Critical Flaws in Windows & Palo Alto Under Active Attack; Carnival and Charter Suffer Massive Data Breaches
Summary
This edition covers the period around June 1, 2026, highlighting a surge in critical vulnerability exploitation. Actively exploited flaws in Microsoft's Netlogon service (CVE-2026-41089) and Palo Alto's GlobalProtect VPN (CVE-2026-0257) demand immediate patching. Major data breaches were confirmed by Carnival Corporation, affecting nearly 6 million individuals, and Charter Communications, impacting 4.9 million accounts after a vishing attack. New threats emerged, including the sophisticated 'The Gentlemen' ransomware with self-propagation capabilities and a massive phishing operation targeting the FIFA World Cup. Regulatory bodies are also responding, with NYDFS issuing warnings about AI-driven cyber threats.
Today New Articles
'The Gentlemen' Ransomware Deploys Self-Propagating Malware in Global RaaS Campaign
Microsoft has uncovered a highly sophisticated Ransomware-as-a-Service (RaaS) operation named 'The Gentlemen,' tracked as Storm-2697. This financially motivated group has developed a Go-based ransomware that features robust encryption and, most notably, an agg...
DragonForce Ransomware Targets Chicago Tour Company in Double Extortion Attack
The DragonForce ransomware group has claimed responsibility for a cyberattack on Shoreline Sightseeing, a popular Chicago-based boat tour operator. On May 29, 2026, the group listed the company on its dark web leak site, threatening to publish a 'full leak' of...
Unpatched Critical RCE Flaw (CVSS 9.4) in Gogs Git Service Puts Repositories at Risk
A critical remote code execution (RCE) vulnerability with a CVSS score of 9.4 has been publicly disclosed in Gogs, a popular open-source, self-hosted Git service. The flaw affects servers running default configurations, putting a significant portion of its use...
NYDFS Warns Financial Firms of 'Frontier AI' Accelerating Cyberattacks
The New York State Department of Financial Services (NYDFS) has issued two industry letters warning regulated entities of emerging cybersecurity threats. The first advisory focuses on 'frontier AI' models, which NYDFS warns can significantly amplify the speed...
Canada Warns Connected Vehicle Data Has 'Intelligence Value' for Foreign Adversaries
An internal memo from Public Safety Canada has surfaced, warning that data collected by modern connected vehicles, especially those from foreign manufacturers, can have 'intelligence value' for adversarial nations. The document raises concerns about the potent...
Grandoreiro Banking Trojan Resurges, Targeting Banks in Spain and Latin America
The Grandoreiro banking trojan has resurfaced in a new wave of attacks targeting banks and their customers, primarily in Spain, Mexico, and other Latin American countries. The attack chain begins with phishing emails and uses techniques like DLL side-loading t...
Article Updates
Post-Shai-Hulud: npm Attacks Evolve with Wormable Malware and CI/CD Persistence
Update:On June 1, 2026, over 30 official Red Hat `@redhat-cloud-services` npm packages were compromised by 'Miasma,' a new credential-stealing worm. Miasma is identified as a variant of the 'Mini Shai-Hulud' worm, which was recently open-sourced. The attack vector in...
Microsoft's May 2026 Patch Tuesday: Over 130 Flaws Fixed, Including Critical RCEs
Update:The critical Windows Netlogon RCE vulnerability, CVE-2026-41089, which was patched in Microsoft's May 2026 Patch Tuesday, is now confirmed to be under active exploitation in the wild. Security agencies, including the Centre for Cybersecurity Belgium, are urgin...
Massive Phishing Blitz Targets 2026 FIFA World Cup Fans with 79+ Fake Sites
Update:Security researchers have uncovered 'GHOST STADIUM,' a Chinese-speaking threat actor operating a vast phishing ecosystem targeting 2026 FIFA World Cup fans. This operation now involves over 4,300 fraudulent domains, a significant increase from previous reports...
Carnival Cruise Data Breach Exposes Nearly 6 Million Customers; ShinyHunters Claims Responsibility
Update:The Carnival Corporation data breach has been updated with critical new information. The scope of compromised data now explicitly includes highly sensitive personally identifiable information such as passport numbers and driver's license details, significantly...
New Threat Actor 'JINX-0164' Targets Crypto Firms with Custom macOS Malware
Update:New intelligence confirms that JINX-0164's supply chain attack specifically involved the compromise of the npm package `@velora-dex/sdk` version 4.9.1, which was trojanized on April 7, 2026, to distribute the MINIRAT backdoor. This represents a significant esc...
ShinyHunters Claims 4.9M Charter Communications Accounts Stolen via Vishing Attack
Update:The ShinyHunters cybercrime group has publicly leaked the database containing 4.9 million customer records stolen from Charter Communications. This action follows a failed ransom attempt by the group. The leaked data, which includes names, addresses, phone num...
Carnival Cruise Line Hit by ShinyHunters; Breach Affects Nearly 6 Million
Update:Carnival Corporation has confirmed that the data breach, initiated by a social engineering attack in April 2026, affected precisely 5,995,277 individuals. The company disclosed that the compromised personal identifiable information (PII) is extensive, includin...
Actively Exploited PAN-OS Flaw (CVE-2026-0257) Allows VPN Hijack, CISA Adds to KEV
Update:The critical authentication bypass vulnerability, CVE-2026-0257, in Palo Alto Networks' GlobalProtect VPN has been re-evaluated, with its CVSS score increasing from 7.8 to 9.1, elevating its severity to critical. Additionally, Prisma Access products are now ex...