evaluation, AI cybersecurity capability benchmarking, and an AI cybersecurity clearinghouse. The practical value depends on whether government oversight can evolve at the pace of AI development.

Massachusetts Consumer Data Privacy Act Passes Unanimously

Massachusetts unanimously passed the MCDPA introducing restrictions on geolocation tracking, biometric data collection, data minimization requirements, and private rights of action. Begin assessing compliance exposure for organizations operating in Massachusetts.

European Commission Tech Sovereignty Package: Cloud and AI Localization Requirements

The European Commission unveiled a technology sovereignty initiative including expanded semiconductor investments and new cloud and AI localization requirements designed to reduce European dependence on foreign infrastructure providers. Organizations operating across U.S. and European markets should prepare for data residency requirements, regional architecture segmentation, and regulatory divergence.

Palantir CTO Reportedly Under Consideration for CISA Director

Reports indicate Shyam Sankar, Palantir CTO, is being considered for the long-vacant CISA Director position. CISA has operated without Senate-confirmed leadership since January 2025 while facing some of the most active threat periods in recent memory.

Proposal for Independent U.S. Cyber Force: 30,000 Personnel, $11 Billion

A policy report recommended creating a dedicated U.S. Cyber Force. Supporters argue cyber operations have grown sufficiently large to justify their own military branch.

WhatsApp v. NSO: Court Finds NSO in Contempt of Discovery Orders

NSO Group was found in contempt of court for failing to provide required technical documentation about Pegasus spyware operations. WhatsApp also alleges it identified additional NSO activity occurring during the discovery process itself.

NSA Appoints David Imbordino as Cyber Director, Bruce Jones to Lead CCC

NSA formally filled key leadership positions ending a prolonged gap and restoring continuity for government-private sector cybersecurity partnerships.

Adobe Patches 123 Vulnerabilities; ColdFusion Remains Highest Priority

Adobe released fixes for 123 vulnerabilities across 11 products — 57 affecting Experience Manager alone, two critical RCE vulnerabilities. ColdFusion remains the highest-priority remediation target given its exploitation history.

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Deploy Chrome 149.0.7827.102 or later and force restarts — fifth actively exploited zero-day of 2026

• Patch SAP NetWeaver CVE-2026-44748 (CVSS 9.9 SAML forgery) and CVE-2026-27671 (CVSS 9.8 kernel RCE) — prioritize SAML configuration review

• Patch Veeam Backup & Replication CVE-2026-44963 immediately — any domain user achieves RCE against backup infrastructure

• Patch SolarWinds Serv-U to 15.5.4 Hotfix 1 — CISA KEV, June 19 federal deadline

• Upgrade Hugging Face Transformers to version 5.3.0 — 232 million installs, exploit bypasses trust_remote_code control

• Patch Oracle WebLogic CVE-2024-21182 — CISA KEV, Cobalt Strike and ransomware deployment confirmed

• Upgrade Langflow immediately and disable auto-login — 7,000 internet-accessible instances under active attack

• Patch WordPress Kirki plugin to version 6.0.7 or disable — CVSS 9.8, one million sites, no credentials required

• Apply Check Point VPN patches immediately — domain controller compromise documented in under four hours

• Apply Ubiquiti Unifi firmware updates and isolate management networks — three-vulnerability root access chain with physical security implications

• Patch WinRAR CVE-2025-8088 — Gamaredon actively exploiting for USB worm and wiper deployment

• Update Gogs to version 0.14.3 — arbitrary command execution as Git user

• Review PeopleSoft environments for MeshCentral installations and ShinyHunters IOCs — 300+ instances actively targeted

Short-Term (This Month)

• Upgrade Cisco SD-WAN with all available compensating controls — seventh zero-day, no patch, root code execution

• Hunt for UNC5221 / Verdant Bamboo indicators within Microsoft 365 tenants — rotate all credentials following any IR

• Implement Arista EOS ACL mitigations — no patch planned, exploit active, tunnel bypass in production

• Monitor for Miasma and Hades supply chain worm indicators — rotate all npm and PyPI-related credentials

• Remove all Polyfill.io references from web properties — resurfaced on Toshiba, Muji, Samsung platforms

• Patch Adobe ColdFusion — highest-priority given exploitation history

• Update OpenSSL dependencies across enterprise applications — AI-discovered use-after-free in PKCS#7

• Review ServiceNow instance logs and rotate credentials shared through support cases

• Restrict ASUS router management interfaces to trusted networks — patches expected end of June

• Remove ATG fuel monitoring systems from internet exposure

• Brief all staff with sensitive access on Five Eyes China LinkedIn insider recruitment advisory

• Train employees on Teams-based phishing and voice phishing — email-only awareness programs are misaligned with current threat landscape

Strategic (This Quarter)

• Assess governance controls around AI model ingestion and deployment — Transformers exploit bypasses the dedicated safety control

• Treat “no patch available” scenarios as requiring elevated compensating controls and monitoring — Cisco SD-WAN, Arista EOS, Rogue Planet are all current examples

• Begin compliance assessment for Massachusetts Consumer Data Privacy Act and European Tech Sovereignty localization requirements

• Prepare for npm version 12 security changes — test compatibility now before mandatory rollout

• Expand insider threat monitoring to include financial market abuse, prediction markets, and LinkedIn recruitment scenarios

• Evaluate physical security and IT infrastructure separation — Unifi root access with door/camera control convergence is the operational model for why this matters

Leave a comment

🎙️ James Azar’s CISO’s Take

When I look across this week’s four episodes, the most important shift is the phrase that kept appearing: “no patch currently available.” Cisco’s seventh SD-WAN zero-day. Rogue Planet on fully patched Windows. Arista EOS with ACLs as the only mitigation. ASUS routers waiting until end of June. This is not occasional, it is becoming a recurring operational condition. Security programs built entirely around the patch-it-and-move-on model are increasingly operating in a world that no longer exists. Organizations must mature disciplines that have historically been secondary: network segmentation, behavioral monitoring, compensating controls, and rapid detection because when the patch doesn’t exist yet, those capabilities are all you have. The fundamentals have always mattered. They matter more now than they ever have.

The second major takeaway is that the attack surface has expanded permanently in ways that most security programs have not fully internalized. The Ubiquiti vulnerability chain demonstrates that a network compromise can now become a physical security incident unlocking doors, disabling cameras, and enabling physical theft. Miasma expanding into Claude Code and Gemini CLI demonstrates that AI development toolchains are now primary attack surfaces indistinguishable from traditional software supply chains. The IBM/AT&T whistleblower allegations demonstrate that vendor risk is also about disclosure culture whether your trusted partners will tell you the truth when something goes wrong. These are not edge cases. They are the operational reality security leaders need to be managing today.

📋 Week in Summary

This was the week “no patch available” became a defining operational condition rather than an exception. Cisco SD-WAN logged its seventh zero-day of 2026 with no remediation path. Rogue Planet achieved SYSTEM on fully patched Windows through a race condition Microsoft hadn’t addressed. Arista’s EOS tunnel bypass received ACLs as the permanent mitigation because no patch is planned. And Hugging Face Transformers with 232 million installations received a critical RCE disclosure where exploitation bypasses the safety control specifically designed to prevent it. Against that backdrop, Chrome logged its fifth actively exploited zero-day of 2026, ShinyHunters hit 300-plus PeopleSoft instances, SAP released a CVSS 9.9 SAML forgery vulnerability, and Veeam backup servers were found vulnerable to RCE by any authenticated domain user.

The human and physical dimensions were equally significant. Check Point VPN attackers moved from initial access to domain controller compromise in under four hours demonstrating that attacker velocity in 2026 is measured in hours, not days. A federal whistleblower alleged that IBM and AT&T concealed APT10 intrusions affecting federal systems for years to protect billion-dollar contracts, a reminder that vendor risk is also about disclosure culture. Ubiquiti’s three-vulnerability chain showed that compromising a network controller can mean unlocking doors. And a Five Eyes advisory documented China’s systematic LinkedIn recruitment of government insiders at scale. The attack surface is fully multi-domain. The organizations that adapt their security programs to that reality will be the ones that remain standing.

Stay informed. Stay prepared. Stay Cyber Safe. 🔐

© CyberHub Podcast | Subscribe on Substack | Watch on YouTube | Follow on LinkedIn

Today’s episode reinforced a trend we’ve been discussing for months:

Attackers are industrializing the gap between disclosure, patching, and remediation faster than defenders can close it.

Today’s show featured four major stories demanding immediate attention before lunch. ShinyHunters is actively exploiting Oracle PeopleSoft environments through a sophisticated zero-day chain affecting more than 100 organizations. The researcher known as Nightmare Eclipse has released yet another Windows privilege escalation zero-day called Rogue Planet that works on fully patched Windows systems. CISA expanded its Known Exploited Vulnerabilities catalog with active Cisco, Chrome, and Arista vulnerabilities, while attackers continue exploiting vulnerable Langflow AI deployments exposed to the internet.

Layered on top of those developments were emerging threats targeting AI platforms, critical infrastructure systems, developer ecosystems, and remote hiring processes. If yesterday’s theme was concentration of risk, today’s theme is operational tempo. Attackers are moving faster, exploiting faster, and scaling their operations faster than many organizations are prepared to respond.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s threat landscape revealed a cybersecurity ecosystem under sustained pressure from both criminal and nation-state actors.

ShinyHunters continues expanding its campaign against Oracle PeopleSoft environments using chained zero-days and legitimate administration tools. Meanwhile, Microsoft’s ongoing public dispute with security researcher Nightmare Eclipse has produced yet another publicly released Windows zero-day with no available patch. Organizations are also facing active exploitation of AI development platforms, growing reconnaissance activity from Chinese botnets, and an increasing number of situations where vendors are telling customers that no patch is currently available.

The challenge facing security teams is no longer simply identifying vulnerabilities. It is managing an environment where attackers are often weaponizing flaws before defenders have practical remediation options.

📰 Top Stories & Deep Dive Analysis

🏛️ ShinyHunters Launches Large-Scale PeopleSoft Data Theft Campaign

The biggest story of the day involves the ShinyHunters extortion group actively targeting Oracle PeopleSoft environments through a sophisticated chain of old and new vulnerabilities. Researchers report attacks affecting more than 300 PeopleSoft instances across over 100 organizations globally.

PeopleSoft remains one of the most widely deployed enterprise resource planning platforms in the world, supporting human resources, payroll, finance, procurement, and student administration systems. In many organizations, PeopleSoft contains some of the most sensitive data available, including employee records, payroll information, tax data, and financial operations.

Researchers discovered evidence suggesting attackers are leveraging multiple vulnerabilities combined with exposed administrative credentials and configuration weaknesses rather than relying on a single flaw. Evidence recovered from exposed attacker infrastructure revealed MeshCentral remote management tools, credential spraying scripts, and automated shell scripts targeting common administrative accounts such as PSOFT, Oracle, and Linux administration accounts.

Several educational institutions appear to be among the victims, with Nottingham University publicly acknowledging an incident after its data appeared on ShinyHunters’ leak site.

The broader concern here is persistence. These attackers are not simply stealing data and leaving. They are establishing remote access, maintaining footholds, and creating long-term operational access into business-critical ERP environments.

Organizations should immediately review published indicators of compromise, audit administrative accounts, search for unauthorized MeshCentral installations, and remove unnecessary internet exposure from PeopleSoft environments.

🚨 Rogue Planet Gives Attackers SYSTEM Access on Fully Patched Windows Machines

Security researcher Nightmare Eclipse released a new proof-of-concept exploit known as Rogue Planet that enables local privilege escalation to SYSTEM privileges on fully patched Windows 10 and Windows 11 systems.

The vulnerability exploits a race condition involving Microsoft Defender and remains effective even after organizations deployed Microsoft’s June 2026 Patch Tuesday updates. Multiple independent researchers have reportedly validated successful exploitation.

What makes this disclosure particularly significant is the context surrounding it. Rogue Planet follows a series of highly publicized disclosures from Nightmare Eclipse, including Green Plasma, Yellow Key, Red Sun, Blue Hammer, and Undefend. Several of those vulnerabilities were later observed in active exploitation campaigns.

At the center of the controversy is an increasingly public disagreement between Microsoft and the researcher regarding vulnerability disclosure processes. Microsoft previously suspended the researcher’s GitHub account, only to see the exploit quickly reappear elsewhere.

For defenders, the practical challenge remains straightforward. There is currently no patch available.

Organizations should assume any successful local code execution could potentially become full SYSTEM-level compromise and adjust endpoint detection and response monitoring accordingly.

📋 CISA Adds Cisco, Chrome, and Arista Vulnerabilities to KEV Catalog

CISA added three actively exploited vulnerabilities to the Known Exploited Vulnerabilities catalog, highlighting continued attacker focus on browsers and network infrastructure.

The first vulnerability affects Cisco Catalyst SD-WAN Manager and allows authenticated attackers to execute arbitrary commands as root through crafted file uploads. The second is Chrome’s recently disclosed V8 out-of-bounds memory vulnerability, which allows arbitrary code execution through malicious web content.

The third vulnerability may be the most operationally challenging. Affecting Arista EOS deployments configured as tunnel endpoints, the flaw allows unexpected tunneled traffic to bypass intended protocol validation controls. Arista’s mitigation guidance relies entirely on access control lists because no patch is currently planned.

This story reinforces an uncomfortable trend emerging throughout 2026. Increasingly, organizations are being told to rely on mitigations because patches either do not exist or may never arrive.

Security leaders should ensure KEV remediation timelines receive executive-level visibility because attackers continue prioritizing vulnerabilities after they are added to the catalog.

🤖 Attackers Actively Exploiting Langflow AI Platform

Langflow, the popular open-source platform used to build AI agents and Retrieval Augmented Generation workflows, is now under active attack. Researchers observed exploitation of CVE-2026-5027, a path traversal vulnerability allowing arbitrary file writes to vulnerable servers.

The vulnerability stems from improper filename sanitization within Langflow’s file upload functionality. Combined with the platform’s default unauthenticated auto-login behavior, attackers can obtain valid session tokens and begin exploitation without authentication.

Security researchers identified approximately 7,000 internet-accessible Langflow instances during the past year, creating a substantial attack surface for adversaries.

The risk extends beyond simple file manipulation. Langflow deployments frequently contain:

• AI model credentials

• API tokens

• Cloud service access

• Development secrets

• Workflow data

• Proprietary business logic

As organizations rush to deploy AI tooling, many continue doing so outside traditional security governance processes. That creates exactly the type of environment attackers prefer.

Organizations should upgrade immediately, disable auto-login, implement authentication controls, and determine whether development teams are running unauthorized AI infrastructure.

⚡ Need to Know

🔄 ServiceNow Revises Its Earlier Security Incident Narrative

ServiceNow updated its position regarding recently disclosed customer data access concerns. The company now attributes observed activity to security researchers participating in bug bounty activities rather than malicious attackers, though questions remain regarding disclosure timelines and communication practices. Organizations should still review logs and understand their exposure.

🏭 Critical Data Center Infrastructure Vulnerabilities Disclosed

Researchers identified critical vulnerabilities affecting Vertiv UPS network management cards and Trane HVAC management systems commonly deployed in data centers. The vulnerabilities include authentication bypass and remote code execution capabilities. Organizations should remember that operational technology and facilities systems remain part of the cyber attack surface.

🇨🇳 Chinese JDY Botnet Doubles in Size

A China-linked botnet known as JDY has expanded from roughly 650 compromised devices to more than 1,500. The botnet targets Ubiquiti, Hikvision, DrayTek, Linksys, and other internet-connected infrastructure, rapidly scanning newly disclosed vulnerabilities and feeding reconnaissance information to threat actors including groups linked to Chinese intelligence operations.

📦 npm Tightens Supply Chain Security

Upcoming npm version 12 will disable automatic execution of install scripts and restrict remote dependency resolution by default. These changes would have significantly reduced the effectiveness of recent Shai-Hulud supply chain campaigns. Organizations should begin testing compatibility now.

🤖 Anthropic’s Claude Faces Another Jailbreak

Researchers successfully bypassed safety controls in Anthropic’s Claude Fable 5 model using multi-agent decomposition techniques, Unicode manipulation, and narrative framing approaches. The attack exposed significant portions of the model’s system instructions and generated exploit-related content.

🍬 Australian Sugar Producer Hit by Cyberattack

Mackay Sugar, Australia’s second-largest sugar producer, suffered a cyber incident that disrupted harvesting operations and impacted production facilities. While ransomware has not been confirmed, the event demonstrates the immediate operational consequences cyber incidents can have within industrial environments.

🇰🇵 North Korea Responsible for Nearly Half of Technology Intrusions

CrowdStrike’s latest threat report attributes 47% of state-sponsored hands-on-keyboard intrusions against the technology sector to North Korean operators. Many campaigns involve fake remote workers using deepfakes, stolen identities, and forged documentation to secure employment while collecting data and generating revenue for the regime.

🎯 Key Takeaway

Today’s episode highlighted a reality that many security teams are already experiencing.

The traditional sequence of disclosure, patch development, testing, deployment, and remediation is increasingly being compressed or bypassed entirely. Attackers are exploiting vulnerabilities before patches exist, targeting platforms where mitigations are the only available option, and scaling operations through automation and supply chain compromise.

Defenders are increasingly operating on attacker timelines rather than vendor timelines.

🧠 James Azar’s CISOs Take

What stood out to me today is how often we heard the phrase “no patch available.” Whether it was Rogue Planet, the Arista EOS issue, or the broader challenges around AI infrastructure, organizations are increasingly being asked to rely on monitoring, segmentation, hardening, and compensating controls rather than traditional patching. That’s a significant shift in defensive strategy. For years we’ve taught security teams that patching is the answer. Increasingly, patching isn’t immediately available, forcing organizations to mature operational security disciplines that many have historically neglected.

The second takeaway is the growing industrialization of cyber operations. ShinyHunters isn’t manually targeting organizations one at a time. Chinese reconnaissance infrastructure isn’t casually scanning the internet. North Korean operators aren’t running isolated campaigns. These are highly organized, repeatable, scalable operations designed to identify opportunities and exploit them at speed. Defenders must begin thinking at the same scale because the attackers already are.

Leave a comment

🛠️ Action Items

• Review PeopleSoft environments for published indicators of compromise

• Audit administrative credentials and remove unnecessary PeopleSoft internet exposure

• Increase monitoring for SYSTEM-level process creation on Windows endpoints

• Patch Chrome immediately and review Cisco SD-WAN exposure

• Apply Arista mitigation guidance where applicable

• Upgrade Langflow deployments and disable auto-login functionality

• Review ServiceNow advisory information and instance logs

• Patch Vertiv and Trane management infrastructure

• Inventory internet-facing IoT and edge devices

• Prepare development teams for upcoming npm security changes

• Review hiring controls for remote technical positions and contractor onboarding

🔥 Stay Cyber Safe.

Today was one of those days where cybersecurity professionals everywhere should be paying very close attention.

Patch Tuesday arrived with more than 200 Microsoft fixes, three publicly disclosed zero-days, SAP released multiple critical vulnerabilities affecting some of the most sensitive business systems on the planet, Google patched its fifth actively exploited Chrome zero-day of the year, and ServiceNow disclosed a customer data exposure incident that raises serious questions about how enterprise software vendors communicate security events to their customers.

At the same time, supply chain attacks continue evolving at an alarming pace. New variants of the Shai-Hulud worm are actively spreading across npm and PyPI ecosystems, infecting hundreds of packages and targeting the very developers responsible for building and maintaining modern applications. If there was a common theme throughout today’s show, it was concentration of risk. The browser, the ERP platform, the IT service management system, the package repository, the backup platform—these shared pieces of infrastructure have become some of the most attractive targets in cybersecurity.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s cybersecurity landscape was dominated by patching priorities and software ecosystem risk.

Google addressed another actively exploited Chrome vulnerability, bringing the total number of Chrome zero-days exploited in the wild this year to five. SAP released several critical vulnerabilities affecting NetWeaver and Commerce environments that sit at the heart of many global enterprises. Microsoft delivered more than 200 security fixes, including three publicly disclosed zero-days. Meanwhile, ServiceNow confirmed attackers accessed customer data through an improperly exposed API endpoint, sparking concerns over disclosure practices and transparency.

Layered on top of those issues, new variants of the Shai-Hulud supply chain worm are spreading aggressively across software development ecosystems, demonstrating once again that attackers increasingly prefer targeting the systems used to build software rather than the software itself.

📰 Top Stories & Deep Dive Analysis

🌐 Chrome Patches Fifth Actively Exploited Zero-Day of 2026

Google released an emergency security update addressing seventy-four vulnerabilities, including CVE-2026-111645, a high-severity out-of-bounds memory flaw in Chrome’s V8 JavaScript and WebAssembly engine. The vulnerability is actively being exploited in the wild and allows attackers to execute arbitrary code through a malicious webpage with nothing more than a victim visiting a compromised website.

This vulnerability carries a CVSS score of 8.8 and was responsibly disclosed by researcher 303f6e3, who received a $55,000 bounty for the discovery. What makes this story significant isn’t simply the vulnerability itself—it’s the pattern. This marks Google’s fifth actively exploited Chrome zero-day of 2026, and we’re only halfway through the year.

The browser has effectively become the operating system for modern work. It holds access to SaaS platforms, authentication tokens, cloud environments, financial systems, and collaboration tools. An exploited browser vulnerability is no longer simply a browser problem, it is often the first step toward enterprise compromise.

Organizations should immediately deploy Chrome version 149.0.7827.102 or later and ensure browsers are actually restarted, not simply updated in the background.

🏢 SAP Releases Critical NetWeaver and Commerce Security Updates

SAP’s June Security Patch Day delivered fifteen security notes, including four critical vulnerabilities affecting NetWeaver, Commerce Cloud, and Data Hub environments. The most severe issue, CVE-2026-44748, received a CVSS score of 9.9 and involves XML Signature Wrapping within NetWeaver’s SAML authentication framework.

The vulnerability allows an authenticated attacker to manipulate identity assertions while maintaining signature validation, effectively enabling identity forgery within SAP environments. Also notable is CVE-2026-27671, a 9.8-rated memory corruption vulnerability affecting the SAP Kernel that can be exploited remotely by unauthenticated attackers.

These vulnerabilities matter because SAP systems often sit at the center of enterprise operations. Finance, procurement, logistics, supply chain management, customer transactions, and regulatory reporting frequently depend on SAP infrastructure. Historically, SAP vulnerabilities have transitioned from disclosure to active exploitation remarkably quickly.

Organizations should prioritize these patches immediately and review SAML authentication configurations while remediation is underway.

🚨 ServiceNow Customer Data Exposure Raises Transparency Questions

One of the most important stories of the day involved ServiceNow’s disclosure that attackers successfully queried customer data through an improperly configured API endpoint before a security update was deployed on June 5th.

The exposed endpoint reportedly allowed unauthenticated access under certain configurations and may have provided access to information stored within customer ServiceNow instances. Depending on how organizations use ServiceNow, exposed data could include employee records, asset inventories, security incidents, support tickets, operational workflows, and potentially credentials or API tokens shared during troubleshooting processes.

The issue extends beyond the vulnerability itself. ServiceNow’s disclosure remains largely behind customer login portals, while practitioners on public forums such as Reddit have been forced to reconstruct the attack path, identify indicators of compromise, and determine what logs should be reviewed.

For many security leaders, this raises an increasingly common concern. Enterprise software vendors often hold enormous amounts of customer data, yet public disclosure practices frequently lag behind expectations for transparency and incident response communication.

“If vendors won’t compete on transparency voluntarily, make it a procurement requirement.” James Azar

Organizations should review ServiceNow logs immediately, investigate access to API endpoints, and rotate credentials that may have been shared through support cases.

🧬 Shai-Hulud Worm Evolves Into Miasma and Hades

Supply chain attacks continue evolving with the emergence of two new Shai-Hulud derivatives: Miasma and Hades. Researchers report that these campaigns have already infected more than one hundred packages across npm and PyPI ecosystems.

“The browser is now the front door to every SaaS app, credential, and session token your workforce touches.” James Azar

Miasma focuses on npm environments and executes during package installation through a weaponized binding.gyp file, bypassing many traditional post-install detection mechanisms. Once executed, it scans local systems, cloud environments, API credentials, and authentication tokens before propagating into additional packages that the victim is capable of publishing.

The PyPI variant, Hades, operates similarly and has targeted machine learning, bioinformatics, graph analysis, and Model Context Protocol (MCP) ecosystems. Researchers have already identified hundreds of malicious package versions and nearly five hundred compromised artifacts across both ecosystems.

The significance of this attack lies in its self-propagating nature. A single infected developer workstation or CI/CD runner can rapidly become a distribution point for malware affecting countless downstream organizations.

⚡ Need to Know

🪟 Microsoft Patch Tuesday Delivers More Than 200 Fixes

Microsoft released patches for more than 200 vulnerabilities, including three publicly disclosed zero-days. Notable vulnerabilities include the CTFMON privilege escalation flaw, the HTTP/2 Bomb denial-of-service issue, and the BitLocker bypass vulnerability known as Yellow Key. Organizations should prioritize Active Directory, Exchange, Office, and Windows infrastructure updates.

💾 Veeam Backup Servers Exposed to Remote Code Execution

Veeam disclosed CVE-2026-44963, a critical 9.4-rated vulnerability affecting Backup & Replication servers. Any authenticated domain user can potentially achieve remote code execution against domain-joined backup infrastructure. Since backup platforms remain one of ransomware operators’ favorite targets, immediate patching is strongly recommended.

🎨 Adobe Patches 123 Vulnerabilities

Adobe released fixes for 123 vulnerabilities across eleven products. Fifty-seven of those vulnerabilities affect Experience Manager alone. Two critical remote code execution flaws received maximum severity ratings. ColdFusion remains the highest-priority remediation target due to its history of exploitation.

🔒 OpenSSL Fixes AI-Discovered Vulnerability

OpenSSL patched eighteen vulnerabilities, including CVE-2026-45447, a high-severity use-after-free vulnerability within PKCS#7 verification processes. Notably, the vulnerability was discovered with assistance from Anthropic’s Claude AI, highlighting how AI is increasingly contributing to vulnerability discovery efforts.

🇫🇷 French Government Messaging Platform Breached

France’s secure government messaging platform, Tchap, suffered a breach through a compromised account that allegedly exposed over 650,000 messages and information relating to more than 73,000 user accounts. The incident demonstrates how a single compromised identity can create disproportionate risk within centralized collaboration environments.

🎯 Ukrainian Intelligence Uses Romance-Themed Mobile Malware

Researchers disclosed a campaign known as SafeLove Stealer, which targets Russian military personnel through fake romantic personas. The malware steals files, captures location information, accesses Telegram accounts, and can remotely activate microphones. The operation appears designed to collect battlefield intelligence and operational information.

🎯 Key Takeaway

Today’s episode wasn’t really about Patch Tuesday.

It was about concentration risk.

Organizations have centralized enormous amounts of trust into browsers, ERP systems, ticketing platforms, package repositories, backup infrastructure, and collaboration tools. Attackers understand this. Rather than attacking thousands of individual systems, they increasingly target the shared infrastructure everyone depends on.

That strategy continues proving remarkably effective.

🛠️ Action Items

• Deploy Chrome 149.0.7827.102 or later across all endpoints

• Force browser restarts after Chrome updates

• Prioritize SAP NetWeaver and Commerce patch deployment

• Review ServiceNow logs for unauthorized API activity

• Rotate credentials stored within support tickets and workflows

• Hunt for indicators of Miasma and Hades package infections

• Restrict package installation scripts in CI/CD environments

• Patch Microsoft June Patch Tuesday vulnerabilities

• Upgrade Veeam Backup & Replication immediately

• Prioritize Adobe ColdFusion remediation

• Update OpenSSL dependencies across enterprise applications

• Review centralized collaboration platforms for excessive privilege assignments

🧠 James Azar’s CISOs Take

What stood out to me today is how concentrated cybersecurity risk has become. Whether we’re talking about Chrome, SAP, ServiceNow, npm, Veeam, or OpenSSL, we’re discussing technologies that sit at the center of thousands of organizations simultaneously. Attackers no longer need to target every company individually. They simply need to identify the shared platforms that everyone relies upon and focus their efforts there. The economics of cybercrime increasingly favor concentration, and that’s exactly what we’re seeing.

The second takeaway is that transparency continues to matter just as much as technology. The ServiceNow incident raises difficult questions about how vendors communicate security events. Security leaders depend on accurate, timely information to make risk decisions. When disclosure is delayed, hidden behind portals, or lacks publicly available guidance, defenders lose valuable time. As customers, we need to start making transparency part of our procurement process because incident communication is now a security control in its own right.

🔥 Stay Cyber Safe.

Today’s show highlighted a reality many organizations are still struggling to accept:

Today’s stories painted a picture of an ecosystem under pressure from every direction. We saw AI developer environments targeted by self-propagating supply chain malware, VPN vulnerabilities being weaponized for rapid domain compromise, Chinese threat actors quietly persisting inside internet-facing servers for months at a time, and criminal groups blending Teams-based phishing with global botnet infrastructure to extort law firms.

At the same time, governments are moving aggressively on privacy, technology sovereignty, and cybersecurity governance. Massachusetts passed what may become the most impactful state privacy law in the country, while Europe unveiled a sweeping plan designed to reduce dependence on foreign cloud providers, semiconductor manufacturers, and AI infrastructure.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

🧭 Executive Summary

Today’s threat landscape reveals three dominant trends.

First, developer ecosystems have become primary targets. Attackers increasingly recognize that compromising the tools developers use provides access to source code, secrets, cloud infrastructure, AI environments, and software supply chains.

Second, nation-state actors continue demonstrating extraordinary patience. Chinese operators are spending months inside environments before taking action, leveraging custom tooling, memory-only execution, and persistence techniques that routinely evade traditional detection methods.

Finally, governments are no longer treating privacy and digital sovereignty as optional policy discussions. Regulatory requirements around data handling, localization, and infrastructure ownership are becoming strategic business issues with significant operational implications.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🧬 Miasma Worm Expands Into AI Developer Toolchains

The most significant supply chain story today involves the continued evolution of the Miasma worm. While we discussed Miasma last week, researchers now report that the malware has expanded its targeting to include AI developer ecosystems such as Claude Code, Gemini CLI, VS Code AI extensions, and other AI-assisted coding environments.

Unlike traditional malicious packages, Miasma behaves as a true worm. Once installed through a compromised npm package, it begins harvesting API keys, session tokens, local credentials, and development secrets. It then propagates itself by modifying additional projects found on the compromised machine and pushing malicious commits upstream under the victim’s legitimate identity.

The significance of this attack cannot be overstated. Modern development environments increasingly contain direct access to:

• Cloud infrastructure

• Source code repositories

• CI/CD pipelines

• AI models

• Production credentials

A single infected developer workstation can rapidly become an entry point into an entire organization’s software supply chain.

This is precisely why software supply chain security has become one of the most critical areas of cybersecurity investment. Attackers are no longer attacking applications, they’re attacking the people and tools responsible for building them.

🚨 Check Point VPN Vulnerability Enables Domain Takeover in Under Four Hours

Check Point issued emergency guidance for a critical vulnerability affecting VPN infrastructure after investigators documented attackers moving from VPN access to Domain Controller compromise in less than four hours.

The attack chain demonstrates how dramatically attacker speed has evolved. Historically, organizations measured dwell time in days, weeks, or even months. Today, sophisticated operators can move from initial access to complete domain compromise during a single shift.

The vulnerability is particularly concerning because VPN appliances remain one of the most attractive targets available to attackers. They sit directly on the network edge, often possess privileged connectivity, and frequently serve as the first point of entry into enterprise environments.

Organizations that still treat VPN infrastructure as routine network equipment rather than critical security infrastructure are increasingly taking unnecessary risk.

Immediate patching, log review, and additional authentication controls should be considered mandatory.

🔓 Ubiquiti Unifi Vulnerabilities Create Both Cyber and Physical Risk

Researchers disclosed a three-vulnerability chain affecting Ubiquiti Unifi OS that allows an unauthenticated attacker on the same network segment to gain root-level access to Unifi controllers.

What makes this story particularly important is the convergence of cyber and physical security.

Many organizations use Unifi infrastructure to manage:

• Wireless networks

• Switching infrastructure

• Security cameras

• Physical access control systems

• Building security devices

Compromising the controller doesn’t simply provide network visibility. It can potentially provide operational control over doors, surveillance systems, and physical access infrastructure.

For years we’ve discussed the convergence of cyber and physical security as a future concern. It is no longer a future concern.

A network compromise increasingly has the potential to become a physical security incident.

Organizations should immediately apply firmware updates, isolate management networks, and evaluate whether physical security systems share infrastructure with general IT operations.

💻 Gogs Zero-Day Places Self-Hosted Git Repositories at Risk

“The supply chain around our code is under active attack.”

Researchers disclosed a critical argument injection vulnerability affecting Gogs, a popular self-hosted Git platform often deployed as a lightweight alternative to GitHub.

The flaw allows attackers to execute arbitrary commands as the Git user, potentially providing access to every repository hosted on the platform.

What makes this especially dangerous is deployment behavior. Gogs is frequently installed by development teams for convenience, often without the same governance, monitoring, or security oversight applied to enterprise platforms.

The repositories hosted on these systems frequently contain:

• Source code

• Infrastructure-as-code

• API keys

• Credentials

• Internal documentation

In many environments, a compromised Git repository effectively becomes a roadmap to the rest of the enterprise.

Organizations should immediately update to version 0.14.3 and audit all self-hosted code repositories, not just the officially supported ones.

🇨🇳 OP512 Demonstrates the Patience of Modern Chinese Espionage Operations

ReliaQuest researchers disclosed a newly tracked Chinese threat cluster known as OP512, which maintained access to an IIS web server for seventy-five days before initiating the primary phase of its operation.

The group targeted end-of-life .NET environments and deployed a highly customized toolkit featuring:

• Cryptographically unique web shells

• Timestamp manipulation

• Memory-only payloads

• Privilege escalation tooling

• In-memory persistence mechanisms

One particularly interesting finding involved malware files designed to appear years older than they actually were, complicating forensic investigations and timeline reconstruction.

The broader lesson here is simple.

Nation-state operators are increasingly winning not because of advanced exploits but because organizations continue operating unsupported internet-facing infrastructure long after it should have been retired.

Legacy systems remain one of the most reliable attack vectors available to sophisticated adversaries.

⚖️ Silent Ransom Group Targets Law Firms Through Teams and Voice Phishing

The Silent Ransom Group, also known as Luna Moth, continues evolving its attack methodology by combining Microsoft Teams messaging, voice phishing, and a DNS Fast Flux infrastructure spanning eighteen countries.

Their preferred target remains law firms.

The logic is straightforward. Law firms possess:

• M&A information

• Litigation strategies

• Attorney-client communications

• Regulatory matters

• Sensitive corporate data

Rather than deploying ransomware, the attackers frequently focus on direct data theft followed by extortion.

The use of Teams-based phishing is particularly important because many organizations continue focusing awareness efforts on email while attackers increasingly migrate toward collaboration platforms.

Security awareness programs that focus exclusively on email are no longer aligned with today’s threat landscape.

⚡ Need to Know

🐧 Linux Kernel Container Escape Receives Public Exploit

Public exploit code is now available for a Linux kernel vulnerability affecting Kubernetes and multi-tenant environments. The flaw enables container escape and host-level privilege escalation. Organizations should prioritize kernel updates and node isolation strategies.

📱 WhatsApp Catches NSO Violating Court Discovery Orders

In the ongoing WhatsApp versus NSO Group litigation, a federal court found NSO in contempt after failing to provide required technical documentation regarding Pegasus spyware operations. WhatsApp also alleges it identified additional NSO activity occurring during the discovery process itself, escalating an already contentious legal battle.

🎓 Oxford Suffers Another Data Breach

Oxford University’s Career Connect platform experienced its second successful compromise this year. Attackers reportedly accessed student records, email addresses, degree information, and employment application history data that could fuel highly targeted job-related phishing campaigns.

🏛️ Massachusetts Passes Landmark Privacy Legislation

Massachusetts unanimously passed the Massachusetts Consumer Data Privacy Act, introducing restrictions on geolocation tracking, biometric data collection, data minimization, and private rights of action. The legislation may become one of the most consequential privacy laws in the United States.

🇪🇺 Europe Launches Tech Sovereignty Package

The European Commission unveiled a major technology sovereignty initiative including expanded semiconductor investments and new cloud and AI localization requirements. The package is designed to reduce European dependence on foreign cloud providers, chip manufacturers, and digital infrastructure.

🎯 Key Takeaway

Today’s episode wasn’t really about vulnerabilities.

It was about control.

Control of software supply chains.
Control of developer ecosystems.
Control of physical infrastructure.
Control of sensitive legal information.
Control of national technology ecosystems.

The organizations that succeed over the next decade will be those capable of understanding that cybersecurity is no longer simply about protecting systems, it’s about protecting the interconnected relationships that power modern business.

🛠️ Action Items

• Audit npm packages and AI development tool dependencies

• Rotate API keys and credentials potentially exposed through development environments

• Patch Check Point VPN infrastructure immediately

• Apply Ubiquiti Unifi firmware updates across all deployments

• Review physical security systems sharing IT infrastructure

• Update Gogs instances to version 0.14.3

• Retire or isolate end-of-life IIS and .NET deployments

• Train users on Teams-based phishing and voice phishing attacks

• Patch Linux kernel vulnerabilities affecting Kubernetes environments

• Review readiness for Massachusetts privacy requirements

• Assess exposure to emerging EU localization and sovereignty requirements

Subscribe now

🧠 James Azar’s CISOs Take

What stood out to me today is how clearly attackers have shifted their focus toward the systems that enable organizations to operate. The Miasma worm isn’t targeting finished software, it’s targeting developers. OP512 isn’t chasing flashy ransomware headlines, it’s quietly sitting inside infrastructure for months. The Silent Ransom Group isn’t encrypting files—they’re stealing sensitive legal information and weaponizing trust. The common denominator is that attackers increasingly understand where value is created inside organizations and are attacking those areas directly.

The second takeaway is that we’re entering an era where cybersecurity, privacy, and technology sovereignty are becoming inseparable. Massachusetts’ privacy legislation and Europe’s Tech Sovereignty Package demonstrate that governments are no longer waiting for industry to self-regulate. At the same time, organizations are being forced to manage increasingly fragmented compliance requirements across regions and jurisdictions. Security leaders must begin viewing cybersecurity not just as a technical function, but as a strategic business capability tied directly to governance, operations, and competitive advantage.

🔥 Stay Cyber Safe.

Today’s episode delivered one of the most consequential collections of stories we’ve seen this year. From allegations that IBM and AT&T concealed years of Chinese nation-state intrusions into federal cloud environments, to yet another Cisco SD-WAN zero-day, to critical vulnerabilities affecting AI development platforms used hundreds of millions of times, the message is becoming impossible to ignore:

The attack surface is expanding faster than organizations can realistically defend it, and nation-state actors are taking full advantage of that gap.

Today’s show wasn’t just about vulnerabilities. It was about trust. Trust in vendors. Trust in cloud providers. Trust in software supply chains. Trust in AI platforms. And perhaps most importantly, trust in the transparency of organizations responsible for protecting some of the world’s most sensitive information.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

🧭 Executive Summary

Today’s threat landscape demonstrates a growing convergence between nation-state espionage, software supply chain compromise, AI infrastructure vulnerabilities, and critical infrastructure targeting. Chinese threat actors continue expanding operations across government, enterprise, cloud, and development environments, while defenders face mounting pressure from both unpatched systems and accelerating vulnerability discovery driven by AI.

Several stories today highlight a troubling reality: vulnerabilities are no longer remaining hidden for years because researchers are finding them faster than ever. Yet organizations continue struggling to patch, monitor, and govern increasingly complex environments. The result is a widening gap between attacker capability and defender readiness.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🇨🇳 IBM and AT&T Accused of Concealing Massive APT10 Federal Cloud Intrusions

The biggest story of the day came from a newly unsealed federal whistleblower complaint that could have significant implications for both federal contracting and cybersecurity disclosure practices. According to the complaint, former IBM security analyst William Barlow alleges that IBM and AT&T concealed extensive Chinese APT10 intrusions affecting federal cloud infrastructure between 2013 and 2016.

The allegations are staggering. The complaint claims that APT10 breached IBM systems more than 56,000 times, targeting IBM subsidiaries responsible for sensitive federal healthcare and financial workloads while also leveraging AT&T infrastructure connected to government contracts. According to the whistleblower, IBM leadership was aware of the activity and chose not to fully disclose it in order to protect federal business relationships worth billions of dollars.

It is important to emphasize that these remain allegations contained within a whistleblower filing. However, if proven true, the implications extend far beyond a typical breach disclosure story. This would potentially involve the deliberate concealment of nation-state compromises affecting federal systems and could fundamentally reshape expectations around vendor transparency, breach notification obligations, and federal contractor accountability.

For security leaders, the story serves as a reminder that vendor risk is not simply about security controls. It is also about disclosure culture, governance, and transparency when incidents occur.

🚨 Cisco Faces Its Seventh SD-WAN Zero-Day of 2026

Cisco disclosed another critical vulnerability affecting SD-WAN infrastructure, marking the seventh SD-WAN zero-day disclosed this year alone. The flaw allows attackers to achieve root-level code execution on vulnerable systems, and while Cisco has published indicators of compromise and mitigation guidance, no patch is currently available.

The concern here goes far beyond a single vulnerability. SD-WAN platforms sit directly within the traffic flow of many enterprises, controlling routing, connectivity, segmentation, and network visibility. A compromise at this layer provides attackers the ability to intercept, reroute, inspect, or completely disrupt enterprise communications.

The broader trend should be concerning for network architects and CISOs alike. Seven zero-days targeting a single product line within six months raises legitimate questions about attack surface management, secure development practices, and long-term vendor strategy.

Organizations running affected deployments should immediately restrict management plane access, review Cisco’s published indicators, and implement all available compensating controls while awaiting a patch.

🌞 SolarWinds Serv-U Added to CISA’s Known Exploited Vulnerabilities Catalog

CISA added SolarWinds Serv-U FTP software to the Known Exploited Vulnerabilities catalog following confirmation of active exploitation. The vulnerability allows unauthenticated denial-of-service attacks through crafted requests targeting exposed Serv-U servers. Federal agencies now face a remediation deadline of June 19th.

While denial-of-service vulnerabilities often receive less attention than remote code execution flaws, they can still create significant operational disruption when they impact file transfer infrastructure supporting business-critical processes.

Organizations should upgrade immediately to Serv-U version 15.5.4 Hotfix 1 and verify that internet-facing deployments are fully updated before attackers begin broader exploitation campaigns.

🕵️ Chinese APT Maintains Persistence Inside Microsoft 365 for 18 Months

Researchers disclosed new findings involving UNC5221, also known as Verdant Bamboo, a Chinese threat actor that maintained access inside Microsoft 365 environments for more than eighteen months while deploying previously undocumented malware families.

The campaign introduced two notable malware variants. The first, called Pleanit, is a .NET-based backdoor designed to blend into legitimate Microsoft communications. The second, AgentPSD, is a Python-based reverse shell disguised as a PowerShell diagnostic utility.

Perhaps the most concerning detail is that one victim was reportedly re-compromised after a complete remediation effort. That suggests either credentials were not fully rotated, persistence mechanisms were missed, or the attackers retained access through alternate pathways.

The campaign also leveraged managed service provider relationships, potentially increasing exposure across multiple downstream organizations. This continues reinforcing the importance of MSP security reviews, tenant monitoring, identity hardening, and comprehensive credential rotation following incident response efforts.

🤖 Critical Hugging Face Transformers Vulnerability Impacts 232 Million Installs

One of the most significant AI security stories of the year emerged with disclosure of CVE-2026-4372, a critical remote code execution vulnerability affecting Hugging Face Transformers. The flaw impacts versions 4.56.0 through 5.2.x and exposes an estimated 232 million installations globally.

The vulnerability allows arbitrary code execution through a maliciously crafted configuration file during model loading. Most concerning is that exploitation remains possible even when “trust_remote_code” is explicitly disabled—the very control intended to prevent these scenarios.

This issue highlights a growing challenge within AI ecosystems. Security teams often focus on protecting AI outputs, but increasingly the greater risk lies within model supply chains themselves. AI models, configuration files, dependencies, and repositories are becoming software supply chain assets that require the same governance and scrutiny as traditional applications.

Organizations should immediately upgrade to Transformers version 5.3.0 and review model ingestion workflows for any externally sourced AI artifacts.

⚡ Need to Know

🐧 Linux Kernel Container Escape Added to KEV

CISA added a long-standing Linux kernel privilege escalation vulnerability to the Known Exploited Vulnerabilities catalog following evidence of active exploitation targeting Kubernetes and containerized environments. The vulnerability allows container escape and host-level compromise under certain conditions. Organizations should prioritize patching Linux hosts and review privilege escalation controls across container environments.

⛽ Federal Agencies Warn of Fuel Infrastructure Attacks

CISA, FBI, NSA, TSA, DOE, USDA, and several other agencies jointly warned about active attacks targeting Automatic Tank Gauge systems used across fuel stations, transportation infrastructure, and chemical facilities. Many exposed systems remain accessible via default credentials and internet-facing management interfaces.

🤖 Five Zero-Days Patched in OpenClaw AI Agent Platform

Researchers disclosed five vulnerabilities affecting OpenClaw, an AI agent framework integrating with Slack, Teams, Discord, and other collaboration tools. The flaws allowed attackers to impersonate trusted users through identity handling weaknesses. All vulnerabilities have been patched.

📡 ASUS Router Vulnerabilities Await Fixes

Two critical vulnerabilities affecting ASUS Wave 7 mesh routers expose credentials and allow persistent backdoor deployment. Patches are not expected until later this month, leaving organizations dependent on access restrictions and network segmentation as interim controls.

🌍 TA4922 Expands Into Europe and Africa

Proofpoint identified TA4922 as one of the most active cybercrime operators currently tracked. The group continues expanding operations into Europe and Africa while leveraging malware families including Atlas RAT, Valley RAT, and Romulus Loader. Researchers also noted evidence suggesting LLM-assisted malware development.

👻 Polyfill.io Supply Chain Threat Returns

The long-running Polyfill.io saga continues. The compromised JavaScript CDN has resurfaced on websites associated with Toshiba, Muji, and Samsung Smart TV platforms, presenting users with fake authentication prompts. While credential theft has not yet been confirmed, the incident demonstrates how supply chain compromises can persist long after initial disclosure.

🌐 Chrome 149 Ships Record-Breaking Security Release

Google released Chrome 149 with an unprecedented 429 security fixes, including a critical sandbox escape vulnerability carrying a CVSS score of 9.6. Organizations should prioritize browser updates immediately given the continued prevalence of browser-based attacks and drive-by exploitation techniques.

🔒 OpenAI Launches ChatGPT Lockdown Mode

OpenAI introduced ChatGPT Lockdown Mode, a new security feature designed to mitigate prompt injection and data exfiltration attacks. The mode disables outbound communications and browsing capabilities, creating a more controlled environment for sensitive use cases such as government, legal, and financial workloads.

🏛️ Palantir CTO Reportedly Under Consideration for CISA Director

Reports indicate the Trump Administration is considering Palantir CTO Shyam Sankar to fill the long-vacant CISA Director position. The agency has operated without Senate-confirmed leadership since January 2025 during one of the most active periods for cyber threats in recent memory.

🎯 Key Takeaway

Today’s episode reinforced a difficult reality: cybersecurity risk is no longer isolated to individual vulnerabilities or individual attacks.

The threat environment now spans cloud providers, AI platforms, software supply chains, browsers, routers, critical infrastructure, developer ecosystems, and even the vendors organizations trust to protect them.

The challenge for defenders isn’t simply finding vulnerabilities anymore.

It’s deciding which of the hundreds of critical risks deserves immediate attention before attackers do.

🛠️ Action Items

• Review exposure to Cisco SD-WAN infrastructure and implement compensating controls

• Patch SolarWinds Serv-U to version 15.5.4 Hotfix 1

• Conduct threat hunting for UNC5221 indicators within Microsoft 365 environments

• Upgrade Hugging Face Transformers to version 5.3.0 immediately

• Patch Linux kernel vulnerabilities affecting containerized workloads

• Remove internet exposure from Automatic Tank Gauge systems

• Review AI agent framework authorization and identity controls

• Restrict ASUS router management interfaces to trusted networks

• Remove any remaining references to Polyfill.io from web properties

• Force deployment of Chrome 149 across managed endpoints

• Evaluate AI governance controls around model ingestion and deployment

Subscribe now

🧠 James Azar’s CISOs Take

What stood out to me today is the continued convergence of nation-state activity and supply chain risk. The IBM whistleblower allegations, the Chinese persistence inside Microsoft 365 environments, the AI model supply chain vulnerabilities, and the reappearance of Polyfill.io all point to the same reality: attackers increasingly prefer compromising trusted relationships rather than attacking organizations directly. Trust has become one of the most valuable assets in cybersecurity, and it is under constant assault.

The second takeaway is that AI is now impacting cybersecurity at every level simultaneously. AI is discovering vulnerabilities faster than researchers ever could. Threat actors appear to be leveraging AI to accelerate malware development and campaign operations. At the same time, organizations are rushing AI platforms into production without fully understanding the security implications of model supply chains and agent frameworks. Security leaders must begin treating AI ecosystems with the same rigor applied to cloud infrastructure and software development pipelines because the risk profile is rapidly becoming just as significant.

🔥 Stay Cyber Safe.

Double espresso ready. This week’s briefing covers four full episodes and represents some of the most operationally significant coverage we’ve produced in months.

By the end of four episodes, that framing was validated at every level. A Palo Alto GlobalProtect VPN vulnerability went from disclosure to CISA KEV with a June 1 federal deadline. A FlowWise AI platform zero-day received public exploit code enabling root access through a single malicious import. The HTTP/2 Bomb vulnerability discovered autonomously by OpenAI’s Codex could crash major web servers globally in under a minute. A VS Code zero-day with no patch available steals GitHub OAuth tokens through a one-click Jupyter notebook attack. Anthropic’s Mythos expanded to 150 more organizations across 15 countries including NATO and critical infrastructure operators. And Gamaredon deployed a USB-propagating worm with a Telegram-controlled C2 and built-in wiper module against Ukraine.

Subscribe now

On the human side: Six million Carnival cruise customers exposed after one successful voice phishing call. A Google security engineer was charged with using confidential search data to place $1 million in prediction market bets. China’s intelligence services are systematically recruiting government insiders through LinkedIn at scale documented in a Five Eyes joint advisory. And attackers spent five months quietly extracting a stock exchange executive’s entire Outlook mailbox in small batches, using Microsoft-owned IP addresses to bypass DNS monitoring.

The week closed with a reminder James keeps returning to: “Forget all the shiny tools. If we can’t do the fundamentals well, none of those tools are going to help. That’s the reality.”

Let’s get into all of it.

🌐 Infrastructure & Network Exploitation

Palo Alto GlobalProtect VPN CVE-2026-3401: CISA KEV, June 1 Federal Deadline

Active exploitation of CVE-2026-3401 in Palo Alto Networks’ GlobalProtect VPN platform targeting local administrator accounts was confirmed by CISA, which added the flaw to the KEV catalog with a June 1 federal remediation deadline. The vulnerability continues the 2026 pattern of edge devices VPNs, firewalls, and remote access appliances serving as primary entry points for ransomware operators and nation-state actors. If immediate patching is not possible, Palo Alto recommends separating the GlobalProtect authentication cookie certificate from the HTTP service certificate to disrupt the attack path. Internet-facing security infrastructure is now one of the highest-priority attack surfaces in enterprise environments.

HTTP/2 Bomb CVE-2026-49975: One Client Can Crash a Server in Twenty Seconds

Researchers disclosed the “HTTP/2 Bomb”, a remote denial-of-service vulnerability affecting Apache HTTP Server, Microsoft IIS, Envoy Proxy, and Cloudflare’s Pingora. The attack combines HPACK compression abuse to force servers into allocating massive memory while processing small malicious traffic, with Slowloris-style techniques to prevent memory release. A single client on a residential connection can consume and hold approximately 32 gigabytes of memory on vulnerable Apache and Envoy servers in roughly twenty seconds. Researchers estimate more than 880,000 public websites are potentially affected by default configurations. Nginx patched earlier this year; Apache released fixes in late May; Microsoft IIS, Envoy, and Cloudflare’s Pingora remained unpatched at publication. The vulnerability was discovered using OpenAI’s Codex platform the second AI-assisted vulnerability disclosure this week. Patch Apache and Nginx immediately, implement strict connection limits, enforce HPACK restrictions, and review mitigation options at load balancer and WAF layers.

ClickFix Campaign: Harvard, Oxford, 700+ Trusted Websites as Malware Delivery Infrastructure

The ClickFix campaign continues expanding, actively exploiting Ghost CMS vulnerabilities to compromise over 700 websites including Harvard University, Oxford University, Auburn University, and DuckDuckGo-powered properties. Injected JavaScript presents visitors with fake CAPTCHA or browser verification prompts instructing them to press Windows+R and execute commands that launch PowerShell payloads. This bypasses traditional security awareness training entirely users trust browser prompts on legitimate, well-known domains in ways they no longer trust email attachments. Patch Ghost CMS to version 6.20.0 immediately and train users that no legitimate website will ever ask them to paste commands into a terminal.

Oracle WebLogic Added to CISA KEV: Cobalt Strike and Ransomware Payload Deployment

CISA added CVE-2024-21182, a critical Oracle WebLogic RCE vulnerability to the KEV catalog after confirming attackers are using it to deploy Cobalt Strike and ransomware. Patch immediately and review exposed WebLogic services.

ASUS Router Vulnerabilities: No Patch Until End of June

Two critical vulnerabilities in ASUS Wave 7 mesh routers expose credentials and allow persistent backdoor installation. Patches are not expected until late June. Organizations should restrict management interfaces to trusted IP ranges and implement compensating controls in the interim.

WordPress Kirki Plugin CVE-2026-8206 CVSS 9.8: One Million Sites, No Credentials Required

A critical authentication bypass in the Kirki WordPress page builder plugin allows attackers to substitute their own email during password reset, generating legitimate reset links sent directly to the attacker no credentials required, no user interaction, one request. Over one million WordPress installations are affected. Once access is gained, attackers install malicious plugins, create rogue admin accounts, inject SEO spam, and deploy backdoors. Update to version 6.0.7 or disable the plugin entirely.

🤖 AI as Discovery Engine, Target, and Threat Multiplier

Anthropic Mythos Expands to 150 Organizations Across 15 Countries Including NATO

Anthropic announced Project Glasswing expansion adding 150 organizations across 15 countries to the Mythos vulnerability discovery platform including NATO, ENISA, Samsung, healthcare providers, utilities, communications providers, and critical infrastructure operators. Mythos has already identified 23,000-plus potential vulnerabilities, 10,000-plus high and critical issues, and thousands of previously unknown flaws. The announcement coincided directly with the Trump AI executive order signed the same day. Mythos is functioning as an autonomous vulnerability discovery platform operating at a scale no human team can match. The future of cybersecurity increasingly depends on whether organizations gain access to tools like Mythos or become targets discovered by them.

Trump Signs AI Security Vetting Executive Order: Voluntary Review Framework

President Trump signed an executive order establishing a voluntary federal review framework for advanced AI models, assessing national security risks before public release. The order stepped back from an earlier proposal requiring mandatory 90-day reviews, replacing it with a 30-day voluntary government evaluation process. The framework introduces AI cybersecurity capability benchmarking, national security risk evaluations, an AI cybersecurity clearinghouse, and government-industry collaboration mechanisms. The voluntary structure creates incentives for collaboration rather than compliance-driven resistance the practical question is whether government oversight can evolve quickly enough to remain relevant.

FloWise AI Platform CVE-2026-40933: Public Exploit, Root Access via Single Import

Public working exploit code was released for a critical RCE vulnerability in FloWise, the popular open-source AI orchestration platform used to build LLM workflows and AI agents. One malicious chat flow import triggers OS-level code execution with the privileges assigned to the FlowWise process often root. FloWise deployments are commonly connected to databases, cloud services, API keys, internal applications, and AI development environments. Compromising FloWise means compromising everything connected to it. Patch immediately, restrict import permissions, review administrative access, and rotate all connected credentials.

OpenAI Codex Token Theft via npm Package: 26,000 Weekly Downloads

A malicious npm package called codex-ui-android silently exfiltrated OpenAI Codex OAuth tokens including long-lived refresh tokens before detection. Accumulated 26,000 weekly downloads. Revoke and reissue all Codex credentials immediately for any organization that may have had the package installed.

Russian GreyVibe Uses AI Across Entire Kill Chain

Researchers documented GreyVibe, a previously unknown Russian-linked threat group targeting Ukrainian organizations since August 2025, using generative AI throughout nearly every operational stage: Ideogram for phishing imagery, ChatGPT for lure development and malware support, Google Gemini for obfuscation and backend infrastructure. Attack chains include fake CAPTCHA pages, spear phishing, fraudulent charity websites, and TrickBot ecosystem malware families. This is one of the clearest documented cases of a threat actor integrating generative AI into operational workflows rather than experimentally. Defenders should expect phishing campaigns and social engineering to become increasingly personalized, scalable, and indistinguishable from legitimate communications.

AI Discovers Redis Zero-Day CVE-2026-23479 Missed for Two Years

An autonomous security tool identified a use-after-free vulnerability in Redis that had existed unnoticed since 2023. Public exploit code is now available. Redis Cloud patched; self-hosted deployments require immediate upgrade.

Chinese TA-4922 Uses LLM-Assisted Malware Development

Proofpoint reported that TA-4922, a Chinese cybercrime group targeting Europe, appears to be using LLM-assisted techniques to accelerate malware creation and campaign generation. AI-assisted offensive development is no longer exclusive to well-resourced nation-state programs.

GitLab Emergency Patch: Duo AI Identity Confusion Enables Privilege Escalation

GitLab released emergency updates for a flaw allowing an authenticated user to trigger AI-assisted workflows under another user’s identity enabling privilege escalation and lateral movement within development environments. GitLab.com patched; self-managed instances must upgrade immediately.

🧬 Supply Chain & Developer Ecosystem

VS Code Zero-Day: GitHub OAuth Token Theft via One-Click Jupyter Notebook — No Patch

Security researcher Amar Askar publicly disclosed a VS Code zero-day with no patch available that steals GitHub OAuth tokens through a single malicious Jupyter notebook. By delivering a notebook file, attackers execute JavaScript inside a WebView iframe, which silently installs a malicious extension via synthetic keyboard shortcuts and exploits GitHub’s automatic authentication between GitHub.com and GitHub.dev. The extension intercepts and exfiltrates OAuth tokens before they reach GitHub. These tokens provide access to every private repository the victim can access. No patch is available. Review installed VS Code extensions, restrict use of untrusted Jupyter notebooks, and disable notebook functionality on systems where it is not required.

Red Hat npm Supply Chain Attack “Miasma”: 32 Packages, 117,000 Weekly Downloads

The “Miasma” campaign compromised 32 official Red Hat npm packages with over 117,000 combined weekly downloads, originating after a Red Hat employee’s GitHub account was compromised. Attackers injected malicious code into repositories and leveraged GitHub Actions OIDC workflows to distribute malware through trusted package pipelines, harvesting AWS, Azure, and GCP credentials, GitHub tokens, SSH keys, and npm authentication tokens. The malware represents an evolution of the Mini Shai-Hulud campaign. Rotate all cloud and development credentials from affected packages immediately and review build pipelines for signs of compromise.

Microsoft Dispute With Nightmare Eclipse Researcher — Then Reversed

Microsoft formally stated that publishing working exploit code without coordinated disclosure is “never justifiable” and signaled potential Digital Crimes Unit action against Nightmare Eclipse, who disclosed six Windows zero-days, three already in CISA KEV, three unpatched with public PoC available. Within 24 hours, Microsoft reversed course and clarified it has no plans to pursue legal action against independent security researchers, following significant community backlash. The episode highlights the enduring tension between bug bounty program fairness, researcher incentives, and responsible disclosure.

Container and Kubernetes Attacks Growing: Exposed Docker APIs and Weak RBAC

Researchers warned about active exploitation of container and Kubernetes misconfigurations exposed Docker APIs, weak RBAC permissions, and poisoned container images with campaigns specifically targeting cloud-native infrastructure and Kubernetes secrets.

Dashlane Detects Brute Force Campaign Against Customer Accounts

Dashlane confirmed detection and mitigation of a brute-force campaign attempting to register unauthorized devices. Some encrypted vaults were copied; no master passwords exposed. Customers should review registered devices and account activity.

💥 Ransomware & Destructive Operations

NightSpire Ransomware: 175 Organizations Across 28 Industries

NightSpire continues expanding with 175 organizations impacted across 28 industries including hospitals, schools, financial institutions, and government agencies. The group operates exclusively through legitimate tools: exposed RDP and FortiOS vulnerabilities for entry; Chrome Remote Desktop, AnyDesk for persistence; MegaSync for exfiltration; 7-Zip for compression. No custom malware, no EDR triggers. Audit exposed RDP access, FortiOS patching status, and unauthorized remote administration software across all environments.

🔓 Data Breaches & Identity Exposures

Carnival Cruise Lines: Six Million Victims, One Phone Call

Carnival Cruise Lines confirmed nearly six million individuals affected by an April breach originating from a single social engineering attack against an employee account. ShinyHunters claimed responsibility. Exposed data includes names, email addresses, phone numbers, dates of birth, driver’s license numbers, and passport information. Credit monitoring does not protect against identity fraud involving passport data. Frontline employees remain one of the most critical attack surfaces in any organization.

Charter Communications: 42 Million Records via Voice Phishing

Charter Communications confirmed approximately 42 million customer records exposed following a voice phishing attack against a Microsoft Entra account, which became the Salesforce pivot point. The ShinyHunters SaaS playbook, vishing targets identity provider, becomes Salesforce access, becomes large-scale data extraction has now been executed against Charter, Carnival, 7-Eleven, Cushman & Wakefield, Aman Resorts, and dozens of others in 2026 alone.

UK Visa Portal: 100,000 Biometric Identity Documents Leaked

A third-party UK visa processing portal leaked more than 100,000 passport scans and biometric selfies. When journalists reported the exposure, the company responded with lawyers before engineers. At time of reporting, the leak remained unresolved. Passport scans combined with biometric selfies enable KYC bypasses, fake identity creation, and fraudulent financial account openings. This perfectly captures the industry’s most persistent operational failure: organizations still treating cybersecurity incidents as communications crises rather than technical emergencies.

Meta AI Support Bot Enabled Instagram Account Takeover

Meta’s AI support chatbot was exploited by attackers who discovered it could be used to request account recovery actions on behalf of victims adding an attacker-controlled email address, triggering legitimate password resets, and gaining full account control without the owner’s involvement. Victims included high-profile government, military, and cybersecurity community accounts. Meta fixed the issue, but the incident establishes a new category: AI systems granted administrative authority without sufficient identity verification become privileged attack surfaces. This is not the last AI trust-boundary failure we will see.

Five-Month Espionage Campaign Extracts Stock Exchange Executive’s Outlook Mailbox

Symantec documented a five-month operation quietly extracting a senior executive’s Outlook mailbox in carefully staged increments. Attackers used malware disguised as Adobe and OneDrive services, exfiltrated through Dropbox and personal OneDrive accounts, and used hardcoded Microsoft-owned IP addresses to bypass DNS monitoring. Small date-based data batches avoided triggering large-transfer alerts. Market-moving information, regulatory discussions, merger activity, and strategic correspondence represent intelligence value far exceeding the cost of a disruptive attack. The most dangerous adversaries aren’t making noise they’re remaining invisible.

🌐 Geopolitical & Nation-State Threats

Gamaredon Deploys USB Worm with Telegram C2 and Wiper Module Against Ukraine

Russia’s FSB-linked Gamaredon exploited WinRAR CVE-2025-8088 to deploy a multi-stage infection chain including GammaLoad (downloader), GammaWorm (USB-propagating worm hiding via NTFS alternate data streams), GammaSteal (exfiltration to AWS S3 using Telegram channels for C2), and GammaWipe (destructive wiper module). Telegram-based C2 blends malicious communications into legitimate enterprise traffic. Gamaredon is distinct from many threat groups for sustained operational patience campaigns remain active for months, continuously adapting. Organizations with Ukrainian partners or shared infrastructure should patch WinRAR immediately and monitor for suspicious Telegram outbound traffic and unexpected S3 uploads.

Five Eyes Joint Advisory: China Systematically Recruiting Government Insiders via LinkedIn

A joint advisory from U.S., Canadian, UK, Australian, and New Zealand intelligence agencies documented Chinese intelligence services systematically recruiting government employees, military personnel, contractors, and critical infrastructure workers through LinkedIn, Indeed, and Upwork. The recruitment funnel: initial contact through professional platforms → access and value evaluation → harmless research requests → gradually sensitive tasking. Compensation through PayPal, Payoneer, cryptocurrency, and wire transfers. Once trust is established, communications migrate to Signal and Telegram, moving activity outside organizational visibility. Classified access is not required to be a target facility layouts, contract details, budget information, and vendor relationships have significant intelligence value when aggregated. Use this advisory to review insider threat awareness programs and LinkedIn exposure policies immediately.

Mustang Panda Returns with New PlugX Delivery via Fake Adobe Prompts

Chinese APT Mustang Panda resurfaced using fake Adobe Acrobat update prompts to deliver PlugX malware, leveraging signed binaries and memory-only execution techniques to reduce detection. Hunt for Mustang Panda PlugX indicators across endpoints.

Iranian APT Expands Across Nine Countries, Adds Aviation Supply Chain Targeting

MuddyWater campaigns across nine countries in Q1 2026 refined DLL side-loading tradecraft through trusted executables including fmap.exe and SentinelOne Memory Scanner components. A separate Iranian cluster simultaneously targeted aviation software providers through credential harvesting pre-positioning for downstream pivot into airlines, airports, and aerospace organizations.

🔐 Identity, Authentication & Insider Threats

Kali365 MFA Bypass: FBI IC3 Warning, OAuth Device Code Abuse at Scale

The FBI warned about Kali365, a phishing-as-a-service platform bypassing Microsoft 365 MFA through OAuth device code flow abuse the authentication flow designed for smart TVs and printers. Victims authenticate normally. MFA fires successfully. Attackers capture live tokens and gain full account access. The platform includes AI-generated phishing lures, real-time victim dashboards, and Telegram-based infrastructure. Hundreds of attacks across manufacturing, healthcare, education, government, and financial sectors. Restrict or disable device code authentication flows through Microsoft Entra conditional access policies where operationally feasible.

Windows Netlogon CVE-2026-21176: “The New Zerologon” — Pre-Auth, Zero-Click, Domain Controller RCE

A critical Netlogon vulnerability affecting Windows Domain Controllers requiring only a single specially crafted network packet to achieve system-level code execution, no credentials, no user interaction was compared by researchers to Zerologon in operational severity. Microsoft patched during May’s Patch Tuesday. Organizations that have not yet updated Domain Controllers remain vulnerable. Domain Controllers are the crown jewels of Windows environments compromise here enables full forest takeover. Verify patch deployment, confirm Netlogon protections, and ensure SMB and RPC are not externally exposed.

Linux Kernel Privilege Escalation: 19-Year Flaw Now Has Public Exploit

A proof-of-concept exploit is publicly available for the recently disclosed 19-year-old Linux kernel privilege escalation vulnerability. Organizations that delayed patching now face significantly elevated risk. Patch Linux systems immediately across all distributions.

Android Zero-Day CVE-2025-48595: June Security Update

Google’s June Android security update addressed 124 vulnerabilities including CVE-2025-48595, a privilege escalation flaw confirmed under limited active exploitation. Accelerate patch deployment through MDM platforms across all managed Android devices.

Google Security Engineer Charged: Prediction Market Insider Trading via Search Data

Federal prosecutors charged a Google security engineer with fraud and money laundering for allegedly using confidential internal search trend data to place highly profitable prediction market bets on Polymarket, generating over $1 million in cryptocurrency profits. This is not a traditional cyberattack but it highlights an expanding insider threat vector. Insider access can increasingly be monetized through financial instruments, prediction markets, and cryptocurrency ecosystems. Insider risk monitoring programs may need to expand to address these evolving scenarios.

Federal ATG Fuel Monitoring Systems Under Active Attack: Seven Agency Warning

CISA, FBI, NSA, DOE, TSA, EPA, and other agencies jointly warned about active attacks targeting Automatic Tank Gauge systems used at fuel stations, transportation hubs, and chemical facilities exploiting internet-exposed systems protected only by default passwords. Remove ATG systems from direct internet exposure immediately.

⚖️ Law Enforcement, Policy & Industry

Netherlands Dismantles ASOC Residential Proxy Botnet: 17 Million Devices

Dutch law enforcement dismantled the ASOC residential proxy botnet tied to more than one million infected devices and leveraging over 17 million compromised endpoints globally. Access was sold for five dollars per month for credential stuffing, DDoS, phishing, and proxy services. Residential proxy networks remain valuable because consumer IP traffic appears legitimate to most security controls.

NSA Appoints David Imbordino as Cyber Director, Bruce Jones to CCC

The NSA formally appointed David Imbordino as Cyber Director and Bruce Jones to lead the Cybersecurity Collaboration Center, ending a prolonged leadership gap and restoring continuity for government-private sector cybersecurity partnerships.

Spain Arrests Government Data Hacker

Spanish authorities arrested an individual accused of publishing sensitive information belonging to national police, intelligence personnel, and Spain’s cybersecurity agency. Cybersecurity professionals increasingly face physical-world targeting through doxxing campaigns.

Proposal for Independent U.S. Cyber Force: 30,000 Personnel, $11 Billion

A new policy report recommends creation of a dedicated U.S. Cyber Force. Supporters argue cyber operations have grown large enough to justify their own military branch.

CISA Remains Significantly Understaffed

Homeland Security leadership confirmed CISA is operating with approximately 2,200 employees despite authorization for substantially more. Efforts to rebuild the agency continue during a period of elevated threat activity.

Dragos Acquires Phosphorus: OT and IoT Security Convergence

Dragos announced acquisition of Phosphorus, expanding its ability to secure IoT devices within OT environments reflecting the continued convergence of traditional OT security and connected device management.

Cyera Raises at $12 Billion Valuation

AI security company Cyera is reportedly raising $300 million at a $12 billion valuation on approximately $150 million ARR, reflecting the extraordinary premium investors continue placing on AI security and automation platforms.

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Patch Palo Alto GlobalProtect immediately — CISA KEV, June 1 federal deadline, active exploitation confirmed

• Patch Apache HTTP Server and Nginx for HTTP/2 Bomb vulnerability — 880,000 potentially affected sites, active exploitation risk

• Patch Oracle WebLogic CVE-2024-21182 — CISA KEV, Cobalt Strike and ransomware payloads confirmed

• Verify Windows Domain Controller patch deployment for Netlogon CVE-2026-21176 — pre-auth zero-click RCE, “the new Zerologon”

• Patch GitLab self-managed instances for Duo AI identity confusion vulnerability immediately

• Update or disable WordPress Kirki plugin — CVSS 9.8, one million sites, no credentials required for account takeover

• Patch FlowWise immediately and restrict import permissions — public exploit enables root access via single malicious import

• Revoke and reissue OpenAI Codex credentials if codex-ui-android npm package was present

• Patch WinRAR for CVE-2025-8088 — Gamaredon is actively exploiting this for USB worm and wiper deployment

• Restrict or disable Microsoft Entra device code authentication flows — Kali365 FBI IC3 warning, active MFA bypass at scale

• Patch Linux systems for 19-year privilege escalation vulnerability — public exploit now available

• Deploy June Android security updates through MDM for CVE-2025-48595 active exploitation

Short-Term (This Month)

• Audit VS Code extensions and restrict untrusted Jupyter notebook execution — GitHub OAuth token theft zero-day has no patch

• Rotate cloud and development credentials associated with Red Hat npm Miasma campaign

• Hunt for Mustang Panda PlugX indicators across endpoints

• Hunt for suspicious Dropbox and OneDrive exfiltration activity in small date-batched increments — five-month stock exchange espionage model

• Monitor for Telegram-based outbound C2 traffic and unexpected AWS S3 uploads from endpoints — Gamaredon GammaSteal indicators

• Remove ATG fuel monitoring systems from any direct internet exposure

• Brief employees on LinkedIn-based intelligence recruitment following Five Eyes joint advisory

• Enforce voice phishing verification procedures — Carnival and Charter both started with one phone call

• Implement connection limits and HPACK protections on all internet-facing web servers

• Review GitHub Actions OIDC trust policies and restrict secrets access from external fork triggers

• Patch Redis if self-hosted — CVE-2026-23479 use-after-free, public exploit available

• Restrict ASUS router management interfaces to trusted IP ranges until end-of-June patches arrive

Strategic (This Quarter)

• Evaluate AI-assisted vulnerability management — Mythos, AI-discovered Redis zero-day, and HTTP/2 Bomb discovery all demonstrate autonomous discovery at operational scale

• Expand insider threat monitoring to include financial market abuse, prediction markets, and cryptocurrency monetization scenarios

• Accelerate migration to FIDO2 and passkeys — OAuth device code MFA bypass and real-time OTP interception are at industrial scale

• Compress vulnerability remediation SLAs for internet-facing systems to match actual exploitation timelines

• Review organizational LinkedIn exposure policies and communicate Five Eyes insider recruitment advisory to all staff with sensitive access

• Require CVE assignment and public changelog disclosure from all AI vendors with privileged developer environment access

• Establish physical social engineering tabletop exercises incorporating front desk, USB device, and visitor management scenarios

🎙️ James Azar’s CISO’s Take

When I look across this week’s four episodes, the defining theme is operational speed and the widening gap between how fast attackers are moving and how fast most organizations are structured to respond. Palo Alto GlobalProtect went from disclosure to CISA KEV with a federal deadline of June 1. FlowWise received public root exploit code the same day. The HTTP/2 Bomb can crash major web servers in twenty seconds. The Netlogon vulnerability requires one network packet and no credentials. Against that backdrop, organizations still operating on 30-day patch cycles for internet-facing critical infrastructure are not just behind they are accepting risk they have not explicitly acknowledged. The fundamentals are the battle. Not dashboards, not AI tools, not frameworks. Patch fast. Detect faster. Train your people. That’s it.

The second major takeaway is that AI has become a fully operational force multiplier on both sides simultaneously. Mythos is autonomously discovering vulnerabilities at a scale no human team can match and is now deployed across NATO, critical infrastructure, and major technology organizations. GreyVibe is using ChatGPT and Gemini throughout its kill chain as operational infrastructure, not experiments. OpenAI’s Codex discovered the HTTP/2 Bomb autonomously. And attackers are selling AI-generated phishing campaigns as subscription services. Security leaders who are still treating AI as a future challenge rather than a present operational reality are working with an incomplete picture of the battlefield they are operating on today.

Stay Cyber Safe. 🔐

📋 Week in Summary

This was the week speed proved itself the defining variable in cybersecurity not sophistication, not resources, not tooling. The HTTP/2 Bomb crashes servers in twenty seconds. A single Jupyter notebook steals GitHub OAuth tokens before a user closes the window. Gamaredon deployed a USB worm, infostealer, and wiper capability through one WinRAR vulnerability in one coordinated operation. And Carnival’s six million victims trace back to a single voice phishing call against a single employee. The velocity of modern attacks does not leave time for 30-day governance workflows, approval chains, or scheduled patch cycles. The organizations matching attacker speed will survive. The ones that don’t will keep providing the case studies.

The intelligence and human-layer stories this week were equally significant. A Five Eyes joint advisory documented China’s systematic LinkedIn recruitment of government insiders at scale using professional networking platforms as intelligence collection infrastructure. A five-month espionage campaign extracted an executive’s entire strategic communications in small batches designed to be invisible to monitoring systems. A Google security engineer allegedly used privileged access to prediction markets rather than exfiltrating data. These are not technical problems with technical solutions. They are operational, human, and institutional challenges that require awareness programs, monitoring expansion, and cultural change in addition to security tooling. The battlefield has always been both technical and human. This week made that undeniably clear.

Stay informed. Stay prepared. Stay Cyber Safe. 🔐

© CyberHub Podcast | Subscribe on Substack | Watch on YouTube | Follow on LinkedIn

If there was one theme that dominated today’s show, it was this:

The pace of cyber operations is accelerating faster than our institutions, infrastructure, and security programs were designed to handle.

Today’s episode delivered one of the most diverse threat landscapes we’ve covered all year. We examined a newly disclosed HTTP/2 denial-of-service exploit capable of taking down major web servers in seconds, a publicly disclosed VS Code zero-day that steals GitHub OAuth tokens with a single click, a five-month espionage campaign that silently drained the mailbox of a senior stock exchange executive, and a Five Eyes intelligence warning revealing how China is actively recruiting government insiders through platforms many professionals use every day.

At the same time, AI continues reshaping cybersecurity at unprecedented speed. This week alone, AI systems discovered critical vulnerabilities in both Redis and web infrastructure while organizations continue struggling to patch vulnerabilities discovered years ago. The message is becoming increasingly clear: attackers are accelerating, AI is accelerating, and defenders must adapt or risk falling behind.

Double espresso in hand, coffee cup cheers, gang. Let’s dive in.

Subscribe now

🧭 Executive Summary

Today’s threat landscape revealed four converging realities that every security leader should be paying attention to.

First, AI-assisted vulnerability discovery is dramatically compressing the timeline between identifying weaknesses and operational exploitation. Second, developer environments and software supply chains continue emerging as some of the most valuable attack surfaces available to threat actors. Third, nation-state intelligence services are increasingly blending traditional espionage techniques with cyber operations, targeting both technical systems and human assets simultaneously. Finally, critical infrastructure and internet-facing services remain dangerously exposed due to patching delays, misconfigurations, and operational complexity.

Every story today reinforced the same conclusion: speed is now the defining factor in cybersecurity.

📰 Top Stories & Deep Dive Analysis

“The pace of cyber operations is accelerating faster than our institutions were designed to handle.” James Azar

💣 HTTP/2 Bomb Can Crash Major Web Servers in Under a Minute

The most urgent technical story today involved the disclosure of CVE-2026-49975, a remote denial-of-service vulnerability researchers are calling the “HTTP/2 Bomb.” The flaw impacts several of the world’s most widely deployed web server technologies, including Apache HTTP Server, Microsoft’s IIS, Envoy Proxy, and Cloudflare’s Pingora infrastructure.

The attack combines two previously understood concepts into a highly effective denial-of-service technique. First, attackers abuse HPACK compression mechanisms to force servers into allocating enormous amounts of memory while decompressing relatively small amounts of malicious traffic. Then, by combining the attack with slow connection techniques similar to Slowloris, the server is prevented from releasing that memory once allocated.

The results are staggering. Researchers demonstrated that a single client connected through a standard residential internet connection could consume and hold approximately 32 gigabytes of memory on vulnerable Apache and Envoy servers in roughly twenty seconds.

What makes this especially concerning is the scale. Researchers estimate more than 880,000 public websites are potentially affected by default configurations. Nginx quietly patched the issue earlier this year, while Apache released fixes in late May. However, Microsoft IIS, Envoy, and Cloudflare’s Pingora remained unpatched as of publication.

The broader significance of this story is equally important. The vulnerability was discovered using OpenAI’s Codex platform, marking the second major AI-assisted vulnerability discovery disclosed this week. That trend is no longer theoretical, it is operational.

Organizations should immediately patch Apache and Nginx deployments, implement strict connection limits, enforce HPACK restrictions, and review mitigation options at load balancer and web application firewall layers.

💻 VS Code Zero-Day Steals GitHub Tokens With a Single Click

The developer community was rocked this week after security researcher Amar Askar publicly disclosed a VS Code zero-day vulnerability capable of stealing GitHub OAuth tokens through a remarkably simple attack chain.

The vulnerability exploits several behaviors within VS Code’s notebook and extension ecosystem. By delivering a malicious Jupyter notebook file, attackers can execute JavaScript inside a WebView iframe. The script then silently installs a malicious extension by triggering synthetic keyboard shortcuts and exploiting GitHub’s automatic authentication behavior between GitHub.com and GitHub.dev.

Once the extension is installed, it intercepts OAuth tokens before they reach GitHub’s web environment and exfiltrates them to the attacker.

The most alarming aspect is the blast radius. These tokens do not simply grant access to a single repository. They provide access to every private repository the victim can access through GitHub.

No patch is currently available.

This story continues reinforcing what we’ve seen throughout 2026: developer environments have become one of the highest-value targets in cybersecurity. Developers often hold privileged access to source code, cloud infrastructure, secrets, CI/CD systems, and deployment pipelines, making them prime targets for sophisticated attackers.

Organizations should immediately review installed VS Code extensions, restrict use of untrusted Jupyter notebooks, and consider disabling notebook functionality on systems where it is not required.

📈 Five-Month Espionage Campaign Targets Global Stock Exchange Executive

One of the most fascinating espionage reports of the year came from Symantec’s threat hunting team, which documented a highly disciplined operation targeting a senior executive at a major global stock exchange.

“The gap between attacker tempo and institutional response time is becoming the defining characteristic of this threat environment.” James Azar

Unlike many modern attacks focused on disruption or ransomware, this campaign was remarkably restrained. Over a period of five months, attackers quietly extracted the executive’s Outlook mailbox in carefully staged increments.

The attackers used malware disguised as Adobe and OneDrive services while leveraging legitimate tools and cloud services to avoid detection. Exfiltration occurred through Dropbox and personal OneDrive accounts. Particularly noteworthy was their use of hardcoded Microsoft-owned IP addresses rather than normal OneDrive hostnames, effectively bypassing DNS-based monitoring controls.

The attackers avoided large data transfers, instead stealing information in smaller date-based batches. The result was complete visibility into the executive’s communications, calendar data, strategic discussions, and market-related correspondence.

For intelligence services, this type of access can be far more valuable than a disruptive attack. Market-moving information, regulatory discussions, merger activity, and strategic planning all carry significant intelligence value.

The report serves as a reminder that some of the most dangerous adversaries aren’t trying to make noise, they’re trying to remain invisible.

🇨🇳 Five Eyes Warn China Is Recruiting Government Insiders Through LinkedIn

One of the most significant geopolitical stories today came through a joint advisory issued by intelligence agencies from the United States, Canada, the United Kingdom, Australia, and New Zealand. The warning outlines how Chinese intelligence services are systematically recruiting government employees, military personnel, contractors, and critical infrastructure workers through professional networking platforms.

The process follows a surprisingly structured methodology. Targets are initially approached through platforms like LinkedIn, Indeed, and Upwork. Once contact is established, recruiters evaluate the individual’s access, responsibilities, and potential value. Victims are often asked to produce seemingly harmless research reports before gradually being tasked with increasingly sensitive topics.

Compensation is typically provided through:

• PayPal

• Payoneer

• Wise

• Skrill

• Cryptocurrency

• Traditional wire services

The advisory stresses that classified access is not required to become a target. Information such as facility layouts, contract details, budget planning, vendor relationships, and internal policies may appear harmless individually but can become extraordinarily valuable when aggregated.

Perhaps most concerning is the migration path. Once trust is established, communications move from public platforms to encrypted services such as Signal and Telegram, effectively moving activity outside organizational visibility.

This campaign strongly resembles North Korea’s long-running use of fake recruiters and employment opportunities to collect intelligence. China appears to be adapting that model at scale.

Security leaders should use this advisory as a catalyst for reviewing insider threat awareness programs and LinkedIn exposure policies.

⚡ Need to Know

🤖 AI Discovers Redis Zero-Day Missed for Two Years

An autonomous security tool identified CVE-2026-23479, a use-after-free vulnerability in Redis that had existed unnoticed since 2023. Public exploit code is now available. Redis Cloud has been patched, but self-hosted deployments require immediate upgrades.

⛽ Federal Agencies Warn of Fuel Monitoring System Attacks

CISA, FBI, NSA, DOE, TSA, EPA, and several other agencies jointly warned about active attacks targeting Automatic Tank Gauge (ATG) systems used at fuel stations, transportation hubs, and chemical facilities. Attackers are exploiting internet-exposed systems protected only by default passwords.

🤖 Five AI Agent Zero-Days Patched

Researchers disclosed five vulnerabilities affecting OpenClaw, an AI agent framework integrating with Slack, Teams, Discord, and other collaboration platforms. The flaws allowed attackers to impersonate authorized users through display-name manipulation. All issues have been patched.

📡 ASUS Router Vulnerabilities Await Fixes

Two critical vulnerabilities affecting ASUS Wave 7 mesh routers expose credentials and allow persistent backdoor installation. No patches are expected until the end of June, leaving organizations reliant on compensating controls in the interim.

🇨🇳 Chinese Threat Actors Using LLM-Assisted Malware

Proofpoint reported that TA-4922, a Chinese cybercrime group targeting Europe, appears to be using LLM-assisted development techniques to accelerate malware creation and campaign generation.

🪖 Proposal Calls for Independent U.S. Cyber Force

A new policy report recommends creation of a dedicated U.S. Cyber Force consisting of approximately 30,000 personnel and costing an estimated $11 billion. Supporters argue cyber operations have grown large enough to justify their own military branch.

🏛️ CISA Staffing Shortages Remain a Challenge

Homeland Security leadership confirmed that CISA remains significantly understaffed, operating with approximately 2,200 employees despite authorization for substantially more. Efforts to rebuild the agency continue.

🎯 Key Takeaway

Today’s episode highlighted a cybersecurity environment where AI is accelerating vulnerability discovery, nation-state actors are blending human intelligence and cyber operations, and critical infrastructure remains exposed through basic operational weaknesses.

The challenge isn’t simply identifying threats anymore.

The challenge is keeping pace with them.

🛠️ Action Items

• Patch Apache and Nginx deployments vulnerable to HTTP/2 Bomb attacks

• Implement connection limits and HPACK protections on internet-facing web servers

• Audit VS Code extensions and restrict untrusted Jupyter notebook execution

• Review GitHub OAuth exposure and developer workstation security

• Hunt for suspicious Dropbox and OneDrive exfiltration activity

• Brief employees on LinkedIn-based intelligence recruitment risks

• Patch Redis environments immediately if self-hosted

• Remove ATG systems from direct internet exposure

• Restrict ASUS router management interfaces to trusted IP ranges

• Review AI agent authorization controls and identity validation processes

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is that every major story reflected the same underlying problem: speed. AI discovered vulnerabilities that sat unnoticed for years. Attackers leveraged trusted developer environments to steal credentials in under a minute. Nation-state operators quietly extracted executive communications for months without detection. The common thread isn’t sophistication—it’s velocity. Threat actors are moving faster than many organizations are structured to respond.

The second takeaway is that cybersecurity can no longer be viewed purely as a technical discipline. Today’s Five Eyes advisory demonstrates that nation-state intelligence operations increasingly blend cyber activity with human recruitment, social engineering, and insider targeting. Meanwhile, AI is becoming a force multiplier for both attackers and defenders. Organizations that continue separating technology risk from human risk will increasingly find themselves defending only half the battlefield.

🔥 Stay Cyber Safe.

Share

Today’s episode highlighted one reality that defenders can no longer ignore:

The pace of cyber operations is now significantly outpacing the pace of institutional response.

Whether it was Russian threat actors deploying self-propagating malware against Ukrainian targets, AI models identifying vulnerabilities faster than organizations can patch them, actively exploited WordPress vulnerabilities impacting more than a million websites, or governments attempting to establish AI oversight frameworks while the technology evolves in real time, every story today pointed to the same conclusion.

Attackers are moving faster. AI is moving faster. Exploit development is moving faster. And many organizations are still trying to respond with processes built for a much slower era.

Double espresso in hand, today’s special Elite coffee capsule from Israel was an absolute winner, coffee cup cheers, gang. Let’s get into it.

🧭 Executive Summary

Today’s cybersecurity landscape showcased the collision between emerging AI governance, accelerating nation-state cyber operations, and increasingly automated attack infrastructure.

Russian APT operators are weaponizing zero-day vulnerabilities to deliver modular malware frameworks capable of propagating through USB devices, network shares, Telegram infrastructure, AWS services, and destructive wiper capabilities. At the same time, Anthropic is expanding its Mythos vulnerability discovery platform to critical infrastructure operators worldwide, while the U.S. government introduces a voluntary AI review process aimed at balancing innovation with national security concerns.

The common denominator across every story is speed. Attackers are automating discovery, exploitation, persistence, and exfiltration. Defenders are increasingly being asked to operate at machine speed in environments that still rely heavily on human processes.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🇷🇺 Gamaredon Exploits WinRAR Vulnerability to Deploy USB Worm Against Ukraine

One of the most significant nation-state stories today came from researchers at Seqrite, who detailed a new campaign from Gamaredon, the Russian FSB-linked threat group known for sustained attacks against Ukrainian government, military, and critical infrastructure organizations.

The group is actively exploiting CVE-2025-8088, a path traversal vulnerability in WinRAR, to initiate a multi-stage infection chain delivering several malware families. The initial compromise deploys “GammaLoad,” which acts as a downloader for additional tooling. From there, victims receive GammaWorm, a USB-propagating worm capable of spreading through removable media and network shares while hiding itself using NTFS alternate data streams to avoid detection.

The campaign becomes particularly dangerous because the worm retrieves command-and-control instructions through public Telegram channels, blending malicious communications into otherwise legitimate enterprise traffic. A second payload, GammaSteal, focuses on information theft and exfiltrates targeted files directly into attacker-controlled AWS S3 buckets.

Researchers also noted the framework’s ability to deploy GammaWipe, a destructive wiper module previously observed throughout the Russia-Ukraine conflict.

What makes Gamaredon different from many threat groups is persistence. These campaigns are not smash-and-grab operations. They often remain active for months, continuously adapting and evolving while maintaining long-term access to targeted environments.

Organizations with Ukrainian partners, shared infrastructure, or cross-border collaboration should review WinRAR patching status immediately and monitor for suspicious Telegram-related outbound traffic and unexpected S3 uploads originating from endpoints.

🤖 Trump Signs Executive Order Establishing AI Security Vetting Framework

President Donald Trump signed a new executive order establishing a voluntary federal review framework for advanced AI models intended to assess national security risks prior to public release.

The order marks a significant shift from an earlier draft proposal that would have imposed mandatory ninety-day reviews. Instead, organizations developing frontier AI models can voluntarily submit systems for government evaluation, with agencies expected to complete assessments within thirty days.

The framework introduces several key initiatives:

• AI cybersecurity capability benchmarking

• National security risk evaluations

• Creation of an AI cybersecurity clearinghouse

• Government-industry collaboration mechanisms

• Information sharing related to AI vulnerabilities and threats

The practical significance here isn’t necessarily regulatory. It’s operational.

Governments historically struggle to move at the pace of technology. Making participation voluntary creates incentives for collaboration rather than compliance-driven resistance. If implemented correctly, it may allow federal agencies to gain visibility into rapidly evolving AI capabilities without slowing innovation.

The larger question remains whether government oversight can evolve quickly enough to remain relevant as AI systems continue advancing at unprecedented speed.

🌐 WordPress Plugin Vulnerability Actively Exploited Across One Million Sites

A critical vulnerability affecting the popular Kirki page builder plugin is now under active exploitation. The flaw, tracked as CVE-2026-8206, impacts more than one million WordPress installations and carries a CVSS score of 9.8.

The vulnerability stems from a broken password reset mechanism that allows attackers to substitute their own email address during account recovery. By submitting a target username and an attacker-controlled email address, the plugin generates legitimate password reset links and sends them directly to the attacker.

No credentials are required.
No user interaction is required.
One request is enough.

Once attackers gain administrative access, they are installing malicious plugins, creating rogue administrator accounts, injecting SEO spam, and deploying persistent backdoors.

This incident highlights a recurring problem within the WordPress ecosystem: a single plugin vulnerability can simultaneously expose hundreds of thousands of websites because of the platform’s massive deployment footprint.

Organizations running affected versions should immediately update to version 6.0.7 or disable the plugin entirely.

🧠 Anthropic Expands Mythos Vulnerability Discovery Platform

Perhaps the most strategically important story of the day involved Anthropic’s expansion of Project Glasswing and its Mythos vulnerability discovery platform. Anthropic announced that another 150 organizations across fifteen countries will gain access to Mythos, including NATO, ENISA, Samsung, healthcare providers, utilities, communications providers, and critical infrastructure operators.

Mythos previously identified more than:

• 23,000 potential vulnerabilities

• 10,000+ high and critical issues

• Thousands of previously unknown flaws

This isn’t simply AI-assisted code review.

Mythos is increasingly functioning as an autonomous vulnerability discovery platform capable of identifying weaknesses at a scale no human team could reasonably match.

The timing is particularly interesting because the announcement coincides with the AI executive order signed the same day. While governments discuss frameworks for evaluating AI security risks, AI is already being deployed at scale to identify vulnerabilities throughout critical infrastructure environments.

The future of cybersecurity may increasingly depend on whether organizations gain access to tools like Mythos—or become targets discovered by them.

⚡ Need to Know

“The gap between attacker tempo and institutional response time is becoming the defining characteristic of this threat environment.”

🏛️ Oracle WebLogic Added to CISA KEV Catalog

CISA added CVE-2024-21182, a critical Oracle WebLogic remote code execution vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active exploitation. Attackers are using the flaw to deploy Cobalt Strike and ransomware payloads. Organizations should patch immediately and review exposed WebLogic services.

📱 Android Patches Active Zero-Day

Google released Android’s June security updates, addressing 124 vulnerabilities, including CVE-2025-48595, a privilege escalation flaw confirmed under limited active exploitation. Organizations managing Android fleets should accelerate patch deployment through MDM platforms.

🇨🇳 Mustang Panda Returns

Chinese APT Mustang Panda resurfaced with a new PlugX malware delivery campaign using fake Adobe Acrobat update prompts. The malware leverages signed binaries and memory-only execution techniques to reduce detection.

💰 Sierra Reaches $12 Billion Valuation

AI security company Sierra is reportedly raising an additional $300 million at a $12 billion valuation despite generating approximately $150 million in annual recurring revenue. The valuation reflects the extraordinary premium investors continue placing on AI security and automation platforms.

🇪🇸 Spain Arrests Government Data Hacker

Spanish authorities arrested an individual accused of publishing sensitive information belonging to national police, intelligence personnel, and Spain’s cybersecurity agency. The incident serves as a reminder that cybersecurity professionals increasingly face physical-world targeting through doxxing campaigns.

🇷🇺 Russia Makes New Espionage Claims

Russia’s FSB issued claims regarding a large-scale foreign espionage operation targeting senior officials through mobile devices but provided little technical evidence supporting the allegations. The announcement appears consistent with ongoing information operations surrounding cyber activity and geopolitical tensions.

🎯 Key Takeaway

Today’s episode wasn’t really about vulnerabilities, AI, or government policy.

It was about speed.

Gamaredon is operating faster than international cyber norms can be debated.
Mythos is finding vulnerabilities faster than organizations can patch them.
Attackers are exploiting WordPress plugins faster than administrators can update them.
AI capabilities are evolving faster than governments can regulate them.

The defining challenge of cybersecurity in 2026 isn’t a lack of tools or information.

It’s the widening gap between attacker tempo and institutional response.

🛠️ Action Items

• Patch WinRAR for CVE-2025-8088 immediately

• Monitor for suspicious Telegram-related outbound traffic

• Review AWS S3 uploads originating from endpoints

• Update or disable vulnerable Kirki WordPress plugin deployments

• Patch Oracle WebLogic environments added to the KEV catalog

• Deploy June Android security updates across managed devices

• Hunt for Mustang Panda PlugX indicators

• Review doxxing exposure for cybersecurity leadership and staff

• Evaluate AI-assisted vulnerability management capabilities

• Reassess patching timelines for internet-facing infrastructure

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how clearly every story reflects the same underlying trend. Whether we’re discussing Russian cyber operations, AI-driven vulnerability discovery, WordPress exploitation, or federal AI oversight, the common denominator is acceleration. The speed of discovery, exploitation, and operational deployment continues increasing while many organizations remain constrained by traditional governance models, approval processes, and remediation timelines. That mismatch creates risk regardless of industry or geography.

The second takeaway is that AI is no longer a future cybersecurity issue—it is a present cybersecurity force multiplier. Mythos is already identifying vulnerabilities at scales impossible for human teams. Threat actors are already using AI to enhance phishing, malware development, and reconnaissance. Governments are now attempting to create frameworks around technologies that are already operational. Organizations that treat AI as tomorrow’s challenge rather than today’s reality are likely underestimating both the opportunity and the risk.

🔥 Stay Cyber Safe.

Today’s show highlights something we’ve been discussing repeatedly throughout the year: trust itself is becoming the primary attack surface.

Whether it’s trust in Active Directory, trust in AI support agents, trust in open-source software packages, trust in websites from Harvard and Oxford, or trust in software supply chains, attackers are increasingly targeting the systems and relationships we depend on most. The technical vulnerabilities matter, but what we’re really seeing is the systematic erosion of digital trust across every layer of enterprise technology.

Today’s episode featured eleven major stories spanning actively exploited Windows vulnerabilities, AI-powered account takeovers, software supply chain compromises, large-scale website hijacking campaigns, cloud security concerns, and several important developments in the security research community. The pace of both attacks and defensive responses continues to accelerate, forcing organizations to rethink how quickly they can identify, prioritize, and mitigate risk.

Subscribe now

📰 Top Stories

“The attacker playbook has converged on trust infrastructure as the attack surface.” James Azar

🚨 Windows Netlogon Vulnerability Being Compared to Zerologon

The most urgent story of the day centered on CVE-2026-21176, a critical Netlogon vulnerability affecting Windows Domain Controllers that security researchers are already comparing to the infamous Zerologon flaw.

The vulnerability is a pre-authentication, zero-click, stack-based buffer overflow within the Netlogon service. Attackers require only a single specially crafted network packet to achieve system-level code execution directly on a Domain Controller. No credentials, no user interaction, and no prior access are required. Microsoft patched the issue during May’s Patch Tuesday release, but organizations that have not yet updated their Domain Controllers remain vulnerable today.

This vulnerability is particularly dangerous because Domain Controllers remain the crown jewels of most Windows environments. Once an attacker gains control of a Domain Controller, the path to full forest compromise becomes significantly easier. The attack continues a broader trend we’ve observed throughout 2026 where identity infrastructure has become the primary target for both ransomware operators and nation-state actors.

Organizations should immediately verify patch deployment, confirm Netlogon protections are enabled, and ensure critical services such as SMB and RPC are not exposed externally.

🤖 Meta AI Accidentally Handed Out Instagram Accounts

One of the most talked-about stories today involved Meta’s AI-powered support assistant inadvertently helping attackers take over Instagram accounts.

According to researchers, attackers discovered they could interact directly with Meta’s support chatbot and request account recovery actions on behalf of victims. By providing a target account, adding a new email address, and completing a verification process controlled entirely through the chatbot, attackers could effectively reset passwords and gain control of accounts without the legitimate owner’s involvement. Victims reportedly included high-profile government, military, and cybersecurity community accounts.

Meta has since fixed the issue, but the incident highlights a growing challenge facing AI deployments. When AI systems are granted administrative authority without sufficient identity verification controls, they become privileged attack surfaces. The chatbot wasn’t vulnerable because it was AI—it was vulnerable because it was trusted to perform sensitive account functions without properly validating who was making the request.

This won’t be the last AI trust-boundary failure we see.

📦 Red Hat Supply Chain Attack Compromises 32 npm Packages

The software supply chain attacks continue.

Researchers uncovered a campaign dubbed “Miasma” that compromised thirty-two official Red Hat npm packages with a combined weekly download count exceeding 117,000. The attack originated after a Red Hat employee’s GitHub account was compromised, allowing attackers to inject malicious code into repositories and leverage GitHub Actions OIDC workflows to distribute malware through trusted package pipelines.

The malicious packages harvested:

• AWS credentials

• Azure credentials

• Google Cloud credentials

• GitHub tokens

• SSH keys

• npm authentication tokens

The malware itself represents an evolution of the Mini Shai-Hulud campaign that has been repeatedly appearing throughout recent software supply chain incidents.

What makes this attack notable is that the attackers didn’t compromise npm directly. Instead, they compromised trust within the CI/CD process itself. That distinction matters because many organizations continue focusing on package integrity while overlooking the pipelines responsible for building and publishing those packages.

Any organization using affected packages should immediately rotate credentials and review build pipelines for signs of compromise.

🌐 ClickFix Campaign Hijacks Hundreds of Trusted Websites

The ClickFix campaign continues to evolve and expand.

Attackers are actively exploiting vulnerabilities in Ghost CMS installations to compromise over 700 websites, including prominent institutions such as Harvard University, Oxford University, Auburn University, and DuckDuckGo-powered properties. Once compromised, attackers inject malicious JavaScript that presents visitors with fake CAPTCHA or browser verification prompts.

Instead of solving a challenge, users are instructed to press Windows+R and execute commands manually. Those commands launch PowerShell payloads that download malware directly onto victim systems.

“When Harvard, Oxford, and your own software supply chain can all become malware delivery platforms, trust becomes your most valuable asset.” James Azar

What makes ClickFix effective is that it bypasses traditional security awareness training. Most users have learned to distrust email attachments, but many still trust browser prompts appearing on legitimate websites.

This campaign demonstrates how attackers continue adapting social engineering tactics to exploit trust relationships users rarely question.

⚡ Security Leaders Need to Know

🔓 OpenAI Codex Token Theft Campaign

Researchers discovered a popular npm package called codex-ui-android that was secretly exfiltrating OpenAI Codex OAuth tokens, including long-lived refresh tokens. The package accumulated over 26,000 weekly downloads before detection. Organizations using OpenAI development environments should immediately revoke and reissue Codex credentials.

🔑 Dashlane Stops Brute Force Attack

Password manager provider Dashlane confirmed it detected and mitigated a brute-force campaign attempting to register unauthorized devices against customer accounts. While some encrypted vaults were copied, no master passwords were exposed, limiting the impact. Customers should still review registered devices and account activity.

⚖️ Microsoft Backs Down From Threats Against Security Researchers

Just one day after suggesting legal action against researchers releasing uncoordinated vulnerabilities, Microsoft reversed course and clarified that it has no plans to pursue legal action against independent security researchers. The move follows significant backlash from the cybersecurity community and appears aimed at reducing tensions surrounding recent disclosures from Nightmare Eclipse.

☁️ Container and Kubernetes Attacks Continue Growing

Researchers warned about active exploitation of container and Kubernetes misconfigurations, including exposed Docker APIs, weak RBAC permissions, and poisoned container images. Several campaigns are now specifically targeting cloud-native infrastructure and Kubernetes secrets.

🐧 Linux Kernel Privilege Escalation Gets Public Exploit

A proof-of-concept exploit is now publicly available for the recently disclosed nineteen-year-old Linux kernel privilege escalation vulnerability. Organizations that delayed patching now face significantly elevated risk as exploitation becomes easier for attackers.

🏭 Dragos Acquires Phosphorus

Industrial cybersecurity leader Dragos announced its acquisition of Phosphorus, expanding its ability to secure IoT devices within operational technology environments. The move reflects the continued convergence between traditional OT security and connected device management.

🇺🇸 NSA Fills Key Cybersecurity Leadership Roles

The NSA formally appointed David Imbordino as Cyber Director and Bruce Jones to lead the Cybersecurity Collaboration Center, ending a prolonged leadership gap and restoring continuity for government-private sector cybersecurity partnerships.

🎯 Key Takeaway

Today’s episode wasn’t really about vulnerabilities.

It was about trust.

Trust in your Domain Controllers.
Trust in your AI assistants.
Trust in your package repositories.
Trust in your websites.
Trust in your software supply chain.

Attackers increasingly understand that compromising trust creates significantly greater impact than compromising individual systems. As organizations adopt AI, cloud-native development, and increasingly interconnected ecosystems, protecting those trust relationships becomes just as important as protecting infrastructure itself.

🛠️ Action Items

• Patch all Windows Domain Controllers immediately

• Verify Netlogon protections and firewall exposure

• Audit Instagram and Meta-linked accounts for unauthorized recovery changes

• Rotate cloud and development credentials if affected Red Hat packages were installed

• Review GitHub Actions OIDC trust policies

• Patch Ghost CMS deployments immediately

• Train users to recognize ClickFix-style social engineering prompts

• Revoke OpenAI Codex tokens if affected packages were present

• Review Dashlane account device registrations

• Audit Kubernetes and Docker environments for exposed APIs and excessive privileges

• Patch Linux systems vulnerable to newly weaponized privilege escalation exploits

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how consistently attackers are targeting systems that sit at the center of organizational trust. Domain Controllers establish identity trust. AI assistants establish user trust. Package repositories establish software trust. Websites establish content trust. Every major story today involved an attacker exploiting one of those relationships rather than simply exploiting a technical vulnerability. That’s an important distinction because fixing trust failures requires more than patching software—it requires rethinking how we validate, authorize, and monitor critical interactions.

The second takeaway is that the pace of cybersecurity continues accelerating. Yesterday’s controversy involving Microsoft and security researchers was largely resolved within twenty-four hours. Public exploit code is now appearing almost immediately after disclosures. Supply chain attacks are moving from one ecosystem to another in days rather than months. Security leaders need operating models that can respond to events at this speed because attackers are no longer waiting for quarterly patch cycles or annual security reviews.

🔥 Stay Cyber Safe.

Today’s show highlighted a reality that every security leader needs to accept: the pace of cyber operations is accelerating faster than many organizations can adapt. We have an actively exploited Palo Alto GlobalProtect VPN vulnerability with a federal remediation deadline of today, public exploit code for a critical AI platform remote code execution flaw, an escalating dispute between Microsoft and a zero-day researcher releasing vulnerabilities into the wild, a newly identified Russian threat actor using AI throughout its attack lifecycle, and confirmation that Carnival Cruise Lines joined the growing list of organizations compromised through a single successful social engineering attack.

The common theme throughout every story today was speed. Attackers are moving faster. Exploit development is moving faster. AI is accelerating both offense and defense. Meanwhile, organizations that still rely on traditional thirty-day patch cycles and legacy response models are finding themselves increasingly exposed.

Double espresso in hand. Coffee cup cheers, gang. Let’s dive in.

Subscribe now

🧭 Executive Summary

Today’s cybersecurity landscape demonstrates that attackers are no longer relying solely on technical sophistication. They are combining AI, social engineering, public exploit releases, supply chain targeting, and infrastructure attacks into highly efficient operational campaigns.

At the same time, defenders face mounting pressure from shrinking remediation windows. Vulnerabilities that once took weeks or months to weaponize are now being exploited within hours. AI development platforms have become attractive targets. VPN infrastructure remains one of the most common initial access vectors. And insider threat risks are expanding into entirely new areas, including prediction markets and cryptocurrency platforms.

The organizations that will succeed in this environment are those capable of matching attacker speed through rapid patching, continuous monitoring, strong identity controls, and relentless employee education.

📰 Top Stories & Deep Dive Analysis

🚨 Palo Alto GlobalProtect VPN Vulnerability Under Active Exploitation

The most urgent story of the day centers on Palo Alto Networks’ GlobalProtect VPN platform. Security researchers have confirmed active exploitation of CVE-2026-3401, a vulnerability affecting GlobalProtect gateways and specifically targeting local administrator accounts. CISA added the flaw to its Known Exploited Vulnerabilities catalog with a federal remediation deadline of June 1st, meaning today is the day agencies must complete mitigation efforts.

This vulnerability fits a pattern we’ve seen repeatedly throughout 2026. Edge devices including VPNs, firewalls, and remote access appliances—continue serving as primary entry points for both ransomware groups and nation-state operators. The concern isn’t simply that a vulnerability exists. The concern is that attackers are already exploiting it before many organizations have completed testing and deployment of patches.

Organizations running affected versions of PAN-OS should immediately upgrade to supported releases. If immediate patching is not possible, Palo Alto recommends separating the certificate used for GlobalProtect authentication cookies from the HTTP service certificate to disrupt the attack path.

The lesson remains consistent: internet-facing security infrastructure has become one of the highest-priority attack surfaces in enterprise environments.

🤖 Public Exploit Released for Critical FlowWise AI Platform Vulnerability

The AI security conversation continues to intensify. Researchers published working exploit code for CVE-2026-40933, a critical remote code execution vulnerability affecting FlowWise, the popular open-source AI orchestration platform used to build large language model workflows and AI agents.

FlowWise has become extremely popular among developers because it allows organizations to visually build AI workflows without extensive coding. Unfortunately, that popularity also makes it an attractive target.

The exploit requires only a single user interaction. By importing a malicious chat flow, an attacker can trigger operating-system-level code execution with the privileges assigned to the FlowWise process. In many deployments, that means root-level access.

What makes this especially dangerous is where FlowWise sits within the enterprise ecosystem. These deployments are commonly connected to:

• Databases

• Cloud services

• API keys

• Internal applications

• AI development environments

Compromising FlowWise often means compromising everything connected to it.

Organizations using self-hosted FlowWise instances should patch immediately, restrict import permissions, review administrative access, and rotate credentials connected to the platform.

⚖️ Microsoft Escalates Dispute With Zero-Day Researcher

One of the more controversial stories today involves Microsoft’s ongoing battle with a researcher operating under the name Nightmare Eclipse. Microsoft formally responded to a series of public vulnerability disclosures and exploit releases, stating that the publication of working exploit code without coordinated disclosure is “never justifiable” and signaling that its Digital Crimes Unit may pursue legal action against those enabling cybercrime.

The dispute centers around six Windows zero-day vulnerabilities disclosed since April. Three are already actively exploited and listed in CISA’s Known Exploited Vulnerabilities catalog. Three others remain unpatched, with proof-of-concept exploit code publicly available.

The researcher alleges Microsoft terminated access to its vulnerability reporting program and withheld bounty payments. Microsoft disputes those claims.

This story highlights a longstanding tension within cybersecurity. Independent researchers play a critical role in vulnerability discovery, but public disclosure without available patches creates immediate risk for defenders. At the same time, bug bounty programs only succeed when researchers feel their work is treated fairly and transparently.

The cybersecurity community will be watching closely as this dispute unfolds.

🌐 Google Patches 151 Chrome Vulnerabilities

Google released Chrome version 148, addressing 151 vulnerabilities, including 22 classified as critical and 123 rated high severity. Use-after-free bugs accounted for a significant portion of the fixes, representing one of the most commonly exploited browser vulnerability classes.

While Google reports no active exploitation of these specific flaws at the time of release, recent industry data shows that over 20% of vulnerabilities are exploited within twenty-four hours of disclosure. Some security vendors report seeing proof-of-concept weaponization within less than thirty minutes.

This means browser patching can no longer be treated as a routine maintenance task. Browsers have effectively become operating systems themselves, holding credentials, session tokens, cloud access, and corporate data.

Organizations should force browser updates immediately and verify successful deployment across all managed endpoints.

🇷🇺 Russian Threat Group GreyVibe Uses AI Across Entire Kill Chain

Researchers documented a previously unknown Russian-linked threat actor known as GreyVibe that has been targeting Ukrainian military, government, civilian, and business organizations since August 2025. What makes Gray Vibe particularly notable is its extensive use of generative AI throughout nearly every stage of its operations.

The group reportedly uses:

• Ideogram for phishing imagery

• ChatGPT for lure development and malware support

• Google Gemini for obfuscation and backend infrastructure

• AI-generated phishing campaigns

• AI-assisted payload development

GreyVibe’s attack chains include fake CAPTCHA pages, spear phishing operations, fraudulent charity websites, and malware families tied to the TrickBot ecosystem.

This represents one of the clearest examples yet of threat actors integrating generative AI directly into operational workflows rather than using it experimentally.

The implication is significant: defenders should expect phishing campaigns, malware, and social engineering operations to become increasingly personalized, scalable, and difficult to distinguish from legitimate communications.

🇳🇱 Dutch Authorities Dismantle Massive Residential Proxy Botnet

Dutch law enforcement and the National Cyber Security Centre successfully dismantled the ASOC residential proxy botnet, taking down infrastructure tied to more than one million infected devices and a network that leveraged over seventeen million compromised endpoints globally.

The botnet sold access to residential IP addresses for as little as five dollars per month. Criminals used the infrastructure for:

• Credential stuffing

• DDoS attacks

• Phishing campaigns

• Spam operations

• Proxy services

Residential proxy networks remain highly valuable because traffic originating from consumer IP addresses often appears legitimate to security controls.

This operation continues a recent trend of successful law enforcement actions targeting the infrastructure that enables cybercrime rather than focusing solely on individual actors.

🔧 GitLab Issues Emergency Patch for Duo AI Identity Confusion Vulnerability

GitLab released emergency security updates addressing several vulnerabilities affecting Duo AI workflows. The most significant flaw allows an authenticated user to trigger AI-assisted workflows under another user’s identity, potentially enabling privilege escalation and lateral movement within development environments.

The vulnerability is particularly concerning because AI tooling increasingly sits inside trusted development pipelines. If authorization controls fail, attackers may gain access to repositories, code, secrets, or workflows they should never see.

GitLab.com has already been patched, but organizations running self-managed instances must upgrade immediately.

As AI becomes integrated into development processes, identity validation and authorization controls around these tools become critical security boundaries.

🚢 Carnival Cruise Lines Confirms Six Million Victims in April Breach

Carnival Cruise Lines confirmed that nearly six million individuals were affected by an April data breach originating from a successful social engineering attack against an employee account. ShinyHunters has claimed responsibility.

“One employee, one phone call, and millions of records can disappear overnight.” James Azar

Exposed information reportedly includes:

• Names

• Email addresses

• Phone numbers

• Dates of birth

• Driver’s license numbers

• Passport information

This breach follows a pattern we’ve seen repeatedly throughout 2026. One successful social engineering attack leads to millions of compromised records.

What makes this especially concerning is the inclusion of passport data. While organizations often offer credit monitoring after breaches, credit monitoring does not protect against identity fraud involving passport information.

Security leaders should remember that frontline employees remain one of the most important attack surfaces in any organization.

🎲 Google Security Engineer Charged in Insider Trading Scheme

Federal prosecutors charged a Google security engineer with fraud, money laundering, and related offenses after allegedly using access to confidential internal search trend information to place highly profitable bets on prediction markets.

According to the allegations, the engineer used confidential search data to predict market outcomes on Polymarket and generated more than $1 million in cryptocurrency profits.

While this story is not a traditional cyberattack, it highlights an emerging challenge for insider threat programs. Organizations have traditionally focused on data theft, intellectual property loss, and espionage. Increasingly, insider access can also be monetized through financial instruments, prediction markets, and cryptocurrency ecosystems.

Security teams may need to expand insider risk monitoring programs to address these evolving threats.

🎯 Key Takeaway

👉 The attack surface continues shifting faster than many security programs can adapt. VPNs are under active attack, AI platforms are becoming both targets and weapons, exploit development cycles are shrinking, and social engineering remains one of the most effective attack techniques in existence.

🛠️ Action Items for Security Leaders

• 🚨 Patch Palo Alto GlobalProtect immediately and review exposure of internet-facing VPN infrastructure

• 🤖 Update FlowWise deployments and restrict import permissions

• ⚖️ Monitor disclosures related to Nightmare Eclipse vulnerabilities and apply mitigations promptly

• 🌐 Force Chrome updates across all managed endpoints

• 🇷🇺 Enhance detection capabilities for AI-assisted phishing and malware campaigns

• 🇳🇱 Review outbound traffic for residential proxy network indicators

• 🔧 Patch self-managed GitLab instances and review Duo AI authorization controls

• 🚢 Educate employees on voice phishing and social engineering tactics

• 🎲 Expand insider threat monitoring to include financial abuse scenarios

• ⚡ Reevaluate patching timelines for internet-facing systems and critical applications

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how clearly speed has become the defining characteristic of modern cybersecurity. Whether it’s VPN vulnerabilities moving from disclosure to exploitation, AI platform exploits receiving public proof-of-concept code, or Chrome vulnerabilities being weaponized within hours, the traditional timelines many organizations still operate under simply don’t match reality anymore. Security teams that continue treating critical vulnerabilities as thirty-day projects are increasingly exposing their organizations to unnecessary risk.

The second major takeaway is the role AI is beginning to play across every part of the threat landscape. Gray Vibe’s systematic use of ChatGPT and Gemini shows that AI is no longer experimental for threat actors, it is operational. At the same time, platforms like FlowWise and GitLab Duo AI are becoming targets themselves. Security leaders need to stop thinking about AI as a future challenge and start treating it as a current operational risk that requires governance, visibility, and dedicated defensive strategies.

🔥 Stay Cyber Safe.

Double espresso ready. This week was one of the most operationally significant we have covered in months and the theme James kept returning to across all four episodes was speed. The speed of attacker exploitation. The speed of supply chain propagation. The speed at which traditional defensive timelines are becoming operationally obsolete.

This was the week a watering hole campaign turned Harvard and Oxford websites into malware delivery infrastructure. A single supply chain attack injected malicious workflows into 5,561 GitHub repositories in six hours. Anthropic’s Mythos AI autonomously discovered and exploited a 17-year-old FreeBSD root vulnerability — start to finish, without human guidance. Ubiquiti dropped emergency patches for three CVSS 10 vulnerabilities while researchers documented nearly 100,000 internet-exposed management interfaces. And GitHub introduced mandatory 2FA-gated npm publishing in direct response to the Megalodon and TeamPCP supply chain campaigns.

But the story that may define the week came in the final episode: Iranian-linked attackers reached LA Metro’s rail yard control display systems. Criminals are physically entering offices carrying USB drives when digital attacks get blocked. Chinese phishing-as-a-service platforms are bypassing MFA in real time with live OTP interception dashboards. AI chatbots are being poisoned to recommend malware. India’s CERT issued a twelve-hour critical vulnerability patching mandate. And Anthropic quietly patched Claude Code sandbox escapes without assigning CVEs — prompting a pointed industry debate about whether AI vendors are being held to the same disclosure standards as any other privileged software.

Coffee cup cheers. Let’s get into it.

Subscribe now

🌐 Infrastructure & Network Exploitation

Ghost CMS Exploited in Massive ClickFix Watering Hole Campaign: Harvard, Oxford, DuckDuckGo

A large-scale Ghost CMS exploitation campaign is actively compromising trusted institutional websites including Harvard, Oxford, Auburn University, and DuckDuckGo-linked domains using a sophisticated ClickFix watering hole attack. Attackers exploit vulnerable Ghost CMS versions to steal admin keys through unauthenticated Ghost API access, then inject lightweight JavaScript loaders into legitimate articles. Visitors are presented with a fake Cloudflare CAPTCHA prompt instructing them to paste a verification command into their Windows terminal which downloads malicious loaders and backdoors. This social engineering flow bypasses traditional phishing awareness training entirely, because users believe they are on a trusted, well-known domain. Trusted browsing is no longer a reliable safety signal. Patch Ghost CMS to version 6.20.0 immediately and train users that no legitimate website will ever ask them to paste commands into a terminal.

Ubiquiti Emergency Patches: Three CVSS 10 UniFi Vulnerabilities

Ubiquiti issued emergency patches for five UniFi OS vulnerabilities, including three carrying the maximum CVSS score of 10.0 improper access control enabling unauthorized changes, path traversal enabling arbitrary file reads, and unauthenticated command injection enabling full remote code execution. Approximately 100,000 internet-exposed UniFi OS endpoints are currently accessible globally, with nearly half in the United States. No administrator credentials required. Attacker needs only an IP address to begin exploitation. Patch immediately and move all UniFi management interfaces behind VPNs or isolated management VLANs.

Underminer CDN Technique: C2 Traffic Hidden Behind 88 Million Trusted Domains

Researchers disclosed “Underminer,” a CDN-based command-and-control evasion technique hiding malicious traffic behind approximately 88 million legitimate domains. Unlike classic domain fronting, Underminer abuses shared CDN infrastructure by presenting trusted domain names in SNI and HTTP host fields while routing traffic to attacker-controlled infrastructure underneath. DNS resolution appears legitimate, TLS certificates validate correctly, firewall rules see trusted domains and malicious C2 traffic tunnels silently through. Organizations relying on domain allowlists, proxy filtering, or DNS-based trust enforcement now have a structural blind spot. Visibility must extend below the domain layer to include certificate analysis, routing anomalies, and behavioral inspection.

Huawei VRP: National Telecom Outage, No CVE, No Confirmed Patch

A Huawei VRP vulnerability confirmed as the cause of a nationwide Luxembourg telecom outage was disclosed nearly ten months ago with no public CVE and no confirmed patch. Organizations still running Huawei networking infrastructure should treat this as an unresolved operational trust concern requiring architectural review.

🤖 AI as Weapon, Tool, and Attack Surface

Anthropic Mythos AI: 23,000 Vulnerabilities, 17-Year FreeBSD Root Exploit — Autonomously

Anthropic’s Mythos AI model, operating through Project Glasswing alongside AWS, Google, Microsoft, NVIDIA, Cisco, CrowdStrike, Apple, and Palo Alto Networks, scanned over 1,000 open-source projects and identified 23,019 vulnerabilities — 6,202 high or critical — with 1,094 confirmed by human reviewers. The most significant finding: Mythos autonomously identified and fully exploited a 17-year-old FreeBSD remote root vulnerability without human guidance, performing discovery, analysis, exploit generation, and successful root compromise independently. Anthropic confirmed Mythos-class capabilities will eventually be available beyond the current curated partner model. The traditional patching timeline built around human-paced exploit development is no longer a valid operational assumption. Organizations operating with 30-day vulnerability SLAs for internet-facing systems are already behind.

Anthropic Quietly Patches Claude Code Sandbox Escapes — No CVEs Assigned

Anthropic silently patched two major Claude Code sandbox bypass vulnerabilities without assigning CVEs or documenting the issues in public changelogs: a hostname null-byte injection flaw present since October 2025, and a hardcoded 50-subcommand limit that caused configured deny rules to silently stop being enforced above the threshold — a full sandbox escape hiding in plain sight. If agentic AI tools have privileged access to file systems, shells, and CI/CD environments, they must be held to the same CVE disclosure standards as any other privileged software. This is not a nuanced governance question. It is a foundational requirement for operational trust.

Russian Operator Weaponizes Jailbroken Gemini AI for Credential Cracking and Influence Ops

Russian-speaking operator “BenCamPro” weaponized a jailbroken Google Gemini CLI instance across a multi-year campaign, building a self-reinforcing jailbreak system where Gemini retained prior jailbreak instructions across sessions. The AI was used to generate password mutations, crack WordPress admin accounts, analyze stolen infostealer logs, and assist operational decision-making. Researchers linked the activity to 29 compromised WordPress accounts, MAGA-themed influence operations, crypto wallet theft, and Telegram channels with over 17,000 subscribers. AI is materially lowering the skill barrier for cybercrime operations. Audit all AI API key exposure across CI/CD environments and repositories immediately.

AI Chatbots Recommending Malware-Infected Downloads

Microsoft researchers documented an active cryptojacking campaign where attackers poison AI chatbot knowledge to redirect users toward malware-infected versions of legitimate utilities CrystalDiskInfo, HWMonitor, FurMark, Display Driver Uninstaller, and K-Lite Codec Pack. Payloads establish persistence via ScreenConnect and provide remote access capable of escalating to ransomware or data theft. AI-generated recommendations are increasingly treated as authoritative by users giving attackers a high-trust distribution channel. Enforce policies requiring software downloads only from official vendor domains and monitor for unauthorized remote management tools.

Malicious npm Package Stealing Anthropic Claude AI Session Files

Aikido Security discovered a malicious npm package (mouse5212-superformatter) specifically designed to steal Anthropic Cloud AI session files from developer environments authenticating into GitHub repositories, recursively uploading AI session data, and harvesting cloud code session outputs. The attacker accidentally embedded their own GitHub token into the malware, suggesting the package itself may have been AI-assisted without proper OPSEC review. AI development environments hold deeply trusted positions with broad filesystem and credential access. One malicious dependency can expose everything the AI tooling has ever touched.

🧬 Supply Chain & Developer Ecosystem

Megalodon Supply Chain Attack: 5,561 GitHub Repositories in Six Hours

The “Megalodon” campaign injected malicious GitHub Actions workflows into 5,561 open-source repositories using developer credentials harvested from infostealer infections — confirmed by Hudson Rock researchers who matched hundreds of affected GitHub accounts to previously compromised infostealer logs. Attackers used bot personas and maintenance-style commit messages to blend into normal CI activity. Once merged into repositories lacking strong branch protections, the malicious workflows silently exfiltrated AWS, Azure, and GCP credentials, SSH private keys, Kubernetes configurations, GitHub OIDC tokens, API keys, and database connection strings. The npm package @tiledesk/server was also poisoned across multiple versions. Audit CI/CD logs for Megalodon-related commits since May 18th and rotate all exposed deployment credentials immediately.

GitHub Introduces 2FA-Gated npm Publishing: “Proof of Presence”

GitHub rolled out staged npm publishing requiring maintainers to complete a two-factor authentication challenge before package releases become installable. Even CI/CD pipelines using OIDC trusted publishing require a human to approve the release before distribution. This creates friction attackers cannot bypass through credential automation alone. The challenge is adoption the feature is currently opt-in, not mandatory. Organizations should begin requiring 2FA-gated publishing from critical open-source dependencies.

Trend Micro Apex One Zero-Day: CISA KEV, June 4 Federal Deadline

Trend Micro confirmed active exploitation of a critical Apex One vulnerability added to CISA’s KEV with a June 4th federal remediation deadline. The flaw allows an attacker with administrative access to an Apex One server to manipulate a key distribution table used to push code to managed endpoints one compromised admin account becomes a force multiplier capable of distributing malicious code to every endpoint managed by the server. Security management infrastructure continues to be the preferred attacker pivot point in 2026.

npm Supply Chain Campaign Hides Linux Backdoor as SSH Daemon

Researchers uncovered an npm campaign hiding a Linux backdoor disguised as a fake SSH daemon named .sshd inside /tmp, distributed through malicious postinstall scripts in package.json files. The naming convention is deliberate /tmp/.sshd can appear benign during initial incident response. The campaign targets mixed PHP and JavaScript monorepo environments. Review npm lifecycle scripts before any production deployment and monitor for SSH-like processes running from temporary directories.

💥 Ransomware & Destructive Operations

“Today’s stories read as one coherent threat picture: the attackers are faster, cheaper, and harder to detect than they were twelve months ago. CVSS perfect ten in Ubiquiti. MFA bypassed by a two hundred and fifty dollar subscription service. A North Korean RAT that lives purely in memory. An AI that jailbreaks itself and cracks passwords for a low-skilled Russian actor. These are not theoretical risks anymore, they are Tuesday morning’s operational realities.”

NightSpire Ransomware: 175 Organizations, 28 Industries — Using Only Legitimate Tools

The NightSpire ransomware group has impacted 175 organizations across 28 industries since early 2025, including hospitals, schools, financial institutions, and government agencies relying almost entirely on legitimate software rather than custom malware. Entry vectors: exposed RDP, FortiOS vulnerabilities. Persistence tools: Chrome Remote Desktop, AnyDesk. Exfiltration: MegaSync. Compression: 7-Zip. By operating exclusively within legitimate tooling, NightSpire avoids triggering traditional EDR alerts. Audit exposed RDP, unauthorized remote administration software, unexpected cloud synchronization tools, and FortiOS patching status across all environments.

VECT Ransomware Confirmed as Wiper: No Recovery Path Regardless of Payment

VECT ransomware’s encryption process is confirmed to discard critical data by design, making recovery impossible even after payment. This is not extortion it is destruction disguised as extortion. Prevention and validated offline backups are the only defenses.

🔓 Data Breaches & Exposures

Charter Communications: 42 Million Records via Voice Phishing → Microsoft Entra → Salesforce

Charter Communications confirmed a ShinyHunters breach affecting approximately 42 million customer records following a voice phishing attack targeting an employee’s Microsoft Entra account. Attackers used the compromised account to access Salesforce environments and export consumer and business data. The attack chain is now fully established: vishing targets the identity provider, which becomes the Salesforce pivot, which becomes the large-scale data extraction event. Voice phishing defense requires moving beyond SMS authentication to managed authenticator applications with identity verification prompts sent to corporate-managed devices.

UK Visa Portal: 100,000 Passport Scans and Biometric Selfies Leaked

A third-party UK visa processing portal leaked more than 100,000 passport scans, selfies, and personal identity documents online. When journalists contacted the company, the organization responded with lawyers before engineers and the leak remained unresolved at time of reporting. Passport scans combined with biometric selfies create premium-grade fraud material enabling KYC bypasses, fake identity creation, and fraudulent financial account openings. Biometric identity data leaks should be treated as permanent compromise events requiring long-term monitoring.

Knowledge Deliver LMS: Shared ASP.NET Machine Keys Enable Mass Exploitation

A critical zero-day in the Knowledge Deliver LMS is actively deploying memory-resident Cobalt Strike payloads through watering hole attacks exploiting shared identical hardcoded ASP.NET machine keys across all deployments for unauthenticated RCE via ViewState deserialization. Organizations do not need to wait for a vendor patch: rotating ASP.NET machine keys to unique cryptographic values immediately closes the attack path. Compromised LMS platforms are being turned into active malware distribution infrastructure targeting every site visitor.

Community Bank AI Shadow Exposure: SEC Disclosure

A community bank disclosed to the SEC that an employee’s use of an unauthorized AI chatbot exposed customer names, dates of birth, and Social Security numbers. This is among the first formal regulatory disclosure events attributable to shadow AI use and it will not be the last. Employees are integrating AI tools faster than organizations can create governance policies. Without DLP enforcement and explicit AI tool approval frameworks, this incident type will proliferate across every regulated sector.

Charter + 7-Eleven + Cushman & Wakefield: The ShinyHunters SaaS Playbook Scales

The Charter breach joins 7-Eleven, Cushman & Wakefield, Aman Resorts, McGraw-Hill, and dozens of others in the same ShinyHunters Salesforce campaign. The playbook is now fully documented: voice phishing or credential theft → identity provider access → Salesforce pivot → large-scale CRM data extraction → ransom demand → public leak deadline. Salesforce environments are being systematically targeted because they contain high-value business records with weaker conditional access policies than core enterprise infrastructure.

🌐 Geopolitical & Nation-State Threats

“This breaks the assumption that cyber threats are remote only. When the digital door is closed, these actors will walk through the physical one knowing a physical confrontation is unlikely. Your traditional security controls like firewalls, EDR, and MFA provide zero protection against someone walking through your front door with a convincing story and a USB drive.”

Iranian APT Reaches LA Metro Rail Yard Control Display Systems

The March Los Angeles Metro cyberattack has been attributed to the Iranian-linked Black Shadow group, connected directly to Iran’s Ministry of Intelligence and Security. Attackers exfiltrated more than 700 gigabytes of data and reached rail yard control display systems — crossing from IT compromise into operational technology territory. OT access at a major transit system means operational disruption becomes the likely next escalation point. Segment OT and IT aggressively, remove operational systems from any internet exposure, and treat OT visibility as a crown jewel security priority.

MuddyWater Expands Across Nine Countries, Adds Aviation Targeting

Microsoft Threat Intelligence documented MuddyWater campaigns across nine countries in Q1 2026, using DLL side-loading through trusted executables including fmap.exe and SentinelOne Memory Scanner components to evade signature-based detection. A separate Iranian cluster simultaneously targeted aviation software providers through credential harvesting and social engineering — the strategy being supply chain pre-positioning: compromise the vendor first, then pivot into airlines, airports, and aerospace organizations downstream.

China-Linked Router Implant Turns Edge Devices Into Surveillance Infrastructure

A China-linked threat actor deployed a custom Linux implant (router.elf) onto edge routers across Southeast Asia, communicating over DNS-over-HTTPS, manipulating internal DNS systems, and enabling selective traffic interception through a dynamically updated targeting list called evil_fix. This is strategic surveillance infrastructure, not financially motivated malware. Compromised routers function as silent collection platforms for every device behind them. Validate router firmware integrity, monitor DNS modifications, and review unusual encrypted outbound traffic from network appliances.

Lazarus Group Deploys RemotePE Fileless RAT

North Korea’s Lazarus Group deployed a new fileless RAT called “RemotePE” targeting cryptocurrency and financial organizations. The malware executes entirely in memory, never writes to disk, uses Windows DPAPI tied to the victim environment, and dynamically loads additional DLL capabilities post-compromise. Initial access relies on Telegram social engineering, fake trading firms, cloned Calendly domains, and fraudulent meeting invitations targeting developers and analysts. Traditional file-hash-based detection is largely useless against memory-only malware. Runtime memory analysis capability is now a required detection component.

InvisibleFerret Evolves to Compiled Binaries to Evade Detection

The DPRK Void Dokkaebi cluster upgraded “Invisible Ferret” from readable Python scripts into compiled Cython binaries disguised as .pyd and .so files, bypassing many detections previously focused on Python script patterns. Distribution continues through fake developer interview technical assessment packages. Developers remain among the highest-priority targets for nation-state operations.

Europol Operation Saffron: FirstVPN Seized, 25 Ransomware Groups Disrupted

Europol’s Operation Saffron seized 33 servers tied to “FirstVPN,” allegedly used by more than 25 ransomware groups for anonymization infrastructure. The alleged Ukrainian administrator was arrested and 500 user profiles shared with international law enforcement partners. This reflects growing coordination across Europol, FBI, and international task forces operating as an increasingly coordinated operational network.

Netherlands Seizes 800 Servers From Russian Bulletproof Host

Dutch authorities seized 800 servers from Russian-linked bulletproof hosting provider “Stark Industries” (later rebranded as Work Titans / D.Hosting), tied to cyberattacks, election interference, and disinformation operations. The provider was founded April 10th, 2022, just 14 days before Russia’s invasion of Ukraine. European willingness to aggressively target state-adjacent criminal cyber infrastructure is accelerating.

Europe Accelerates Digital Sovereignty: Dutch Block U.S. Cloud Acquisition

The Dutch government blocked a U.S. IT company from acquiring Solvinity, a Dutch cloud provider hosting national digital identity infrastructure, citing concerns over digital sovereignty and exposure to U.S. legal reach. This is the third major European intervention this quarter tied to U.S. cloud ownership concerns. Organizations operating across U.S. and European markets should prepare for increased data residency requirements, regional infrastructure segmentation, and regulatory divergence. This is becoming an operational architecture issue, not political background noise.

🔐 Identity & Authentication

Kali365 MFA Bypass Platform: OAuth Device Code Abuse at Scale

The FBI issued an IC3 warning about “Kali365,” a phishing-as-a-service platform bypassing Microsoft 365 MFA through OAuth device authorization flow abuse the same flow designed for smart TVs and IoT devices. Victims authenticate normally through legitimate-looking Microsoft prompts. MFA fires successfully. Nothing appears suspicious. The attacker captures the live authentication token and gains full account access. The platform includes AI-generated phishing lures, real-time victim dashboards, automated token capture, and Telegram-based operator infrastructure. Hundreds of attacks have already targeted manufacturing, healthcare, education, government, and financial sectors. Restrict or disable device code authentication flows through Microsoft Entra conditional access policies immediately where operationally feasible.

Chinese Phishing-as-a-Service: Real-Time MFA Interception with AI Localization

Google’s Threat Intelligence Group documented Chinese-language phishing-as-a-service platforms with live OTP interception dashboards victims enter credentials, attackers receive them instantly, MFA requests are triggered in real time, OTP codes are intercepted before expiration, and payment cards are immediately provisioned into attacker-controlled digital wallets for contactless payments and ATM withdrawals. AI-driven localization removes the cultural inconsistencies that historically exposed phishing attempts, enabling region-specific language, local slang, and context-aware messages. Time-based OTP MFA is increasingly ineffective against these operations. Organizations must accelerate migration to FIDO2 authentication, passkeys, and hardware-backed authentication models.

SonicWall SMA MFA Bypass: Logs Show Success While Attackers Operate

Attackers exploiting SonicWall SMA appliances through an MFA bypass produce authentication logs that misleadingly show successful MFA validation even while unauthorized access occurs because many organizations installed the required firmware update but failed to complete the separate manual LDAP reconfiguration for full mitigation. Verify the complete remediation procedure, not just firmware version.

FBI Warns: Silent Ransom Group Physically Entering Offices

The FBI warned that the Silent Ransom Group (Luna Moth / UNC3753) is physically dispatching actors to victim organizations when digital attacks are blocked. The attack begins with someone posing as IT support requesting remote access. If refused, a person may physically arrive at the office with a USB drive to plug directly into workstations. No ransomware, no encryption direct theft followed by extortion. Firewalls, EDR, MFA, and email filtering provide zero protection against someone walking through the front door with a believable story. Physical social engineering exercises, visitor management procedures, badge systems, and USB device restrictions must now be treated as cybersecurity controls.

⚛️ Quantum, Cryptography & Policy

U.S. Government Commits $2 Billion to Quantum Computing Acceleration

The Trump administration announced approximately $2 billion in grants to accelerate quantum computing development, with IBM expected to receive nearly half the funding. Researchers now estimate cryptographically relevant quantum capabilities could emerge as early as 2027–2030. Banking infrastructure, military communications, TLS encryption, VPNs, secure messaging, and cryptocurrency all rely on cryptographic systems vulnerable to quantum attacks. NIST finalized post-quantum cryptographic standards last year. Organizations still treating post-quantum migration as future planning are underestimating how quickly this timeline is compressing. Begin crypto-agility inventory and post-quantum migration planning now.

India Mandates 12-Hour Critical Vulnerability Patching

India’s CERT issued a framework mandating 12-hour patching timelines for critical internet-facing vulnerabilities, explicitly citing AI-assisted exploit generation and automated attack surface mapping as justification. Critical internet-facing vulnerabilities: patch within one day. High-value internal systems: three days. High-severity vulnerabilities: five days. This directly reflects the operational reality practitioners are experiencing: the 30-day patching model is becoming obsolete. Organizations should begin compressing remediation timelines for internet-facing critical systems to match the actual exploitation windows they are now operating within.

Supreme Court Prepares to Rule on Digital Privacy: Chatrie v. United States

The U.S. Supreme Court is expected to rule within weeks on Chatrie v. United States, a case centered on geofence warrants. The core question: can law enforcement compel technology companies to identify every user present in a geographic area during a specific timeframe? The ruling could fundamentally shape future legality around reverse keyword searches, search history warrants, AI conversation history access, and bulk behavioral surveillance requests. This may become the most consequential digital privacy ruling since Carpenter v. United States. Review organizational data retention policies ahead of evolving digital privacy requirements.

KimWolf Botnet Operator Arrested in Canada: 1 Million Devices, 30 Terabit Attacks

Canadian authorities arrested 23-year-old Jacob Butler, alleged operator of the KimWolf DDoS-for-hire botnet over one million infected devices globally, attacks exceeding 30 terabits per second, individual victim losses exceeding $1 million. Case built through IP address correlation, financial transaction tracing, messaging platform analysis, and infrastructure linkage. Attribution sophistication in cybercrime enforcement continues improving globally.

FIFA World Cup Ghost Stadium Fraud: 3,500 Malicious Domains

Researchers uncovered “Ghost Stadium” over 3,500 malicious domains targeting FIFA World Cup fans globally with fake login portals, fraudulent ticket sales, counterfeit merchandise, fake streaming sites, and credential harvesting campaigns. Over 2,500 FIFA account credentials already circulating; 170,000 infostealer logs reference FIFA-related accounts. The phishing kits support eleven languages and leverage Meta advertising infrastructure. Security teams should proactively educate employees and customers about official ticketing channels, fake streaming scams, and credential reuse risks before the tournament begins.

CrowdStrike and Google Disrupt GlassWorm Botnet

CrowdStrike, Google, and ShadowServer Foundation successfully disrupted all four GlassWorm C2 channels. The botnet spreading through trojanized VS Code extensions using Unicode variation selectors to hide malicious code in legitimate source files leveraged VPS infrastructure, Google Calendar covert channels, BitTorrent P2P communication, and Solana blockchain backup channels. Attribution evidence suggests Russian operational origins. Modern botnet infrastructure is increasingly multi-channel, decentralized, and blockchain-aware.

Void Botnet: Ethereum Smart Contracts as C2 — Second Blockchain-Based Architecture This Year

The “Void” malware-as-a-service platform uses Ethereum smart contracts for C2 infrastructure, making the command layer decentralized and resistant to traditional takedown operations. This is the second blockchain-based C2 architecture identified this year. Ethereum RPC monitoring must be added to network detection programs.

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Patch Ghost CMS to version 6.20.0 and audit all content for injected scripts — Harvard, Oxford, and major institutional domains are confirmed compromised

• Patch Ubiquiti UniFi OS across all deployments and move all management interfaces behind VPNs or isolated management VLANs immediately

• Restrict or disable Microsoft Entra device code authentication flows via conditional access policies — Kali365 is actively exploiting this at scale

• Apply Trend Micro Apex One patch before the June 4 CISA KEV federal deadline and review privileged admin access paths

• Rotate ASP.NET machine keys on all Knowledge Deliver LMS deployments — this closes the active exploitation path without waiting for a vendor patch

• Apply Microsoft SharePoint out-of-band patch CVE-2026-45659 within 48 hours — authenticated any-user RCE via deserialization

• Audit CI/CD logs for Megalodon-related commits since May 18 and rotate all exposed AWS, Azure, GCP, SSH, Kubernetes, and database credentials

• Deploy runtime memory analysis capabilities — Lazarus RemotePE fileless RAT has zero disk footprint and bypasses file-hash detection entirely

• Develop FIFA World Cup security awareness materials for employees and customers before tournament begins`

Short-Term (This Month)

• Implement USB device restrictions and physical visitor management protocols — Silent Ransom Group is physically entering offices

• Enable 2FA-gated npm publishing for all critical package dependencies and begin requiring it from upstream maintainers

• Restrict software downloads to official vendor domains only and monitor for unauthorized ScreenConnect or AnyDesk installations

• Audit npm dependencies across all AI development environments for unauthorized packages targeting AI session files

• Migrate financial and high-value workflows toward FIDO2 and passkeys — time-based OTP MFA is being defeated in real time

• Audit exposed RDP and FortiOS patching status specifically targeting NightSpire ransomware entry vectors

• Validate router firmware integrity and monitor DNS configuration changes for China-linked router implant indicators

• Monitor DLL side-loading activity involving signed binaries from SentinelOne, Fortinet, and other trusted vendors

• Establish AI governance framework including shadow AI detection and DLP controls targeting AI chatbot interactions

Strategic (This Quarter)

• Begin crypto-agility inventory and post-quantum cryptography migration planning — $2 billion U.S. quantum investment signals accelerating timeline

• Compress vulnerability remediation SLAs for internet-facing critical systems — India’s 12-hour mandate reflects current actual exploitation windows

• Require CVE assignment and public disclosure from all AI vendors with privileged developer environment access — Anthropic’s silent Claude Code patches set the wrong precedent

• Conduct physical social engineering tabletop exercises including front desk verification procedures and USB device handling

• Prepare board-level briefings on European digital sovereignty risk and potential data residency requirements affecting transatlantic operations

• Build peer-to-peer lateral communication hunting capability — Turla Kazuar and GlassWorm both use P2P to stay invisible to outbound-only monitoring

• Review organizational data retention policies ahead of imminent Supreme Court digital privacy ruling in Chatrie v. United States

Leave a comment

🎙️ James Azar’s CISO’s Take

When I look across all four episodes this week, the defining story is operational speed and the widening gap between how fast attackers are moving and how fast most organizations are structured to respond. Megalodon hit 5,561 repositories in six hours. Mythos exploited a 17-year-old vulnerability autonomously from discovery to root access. Ubiquiti pushed three perfect-10 CVEs that require no credentials and minimal effort. And Kali365 is selling 24/7 MFA bypass as a subscription service. The organizations that will survive this environment are the ones that have accepted the old 30-day remediation model is no longer operationally valid and have rebuilt their patch and response cadences around the actual exploitation timelines they are facing. India’s 12-hour mandate is not aspirational it is a description of the current reality for internet-facing critical infrastructure.

The second takeaway is that the attack surface has genuinely gone multi-domain in ways that security programs built for purely digital threats are not designed to handle. Iranian actors are inside transit control systems. Criminals are physically entering offices with USB drives when digital vectors fail. AI chatbots are recommending malware. And the Lazarus Group’s fileless RAT has no disk presence at all — meaning endpoint security programs built around file detection are structurally blind to it. The organizations that adapt will be the ones that extend security thinking across physical access, runtime memory analysis, AI governance, supply chain validation, and developer ecosystem hygiene simultaneously. Because attackers are already operating across all of those domains at once.

Stay Cyber Safe. 🔐

We’re approaching the halfway point of the year, and honestly, from a cybersecurity perspective, the outlook isn’t getting any prettier.

Today’s episode had one major theme running through nearly every story we covered:
👉 The attack surface has officially gone fully multi-domain.

We’re no longer talking about isolated phishing emails or standalone ransomware attacks. We’re talking about Iranian state actors inside transit systems, criminals physically showing up at law firms with USB drives, Chinese phishing platforms intercepting MFA in real time, AI chatbots unknowingly recommending malware, and supply chain compromises specifically targeting AI development environments.

Meanwhile, governments are responding with increasingly aggressive policies from India mandating twelve-hour patching timelines to U.S. Cyber Command reviewing its operational structure as the gap between vulnerability disclosure and exploitation continues collapsing.

Double espresso in hand this morning, using Café Elite capsules straight from Israel, by the way, and coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s threat landscape demonstrates that cybersecurity is no longer confined to digital-only operations. Threat actors are blending cyber intrusion, physical access operations, AI-assisted exploitation, real-time MFA interception, and infrastructure targeting into coordinated attack campaigns that move far faster than traditional enterprise defense cycles were designed to handle.

At the same time, AI is becoming both an offensive and defensive force multiplier. Attackers are leveraging AI for phishing localization, malware generation, and social engineering enhancement, while defenders are struggling to operationalize security fast enough to keep pace. The organizations that survive the next phase of cyber conflict will be the ones capable of compressing detection, patching, and response timelines dramatically.

📰 Top Stories & Deep Dive Analysis

🚇 Iranian State-Linked Hackers Connected to LA Metro Cyberattack

One of the biggest stories today involved the cyberattack against Los Angeles Metro back in March, which has now been attributed by Israeli cyber resilience firm Gambit to the Iranian-linked threat group Black Shadow. Israeli intelligence and the National Cyber Directorate have tied the group directly to Iran’s Ministry of Intelligence and Security, the same ecosystem associated with MuddyWater operations.

The attackers reportedly exfiltrated more than 700 gigabytes of data and reached rail yard control display systems, meaning this was not simply an IT compromise, it crossed directly into operational technology territory.

That distinction matters because once attackers touch transit control environments, operational disruption becomes the likely next escalation point. Transit systems, utilities, and public infrastructure are increasingly becoming strategic targets because disruption there creates both economic and psychological impact simultaneously.

The lesson here for critical infrastructure operators is painfully clear:

• Segment OT and IT aggressively

• Remove operational systems from direct internet exposure

• Use data diodes or unidirectional gateways where possible

• Treat OT visibility as a crown jewel priority

If attackers can reach control systems, the conversation is no longer about data theft, it becomes about operational disruption and public safety.

🚪 FBI Warns of Criminals Physically Entering Offices to Steal Data

The FBI issued a warning that the Silent Ransom Group—also known as Luna Moth or UNC3753—is escalating beyond traditional phone-based phishing attacks and now physically dispatching actors to victim organizations.

The attack flow begins with someone posing as internal IT support requesting remote access. If the target refuses, attackers may then send a person physically to the office carrying a USB drive to plug directly into workstations and steal data onsite.

No ransomware. No encryption.
Just direct theft followed by extortion.

This completely breaks the assumption that cyber threats are purely remote. Organizations invest heavily in:

• Firewalls

• EDR

• MFA

• Email filtering

But none of those controls stop someone walking through the front door with a believable story and a malicious USB device.

"This breaks the assumption that cyber threats are remote only. When the digital door is closed, these actors will walk through the physical one knowing a physical confrontation is unlikely. Your traditional security controls like firewalls, EDR, and MFA provide zero protection against someone walking through your front door with a convincing story and a USB drive." James Azar

This is where physical security and cybersecurity finally converge operationally. Front desk procedures, visitor management, badge systems, camera coverage, and employee verification training become cybersecurity controls now, not just facilities functions.

Security teams should strongly consider running physical social engineering exercises as part of tabletop scenarios moving forward.

💳 Chinese Phishing-as-a-Service Platforms Bypassing MFA in Real Time

Google’s Threat Intelligence Group published research showing Chinese-language phishing-as-a-service platforms have evolved into fully operational real-time MFA interception systems targeting digital wallet fraud. The way these attacks work is operationally sophisticated:

• Victims enter credentials into phishing portals

• Attackers instantly receive them through live admin dashboards

• MFA requests are triggered in real time

• OTP codes are intercepted before expiration

• Payment cards are immediately provisioned into attacker-controlled digital wallets

The result is instant fraud capability through:

• Contactless payments

• ATM withdrawals

• High-value transactions

What’s accelerating these campaigns further is AI-driven localization. AI now removes the awkward phrasing, cultural inconsistencies, and translation artifacts that historically exposed many phishing attempts. Attackers can now generate:

• Region-specific language

• Local slang

• Native writing styles

• Context-aware social engineering messages

This is why time-based OTP MFA is rapidly losing effectiveness against sophisticated phishing operations. Organizations should aggressively move toward:

• FIDO2 authentication

• Passkeys

• Hardware-backed authentication models

because traditional OTP workflows are increasingly being defeated at scale.

⚽ FIFA World Cup Fraud Campaign Expands Across 3,500 Domains

With the FIFA World Cup only weeks away, researchers uncovered a massive fraud ecosystem called “Ghost Stadium” involving over 3,500 malicious domains targeting fans worldwide. The operation includes:

• Fake FIFA login portals

• Fraudulent ticket sales

• Counterfeit merchandise stores

• Fake streaming sites

• Betting scams

• Credential harvesting campaigns

Researchers identified more than:

• 2,500 FIFA account credentials already circulating

• 170,000 InfoStealer logs referencing FIFA-related accounts

The sophistication of the phishing kits is significant. They are pixel-perfect clones supporting eleven languages and multiple Chinese dialect variants while leveraging Meta advertising infrastructure to drive traffic.

This matters operationally because global events like the World Cup create emotional urgency and excitement that attackers weaponize extremely effectively.

Security teams should proactively educate employees and customers about:

• Official ticketing channels

• Fake streaming scams

• Credential reuse risks

• Financial fraud patterns

This is a major opportunity for security teams to build trust with users through practical education instead of fear-based awareness alone.

🤖 AI Chatbots Recommending Malware-Infected Software

Microsoft researchers documented an active cryptojacking campaign where attackers poison AI chatbot recommendations to steer users toward malware-laced software downloads. Victims asking AI tools for download recommendations are redirected toward malicious versions of:

• CrystalDiskInfo

• HWMonitor

• FurMark

• Display Driver Uninstaller

• K-Lite Codec Pack

The targeting is deliberate because these utilities are popular among users with high-performance GPUs, ideal systems for cryptocurrency mining malware. The payloads establish persistence using ScreenConnect and provide remote access capabilities that can later escalate into:

• Data theft

• Ransomware deployment

• Additional malware staging

This is a major shift:
👉 AI chatbots themselves are becoming attack surface infrastructure.

Users increasingly trust AI-generated recommendations as authoritative, which gives attackers a new high-trust distribution channel.

Organizations should reinforce policies requiring software downloads only from official vendor domains and aggressively monitor for unauthorized remote management tools like ScreenConnect.

📦 Malicious npm Package Stealing Anthropic Cloud AI Session Files

Researchers at Aikido Security discovered a malicious npm package called mouse5212-superformatter specifically engineered to steal Anthropic Cloud AI session files from developer environments. Once installed, the malware:

• Authenticates into GitHub repositories

• Recursively uploads AI session data

• Steals cloud code session information

• Harvests outputs and uploads directories

The package was downloaded hundreds of times before detection. What’s especially interesting is that the attacker accidentally embedded their own GitHub token into the malware, leading researchers to speculate the package itself may have been AI-assisted malware generated without proper operational security review.

This highlights a rapidly emerging risk:
👉 AI development environments now sit in deeply trusted positions with broad filesystem and credential access.

Compromising one malicious dependency can expose everything the AI tooling has ever touched.

Organizations building AI workflows should aggressively audit:

• npm dependencies

• AI development environments

• File access patterns within /mnt/userdata directories

🛡️ CrowdStrike and Google Disrupt GlassWorm Botnet

In one of the few positive stories today, CrowdStrike, Google, and the ShadowServer Foundation successfully disrupted all four command-and-control channels tied to the GlassWorm botnet.

GlassWorm originally spread through trojanized VS Code extensions and used Unicode variation selectors to invisibly hide malicious code inside seemingly legitimate source files. The infrastructure was remarkably resilient, leveraging:

• VPS infrastructure

• Google Calendar covert channels

• BitTorrent peer-to-peer communication

• Solana blockchain backup channels

Attribution evidence strongly suggests Russian operational origins. The story is important because it demonstrates how modern malware is increasingly:

• Multi-channel

• Decentralized

• Blockchain-aware

• Supply-chain-focused

Botnets are evolving operational resilience faster than many traditional detection models are adapting.

🇮🇳 India Mandates 12-Hour Critical Vulnerability Patching

India’s CERT issued a new cybersecurity framework mandating twelve-hour patching timelines for critical internet-facing vulnerabilities. The guidance specifically cites:

• AI-assisted exploit generation

• Automated attack surface mapping

• AI-enhanced phishing

• Rapid exploit weaponization

as justification for dramatically compressed remediation timelines. The framework now requires:

• Critical internet-facing vulnerabilities patched within one day

• High-value internal systems within three days

• High-severity vulnerabilities within five days

This directly aligns with what many practitioners are already experiencing operationally:
👉 The old thirty-day patching model is becoming operationally obsolete.

Attackers are exploiting vulnerabilities far too quickly for traditional remediation cadences to remain effective.

🎯 Key Takeaway

👉 The attack surface has evolved into a fully blended cyber, physical, AI-assisted, and operational battlefield—and traditional defensive timelines are collapsing under the pressure.

🛠️ Action Items for Security Leaders

• 🚇 Segment OT and IT environments aggressively in critical infrastructure

• 🚪 Implement stronger visitor verification and USB device restrictions

• 💳 Move financial workflows toward FIDO2 and passkey authentication

• ⚽ Educate employees and customers about FIFA-related fraud campaigns

• 🤖 Restrict software downloads to official vendor domains only

• 📦 Audit npm dependencies across AI development environments

• 🛡️ Monitor developer tooling for unauthorized VS Code extensions

• 🇮🇳 Compress vulnerability remediation timelines for internet-facing systems

• 🔍 Conduct physical social engineering tabletop exercises

• ⚡ Treat AI chatbot recommendations as untrusted input unless validated

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how quickly the definition of cybersecurity is changing operationally. We’re no longer dealing with isolated technical attacks. We’re seeing blended operations involving AI-assisted phishing, physical intrusion attempts, operational technology targeting, and supply chain compromise all happening simultaneously. Attackers are adapting faster than many enterprise security programs are structurally capable of responding.

The second major takeaway is around speed. India’s twelve-hour patching mandate reflects what many security practitioners already know internally but haven’t fully operationalized yet: the time between vulnerability disclosure and active exploitation is collapsing. Organizations still operating on thirty-day remediation cycles for critical systems are increasingly taking on unacceptable operational risk. Security programs need to evolve toward rapid-response operational models because attackers already have.

🔥 Stay Cyber Safe.

Welcome to episode 1,114 of the podcast, and honestly, seeing that number this morning felt pretty surreal. Over a thousand episodes later, and the cyber world still somehow finds new ways to make us all question humanity before our first espresso.

Today’s episode painted a very consistent picture across every single story we covered. Attackers are operating faster, more aggressively, and with clearer operational discipline than many organizations defending against them. Whether it was ShinyHunters putting Charter Communications on a ticking leak deadline, Iranian APTs quietly expanding campaigns across aviation and enterprise environments, or Chinese operators turning routers into silent surveillance platforms, the underlying issue remains the same: defenders are still treating many cyber incidents like administrative processes while attackers are treating them like wartime operations.

And somewhere in the middle of all of that, Europe continues accelerating toward digital sovereignty separation from the United States, creating a geopolitical and operational challenge that security leaders can no longer afford to ignore.

Double espresso in hand. Coffee cup cheers, gang. Let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s threat landscape reflects an operational speed problem more than a technology problem. Organizations continue struggling with:

• Slow remediation cycles

• Weak identity verification controls

• Legacy trust assumptions

• Poor visibility into edge infrastructure

• Overreliance on communication management instead of technical containment

Meanwhile, attackers are chaining together social engineering, cloud compromise, remote administration tooling, DLL side-loading, and infrastructure persistence with increasing efficiency.

The result is a cybersecurity environment where vulnerabilities are becoming twenty-four-hour operational crises while many enterprises still manage them through thirty-day governance workflows.

📰 Top Stories & Deep Dive Analysis

📡 Charter Communications Confirms Massive ShinyHunters Breach

Charter Communications confirmed that the ShinyHunters extortion group breached company systems and allegedly stole approximately 42 million customer records following a voice phishing attack targeting an employee’s Microsoft Entra account.

According to Charter, the attackers leveraged the compromised account to access Salesforce environments and export large amounts of consumer and business data. While the company claims that highly sensitive customer proprietary network information was not exposed, ShinyHunters disputes that assessment and issued a public leak deadline tied to extortion negotiations.

Even if highly sensitive data was excluded, the exposed information still represents a major operational risk. Names, emails, phone numbers, and account-related details become highly effective fuel for:

• Credential stuffing

• SIM swap targeting

• Spear phishing

• Social engineering campaigns

One of the most important lessons here is around voice phishing defense. Many organizations still rely on weak help desk verification processes and SMS-based authentication. Managed authenticator applications combined with identity verification prompts sent directly to corporate-managed devices significantly reduce the success rate of these attacks.

This is another reminder that identity workflows remain one of the weakest operational links inside many enterprises today.

🎓 Knowledge Deliver LMS Zero-Day Deploying Cobalt Strike

A critical zero-day vulnerability affecting the Knowledge Deliver learning management platform is actively being exploited to deploy memory-resident Cobalt Strike payloads through watering hole attacks.

The vulnerability exists because every deployment shared identical hardcoded ASP.NET machine keys. That means attackers can perform unauthenticated remote code execution across virtually every vulnerable deployment through ViewState deserialization.

The attack chain itself is layered:

• Initial unauthenticated RCE

• In-memory Godzilla webshell deployment

• Malicious JavaScript injection into the front end

• Fake browser security warning overlays

• User tricked into installing a “security plugin”

• Cobalt Strike beacon deployment

The result is that compromised LMS platforms become active malware distribution infrastructure targeting every visitor to the site.

What makes this especially frustrating is that organizations do not need to wait for a vendor patch cycle to mitigate the issue. Immediate rotation of ASP.NET machine keys to strong unique cryptographic values effectively closes the attack path.

This story highlights how devastating configuration management failures continue to be across enterprise environments.

🏢 Microsoft Drops Emergency SharePoint RCE Patch

Microsoft released an out-of-band patch for CVE-2026-45659, a SharePoint Server remote code execution vulnerability affecting:

• SharePoint Server Subscription Edition

• SharePoint 2019

• SharePoint 2016

The flaw stems from unsafe deserialization of untrusted data and can be triggered by any authenticated user with basic “site member” permissions.

“Attackers are treating vulnerabilities like twenty-four-hour opportunities while too many organizations still treat them like thirty-day tickets.” James Azar

That detail matters enormously because in many enterprises, “site member” effectively means almost every employee.

No administrator privileges are required, no user interaction is necessary after authentication, and Microsoft’s decision to release the patch outside its normal cycle strongly suggests elevated exploitation concern.

Organizations with internet-facing SharePoint deployments should prioritize remediation immediately, while internally exposed environments should still be patched within forty-eight hours. Monitoring SharePoint ULS logs for deserialization-related anomalies should also become a priority.

The larger issue here is operational exposure created by over-trusted internal users. Modern enterprise attack surfaces increasingly assume authenticated insider access as the starting point, not the endpoint.

💀 NightSpire Ransomware Expands Across 28 Industries

The NightSpire ransomware group has now impacted 175 organizations across twenty-eight industries since early 2025, including hospitals, schools, financial institutions, and government agencies.

What stands out about NightSpire is how operationally efficient the group has become by relying almost entirely on legitimate software rather than noisy custom malware.

Their typical intrusion path includes:

• Exposed RDP services

• Exploitation of FortiOS vulnerabilities

• Chrome Remote Desktop

• AnyDesk

• 7-Zip

• MegaSync cloud exfiltration

The group’s strategy is simple but effective:
👉 Blend into legitimate operational activity and avoid triggering traditional EDR alerts.

This reflects a larger trend across ransomware operations where attackers increasingly weaponize trusted enterprise tools rather than deploying easily identifiable malware families. Organizations should aggressively audit:

• Externally exposed RDP

• Unauthorized remote administration software

• Unexpected cloud synchronization tooling

• FortiOS patching status

🇮🇷 Iranian APT Activity Expands Across Enterprise and Aviation Targets

Microsoft Threat Intelligence published updated findings on MuddyWater campaigns targeting organizations across nine countries during the first quarter of 2026. The group refined its DLL side-loading tradecraft using trusted executables such as:

• fmap.exe

• SentinelOne Memory Scanner components

to load malicious DLLs while avoiding many traditional signature-based endpoint detections. The attackers also expanded use of:

• Chrome credential theft tooling

• Node.js-based payload delivery

• PowerShell execution chains

At the same time, a separate Iranian threat cluster launched targeted campaigns against aviation software providers through credential harvesting and social engineering operations.

The strategy appears focused on supply chain pre-positioning:
👉 Compromise the software vendor first, then pivot downstream into airlines, airports, and aerospace organizations later.

DLL side-loading continues to represent one of the hardest detection problems for many enterprises because attackers operate inside otherwise legitimate processes.

Behavioral monitoring and parent-child process analysis become essential in this type of environment.

🇨🇳 China-Linked Linux Implant Turns Routers Into Surveillance Infrastructure

A China-linked threat actor deployed a custom Linux implant called router.elf onto edge routers across Southeast Asia.

Once installed, the implant:

• Communicates over DNS-over-HTTPS

• Manipulates internal DNS systems

• Redirects downstream traffic

• Enables selective interception and surveillance

The malware reportedly references a dynamically updated targeting list called evil_fix, allowing operators to selectively hijack traffic destined for specific services or users.

This is not financially motivated malware.
This is strategic surveillance infrastructure.

Compromised routers effectively become silent collection platforms for every device and connection behind them. Organizations should validate firmware integrity, monitor DNS modifications carefully, and review unusual outbound encrypted traffic originating from network appliances.

🇳🇱 Europe Accelerates Digital Sovereignty Separation

The Dutch government blocked a U.S. IT company from acquiring Solvinity, a Dutch cloud provider hosting the country’s national digital identity infrastructure, citing concerns over digital sovereignty and exposure to U.S. legal reach.

This marks the third major European intervention this quarter tied directly to concerns over U.S. ownership of sensitive cloud infrastructure. The geopolitical implications are becoming increasingly important for CISOs and enterprise leadership teams. Organizations operating across both U.S. and European markets should begin preparing for:

• Increased data residency requirements

• Regional infrastructure segmentation

• Regulatory divergence

• Potential restrictions around transatlantic cloud ownership

This is no longer theoretical political discussion—it is becoming an operational architecture issue.

📄 UK Visa Portal Leaks 100,000 Passports and Selfies

A third-party UK visa processing portal leaked more than 100,000 passport scans, selfies, and personal identity documents online.

The most infuriating detail in the story was the company’s response. When journalists contacted them regarding the exposure, the organization reportedly responded with lawyers instead of engineers.

“When a company responds to a breach with lawyers before engineers, you already know the problem is bigger than the leak.” James Azar

At the time of reporting, the leak remained unresolved.

Passport scans combined with biometric selfies create premium-grade fraud material capable of supporting:

• KYC bypasses

• Fake identity creation

• Fraudulent financial account openings

• Long-term identity theft

This story perfectly captures one of the industry’s biggest operational failures:
Too many organizations still treat cybersecurity incidents as communications crises first and technical crises second.

Attackers move at machine speed. Lawyers do not patch servers.

🎯 Key Takeaway

👉 The organizations succeeding in cybersecurity today are treating vulnerabilities and incidents like operational emergencies—not governance exercises.

🛠️ Action Items for Security Leaders

• 📡 Deploy managed authenticator workflows to reduce voice phishing exposure

• 🎓 Rotate ASP.NET machine keys immediately on vulnerable LMS deployments

• 🏢 Patch SharePoint environments within forty-eight hours or less

• 💀 Restrict unauthorized remote administration tooling like AnyDesk and Chrome Remote Desktop

• 🇮🇷 Monitor DLL side-loading behaviors involving trusted binaries

• ✈️ Audit aviation-related vendor access and third-party software trust chains

• 🇨🇳 Validate router firmware integrity and DNS configuration changes

• 🇱🇹 Review sensitive government and property database access logging

• 🌍 Begin board-level conversations around European data sovereignty risk

• 📄 Treat biometric identity data leaks as permanent compromise events requiring monitoring

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how operationally disciplined attackers have become compared to many enterprises defending against them. Whether it’s ShinyHunters, Iranian APTs, or Chinese surveillance operators, these groups are moving quickly, chaining together trusted tooling, cloud access, remote administration software, and infrastructure persistence with clear intent and urgency. Meanwhile, many organizations are still struggling to operationalize rapid containment and response at the same pace.

The second major takeaway is that cybersecurity is increasingly becoming tied directly to geopolitics and infrastructure sovereignty. Europe’s movement toward digital separation from U.S. cloud ownership isn’t just regulatory theater anymore, it’s beginning to influence enterprise architecture, acquisition strategy, and long-term operational planning. Security leaders should be preparing their organizations now for a future where technology trust boundaries may increasingly align with political and geographic borders.

🔥 Stay Cyber Safe.