Miasma Worm Hits Microsoft, Cisco & Android Zero-Days Exploited, and FBI Network Breached by State-Sponsored Hackers
Summary
In early June 2026, the cybersecurity landscape is reeling from a series of high-impact events. A sophisticated supply chain worm named 'Miasma' has compromised Microsoft GitHub repositories and the npm ecosystem. Concurrently, actively exploited zero-day vulnerabilities in Cisco SD-WAN and Google's Android Framework have put countless systems at risk, prompting emergency patches and CISA alerts. A major breach of a sensitive FBI surveillance network, attributed to the China-linked 'Salt Typhoon' group, has been classified as a 'major incident'. This period also saw a new US executive order on AI security, a record number of Chrome patches, and significant data breaches affecting millions at DentaQuest and Strategic Education.
Today New Articles
FBI 'Major Incident': China-Linked Hackers Breach Sensitive Surveillance Network
The FBI has classified a breach of its Digital Collection Systems Network as a 'major incident,' attributing the attack to 'Salt Typhoon,' a threat actor linked to China's Ministry of State Security. The compromised network manages highly sensitive law enforce...
DentaQuest Data Breach Exposes PHI of 2.6 Million; ShinyHunters Claims Attack
DentaQuest, a major U.S. dental and vision benefits administrator, is investigating a data breach that has compromised the personal and health information of approximately 2.6 million individuals. The cybercriminal group ShinyHunters has claimed responsibility...
Whistleblower Lawsuit: Former Exec Accuses IBM of Covering Up Chinese State-Sponsored Hacking
A newly unsealed whistleblower lawsuit filed by a former IBM executive alleges that the technology giant knowingly concealed thousands of data breaches by a Chinese state-linked hacking group between 2013 and 2016. William Barlow, IBM's former VP of Threat Int...
Dutch NCSC: Cloud Misconfigurations Are an 'Easy Ride' for Hackers
The Dutch National Cyber Security Centre (NCSC) has issued a warning about the rising threat of data breaches caused by simple cloud misconfigurations. The agency stated that cybercriminals are using automated tools to scan the internet for improperly configur...
CISA KEV Alert: Two-Year-Old Oracle WebLogic Flaw Now Under Active Attack
A two-year-old, high-severity vulnerability in Oracle WebLogic Server, CVE-2024-21182, is being actively exploited in the wild, prompting CISA to add it to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, originally patched in July 2024, allows an...
Strategic Education Data Breach Exposes SSNs, Passports of Over 100,000
Strategic Education, Inc., the parent company of Strayer University and Capella University, has disclosed a data breach that occurred in February 2026. The incident involved unauthorized access to its computer network, compromising the highly sensitive persona...
Active Exploitation of Critical PAN-OS Auth Bypass (CVE-2026-0257) Detected in the Wild
Palo Alto Networks' Unit 42 has issued a threat brief detailing the active exploitation of CVE-2026-0257, a critical authentication bypass vulnerability affecting PAN-OS software. Unidentified attackers are exploiting the flaw to gain unauthorized access to Gl...
Article Updates
Ransomware Market Consolidates in Q1 2026; Qilin Remains Top Threat as LockBit 5.0 Rebounds
Update:The new report covers May 2026, showing a 3% overall increase in ransomware attacks to 661 incidents. The education sector was severely impacted with a 54% surge. Qilin continues to be the most active group, responsible for 97 attacks, alongside The Gentlemen...
The Agentic Era: Frontier AI Models Fuel a Surge in Vulnerability Discovery
Update:An autonomous AI agent from depthfirst has discovered 21 zero-day vulnerabilities in the widely used FFmpeg multimedia library, some existing for nearly two decades. Nine of these flaws have been assigned CVEs, posing a significant supply chain risk. Concurren...
CISA Warns of Active Exploitation of Palo Alto GlobalProtect Auth Bypass Flaw (CVE-2026-0257)
Update:Palo Alto Networks' Unit 42 has officially confirmed active exploitation of CVE-2026-0257, a critical authentication bypass vulnerability in PAN-OS GlobalProtect. The new report highlights the increased threat level due to the public release of a Proof-of-Conc...
Android Zero-Day Under Attack: Google Issues Urgent Patch for Privilege Escalation Flaw
Update:The actively exploited Android zero-day, CVE-2025-48595, is now confirmed to be an integer overflow vulnerability in the Android Framework, carrying a high CVSS score of 8.4. This flaw allows for local privilege escalation without user interaction, affecting A...
Actively Exploited Zero-Day in Cisco SD-WAN Allows Root Access, No Patch Available
Update:New information clarifies that CVE-2026-20245 affects 'Cisco Catalyst SD-WAN Manager' and requires an 'authenticated attacker with administrative privileges (netadmin)' to exploit, correcting the previous understanding of it being unauthenticated. The vulnerab...