The 48-hour period from June 22-23, 2026 revealed a diverse threat landscape dominated by critical vulnerabilities in AI/ML infrastructure, credential theft operations, and ransomware targeting critical sectors. OpenAI announced the Daybreak initiative with new security tools (Codex Security and GPT-5.5-Cyber) to help organizations identify and patch vulnerabilities at scale. Multiple critical-severity CVEs were disclosed affecting widely-used AI frameworks (vLLM, n8n, Flowise) with CVSS scores reaching 9.1, enabling authentication bypass and arbitrary code execution. The ransomware ecosystem remained highly active with 10 new victims across financial, aerospace, engineering, and insurance sectors, including the Central Bank of Libya and a premium Indian research university. Infrastructure-related threats included the FortiBleed campaign using custom sniffers on FortiGate devices, the AryStinger botnet absorbing thousands of end-of-life D-Link routers, and a suspected cyberattack triggering false emergency alerts across Brazil. A significant healthcare breach at Xsolis affected 1.4 million patients, while the "Search Your Target" underground market demonstrates the evolution of credential theft-as-a-service. Two Scattered Spider members pled guilty to the £39M TfL attack, marking a rare law enforcement win against this prolific threat actor group.
Multiple critical vulnerabilities disclosed in AI inference engines and workflow platforms enabling authentication bypass and remote code execution
Critical vulnerability in vLLM versions 0.3.0-0.22.0 allows authentication bypass of OpenAI API AuthenticationMiddleware through ASGI web server trust issues, enabling unauthorized API access without credentials
Critical flaw in n8n before 2.20.0 allows authenticated users to bypass Allowed HTTP Request Domains restrictions, enabling credential exfiltration through the /rest/dynamic-node-parameters/options endpoint
Assert-based security check flaw in vLLM prior to 0.22.0 enables unauthenticated attackers to achieve arbitrary code execution by publishing malicious HuggingFace models with crafted activation functions
Vulnerability chain in Microsoft AutoGen Studio allows attackers to manipulate AI agents into executing arbitrary commands on host systems simply by visiting a malicious webpage, affecting AI prototyping environments
Server-side request forgery in Crawl4AI before 0.8.7 allows unauthenticated attackers to bypass internal-address blocklists using IPv6-mapped IPv4 addresses, reaching internal cloud metadata services and RFC1918 networks
Newly disclosed FFmpeg flaw dubbed PixelSmash could be exploited for remote code execution on Jellyfin servers and trigger denial-of-service in applications including Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio
Multiple malware distribution campaigns observed including WhatsApp-based phishing, cryptocurrency theft, and IoT botnet expansion
Ongoing malware campaign targets WhatsApp users across multiple countries with deceptive messages pushing VBScript files that enable remote system access when executed
Thousands of outdated D-Link routers with no future security updates available have been absorbed into the AryStinger botnet, creating a persistent command-and-control infrastructure
Multiple PowerShell-based malware payloads including PhantomStealer being distributed via onyx-ae.cc infrastructure, using stub.ps1, xl.ps1, and la.ps1 scripts for credential theft
RemcosRAT remote access trojan being distributed through malicious HTA files hosted on 46.183.223.7, using social engineering themes related to business documents and solutions
Cross-platform clipboard hijacker being distributed through elaborate fake reputation-boosting campaign across GitHub, YouTube, and VirusTotal to build illusion of trust and steal cryptocurrency transactions
Continued Mozi botnet activity targeting IoT devices across multiple IP ranges, distributing ELF binaries for MIPS and ARM architectures via exposed management interfaces
Significant developments including guilty pleas from Scattered Spider members and disclosure of sophisticated multi-actor intrusion campaigns
Large-scale FortiBleed campaign targeting Fortinet FortiGate devices uses custom sniffers to harvest authentication secrets from compromised firewalls and steal credentials from network traffic passing through the devices
Two members of Scattered Spider threat group, arrested in 2024 and 2025, have changed their pleas to guilty just before their trials for involvement in massive cyber attack on Transport for London causing £39 million in damages
Ransomware investigation uncovers two parallel threat actors operating simultaneously within the same victim environment, blending tactics and evasion techniques, demonstrating how isolated security signals can miss modern overlapping cyberattacks
Major ransomware attacks affecting critical infrastructure, healthcare, and enterprise sectors with 10 new victims posted to leak sites
Libya's central banking institution (www.cbl.gov.ly) posted to Qilin ransomware leak site, representing a critical attack on national financial infrastructure with potential for significant economic disruption
Xsolis, Inc., a healthcare utilization and case management service provider, confirmed breach affecting 1,396,519 patients of its client healthcare organizations. Suspicious activity detected April 19, 2026 with data exfiltration confirmed
Premier US underwriter of crane, rigging, and construction insurance (NBIS, part of Howden Group) compromised with 2.7 million files exposed including sensitive underwriting data and client information
Premier Indian private research university and Institution of Eminence (bits-pilani.ac.in) with 1.47% acceptance rate posted to DragonForce leak site, potentially exposing student and research data across five campuses
Austrian space-materials R&D company with deep ESA ties compromised by Aurora ransomware. Two complete NAS snapshots totaling 123 GB spanning 30+ years of Testhouse, R&D, and engineering operations exposed
German manufacturer of windows, doors, and façade systems (240 employees) breached by Aurora ransomware with 22 GB of payroll database backups (7 MSSQL .bak files) and operational data exposed
Michigan-based Cherry Health detected suspicious network activity on April 19, 2026. Investigation revealed unknown actors gained network access and copied data. Preliminary notice published June 18 with no mention of encrypted backups
Emerging threats including cloud bucket hijacking, credential search services, and AI memory exploitation
Unit 42 research reveals how attackers exploit global name uniqueness in cloud storage bucket hijacking to redirect data streams across major cloud service providers, enabling large-scale data exfiltration
Emerging underground market allows attackers to pay others to search massive credential dumps for specific companies, domains, and accounts, eliminating the need to manually sift through stolen databases
Microsoft security research examines risks and defensive measures when threat actors target AI system memory, detailing attack vectors against AI context retention and mitigation approaches
Ethereum MEV (Maximal Extractable Value) bot JaredFromSubway suffered $15 million loss after attacker manipulated opportunity-detection logic by creating fake cryptocurrency trading opportunities
Early Saturday incident saw at least a dozen unauthorized alerts sent through Brazil's Civil Defense Alert system, a platform designed for flood, landslide, and natural disaster warnings, affecting multiple regions
OpenAI launches Daybreak security initiative with AI-powered vulnerability detection tools for global organizations
OpenAI introduces Daybreak tools including Codex Security and GPT-5.5-Cyber to help organizations find, validate, and patch vulnerabilities at scale. Includes Patch the Planet initiative supporting open-source maintainers with AI-assisted vulnerability remediation
Multiple high-severity vulnerabilities affecting web frameworks, serialization libraries, and enterprise software
Critical vulnerability in Budibase server allows workspace-builder role to read arbitrary files through symlink upload in PWA-zip functionality, enabling access to sensitive system files
Critical prototype pollution vulnerability in scim-patch package allows attackers to modify object prototypes through unfiltered keys in patch operations, potentially leading to remote code execution
Vulnerability in MessagePack for C# (prior to 2.5.301 and 3.1.7) affects optional LZ4 decompression path, based on deprecated fast-decompression algorithm enabling denial-of-service attacks
Starlette versions 0.4.1-1.3.1 silently ignore max_fields and max_part_size limits for application/x-www-form-urlencoded content, enabling resource exhaustion attacks by unauthenticated attackers
Incomplete fix for unsafe name handling in protobufjs-cli (prior to 1.3.2 and 2.5.0) allows unsafe JavaScript references in static/static-module code generation, potentially enabling code injection
SQL injection vulnerability in Dell Wyse Management Suite prior to version 2605 allows low-privileged attacker with remote access to achieve unauthorized access through improper neutralization of SQL commands
Cross-site request forgery vulnerability in Gogs allows attackers to takeover organization owner accounts through crafted malicious requests
These briefings are compiled from publicly available threat-intelligence feeds, which may include CISA KEV, NIST NVD, the GitHub Advisory Database (OSV), abuse.ch, and Wordfence Intelligence. Data-breach and credential-leak items may include data from Have I Been Pwned and ransomware.live.
CVE® is a registered trademark of The MITRE Corporation. CVE Records are © The MITRE Corporation, reproduced under the CVE Program Terms of Use. WordPress vulnerability data is provided by Wordfence Intelligence, © Defiant, Inc. Breach data from Have I Been Pwned is licensed under CC BY 4.0.