QuantumLock Hits LogiTrans, Zero-Day in Apex-Office, EU Cyber-AI Act
X Composer Copy Block
Use Plain Text first. If your posting workflow supports markdown, use Markdown.
Suggested hashtags (5): #CyberSecurity #Vulnerability #Malware #Ransomware #ThreatIntel
Summary
July 1, 2026, marks a day of significant cyber threats and regulatory developments. The global logistics giant LogiTrans Global has been crippled by a $45 million ransomware attack from the new QuantumLock group, disrupting worldwide supply chains. The attack leveraged a compromised VPN and a known vulnerability (CVE-2026-23456) for initial access and privilege escalation, with 5 TB of data exfiltrated before ransomware deployment.
A critical zero-day vulnerability, 'ShiftScribe' (CVE-2026-35801), has been discovered in the widely used Apex-Office Suite, putting over 100 million users at risk. State-sponsored actor 'Gilded Moth' (APT42) is actively exploiting this flaw for remote code execution, deploying a custom backdoor. Microsoft has also issued an emergency patch for an actively exploited RCE vulnerability in Exchange Server (CVE-2026-17747).
In the healthcare sector, HealthNet Insurance disclosed a breach exposing the data of 11 million patients due to a misconfigured AWS S3 bucket. The energy sector is targeted by 'SandViper' APT with new 'DuneStalker' espionage malware, focusing on OT data theft. A supply chain attack compromised the CodeStream CI/CD utility, stealing developer secrets.
New malware strains are emerging, including 'Synapse,' a destructive wiper disguised as ransomware, and 'DuneStalker' for industrial espionage. The 'FinReact' phishing campaign utilizes AI-generated lures and a 'GhostScript' loader to target financial institutions.
DataHaven Cloud Storage experienced a global outage due to a security breach targeting customer data via a zero-day in a proprietary API. Meanwhile, the European Union has unveiled the 'CYBER-AI Act,' imposing strict security mandates on high-risk AI systems with significant penalties for non-compliance.
Looking ahead, Mandiant warns that AI-powered disinformation poses the top threat to the 2028 elections. Researchers also identified 'Phantom Squatting,' a novel supply chain attack vector weaponizing AI-hallucinated domains. Omni Hotels shared its recovery and security overhaul details one year after a $50 million ransomware attack.
Today New Articles
LogiTrans Global Paralyzed by $45M QuantumLock Ransomware Attack, Global Supply Chains Disrupted
Global logistics firm LogiTrans Global has been hit by a devastating ransomware attack attributed to a new group named QuantumLock. The attack, which began on June 30, 2026, has encrypted critical systems, causing a worldwide halt in operations, including ship...
Actively Exploited 'ShiftScribe' Zero-Day in Apex-Office Suite Puts Millions at Risk
A critical remote code execution (RCE) zero-day vulnerability, named 'ShiftScribe' and tracked as CVE-2026-35801, has been discovered in the popular Apex-Office Suite, affecting over 100 million users. The flaw, with a CVSS score of 9.6, is being actively expl...
HealthNet Insurance, a major US health provider, has disclosed a data breach that exposed the personal and medical information of 11 million individuals. The breach, discovered on June 15, 2026, originated from a misconfigured Amazon Web Services (AWS) S3 buck...
'SandViper' APT Hits Global Energy Sector with New 'DuneStalker' Espionage Malware
A new report from Dragos Inc. details a sophisticated cyber-espionage campaign targeting the global energy sector by a previously unknown threat actor named 'SandViper'. The campaign, active since late 2025, focuses on oil and gas companies in the Middle East...
CodeStream CI/CD Utility Compromised in Supply Chain Attack, Developer Secrets Stolen
The popular open-source CI/CD utility 'CodeStream' has been the target of a sophisticated supply chain attack. An unknown threat actor compromised the project's package registry, publishing a malicious version (3.4.1) on June 29, 2026. The tainted version, dow...
Microsoft Releases Emergency Patch for Actively Exploited Exchange Server RCE Flaw (CVE-2026-17747)
Microsoft has released an emergency, out-of-band security update for a critical remote code execution (RCE) vulnerability in Microsoft Exchange Server 2016 and 2019. Tracked as CVE-2026-17747 with a CVSS score of 9.8, the flaw allows an unauthenticated attacke...
'FinReact' Phishing Campaign Uses AI-Generated Lures and 'GhostScript' Loader to Target Banks
A highly sophisticated phishing campaign named 'FinReact' is targeting the financial services industry. Researchers at Proofpoint report that the campaign uses generative AI to create convincing, context-aware email lures that bypass traditional security. The...
DataHaven Cloud Storage Outage Caused by Security Breach Targeting Customer Data
Enterprise cloud storage provider DataHaven has confirmed that a multi-hour global outage on June 30, 2026, was the result of a security breach. Attackers gained access to an internal Kubernetes cluster via a zero-day vulnerability in a proprietary management...
EU Unveils 'CYBER-AI Act' with Strict Security Mandates and Heavy Fines for High-Risk AI
The European Commission has introduced the 'Cybersecurity of Artificial Intelligence Act' (CYBER-AI Act), a new regulation that imposes stringent cybersecurity requirements on high-risk AI systems. Working alongside the existing AI Act, this legislation mandat...
'Synapse' Wiper Malware Disguised as Ransomware, Designed for Maximum Destruction
Kaspersky researchers have published a detailed analysis of 'Synapse,' a new and highly destructive malware strain. Initially mistaken for ransomware, Synapse is a pure wiper designed to cause irreversible data loss. It uses deception by dropping a fake ransom...
Omni Hotels & Resorts has published a detailed report outlining its recovery and security transformation one year after a catastrophic ransomware attack in 2025. The incident, attributed to the BlackSuit gang, cost the company over $50 million and led to a com...
AI-Powered Disinformation is Top Threat to 2028 Elections, Mandiant Warns
A new report from Mandiant (part of Google Cloud) identifies AI-powered disinformation and influence operations as the most significant cyber threat to the 2028 U.S. election cycle. The report warns of a future filled with hyper-realistic deepfakes and AI-driv...
Phantom Squatting: Attackers Weaponize AI-Hallucinated Domains in Novel Supply Chain Attacks
Cybersecurity researchers from Unit 42 have identified a new and active software supply chain attack vector dubbed 'Phantom Squatting.' The threat involves adversaries exploiting the tendency of Large Language Models (LLMs) to 'hallucinate,' or invent, non-exi...