AI Risks, Major Breaches, and Global Takedowns Dominate Cybersecurity News
Summary
Cybersecurity threats continue to evolve rapidly, with AI adoption presenting new challenges across industries. Darktrace warns that AI integration in manufacturing is exposing factories to novel cyber risks, a concern echoed by the Five Eyes alliance, which anticipates advanced AI hacking models within months and urges corporate boards to treat cybersecurity as a core business risk. Meanwhile, the healthcare sector faces significant data exposure, with Xsolis reporting a breach affecting 1.4 million individuals due to a phishing attack. In the automotive industry, Indian giant Bajaj Auto has been hit by a ransomware attack, highlighting growing risks in the manufacturing sector.
Global law enforcement has achieved a significant victory with 'Operation Endgame,' disrupting SocGholish, the Amadey botnet, and StealC infostealer networks, seizing millions in crypto assets and recovering stolen credentials. However, threats persist. Fortinet devices are under siege from the 'FortiBleed' campaign, exploiting weak credentials on over 86,000 devices globally. Oracle has rushed an emergency patch for a PeopleSoft zero-day exploited by ShinyHunters, impacting over 100 organizations, including regulatory bodies. WordPress users are also at risk, with the ShapedPlugin supply chain attack delivering credential-stealing malware. WhatsApp users are targeted by malware spreading via VBScript, leveraging legitimate RMM tools for takeover. NCC Group warns that state actors are increasingly using ransomware tactics to mask espionage, exemplified by the Iran-linked MuddyWater group. Finally, malicious AI 'skills' on OpenClaw's ClawHub marketplace are bypassing scanners to deliver infostealers, demonstrating a new frontier in supply chain attacks targeting AI agent ecosystems. CISA is shifting its strategy to protect critical infrastructure 'crown jewels,' while Snyk has launched a platform to secure AI coding agents.
Today New Articles
Healthcare Tech Firm Xsolis Hit by Phishing Attack, Exposing Data of 1.4 Million People
The healthcare technology firm Xsolis has reported a data breach affecting nearly 1.4 million individuals following a targeted phishing attack in January 2026. The incident resulted in unauthorized access to a vast amount of sensitive personal and protected he...
Indian Automotive Giant Bajaj Auto Hit by Ransomware Attack
Indian automotive manufacturer Bajaj Auto has reported a ransomware attack that affected its systems and a wholly-owned subsidiary on June 23, 2026. The company has contained the incident and notified CERT-In, but has not yet disclosed the extent of the damage...
Report: 60% of U.S. Manufacturers Hit by Email Breaches Amid Smart Factory Push
A new report from Integris reveals that U.S. manufacturers are facing widespread cyber breaches as they accelerate their adoption of smart factory technologies. The survey found that a staggering 60% of manufacturing executives reported a significant email-bas...
CISA Shifts Strategy to Protect 'Crown Jewels' of Critical Infrastructure
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is shifting its strategy from a broad, sector-based approach to one that focuses on identifying and protecting the specific assets and systems—the 'crown jewels'—most critical to national securit...
Snyk Unveils Evo ADS to Secure AI-Powered Coding Agents
Cybersecurity firm Snyk has launched Evo Agentic Development Security (ADS), a new platform designed to govern and secure the actions of autonomous AI coding agents. As developers increasingly use AI agents that can build software with minimal human oversight,...
State Actors Adopting Ransomware Tactics to Mask Espionage, NCC Group Warns
A new report from NCC Group warns that the line between nation-state and criminal cyber activity is blurring, with state-backed actors increasingly hiding their espionage operations behind the facade of ransomware attacks. The report highlights a recent campai...
Malicious AI 'Skills' on OpenClaw's ClawHub Marketplace Bypass Scanners to Deliver Infostealers
Palo Alto Networks' Unit 42 has identified an ongoing campaign targeting the OpenClaw AI agent ecosystem. Malicious actors are publishing seemingly benign 'skills' on the ClawHub marketplace that contain evasive code designed to bypass security scanners like V...
Article Updates
AI Adoption in Manufacturing Exposing Factories to New Cyber Risks, Darktrace Warns
Update:A new Integris report indicates that 60% of U.S. manufacturers experienced a significant email-based security breach and 49% a mobile device breach in the past year. This highlights a critical gap between rapid smart factory technology adoption and cybersecuri...
Oracle Rushes Emergency Patch for PeopleSoft Zero-Day Exploited by ShinyHunters
Update:The U.S. National Association of Insurance Commissioners (NAIC) has confirmed a breach by the ShinyHunters group, leveraging the critical Oracle PeopleSoft zero-day (CVE-2026-35273). The vulnerability's CVSS score is now confirmed at 9.8. Exploitation was acti...
Operation Endgame: Global Law Enforcement Disrupts SocGholish, Cleans 15,000 Infected Websites
Update:The international 'Operation Endgame' has expanded its reported success, now confirming the disruption of not only SocGholish but also the Amadey botnet and StealC infostealer networks. The updated figures reveal a takedown of 326 servers and 142 domains, a si...
FortiBleed Campaign Targets Fortinet Devices Globally, Exploiting Weak Credentials, Not Zero-Days
Update:New intelligence on the 'FortiBleed' campaign indicates a significantly larger scale than previously understood. Over 86,644 Fortinet devices, including FortiGate firewalls and SSL VPN gateways, have been compromised across 194 countries since February 2026. T...
Five Eyes Intel Alliance Warns Advanced AI Hacking Models Are 'Months Away'
Update:The Five Eyes alliance has reinforced its warning on AI-driven cyber threats, specifically urging corporate boards to elevate cybersecurity to a core business risk. The advisory emphasizes the accelerated threat velocity and increased sophistication enabled by...
WordPress Vendor 'ShapedPlugin' Hit by Supply Chain Attack Delivering Credential-Stealing Malware
Update:Further analysis of the ShapedPlugin supply chain attack reveals critical new information. The malicious updates, now assigned CVE-2026-10735 and CVE-2026-49777, specifically targeted 'Pro' versions of plugins. The backdoor creates a hidden administrator accou...
WhatsApp Malware Spreads via VBScript, Installs Legitimate RMM Tools for Takeover
Update:Further analysis of the WhatsApp VBScript RMM campaign reveals additional technical details and TTPs. New observations include the use of obfuscated scripts with fake comments (T1027) and the initial access potentially involving credential gathering (T1589.003...