Show Notes - 2026-06-17
Stories Covered
- Today:
- CISA Orders LiteSpeed cPanel Patch by June 18 (CVE-2026-54420) [Critical Alerts]
- Microsoft Working on RoguePlanet Defender Zero-Day Patch (CVE-2026-50656) [Critical Alerts]
- Joomla JCE Plugin Flaw Under Active Exploitation (CVE-2026-48907) [Critical Alerts]
- Three Fortinet FortiSandbox Flaws Under Active Exploitation [Critical Alerts]
- DragonForce Ransomware Abuses Microsoft Teams TURN Relays for Command-and-Control [Ransomware & Extortion]
- Kodak Confirms Data Breach, ShinyHunters Claims 2.2 Million Records [Ransomware & Extortion]
- Lorem Ipsum Malware Pivots to ClickFix Delivery, Likely Linked to Vice Society [Ransomware & Extortion]
- Novo Nordisk Hit by Two Separate Threat Actors Demanding $50M and $25M [Ransomware & Extortion]
- 144 Mastra npm Packages Compromised via Hijacked Contributor Account [Business & Infrastructure Threats]
- 15 Malicious JetBrains Plugins Steal AI API Keys from 70,000 Developers [Business & Infrastructure Threats]
- Steam Workshop Abused to Spread Malware via Wallpaper Engine [Business & Infrastructure Threats]
- 30,000 Compromised Fortinet Firewalls Expose Corporate Networks (FortiBleed Campaign) [Business & Infrastructure Threats]
- ClickFix Campaigns Expand with BabaDeda, Lorem Ipsum, and Potemkin Loaders [General Security News]
- GhostTree Attack Abuses Recursive Windows Junctions to Hide Malware from EDR [General Security News]
- Google Vertex AI SDK Flaw Allowed Cross-Tenant Model Hijacking (Pickle in the Middle) [General Security News]
- China Arrests 67 Suspects Linked to Silver Fox Cybercrime Group [General Security News]
- Chrome Extensions Steal AI Conversations (PromptSnatcher Campaign) [General Security News]
- China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth [General Security News]
- New Rokarolla Android Malware Targets 217 Banking and Crypto Apps [General Security News]
- FTC Warns of Record $3.5 Billion Losses to Imposter Scams in 2025 [General Security News]
- Rockwell Automation FLEX I/O EtherNet/IP Adapters (CVE-2026-0646, CVE-2026-0647) [Vulnerability Disclosures]
- Rockwell Automation RSLinx Classic (CVE-2020-13573) [Vulnerability Disclosures]
- Rockwell Automation Logix 5370 & 5570 Controllers (CVE-2026-11317) [Vulnerability Disclosures]
- Rockwell Automation FactoryTalk Analytics PavilionX (CVE-2025-14272) [Vulnerability Disclosures]
- Chrome and Firefox Memory Safety Updates [Vulnerability Disclosures]
CVEs Referenced
CVE-2020-13573, CVE-2023-52271, CVE-2025-1055, CVE-2025-14272, CVE-2025-61155, CVE-2026-0646, CVE-2026-0647, CVE-2026-11317, CVE-2026-25089, CVE-2026-39808, CVE-2026-39813, CVE-2026-48907, CVE-2026-50656, CVE-2026-54420
Indicators of Compromise
IP Addresses:
2.9.99.4, 2.9.99.5, 39.107.60.51
Fler avsnitt av Cyber Threat Brief
Visa alla avsnitt av Cyber Threat BriefCyber Threat Brief med Carolina Clear Tech, LLC finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
