HomeWeekly DigestsThis Week
LiveThreat Threat Intelligence

Weekly Threat Intelligence Digest — Jun 22 to Jun 29, 2026

Weekly threat intelligence digest from 511 items (21 critical, 269 high).

June 29, 2026 511 articles analyzed
LIVETHREAT WEEKLY THREAT DIGEST June 22 – June 29, 2026 This week the data reinforced a shift we’ve been watching: attackers are bypassing front‑door defenses by moving through trusted third parties and privileged accounts. Supply‑chain breaches – from the Texas Parks & Wildlife licensing vendor to the Klue OAuth token compromise that exposed LastPass customer data – accounted for the largest share of incidents. At the same time, a wave of zero‑day exploits in Cisco SD‑WAN, Ubiquiti UniFi OS, and newly listed KEV flaws (Lantronix, PTC Windchill) showed that a single unpatched component can cascade across dozens of enterprises. Credential‑theft campaigns, FortiBleed and phishing laced with stolen passwords amplified the reach of these footholds. The net result is a risk landscape where access, not just vulnerability, drives impact. 👉 Access abuse through third‑party trust relationships is the dominant threat vector. 🚨 EXECUTIVE RISK SNAPSHOT * Supply‑chain is the entry point → compromised vendors, SaaS admin consoles, and MSP platforms delivered lateral movement into core environments. * Privilege determines impact → hijacked admin or service‑account credentials enabled ransomware, massive data exfiltration, and credential‑harvesting bots affecting millions. * Blind spots remain → OT/IoT devices, cloud‑native services, and fourth‑party integrations are often omitted from control inventories and audit scopes. 🔍 WHAT CHANGED THIS WEEK * Zero‑day exploitation accelerated – Cisco Catalyst SD‑WAN (CVE‑2026‑20245) and Cisco Unified CM (CVE‑2026‑20230) were weaponized months before public disclosure, compressing the window for remediation. * Credential‑theft ecosystems expanded – FortiBleed exposed 73 k FortiGate admin creds, while phishing kits targeting Microsoft 365 and WhatsApp drove large‑scale account takeovers. * Supply‑chain footholds multiplied – OAuth token theft at Klue, API‑dependency compromises in WordPress plugins, and third‑party data‑processor breaches (Texas Parks & Wildlife) showed that trust relationships are now high‑value attack surfaces. * AI‑enabled tooling surfaced – “GentleKiller” EDR‑killer and AI‑generated phishing payloads illustrate that adversaries are automating the discovery and abuse of privileged pathways. 🎯 WHERE YOU ARE MOST LIKELY EXPOSED * Cloud admin consoles – Cisco Unified CM, Cisco SD‑WAN, and Ubiquiti UniFi OS instances that lack timely patching. * Third‑party SaaS integrations – OAuth token flows (Klue/LastPass, Salesforce/CRM), WordPress plugin supply chains, and API providers such as Dify. * Managed service and MSP environments – ransomware targeting MSPs, and the “GentleKiller” framework that disables endpoint protections before payload delivery. #Compliance #SOC2 #AuditReadiness #Cybersecurity #ThreatIntel #ContinuousCompliance #LiveThreat #VerisqAI

Articles Referenced in This Digest 511 items

Advisory (130)

HighUse Android Auto? How to limit what information Gemini learns about you
HighOpenAI Limits GPT-5.6 Rollout at US Government's Request
HighMeeting Trump's 2030 Quantum Deadline Will be Expensive, Complex
HighNew License Plate Reader Tech Could Track Phones, AirPods, and Smartwatches
HighAI and Liability
HighDenmark Ordered to Pay $12M Over Huawei Equipment Removal
HighThe OT Segmentation Imperative: Why It Can't Wait Any Longer
HighSecret Service Driven to Personal Phones by Heavy Limits
HighApple’s £3B iCloud Lawsuit Could Affect 40M UK Users
HighFive Quantum Questions Every Bank CISO Should Ask
HighCERT-In’s AI Vulnerability Blueprint: Why Indian CISOs Need Machine-Speed Risk Operations in the Post-Mythos Era 
High6 Ways to Contain Enterprise Risk in Model Context Protocol
HighThe post-quantum EO is an important milestone. Now it’s time to get to work
HighCoupang’s $409M Fine Shows the Real Cost of Weak AI Governance
HighCISA Adds Four Known Exploited Vulnerabilities to Catalog
HighTrump directs federal agencies to protect US data from quantum threats
HighProfessional Athletes and Wearables
HighOnly 7% of companies are ready for the AI agents they deployed
HighBeats Studio Buds Flaw Could Let Nearby Attackers Eavesdrop on Users
MediumA privacy-first take on local malware analysis
MediumDHS chief says president has met with potential CISA nominee; agency plans to hire 600
MediumHeyPolo vs. Life360: I tried both location-sharing apps, and there's a clear winner
Medium48 hours later with the Google Home Speaker, I can't stop talking to Gemini (even if it's imperfect)
MediumLLM security advice looks solid until you check the hard cases
MediumOpenAI Unveils 'Jalapeño' Inference Chip
MediumWant a Roku alternative? These are my 4 other favorite TV OS options, and I've tried them all
MediumGerman rail services resume after wireless communications outage
MediumBest Crypto Payment Solutions for E-Commerce Businesses
MediumOTC Glucose Monitors Make Wellness Tracking More Personal — and More Complicated
MediumAnthropic rolls out Claude Tag, your new agentic AI coworker in Slack
MediumThese are the 19 best Prime Day phone deals I'd actually buy myself
MediumTrump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration
MediumWebinar: Why email security teams are drowning in alerts
MediumThis tablet solved my biggest smart home problem - and it just hit an all-time low price
MediumGoogle Sets Sept. 30 Deadline for Android Developer Verification in Four Countries
LowISC Stormcast For Monday, June 29th, 2026 https://isc.sans.edu/podcastdetail/9986, (Mon, Jun 29th)
InformationalTop Cyber Range Providers: A Comparison of 15 Leading Platforms
LowLinux Mint vs RefreshOS: I found the best distro for new users
LowPrime Day is over, but these 60+ top deals are still live (for now): Apple, Garmin, LG, more
LowPrime Day is over, but Walmart's big sale is still on: Up to 50% off laptops, TVs, & more
LowSony is still selling last year's flagship OLED TV for $600 off - and I highly recommend it
LowBest Buy's gaming deals are still live after Prime Day - Nintendo Switch, PS5, and more
LowOpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
LowBest Buy has a 98-inch Hisense TV for under $1,000 - here's why it's worth considering
LowThis smart rechargeable fan has been a lifesaver this summer (and it's only $60)
InformationalDigital sovereignty at the UN: Inside the global push to replace US cloud giants with open-source tech
LowOur lab tests prove the deals on these 5 Prime Day winners are worth the money
LowThe most popular products during Amazon Prime Day 4: JBL and Bose speakers, Garmin watches, and more
LowThis massive 8TB SanDisk SSD is $1,200 off at Best Buy - but not for long
LowHHS Agencies Flesh Out Priorities for Healthcare AI
Low8 Top SAST Tools for Polyglot Monorepos and Platform Engineering in 2026
LowRobinhood Cuts Access Approval Time to Support High-Velocity Development
InformationalCisco Adds NHI to Security Stack With Astrix, WideField Acquisitions
InformationalMicrosoft Extends Windows 10 Security Updates to 2027
LowThe 35+ best Sam's Club deals competing with Prime Day 2026 (including a $15 membership)
LowThe best last minute Prime Day smartwatch and fitness tracker deals I recommend right now
LowBest last minute Prime Day Apple deals I found for MacBooks, iPads, AirPods, and more
LowHow I use Siri mode in the iOS 27 Camera app to ask questions about anything I see
InformationalThreatModeler introduces Nexus to automate threat modeling with AI governance
InformationalZeroTier Quantum RC2 brings post-quantum security closer to general availability
InformationalCritical open-source projects get a new security framework
LowAll MacBooks and iPads hit with surprise price hikes - even the Neo wasn't safe
InformationalYour Windows 10 PC just quietly got another year of free support - but why?
LowWith Apple prices going up, this is the last chance to get a MacBook Neo at $590
LowThe $25 Fire TV Stick is my favorite Prime Day purchase yet
InformationalTwo CEOs on why security and AI readiness belong together
InformationalUnlocking the Cloudflare app ecosystem with OAuth for all
InformationalUpwind Security Brings AI Visibility to the Endpoint, Unifying Cloud and Device Security
LowSnyk Reportedly Cuts 90 Jobs to Accelerate AI Strategy
LowPrime Day ends soon: We hand-picked the 95+ best deals still live, before they disappear
InformationalBlackLine enhances Agentic Financial Operations Platform with CFO-focused AI oversight tools
InformationalVeritone introduces Assess to streamline evidence analysis and compliance reviews
InformationalControlMonkey connects backup visibility with cloud recovery readiness
InformationalMitiga unveils Agentic Runtime Security for cloud, SaaS, identity, and AI protection
InformationalThe Four Elevations of Effective Fraud Prevention
InformationalMicrosoft a Leader in The Forrester Wave™ for Endpoint Management Platforms
LowYour DLP Incident Backlog Owes You Closure
Informational70% of companies deploying customer service AI agents see ROI in 60 days
LowThis coin-sized flash drive gives my laptop double the storage space - and it's $25 off
LowI found the best Prime Day alternative deals from Best Buy, Target, Walmart, Sam's Club, and more
Informational12 rules of agentic AI for successful enterprise transformation
InformationalWhat your next cyber insurance renewal will demand
LowBest practices for AI in open-source work
LowGoogle releases new privacy controls for activity history, personalization
InformationalCNAPP evolution: How Microsoft aligns with leading cloud risk management platforms
LowAnthropic Launches Claude Tag, Bringing AI Agents Into Slack
InformationalAdvancing Product Security: New IoT Guidance and New Engagement
LowI've been reviewing laptops for years: These are my 25 favorite Prime Day laptop deals
LowThe best Costco deals to compete with Prime Day: TVs, Apple devices, and more
Low10 of the best Prime Day Lenovo laptop deals, vetted by hands-on reviews
LowIt's Prime Day 2: Our editors hand-picked the 90+ best deals and are tracking them live
InformationalBrinqa BYOAI lets organizations use any AI platform with trusted risk data
LowGoogle Workspace expands password reset alerts to all admins
InformationalSuperOps and Guardz bundle IT operations and security into one product for MSPs
InformationalAnthropic’s Claude Tag gives AI agents independent identities
InformationalUsing SASE in a Modern TIC 3.0 Solution
InformationalPolicy as Code: From Documents to Machine Intelligence
InformationalHow AI Governance Protects Patient Care and Sensitive Data
InformationalThe New Boardroom Mandate: Building Barriers to Limit Cyber Impact
InformationalHow FDA's Draft Guidance Shapes AI Medical Device Safety
InformationalAddressing Quantum Readiness in Healthcare Security
LowWhy Security Firm Varonis Is Eyeing a Sale to Private Equity
InformationalPreparing Education Institutions for the Next Wave of Generative AI
LowThis Switch 2 bundle includes a free game during Prime Day - but it won't last long
Low3 ways the new Steam Machine could be a huge win for Linux
LowMy favorite color e-reader is at the lowest price I've ever seen it for Prime Day
LowI replaced Google Search with DuckDuckGo and Perplexity - my results were noticeably better
LowThis tablet replaced both my iPad and Kindle, and it's 40% off on Amazon right now
InformationalProduct showcase: How to evaluate AI SOC platforms and where Prophet AI leads
InformationalPraxen: Open-source AI agent behavior verification
LowWindows 11 KB5095093 update rolls out new Point-in-Time restore feature
InformationalInternet Society Foundation Opens Global Call for Common Good Cyber Fund to Strengthen Cybersecurity 
InformationalThe 10-step phone security tune-up you should run every year - and why
LowJune Prime Day live blog 2026: We're tracking Amazon deals on SSDs, TVs, laptops and more
InformationalOpenAI wants AI to fix vulnerabilities, not just find them
InformationalMavenir turns NOC knowledge into automation for autonomous networks
InformationalHack The Box adds crisis simulations and SOC training to strengthen cyber readiness
Informational3 Paths to Upgrade Windows 11 before 24H2 End of Servicing (EOL)
InformationalMukesh Ambani’s Reliance AI Roadmap Puts Jio CallAgent Inside the Network
LowI tested Android 17 on my Pixel 9 Pro - its app bubbles are a multitasker's dream
LowI got a Fire TV Stick this Prime Day - here are other streaming deals I'm watching
InformationalCNAPP’s New Normal: Hyper-Prioritization and Autonomous Remediation at Cloud Scale
Informational5 Reasons Symantec® CBX Delivers Total Endpoint Visibility
LowOne of the smallest power stations we've tested charges incredibly fast - and it's $120 off
LowAmazon just dropped the price of this 2TB Samsung SSD to 42% off - and it's seriously fast for PC
LowThis is the smartwatch most iPhone users should buy (and it's $120 off)
LowJune Prime Day live blog 2026: We're tracking Amazon deals on SSDs, TVs, laptops and more
LowAmazon is selling Garmin watches for up to $350 off - and I recommend these models
LowThe newest AirTag just dropped to $24 for Prime Day - and it's a steal
LowMicrosoft says Windows 11 26H2 is coming soon, details upgrade process

Breach (44)

CriticalA Hack Too Far? Report Ties Russia to Jaguar Land Rover Hit
HighKDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPs
HighAnonymous-Linked Hacktivist Aubrey Cottle Jailed Over Texas GOP Cyberattack
HighData breach exposes up to 14.2 million email logins at six ISPs
HighSysco - 2,691,852 breached accounts
HighThird-Party Breaches Teach Education Sector a Costly Lesson in Vendor Risk
HighMalware-Laced USBs Breach Japanese Military Networks
HighHackers Claim French Employment Leak Exposes Over 1M Records, Health Data
HighThird-Party Breach at Polymarket Leads to $2.94M Crypto Theft
HighActivist Phone Hacked With Cellebrite After Russia Contract Cancellation
HighRussia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff
HighAmerican Tower - 216,601 breached accounts
HighOne Million Passports Leaked Online
High Elite network says it was hacked after members’ personal data was left exposed
HighNathan Austad Pleads Guilty in DraftKings Hacking Scheme, Gets 18 Months
HighSuspected Cyberattack Sends Fake Emergency Alert to Phones Across Brazil
HighLastPass Confirms Vendor Breach Exposed Customer Contact, Support Data
HighHealthcare Vendor Xsolis Reports Breach Affecting 1.4M People
HighDraftKings hacker 'Snoopy' sentenced to 18 months in prison
HighMadison Square Garden Hack Exposes 26 Million Visitor Records
HighFortiBleed: The Broker Who Turned 73,000 Firewalls Into a Product Catalog
HighLastPass customer data exposed through Klue supply chain attack
HighPhishing attack on healthcare firm Xsolis impacts 1.4 million people
HighAmadey, StealC malware operations disrupted in Operation Endgame action
HighMadison Square Garden Sports - 9,796,738 breached accounts
HighTata Electronics Leak Exposes 200,000 Files, Including Apple and Tesla Documents
HighHealthtech firm Xolis suffers data breach impacting 1.4 million people
HighTata Electronics confirms cyberattack as hackers leak data
HighLastPass Confirms Customer Data Breach After Klue OAuth Token Theft
HighScope of Salesforce Attacks Expands as Icarus Leaks Data
High Hackers steal passport and driver’s license data of 3 million Texans
High Meta pauses controversial employee-tracking program after security review
HighShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates
HighXsolis Data Breach Impacts 1.4 Million People
HighTwo Scattered Spider hackers plead guilty over Transport for London cyberattack
HighScattered Spider members plead guilty to hacking Transport for London
HighTata Electronics confirms cyberattack after alleged Apple, Tesla documents appear online
High2 Scattered Spider-Linked Hackers Plead Guilty Over £39M TfL Cyberattack
HighTexas Parks & Wildlife (TPWD) Data Breach impacts 3 Million People
HighJaredFromSubway MEV bot hacked in $15 million crypto theft
High A week in security (June 15 – June 21)
HighTexas Parks and Wildlife Data Breach Affects Over 3M License Customers
HighShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack
HighSalesforce Disables Klue Integration After OAuth Token Theft Hits Customer Data

Ransomware (3)

HighRansomware gangs find Europe’s weakest link in third-party suppliers
HighIndian auto giant Bajaj Auto hit by ransomware incident
HighPrinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes

ThreatIntel (253)

CriticalCISA sets urgent deadline to fix Cisco flaw exploited in attacks
CriticalU.S. CISA adds Cisco and PTC Windchill and FlexPLM flaws to its Known Exploited Vulnerabilities catalog
CriticalSynology issues critical fix for MailPlus Server vulnerabilities
CriticalCisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited Months Before Disclosure
CriticalEvaluating Mexico’s New Cybersecurity Plan
CriticalSchneider Electric PowerLogic P7
Criticalpydicom pynetdicom Library
CriticalHubbell Aclara Metrum Cellular Web Interface
HighMost teams accept higher risk for faster AI database work
HighSycophantic chatbots and the harms that build over many chats
HighHijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
HighHospitality Sector Hit by Phishing Campaign Using Fake Guest Complaint Emails
HighUkraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
HighClean GitHub repo tricks AI coding agents into running malware
HighMeta Is Testing Facial Recognition for Police and Military
HighThe Chinese Control the Majority of Argentina’s Squid Fleet
HighNew SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
HighFBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
HighFBI: Russian hackers now target Signal backup recovery keys
HighPost-Quantum Security Spurs National Sovereignty Thinking
High Malware steals Chrome session cookies to take over your accounts
HighWoodgnat Hackers Use Mistic RAT to Broker Access for Ransomware Gangs
High🎙️SECURITY.COM The Podcast: The Parasite in the Machine: Unmasking the Speagle Infostealer
HighFive Eyes Warns AI Could Speed Cyberattacks Within Months
HighmacOS.Gaslight: North Korea-Linked Malware That Tries to Gaslight the Analyst
HighChinese APT CL-STA-1062 Expands Attacks on Southeast Asian Critical Infrastructure With Custom Malware
HighSIM-swapping gang busted in international police operation
HighMirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials
HighGoogle Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
HighMicrosoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
HighGuardian Agents: The Next Layer of Identity Governance
HighChinese-Speaking APT Deploys New TinyRCT Backdoor in Southeast Asia Campaign
HighCybersecurity firms targeted by fraudulent OpenAI organization invites
HighFCC votes to toughen rules in bid to better protect undersea cables
HighTurla group adds more malware to Russia’s espionage efforts against Ukraine
HighRussia accuses Apple of ‘political censorship’ after VK apps removed from App Store
HighRussian Intelligence Services Continue to Target Commercial Messaging Applications
High Beware of “Parcel Expert” job offers: They’re parcel mule scams
HighCL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure
HighInterpol: Cybercrime Hits 30% of Recorded Crime in Surveyed APAC Countries
HighTata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla
HighNew infosec products of the month: June 2026
HighModelplane: Open-source control plane for AI inference
HighHealthcare leaders see a fatal cyber incident as inevitable
HighPhoto ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
HighLocal Police Collusion Hampers Crackdown on Asian Scam Centers
HighEdTech Attackers Shift From Schools to Their Software Suppliers
HighRussian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses
HighBreach Roundup: How Hackers Exploited a Cisco SD-WAN Flaw
HighAI Firms Seek US Help Against China Model Distillation
HighInside Mistic, the New Stealth Backdoor in Ransomware Intrusions
HighInside the 2026 SMB threat landscape: From phishing and scams to fake AI tools
HighStealthy new backdoor surfaces in attacks on multiple sectors
HighNew Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns
HighNew Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis
HighThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories
HighPirloTV sports piracy network disrupted as 44 domains seized
HighRussia used Cellebrite phone-hacking tool to crack down on dissident after firm cut off country
HighUkraine's state postal operator reports app disruption after cyberattack
HighEurope Evolves Into Ransomware's Favorite Region
HighInteresting Paper Exploring Prompt Injection
HighRussia's Gamaredon Adapts Tactics to Target Ukraine
HighEuropol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame
HighSmashing Security podcast #473: How a hacker could have Rickrolled the entire World Cup
HighMost teams will ship AI-written infrastructure code with little review
HighScoring AI hackers when there is no answer key
HighMalicious Edge extension abuses Native Messaging as bridge to malware
HighThree ‘cybercrime as a service’ operations undercut by Microsoft, law enforcement
High Watch out for renewal scams pretending to be Malwarebytes
HighFake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords
HighNew GhostShell Hacking Group Targets Ukraine’s Drone Defense Sector
HighMore Malicious OpenClaw Skills Threaten AI Supply Chain
High2026 FIFA World Cup Faces Surge in Cyber Threats
HighZDI-26-390: X.Org Server Font Alias Stack-based Buffer Overflow Privilege Escalation Vulnerability
HighStealC You Later: Proofpoint and IBM X-Force Support Operation Endgame Disruptions
HighOne Railway Radio Outage Stopped Trains Across Germany and Nobody Knew Why
HighWhy Frontier AI makes prioritization the most important part of your CTEM program
HighStrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader
HighQodo expands platform to help teams govern AI-generated code and engineering standards
HighAlgerian national accused of running cybercrime marketplaces extradited to US
HighLaw enforcement hits StealC and Amadey malware networks
HighDoJ Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering
HighDawn of the Apex Agentic Adversary
HighAmadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered
HighStealthy Mistic backdoor linked to ransomware access broker KongTuke
HighSecuring the service desk: Why social engineering attacks keep succeeding
HighStealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them
HighBackdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker
HighOpenClaw’s Skill Marketplace and the Emerging AI Supply Chain Threat
HighWeekly Update 509
HighEmbedding Forbidden Text in Spyware to Discourage AI Analysis
HighAI Inherits People's Permissions but Not Judgment
HighFive Eyes Warn the Frontier AI Cyberthreat Is Months Away
HighMicrosoft Weighs DeepSeek for Copilot Amid Security Debate
HighmacOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox
HighSecurity testing was built for a slower world
HighWhere IT meets OT and railway cybersecurity gets harder
HighFortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
HighNew macOS ClickFix attack silently mounts DMGs to push infostealer
HighFive Eyes agencies sound alarm about AI’s threat to cybersecurity
HighThe Rise of AI-Powered Academic Fraud: Beyond Traditional Plagiarism
HighHe Thought He Was Secure; His Phone Number Got Stolen Anyway
HighFortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
HighSocGholish Takedown Highlights Malicious TDS Threats
High'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
HighThe Purchase Scam Tactic Headed for the World Cup | Recorded Future
HighFake shops target shoppers across Europe with fake Samsung deals, counterfeit goods and World Cup scams
High GTA 6 early access is nothing but a scam
High Inside the dark web: Stolen identities for 95¢, malware, and scams-for-hire
HighHacker hijacks Brazil’s national alert system, sending “misanthropy” to millions of phones
HighGTA 6 early access offers are taking gamers’ crypto
HighUsing Reddit to manipulate AI search results is surprisingly easy
HighWhat the Fortibleed campaign means for organizations running FortiGate firewalls
HighWhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
HighMalicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT
HighAgentic AI: The Weapon That No Longer Needs a Warrior
HighFake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents
HighLastPass confirms data breach in Klue supply chain attack
HighThe Exploit Doesn't Exist. You Can Still Prove It Works Against You
HighThe Evolution of iGaming Fraud: What Security Teams Should Expect in 2027
HighNew CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto
High1-15 June 2026 Cyber Attacks Timeline
HighAnthropic’s Fable 5 Model Jailbroken Within Days
HighWhatsApp Malware Campaign Hijacks Trust, Installs Legitimate Admin Tools
HighFree, no-signup World Cup streams serve scams instead of football
HighResidential proxy SDKs are hiding in LG and Samsung smart TV apps
HighFortiBleed campaign used custom FortiGate sniffer to steal credentials
HighWhatsApp phishing attack uses fake business docs to hack PCs
HighGuarding AI memory
High Document delivery scams: What are they and what’s their goal?
High Thousands of D-Link routers under control of AryStinger botnet
HighScammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper
HighWebshells Remain Popular, (Mon, Jun 22nd)
HighInside GentleKiller: The EDR-Killer Powering The Gentlemen
High4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware
HighFortiBleed: The Most Detailed Breakdown Yet of an Active Russian Credential-Harvesting Operation
HighAnthropic’s Mythos AI broke into almost all NSA classified systems in hours
HighCrypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign
HighWhy AI tokens will send your enterprise cloud bill sky-high again
HighA VBScript campaign distributed through WhatsApp deploying RMM software
HighINTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific
HighAryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network
HighCanada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices
High⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More
HighStop Your Legacy Infrastructure from Hijacking Your AI Agents
HighNew OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer
HighA Glimpse into the “Search Your Target” Market for Stolen Credentials
HighSuspected cyberattack triggers false emergency alerts across parts of Brazil
HighOne intrusion, two cyberattackers: Uncovering parallel threat activity
MediumDarkMoon: Open-source AI pentesting platform
MediumSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103
MediumMultiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
MediumNew Initiative Tackles Security for End-of-Life Open Source Software
MediumAI Decline? Confidence in Autonomous Penetration Testing Falls
MediumMiasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
MediumNew Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
MediumFake GTA 6 Early Access Websites Target Gamers with Malware and Crypto Scams
MediumEuropol, Microsoft Hit Malware Network Behind 27M Stolen Logins, 140,000 Infected Computers
MediumChrome's next update will kill your adblocker - and make the web less safe
MediumYou can still buy new MacBooks on Amazon for sale, even though Apple has raised prices
MediumrunZero 5.0 unifies exposure management to accelerate risk reduction
MediumReco Agent Security helps organizations govern AI agents and reduce exposure
MediumNew macOS malware embeds fake errors to confuse AI analysis tools
MediumWhat do Ports Hear When Nobody's Listening? An Assessment of Automated Cybercrime [Guest Diary], (Wed, Jun 24th)
MediumOperation Endgame Disrupts StealC, Amadey and SocGholish Malware Networks
MediumZDI-26-364: FlowiseAI Flowise CSV Agent Prompt Injection Remote Code Execution Vulnerability
MediumZDI-26-365: FlowiseAI Flowise CSV Agent customReadCSV Code Injection Remote Code Execution Vulnerability
MediumZDI-26-369: Quest NetVault Backup addclient3 Cross-Site Scripting Authentication Bypass Vulnerability
MediumZDI-26-380: ATEN Unizon writeFileToHttpServletResponse Directory Traversal Information Disclosure Vulnerability
MediumZDI-26-382: ATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution Vulnerability
MediumZDI-26-383: ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability
MediumZDI-26-384: MosaicML Composer Deserialization of Untrusted Data Remote Code Execution Vulnerability
MediumZDI-26-388: Oracle PeopleSoft HubMBeanPersistance Deserialization of Untrusted Data Remote Code Execution Vulnerability
MediumZDI-26-392: X.Org Server Xkb Key Types Stack-based Buffer Overflow Privilege Escalation Vulnerability
MediumThese essential smart home devices are highly useful - and all under $25
MediumGarmin watches, XR glasses, and Pokemon cards: Everything you're buying during Amazon Prime Day 2
MediumLinux Process Name Masquerading, (Wed, Jun 24th)
MediumCybersecurity jobs available right now: June 24, 2026
MediumBuild your own vulnerability harness
MediumSquidbleed: 29-Year-Old Squid Bug Leaks User Credentials
MediumIs Prime Day a scam? We tracked the most popular products that are actually good deals
MediumNew N-able feature gives IT teams visibility into AI usage across endpoints and networks
MediumSiemens Products using OpenSSL
MediumSiemens SIPROTEC 5 Using DIGSI5 Protocol
MediumOpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws
InformationalSecurity Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITION
InformationalYARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)
InformationalI tested MSI's Windows handheld PC, and it beats the Legion Go in a major way
InformationalI looked into OBD2 fuel savers, and found a much safer solution to save car gas instead
InformationalThermal cameras can spot problems you can't see - what I've learned after years of testing
InformationalNew FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages
Informational13 Google Photos settings I always change on every new device - and why
InformationalThanks for Crushing the Submissions Inbox. We're Trying to Keep Up
LowAI Won't Wipe-Out Entry-Level Cybersecurity Jobs
InformationalAn Unemotional Analysis of This AI Regulation Situation
InformationalThe best Prime Day headphone deals: Apple, Bose, Sony, and more deals I'd buy before the sale ends
InformationalThe best Amazon Prime Day deals: Last chance to save on Anker, Apple, Garmin and more
Informational10 gadgets that can give your iPhone useful superpowers (and they're cheaper than you think)
InformationalThis is the one smart home product everyone should have, and it's on sale
InformationalThis GE Opal nugget ice maker makes 'the good ice,' and it's $160 off for Prime Day
InformationalGarmin Fenix 8 Pro vs. Apple Watch Ultra 3: How I'm deciding between the two smartwatches
InformationalMicrosoft gives Windows 10 users an unexpected extra year of free security updates
InformationalMystery hackers use novel SharkLoader dropper against governments, software devs
InformationalProof’s x401 establishes an open protocol for AI agent identity and authorization
InformationalYour First GRC Agent: A Red Teamer's Walkthrough
InformationalPolymarket customers lose $3 million in supply-chain attack
InformationalRussia used social engineering to breach prominent messaging accounts, Ukraine says
InformationalA decade of infrastructure development, one new name: Coinspaid Dev
InformationalThe Coming Divide: AI-Native or Left Behind
InformationalThousands of readers bought these 15+ tech deals on Amazon Prime Day - most are still live
InformationalNeed a MacBook? Don't buy it from Apple while these Amazon deals are still live
InformationalThe most popular products during Amazon Prime Day 3: TCL tablets, Garmin watches, and tiny gadgets
InformationalMicrosoft quietly extends free Windows 10 ESU support to October 2027
InformationalOrder-tracking app Shop abused to push callback phishing attacks
InformationalPoland busts SIM-swapping gang tied to millions in crypto theft
InformationalAnthropic is testing desktop-like Claude Cowork for mobile
InformationalBeyond IOCs: AI-enabled threat intelligence
InformationalWhere Expertise Meets Algorithm: The Insikt Group® Intelligence Edge
InformationalThis sunrise alarm clock improved my sleep routine, and it's 20% off right now
InformationalThe Garmin Fenix 8 Pro smartwatch is a top-selling Prime Day deal - here's why I recommend it
InformationalAmazfit vs. Garmin: I tested two flagship smartwatches - is one worth the $250 premium?
Low5 of the best MSI gaming laptop deals live now for Amazon Prime Day
InformationalPokémon Chaos Rising Trainer Boxes are sold out for Prime Day, but the booster bundles are still 17% off
InformationalSpyCloud automates threat investigations with new Research Agent
InformationalHacker gets 18 months for attack that compromised 60,000 betting accounts
InformationalChecksum API Agent generates and maintains stateful API tests
InformationalSurviving the Mythos Era: Richard Bejtlich on the Case for NDR
InformationalWebinar: Why account takeovers remain one of the hardest threats to stop
InformationalBluekit phishing kit adopts browser-in-the-middle for login theft
InformationalAnother Russian dairy company reportedly disrupted by cyberattack
InformationalIntroduction to COM usage by Windows threats
InformationalAttackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure
InformationalSecurity Is No Longer an IT Problem: Why Boards Must Rethink Cyber Resilience in the Age of AI
Low “Total access to all your devices.” Sextortion scammers strike again
InformationalISC Stormcast For Wednesday, June 24th, 2026 https://isc.sans.edu/podcastdetail/9984, (Wed, Jun 24th)
InformationalAmazon just cut the price of the Oura Ring to 48% off, the lowest ever - and I recommend it
Informational11 cheap car gadgets that upgrade your daily commute instantly
InformationalI found an Android app that makes using my phone one-handed so much easier - and it's free
InformationalMy favorite Prime Day deal is a Walmart+ membership for just $49 (with free Paramount+ and Peacock)
InformationalMy favorite Prime Day TV deal is the LG C5 OLED at Best Buy - nearly $2,000 off
InformationalWalmart's Prime Day sale is here: Up to 50% off laptops, TVs, smart glasses, and more
InformationalThe iPad Pro M5 is $100 off on Amazon, and it's worth it for the battery life alone
InformationalOmada Identity Sovereign targets Europe’s growing digital sovereignty demands
InformationalDragos unveils OT-native AI to help critical infrastructure teams prioritize threats faster
InformationalTwo Scattered Spider members plead guilty over cyberattack that crippled London transit
InformationalCompromise kids online safety bill unveiled by House leaders, with key omission
InformationalFeds seize alleged cyber-scam infrastructure connected to Southeast Asian company
InformationalUplevelling Black Hat Threat Hunters
InformationalISC Stormcast For Tuesday, June 23rd, 2026 https://isc.sans.edu/podcastdetail/9982, (Tue, Jun 23rd)
InformationalThreat Hunting Beyond Alerts: Finding the Activity Detection Misses
InformationalThe Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Engine
InformationalWhy doctrine is becoming a technology requirement for modern defense intelligence
InformationalISC Stormcast For Monday, June 22nd, 2026 https://isc.sans.edu/podcastdetail/9980, (Mon, Jun 22nd)

Vulnerability (81)

CriticalCISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
Critical Update Chrome to patch critical browser security flaws
CriticalEVoke Systems Charging Station Management System
CriticalDaktronics Controller Firmware
Critical PixelSmash flaw turns video files into attack tools
CriticalZDI-26-372: Quest NetVault Backup NVBURemovableMedia SQL Injection Remote Code Execution Vulnerability
CriticalZDI-26-387: Oracle PeopleSoft HttpListeningConnector Server-Side Request Forgery Vulnerability
CriticalU.S. CISA adds Ubiquiti UniFi OS and Lantronix EDS5000 plugin flaws to its Known Exploited Vulnerabilities catalog
CriticalCisco Unified CM Flaw CVE-2026-20230 Actively Exploited in the Wild
CriticalCISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited
CriticalCISA warns of max severity Ubiquiti flaws exploited in attacks
CriticalDifyTap: Four Bugs Put over 1 million AI Apps at Risk
HighCompanies keep bolting AI onto their products, and the security bill is coming due
HighWeek in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploited
HighDirtyClone: Fourth Linux Kernel Flaw in Six Weeks Escalates to Root
HighmacOS Flaw Allowed Standard Users to Disable CrowdStrike and Kandji Security Tools
HighNew DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets
HighAmazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
HighCurl Fixes a 25-Year-Old Bug in Its Largest CVE Release Yet
HighCISA Adds Two Known Exploited Vulnerabilities to Catalog
HighIn Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw
HighChrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
HighHorner Automation Cscape
HighYokogawa FAST/TOOLS and CI Server
HighH.VIEW HV-500S6 IP Camera
HighOHIF Viewers DICOM
HighDelta Electronics DTM Soft
HighExploited Security Vendor Vulnerabilities in 2026
HighCisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
HighMandiant reveals how Cisco SD-WAN zero-day attacks gained root access
HighZDI-26-361: Adobe Acrobat Reader DC Field signatureInfo Use-After-Free Remote Code Execution Vulnerability
HighZDI-26-362: Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability
HighZDI-26-363: Docker MCP Plugin OCI Image Label Parsing Argument Injection Remote Code Execution Vulnerability
HighZDI-26-366: Fuji Electric Tellus pcid64 Driver File APIs Exposed Dangerous Method Arbitrary File Deletion Vulnerability
HighZDI-26-367: Fuji Electric Tellus pcid64 Driver Registry APIs Exposed Dangerous Method Local Privilege Escalation Vulnerability
HighZDI-26-368: Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
HighZDI-26-370: Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability
HighZDI-26-371: Quest NetVault Backup NVBUDeviceDrive SQL Injection Remote Code Execution Vulnerability
HighZDI-26-373: Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability
HighZDI-26-374: Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability
HighZDI-26-375: Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
HighZDI-26-376: Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability
HighZDI-26-377: Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability
HighZDI-26-381: ATEN Unizon restoreDB Directory Traversal Remote Code Execution Vulnerability
HighZDI-26-385: Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability
HighZDI-26-386: Unraid Web Server ToggleState Command Injection Remote Code Execution Vulnerability
HighZDI-26-389: Oracle PeopleSoft ExecuteProcessActivityCommand External Control of File Path Remote Code Execution Vulnerability
HighZDI-26-391: X.Org Server miSyncDestroyFence Use-After-Free Privilege Escalation Vulnerability
HighZDI-26-393: X.Org Server SetMap Request Stack-based Buffer Overflow Privilege Escalation Vulnerability
HighZDI-26-394: X.Org Server FreeCounter Use-After-Free Privilege Escalation Vulnerability
HighZDI-26-395: X.Org Server SyncChangeCounter Use-After-Free Privilege Escalation Vulnerability
HighCisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)
HighCisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
HighCordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks
HighApple's MacOS Gap Lets Users Disable Security Tools
HighSamsung KNOX Kernel UAF Exposes Millions of Galaxy Devices
HighCisco Unified CM flaw CVE-2026-20230 now exploited in attacks
High‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking
HighSiemens SINEC INS
HighABB Freelance Security Lock
HighImpact of Linux Kernel vulnerabilities on B&R products
HighSiemens WinCC Certificate Manager
HighCVE-2024-40766: The Patch Fixed the Bug. Nobody Fixed the Configuration., (Tue, Jun 23rd)
HighDifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories
HighMicrosoft Confirms Windows Recycle Bin Bug Affects All Supported Versions
HighNew Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available
HighA Vulnerability in PAN-OS Could Allow for Authentication Bypass
HighOlder iPhones have an unfixable security flaw - why it can't be patched and the models affected
HighFFmpeg fixes PixelSmash flaw in widely used video decoder
HighThe Global Namespace Risk: Universal Bucket Hijacking Technique for Cloud Data Exfiltration
Highusbliter8 Brings Unpatchable BootROM Exploit to Apple A12 and A13 Devices
High23 ClawHub plugins squatting official scopes expose AI registry security gaps
High29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests
HighResearchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants
HighMicrosoft fixes AutoGen Studio flaw that enabled code execution
MediumZDI-26-378: ATEN Unizon updateLicense Directory Traversal Arbitrary File Deletion Vulnerability
MediumZDI-26-379: ATEN Unizon uploadSSL Directory Traversal Arbitrary File Deletion Vulnerability
MediumZDI-26-396: X.Org Server ChangeDrawableAttributes Out-Of-Bounds Read Information Disclosure Vulnerability
MediumZDI-26-397: X.Org Server CreateSaverWindow Use-After-Free Information Disclosure Vulnerability
MediumGitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns
MediumA $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security

Daily breach, advisory, and vulnerability briefs publish every weekday.

View Live Breach Feed ← All Weekly Digests