Gallery

Contacts

405 W. Greenlawn Ave Lansing, Michigan 48910

contact@techjacksolutions.com

+1-616-320-4064

Twitter Facebook-f Pinterest-p Instagram

Weekly Security Intelligence Briefing — Week of 2026-06-15

Briefing
og security news briefs
_ _ Tech Jacks Solutions_ 0 Comments

Executive Summary

The week of 2026-06-15 marks one of the most threat-dense periods observed by the Tech Jacks Solutions Security Command Center. The pipeline processed 40+ intelligence items across campaigns, CVEs, data breaches, and governance events, producing a threat landscape dominated by three converging forces: unprecedented supply chain compromise depth, nation-state escalation against technology and critical infrastructure, and a record-breaking Microsoft Patch Tuesday cycle driven in part by AI-accelerated vulnerability discovery. The highest-priority items demand immediate action before any other security activity this week.

Supply chain threats reached extraordinary breadth. The AUR / npm ecosystem attack deploying an eBPF rootkit across 400+ Arch Linux packages (priority score 0.85), the Miasma worm leak driving the Hades campaign across PyPI, npm, RubyGems, and AI coding tools (priority score 0.947), and the confirmed compromise of Axios npm package versions v1.14.1 and v0.30.4 by North Korean-linked STARDUST CHOLLIMA (priority score 0.955-1.0) collectively represent the most significant developer ecosystem threat event in recent memory. Organizations with Node.js, Python, or Arch Linux in any CI/CD pipeline must act today.

Microsoft’s June 2026 Patch Tuesday patched a record 206 vulnerabilities including 3 zero-days and 39 critical flaws. Splunk Enterprise carries a critical pre-authentication RCE (CVE-2026-20253, CVSS 9.5) with a published exploit. FUXA SCADA/HMI (CVE-2026-25939, CVSS 9.8) is CISA KEV-listed and actively exploited. Ubiquiti UniFi OS (CVE-2026-34910, CVSS 9.8) is also KEV-listed. Operation Riptide dismantled the Outsider Enterprise AI-powered smishing network while Velvet Ant’s decade-long Linux PAM/OpenSSH persistence campaign was exposed. CISA issued BOD 26-04 mandating risk-based vulnerability prioritization for federal agencies. This week: 8 critical CVEs tracked, 3 CISA KEV additions confirmed, 5 active nation-state campaigns documented, and 4 major supply chain events requiring emergency response.

Critical Action Items

  1. Axios npm Supply Chain Compromise (STARDUST CHOLLIMA / DPRK) — Versions v1.14.1 and v0.30.4 contain an embedded RAT. Audit all package-lock.json, yarn.lock, and pnpm-lock.yaml files immediately. Block those versions at artifact registries (Artifactory, Nexus). Upgrade to the next clean release per the official post-mortem at github.com/axios/axios/issues/10636. Rotate all credentials, API keys, and secrets accessible from any environment that consumed either version. Re-image macOS build hosts where compromise is confirmed. No CISA KEV deadline; treat as active breach.
  2. AUR / npm eBPF Rootkit (atomic-lockfile) — 400+ Arch Linux AUR packages are confirmed compromised. Standard userspace tools are unreliable on rootkit-infected hosts. Isolate affected Arch Linux developer workstations and build servers immediately. Revoke and rotate all SSH keys, GitHub tokens, HashiCorp Vault tokens, Docker credentials, and messaging session tokens from any affected machine. Perform full OS reinstallation from trusted media; do not attempt in-place remediation. Run bpftool prog list from trusted bootable media to detect rootkit presence. Block the atomic-lockfile npm package at all registries.
  3. FUXA SCADA/HMI Authorization Bypass (CVE-2026-25939, CVSS 9.8, CISA KEV) — Affects versions 1.2.8–1.2.10. A public proof-of-concept exploit exists. Isolate FUXA instances from internet-facing access immediately. Upgrade to version 1.2.11. Review scheduler configurations for unauthorized entries post-patch. This is a critical infrastructure OT/ICS vulnerability with active exploitation potential.
  4. Ubiquiti UniFi OS Server RCE (CVE-2026-34910, CVSS 9.8, CISA KEV) — Unauthenticated command injection affecting UniFi OS management interfaces. Apply the vendor patch immediately per the Ubiquiti advisory. Restrict management interface access to trusted internal networks. Rotate all UniFi OS administrative credentials post-patch. Review local accounts for unauthorized additions.
  5. Splunk Enterprise Pre-Auth RCE (CVE-2026-20253, CVSS 9.5, Exploit Published) — Affects versions 10.0.0–10.0.6 and 10.2.0–10.2.3. A working exploit was published June 13. Restrict network access to Splunk management ports (8089, 9997) at the firewall immediately. Upgrade to 10.0.7 or 10.2.4. Review Splunk audit logs for pre-authentication exploitation indicators. Splunk Cloud is not affected.
  6. Microsoft June 2026 Patch Tuesday — Three Zero-Days — 206 CVEs patched, 39 Critical. Consult the MSRC Update Guide and BleepingComputer/Qualys coverage for the three publicly disclosed zero-day CVE identifiers. Deploy those patches out-of-band immediately, ahead of the standard patch queue. Import Cisco Talos Snort rules for this cycle into IDS/IPS infrastructure now. Verify Visual Studio and developer workstations are in scope for automated patching.
  7. Velvet Ant Linux PAM / OpenSSH Binary Compromise — China-nexus APT achieved decade-long persistence by trojanizing pam_unix.so and OpenSSH binaries. Run rpm -V openssh pam or dpkg --verify openssh-server libpam-modules against vendor-signed package hashes on all Linux hosts, especially edge appliances and air-gapped segments. Reinstall affected packages from signed distribution sources. Rotate all SSH keys and passwords authenticated through any potentially compromised stack. Check for Nginx/fcgiwrap execution bridges crossing trust boundaries.
  8. CISA BOD 26-04 — Risk-Based Vulnerability Prioritization (Federal Agencies) — The new directive mandates remediation based on exposure likelihood, exploitation potential, and asset criticality — not solely KEV status. FCEB agencies must align immediately. Non-federal organizations should use this as a model to reassess their own remediation prioritization frameworks. Conduct a gap assessment against existing vulnerability management processes this week.

Key Security Stories

Nation-State Supply Chain Siege: Axios npm Compromise, Glassworm, and DPRK IT Worker Infiltration

The most consequential story of the week is the convergence of multiple China-nexus and DPRK-linked supply chain and insider threat operations targeting the technology sector. Multiple campaign intelligence items (SCC-CAM-2026-0436, 0452, 0456, 0458) with priority scores reaching 1.0 document a sustained multi-vector assault. The confirmed compromise of Axios npm package versions v1.14.1 and v0.30.4 by CrowdStrike-attributed STARDUST CHOLLIMA represents the most widely deployed npm supply chain attack in recent history; Axios has 100M+ weekly downloads. The malicious packages contain an embedded Remote Access Tool (RAT) with macOS implant behavior, exfiltrating credentials and establishing persistence via LaunchAgents and LaunchDaemons.

Simultaneously, the Glassworm campaign targeted 73+ Microsoft GitHub repositories, and DPRK IT worker infiltration at technology firms continues to provide persistent insider access to private code repositories and development infrastructure. China-linked threat groups (including SUNRISE PANDA mail infrastructure targeting) accounted for 58% of state-sponsored technology sector attacks, with AI infrastructure — model registries, training data stores, experiment tracking systems — emerging as the primary collection target. The technical TTPs map to T1195.001, T1195.002, T1195, T1078, T1566, T1110.003, T1136, T1213, and T1567.001.

Immediate action required: audit all Axios dependencies, block v1.14.1 and v0.30.4 at artifact registries, upgrade to the verified clean version per the official post-mortem at github.com/axios/axios/issues/10636, rotate all credentials accessible from affected build environments, and re-image macOS developer workstations exhibiting RAT indicators. Organizations should also review contractor identity vetting against CISA’s published DPRK IT worker indicators and audit GitHub repository access logs for Glassworm-pattern changes. Sources: CrowdStrike 2026 Technology Threat Landscape Report; Sonatype security advisory; axios post-mortem.

AUR / npm eBPF Rootkit: 400+ Packages, Kernel-Level Stealth, Credential Exfiltration at Scale

A supply chain attack against the Arch User Repository compromised over 400 packages with a sophisticated eBPF rootkit and credential stealer delivered via the malicious atomic-lockfile npm package (SCC-CAM-2026-0461, 0449). The eBPF rootkit operates at kernel level, concealing itself from standard userspace tools including ps, ls, netstat, lsof, and most EDR agents. Standard in-place remediation is unreliable; full system reinstallation from trusted media is required for confirmed compromises. The credential stealer targets SSH private keys, GitHub tokens, HashiCorp Vault tokens, Docker/Podman credentials, Slack/Discord/Microsoft Teams/Telegram session data, browser credential stores, and Electron application sessions.

The campaign extends to the npm ecosystem through the atomic-lockfile package, providing cross-platform reach beyond Arch Linux. Any organization with Arch Linux developer workstations, build servers, or npm pipelines that consumed atomic-lockfile should treat those machines as fully compromised. The rootkit’s concealment capability means standard monitoring will show a falsely quiet picture; absence of alerts is not evidence of a clean state. Organizations should use bpftool prog list from trusted bootable media to enumerate loaded eBPF programs and check /var/log/pacman.log against the confirmed compromised package list published by BleepingComputer and Sonatype.

The confirmed IOC for this campaign is the npm registry URL npmjs.com/package/atomic-lockfile — this package should be blocked at all registries and removed from any dependency manifests. Organizations must revoke and rotate all secrets from affected machines before restoring any connectivity. Sources: BleepingComputer; Sonatype security advisory.

Miasma Worm Source Code Leak Fuels Hades Campaign Across AI Coding Tools and Package Registries

The public leak of the Miasma supply chain worm source code has triggered a derivative Hades campaign targeting npm, PyPI, RubyGems, GitHub Actions, JFrog Artifactory, AWS Systems Manager, and Kubernetes environments (SCC-CAM-2026-0455). Critically, the campaign has extended into AI coding tool configurations, targeting Claude Code, Gemini CLI, Cursor, GitHub Copilot, Kiro, and Cline context files as attack surfaces. Red Hat npm packages and Microsoft GitHub repositories (73+ confirmed) have been affected. Miasma uses GitHub as its C2 channel rather than dedicated infrastructure, making outbound calls from CI/CD runners to GitHub outside of expected clone/fetch operations a key behavioral indicator.

The Hades wave observed this week specifically dropped 37 malicious Python wheel artifacts into 19 PyPI packages, including dynamo-release, spateo-release, and coolbox. The Microsoft Azure durabletask package versions 1.4.1–1.4.3 were confirmed compromised; organizations should treat all three versions as malicious and not install them. The attack leverages AI coding tool configuration files (.cursorrules, Copilot workspace settings, Cline context directories) as a novel persistence and credential access vector — any organization deploying these tools should treat their configuration files as sensitive artifacts subject to integrity monitoring.

Detection priorities: scan all package-lock.json, requirements.txt, and Gemfile files for affected package versions; monitor CI/CD logs for unexpected outbound HTTP/S requests to GitHub from build runners; inspect AI tool configuration directories for unauthorized modifications using system file analysis. Rotate all CI/CD secrets, AWS IAM keys, Kubernetes service account tokens, and GitHub PATs accessible from any affected pipeline. Sources: Rescana ThreatsDay Bulletin June 2026; upstream PyPI audit data from Endor Labs and SafeDep.

Microsoft June 2026 Patch Tuesday: Record 206 CVEs, Three Zero-Days, AI-Accelerated Disclosure

Microsoft’s June 2026 Patch Tuesday (SCC-STY-2026-0209, 0200, 0188) set a record with 206 vulnerabilities patched, including 3 publicly disclosed zero-days and 39 Critical-rated flaws. The record volume is attributable in part to AI-assisted vulnerability discovery tools now deployed at scale by security researchers and vendors, compressing the time between vulnerability introduction and disclosure. This structural shift means monthly patch cycles are no longer adequate for internet-facing and high-privilege assets; organizations need a continuous prioritization tier for critical assets.

The three zero-days represent immediate exploitation risk given their pre-patch public disclosure. Retrieve confirmed CVE identifiers from MSRC, BleepingComputer, and Qualys Patch Tuesday coverage and deploy those patches out-of-band immediately. Cisco Talos has published Snort detection rules specifically for this release cycle; import them into IDS/IPS infrastructure before patches fully deploy. Priority patching sequence: zero-days first, then Critical RCE vulnerabilities on internet-facing services, then privilege escalation CVEs on unpatched high-value assets. Developer workstations running Visual Studio are frequently excluded from enterprise patch schedules and must be confirmed in scope.

The broader analytical story is the structural challenge: 206 CVEs exceeds most organizations’ triage and testing capacity within a single monthly cycle. Organizations should formalize a risk-based patch prioritization framework aligned to CIS 7.1 and 7.2, incorporating asset criticality, internet exposure, and EPSS/KEV signal. Separately, a RoguePlanet zero-day affecting fully patched Windows 10/11 via a Microsoft Defender race condition (SCC-STY-2026-0193, CVSS 9.5) is circulating with a PoC on a self-hosted platform; Microsoft has not yet patched this. Enforce least privilege on all Windows endpoints and monitor for SYSTEM-level process spawning from Defender process contexts. Sources: MSRC; BleepingComputer; Qualys Threat Research; Cisco Talos.

Operation Riptide: AI-Powered Smishing Network Dismantled After Targeting 100M+ U.S. Users

FBI Operation Riptide successfully dismantled the Outsider Enterprise Phishing-as-a-Service platform (SCC-CAM-2026-0459, 0450), which used Google Gemini AI to generate high-quality smishing lures at scale and distributed them across AT&T, T-Mobile, and Verizon carrier SMS infrastructure. The platform operated approximately 9,000 fraudulent domains, delivered 1,000,000+ malicious URLs, and targeted Google (Android), carrier brands, financial institutions, and logistics providers. Shopify storefronts were seized as part of infrastructure; Telegram bot infrastructure was used for C2 coordination. Google filed a federal lawsuit as part of the action.

The significance for enterprise security teams extends beyond the takedown: this campaign validates that AI-generated phishing content is now commercially available as a service, making traditional grammar- and lexical-based detection ineffective. The platform used adversary-in-the-middle techniques (T1557) and session cookie theft (T1539) to bypass MFA on enterprise accounts. Victims received SMS lures, clicked to credential-harvesting pages mimicking Google or carrier brands, and had session cookies exfiltrated before any MFA challenge was presented. Standard MFA implementations that rely on session cookies rather than phishing-resistant methods (FIDO2/WebAuthn) remain vulnerable to this attack pattern.

For organizations with customer-facing SMS channels or brand presence on Google, AT&T, T-Mobile, or Verizon, review DNS logs for queries to newly registered lookalike domains, monitor authentication platforms for session token reuse from geographically inconsistent IPs, and submit brand-impersonating domains to CISA phishing takedown coordination and carrier abuse portals. Retrieve confirmed IOCs from FBI and Black Lotus Labs advisories when published. Conduct a tabletop exercise simulating AI-generated smishing targeting your customer-facing SMS channels. Sources: FBI Operation Riptide advisory; Black Lotus Labs; Google federal complaint.

Velvet Ant APT: Decade-Long Linux PAM and OpenSSH Binary Compromise in Air-Gapped Network

Sygnia’s Operation Highland report (SCC-CAM-2026-0453) exposed a Chinese-nexus APT (Velvet Ant) that maintained undetected persistence for approximately ten years by trojanizing core Linux authentication binaries — pam_unix.so and OpenSSH (ssh, sshd, scp) — along with deploying web shells via Nginx and fcgiwrap to create execution bridges between network segments. Prior campaigns attributed to this group also compromised F5 BIG-IP (CVE-2025-53868) and Cisco NX-OS/Nexus switches. The campaign targets air-gapped and semi-isolated network environments in what appears to be a long-term intelligence collection operation.

The technical sophistication is significant: by trojanizing PAM modules, the actor intercepts all authentication events transparently, harvesting credentials without triggering authentication failures. OpenSSH binary modification enables lateral movement via SSH while appearing to use standard tools. The Nginx/fcgiwrap execution bridge pattern crosses IT/OT boundaries without requiring direct network connectivity. Standard binary integrity verification using package manager commands can detect this: rpm -V openssh pam on RPM-based systems or dpkg --verify openssh-server libpam-modules on Debian-based systems, with results compared against vendor-signed package hashes.

All organizations operating Linux servers, particularly those with edge appliances or air-gapped segments, should run binary integrity verification immediately. Compare pam_unix.so, sshd, ssh, and scp file hashes against distribution vendor repositories. Reinstall affected packages from signed sources — do not patch in place over potentially compromised binaries. Rotate all passwords and SSH keys authenticated through any potentially compromised PAM or SSH stack. Audit Nginx configurations for fcgiwrap execution bridge patterns crossing trust boundaries. File integrity monitoring of authentication binaries should be deployed as a standing control. Sources: Sygnia Operation Highland report; Microsoft MSTIC.

Mackay Sugar OT/ICS Cyberattack Disrupts Australian Critical Infrastructure

A cyberattack disrupted two Mackay Sugar mills in North Queensland, Australia (SCC-STY-2026-0206), affecting industrial control systems in an agricultural food production environment. While the Australian Cyber Security Centre (ACSC) has not published technical indicators at time of reporting, the incident maps to T1190 (initial access via public-facing application), T0816 (Device Restart/Shutdown), T1486 (Data Encrypted for Impact), and T0826 (Loss of Availability) — consistent with a ransomware or ransomware-adjacent attack against OT infrastructure.

This incident is significant as a sector signal: food and agriculture OT infrastructure, historically perceived as lower-priority by threat actors, is now attracting the same ransomware and disruption TTPs as energy and manufacturing. Organizations in food production, water, and related agricultural OT sectors should treat this as a direct threat indicator for their sector. The combination of IT/OT convergence points and legacy industrial control systems creates an attack surface that standard enterprise security tools do not adequately cover.

Immediate defensive priorities: verify IT/OT network segmentation enforces strict boundaries with no unauthorized data flows crossing between corporate and process control networks; confirm MFA on all remote access paths into ICS/SCADA environments including legacy VPN solutions; rotate default credentials on all PLCs and HMIs per CIS 4.7; validate that incident response plans include OT-specific procedures for manual override and production continuity under shutdown conditions. Monitor ACSC and CISA ICS-CERT for any published advisories tied to this incident. Sources: ABC News Australia; ACSC (monitor for updates).

Handala Iranian Group Claims Breach of California Water Utility Billing Systems

Iranian cyber group Handala claimed responsibility for breaching California Water Service Company (Cal Water) billing systems and the RTKBase GNSS platform (SCC-DBR-2026-0172). While the claim originates from threat actor self-reporting (treated as unverified), Handala has a documented history of successful critical infrastructure targeting. The claimed data includes customer billing records and geospatial platform data. RTKBase is an open-source GNSS reference station platform — its presence in this claim highlights the risk of unsupported or community-maintained open-source software in critical infrastructure contexts.

For water utilities and critical infrastructure operators, this incident demonstrates that billing and ancillary systems are viable attack targets, not just operational technology networks. Billing systems typically hold customer PII, financial data, and address information that can be monetized or used for social engineering follow-on attacks. The RTKBase component specifically raises supply chain concerns for any organization using open-source geospatial platforms in critical infrastructure contexts.

Defensive actions: audit external access to billing system interfaces and internet-exposed RTKBase instances; review authentication logs for logins from Iranian IP ranges or anomalous geographies; rotate credentials on billing system service accounts and RTKBase platform; conduct a data inventory per CIS 3.2 to map all customer PII held in billing systems and ensure access controls are calibrated to need-to-know; monitor CISA and FBI for any formal advisories tied to this claim. Sources: Dataminr Intel Brief; ACSC-equivalent Australian water sector advisories for pattern matching.

University of Nottingham Breach Exposes 450,000+ Student Records

The University of Nottingham disclosed a data security incident affecting over 450,000 current and former student records (SCC-DBR-2026-0173, 0167). The breach is significant in scale for the UK higher education sector and has attracted UK Senate HELP committee attention. Attack vectors map to T1078 (Valid Accounts), T1530 (Data from Cloud Storage), and T1566 (Phishing), consistent with credential compromise followed by bulk cloud storage data collection. No specific IOCs have been confirmed in public disclosures.

For higher education institutions and organizations with federated identity relationships with UK universities, this incident warrants immediate review of any cross-institutional identity trust relationships. Universities operating federated SSO or shared research data platforms with Nottingham should audit active federated sessions and suspend trust relationships not confirmed as mission-critical. The exposed data categories likely include student PII subject to UK GDPR and potentially FERPA-equivalent protections for international students, creating multi-jurisdictional notification obligations.

Broader sector signal: the education sector continues to be disproportionately targeted due to large PII repositories, limited security staffing, and federated identity complexity. Organizations in any sector sharing identity infrastructure with higher education should verify MFA enforcement on all externally exposed applications and review cloud storage bucket permissions. Sources: University of Nottingham official disclosure; UK media reporting.

Dragonforce Ransomware Targets UK Production Studio Ink; Healthcare Sector Under Triple Ransomware Assault

DragonForce ransomware group claimed an attack on UK production studio Ink (SCC-DBR-2026-0171), while simultaneously three US healthcare providers — Advanced Family Surgery Center, Orem Eye Clinic, and Belmont Aesthetic & Reconstructive Plastic Surgery — faced ransomware claims involving patient PHI (SCC-DBR-2026-0162). The healthcare incidents carry immediate HIPAA breach assessment obligations and potential HHS OCR notification requirements. DragonForce’s TTPs map to double-extortion methodology: T1041 (C2 exfiltration), T1114 (email collection), T1486 (encryption for impact), and T1657 (financial theft).

For organizations with vendor, partner, or supply chain relationships with Ink, immediately review shared access, credentials, and data exchange agreements; revoke or suspend active integrations pending scope confirmation. Healthcare organizations should confirm backup integrity, verify offline backup copies exist that were not accessible during any potential compromise window, and initiate HIPAA breach risk assessment immediately if PHI was potentially exposed.

The ransomware surge documented across this week’s intelligence items (Check Point reports 48% year-over-year increase, SCC-CAM-2026-0446) is driven by multiple successor groups filling the gap left by LockBit and ALPHV disruptions. Business services, consumer goods, and industrial manufacturing are the highest-volume targets. Organizations in these sectors should validate backup integrity, test restoration procedures, and confirm shadow copy deletion is alerted on as an immediate defensive action. Sources: BleepingComputer; Check Point Research May 2026 Ransomware Report.

CISA BOD 26-04: Risk-Based Vulnerability Prioritization Mandate Reshapes Federal Patch Strategy

CISA issued Binding Operational Directive 26-04 (SCC-GOV-2026-0057, 0049) requiring Federal Civilian Executive Branch agencies to move beyond KEV-only remediation triggers toward a multi-factor risk scoring model incorporating exploitation likelihood, asset criticality, environmental context, and public exposure. Simultaneously, CISA compressed the KEV remediation window to three days for the highest-risk vulnerability tier (SCC-GOV-2026-0053, 0050). These two directives together represent the most significant shift in federal vulnerability management posture since BOD 22-01 established the KEV catalog.

For non-federal organizations, BOD 26-04 represents best-practice guidance directly applicable to any mature vulnerability management program. The core principle — that KEV status is one signal among several, not the sole remediation trigger — addresses a known gap in most organizations’ prioritization logic. Organizations that have built their vulnerability management program primarily around KEV should conduct an immediate gap assessment: what percentage of their remediation decisions are KEV-driven versus risk-score-driven? High KEV-only ratios indicate systemic prioritization exposure.

The three-day remediation window for highest-risk KEV items requires organizations to assess whether current change management processes, testing cadences, and approval workflows can operationally meet that target. Most cannot without exception handling processes. Document the bottlenecks and present remediation timeline gaps to leadership as risk decisions, not resource requests. Sources: CISA BOD 26-04 (cisa.gov); CISA BOD 22-01.

CISA KEV & Critical CVE Table

CVE Product CVSS EPSS Status KEV / Deadline Description
CVE-2026-25939 frangoteam FUXA SCADA/HMI 1.2.8–1.2.10 9.8 Critical 0.0002 CISA KEV; Public PoC KEV listed; consult cisa.gov for due date Unauthenticated authorization bypass allowing scheduler manipulation and remote code execution. Public exploit at GitHub.
CVE-2026-34910 Ubiquiti UniFi OS Server 9.8 Critical 0.18147 (95th percentile) CISA KEV; Active exploitation KEV listed; consult cisa.gov for due date Command injection via improper input validation enabling unauthenticated root access. Bishop Fox PoC published.
CVE-2026-20253 Splunk Enterprise 10.0.0–10.0.6; 10.2.0–10.2.3 9.5 Critical 0.00067 Exploit published June 13; not yet KEV Not KEV; monitor CISA Pre-authentication RCE via PostgreSQL sidecar endpoint. Splunk Cloud not affected. Patched in 10.0.7 and 10.2.4.
CVE-2026-34182 Microsoft Azure Linux 3.0 cloud-hypervisor (azl3 v51.1.56-1) 9.1 Critical 0.00005 Patched; no known active exploitation Not KEV CMS AuthEnvelopedData forgery vulnerability. Patch via tdnf update cloud-hypervisor. Verify via MSRC.
CVE-2026-44631 Microsoft Azure Linux 3.0 httpd 2.4.67-1 9.4 Critical 0.00043 Patched; low EPSS Not KEV Apache HTTP Server heap underflow via signed char overflow in ap_regname. Azure Linux 3.0 specific build.
CVE-2026-45602 Windows 10 Version 1809 (32-bit) DHCP 9.1 Critical 0.0 (not rated) Patched in June 2026 Patch Tuesday Not KEV DHCP tampering vulnerability enabling adversary-in-the-middle via DHCP spoofing. Apply June 2026 cumulative update.
CVE-2026-10520, CVE-2026-10523 Ivanti Sentry (pre-R10.5.2, R10.6.2, R10.7.1) 9.5 Critical 0.0 (not rated) Patched; no confirmed active exploitation Not KEV; monitor CISA Critical RCE and authentication bypass enabling unauthenticated root access. Apply R10.5.2, R10.6.2, or R10.7.1.
CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Not confirmed 0.0 CISA KEV; active exploitation by ShinyHunters KEV listed; consult cisa.gov for due date Zero-day vulnerability chain exploited by ShinyHunters against 100+ organizations. No patch confirmed at time of reporting. Network isolation is primary control.
CVE-2026-5027 (lead), CVE-2026-0770, CVE-2026-28277, CVE-2026-33017, CVE-2025-3248 Langflow AI Platform (pre-1.10.0) 9.5 Critical 0.04075 (89th percentile) Active exploitation (~7,000 exposed instances) Not KEV; monitor CISA Path traversal + unsafe deserialization chained for unauthenticated RCE. Patched in v1.10.0. Restrict public access immediately.
Chrome Zero-Day (CVE TBD) Google Chrome Desktop (pre-June 11, 2026) 9.5 Critical 0.0 (not rated) Active exploitation; emergency patch issued Not KEV; monitor CISA Actively exploited zero-day. Force-update Chrome to June 11, 2026 stable channel on all managed endpoints immediately.
CVE-2026-6866 Schneider Electric EcoStruxure Panel Server (firmware ≤002.005.000) 7.5 High 0.00062 No patch planned for most models Not KEV; CISA ICSA-26-160-03 Credential reset flaw resetting to factory defaults. No fix for most models. Apply network isolation and credential hardening immediately.
CVE-2025-40946, CVE-2026-41125 Siemens KACO Blueplanet Inverters (30+ models) 7.5 High 0.00024 No fix planned by vendor Not KEV; CISA ICSA-26-160-02 Hard-coded credentials (CWE-798) and SQL injection (CWE-89). No vendor remediation path. Network isolation and access restriction required permanently.
CVE-2026-44963 Veeam Backup & Replication (pre-12.3.2) 8.8 High 0.0 Patched in 12.3.2 Not KEV Authenticated domain user RCE. High risk in post-compromise scenarios. Apply 12.3.2 patch immediately. Restrict domain user access to backup interfaces.

Supply Chain & Developer Tool Threats

Axios npm Package Compromise (STARDUST CHOLLIMA / DPRK)

Axios versions v1.14.1 and v0.30.4 were published by a threat actor who gained access to the Axios npm maintainer account. Both versions embed a Remote Access Tool with macOS implant capabilities including credential harvesting, LaunchAgent/LaunchDaemon persistence, and C2 beaconing. With 100M+ weekly downloads, exposure is extremely broad. The official post-mortem at github.com/axios/axios/issues/10636 is the authoritative source for clean version guidance. Block both compromised versions at all artifact registries. Rotate all secrets from environments that consumed either version. Attribution to CrowdStrike-designated STARDUST CHOLLIMA (DPRK-linked) is high confidence. Framework controls: NIST SI-7, CIS 2.1, CIS 2.2, NIST SR-3, NIST SR-2.

AUR / npm eBPF Rootkit — atomic-lockfile

Over 400 AUR packages were compromised with a kernel-level eBPF rootkit delivered via the atomic-lockfile npm package through PKGBUILD postinstall hooks. The rootkit suppresses process visibility from userspace tools. Detection requires out-of-band methods: bpftool prog list from trusted bootable media; pacman.log review against confirmed compromised package list; npm lock file scanning for atomic-lockfile; network egress log review for anomalous outbound connections following AUR/npm install events. Full OS reinstallation from trusted media is required for confirmed compromises. Block atomic-lockfile at all registries. IOC: npmjs.com/package/atomic-lockfile. Framework controls: NIST CM-7, NIST SI-7, CIS 2.3, CIS 2.5, CIS 2.6.

Miasma Worm / Hades Campaign — PyPI, npm, RubyGems, AI Coding Tools

The Miasma source code leak enabled the Hades campaign across multiple registries. Confirmed compromised packages include durabletask (v1.4.1–1.4.3), dynamo-release, spateo-release, and coolbox. AI coding tool configuration files (.cursorrules, Copilot settings, Cline context) are targeted as credential access and persistence vectors. GitHub is used as C2 channel — anomalous outbound calls from CI/CD runners to GitHub outside clone/fetch operations are a primary behavioral indicator. Scan all dependency manifests with SCA tooling. Pin dependencies to hash-verified versions. Treat AI tool configuration files as sensitive artifacts under version control and integrity monitoring. Framework controls: NIST SR-3, NIST SR-2, CIS 15.1, NIST SI-3.

TeamPCP Campaign — Security Tooling Weaponized Against Defenders

The TeamPCP supply chain campaign (SCC-CAM-2026-0462) targets security scanners and CI/CD pipeline infrastructure, turning defenders’ own tooling against them. The campaign injects malicious code through scanner plugin updates and unsigned dependency downloads during build time. Key indicators: outbound network calls from build runners to domains not in an approved allowlist during dependency resolution; new or modified runner configuration files not traceable to approved commits; hard-coded credentials or tokens appearing in pipeline logs; unexpected container spawning within pipeline stages. Organizations should implement D3-SFA (System File Analysis) on pipeline configuration files and D3-SICA on scanner agent startup configurations. Framework controls: NIST AC-4, NIST CM-7, CIS 4.6.

AI Agent Skill Registry Attacks — OpenClaw, 5% Malicious Skill Rate

Unit 42 audited 49,943 OpenClaw registry skills and identified approximately 2,497 (5%) containing multi-stage attack chains including obfuscated credential harvesting, C2 exfiltration, and execution flow hijacking. Any organization deploying LLM agents consuming skills from unverified registries should treat this as an active supply chain threat. Require cryptographic signing or hash verification for all agent skills before runtime execution. Apply least-privilege scoping to all agent runtime accounts. Enable credential monitoring for API keys and tokens accessible to agent processes. Framework controls: NIST AC-6, NIST SR-3, CIS 2.5, CIS 2.6, D3-UAP, D3-CRO.

OpenClaw AI Agent Vulnerabilities — Prompt Injection and Social Engineering

Two separate attack paths against OpenClaw were disclosed: a prompt injection vulnerability (patched in v2026.4.23) enabling credential exfiltration via injected instructions in contact fields, and an unpatched social engineering path discovered by Varonis that bypasses sender verification. The social engineering vector has no vendor patch; compensating controls are required. Immediately upgrade to v2026.4.23 for the injection fix. For the unpatched social engineering path: restrict agent permissions to minimum required scope, revoke access to cloud storage and credential stores unless operationally required, and enable behavioral monitoring of all agent-initiated outbound data transfers. Integrations with Slack, Discord, Matrix, Zalo, and Microsoft Teams are all in scope. Framework controls: NIST AC-6, NIST AC-4, CIS 6.1, CIS 6.2.

Nation-State & APT Activity Summary

North Korea (DPRK) — STARDUST CHOLLIMA / FAMOUS CHOLLIMA

Attribution confidence: High (CrowdStrike designation)

Targeted sectors: Technology, software development, cryptocurrency/financial

Primary TTPs this week: npm supply chain compromise (T1195.001, T1195.002), macOS RAT deployment (T1588.001, T1059), DPRK IT worker insertion for insider access (T1136, T1078), ransomware deployment for financial gain (T1486, T1657), access broker operations (T1650)

Key activity: STARDUST CHOLLIMA compromised the Axios npm maintainer account and published malicious versions v1.14.1 and v0.30.4 embedding a RAT. FAMOUS CHOLLIMA continues to place IT workers at North American technology firms to gain persistent access to private code repositories and development infrastructure. 572 technology organizations are named on dedicated leak sites associated with DPRK-adjacent eCrime operations this reporting period.

Defensive priorities: Audit all Axios dependencies; implement contractor identity vetting against CISA DPRK IT worker indicators; enforce MFA on all code repository access; monitor for anomalous access from recently onboarded remote IT contractors. Reference CISA advisory on DPRK IT worker schemes for identification indicators.

China (PRC) — Multiple Groups Including Velvet Ant, SUNRISE PANDA

Attribution confidence: High (Sygnia, CrowdStrike attribution)

Targeted sectors: Technology broadly, AI/ML infrastructure, financial services, mail infrastructure, defense-adjacent technology

Primary TTPs this week: Binary trojanization (T1554, T1601, T1601.001), PAM/SSH authentication process modification (T1556, T1556.003), web shell deployment (T1505.003), supply chain compromise (T1195.002), AI training data collection (T1213, T1537), credential access (T1552.004), spear-phishing for IP theft (T1566)

Key activity: Velvet Ant (Operation Highland) maintained decade-long persistence in an air-gapped environment by trojanizing pam_unix.so and OpenSSH binaries, using Nginx/fcgiwrap execution bridges to cross network segments. China-linked groups account for 58% of state-sponsored technology sector attacks, primarily targeting AI infrastructure. SUNRISE PANDA continues targeted mail infrastructure attacks against North American technology organizations. The FireAnt Metakit supply chain compromise in Vietnam (attributed to APT32/OceanLotus) demonstrates continued willingness to compromise domestic institutions.

Defensive priorities: Binary integrity verification on all Linux authentication components; restrict AI infrastructure access to need-to-know; monitor for bulk data repository access patterns; implement network segmentation between AI compute, storage, and orchestration layers.

Iran — Handala

Attribution confidence: Moderate (threat actor self-reporting, unverified by authoritative source)

Targeted sectors: Critical infrastructure (water utilities), geospatial platforms

Primary TTPs: T1567 (Exfiltration Over Web Service), T1078 (Valid Accounts), T1190 (Exploit Public-Facing Application), T1213 (Data from Information Repositories)

Key activity: Handala claimed breach of California Water Service Company (Cal Water) billing systems and RTKBase GNSS platform. Claim is unverified by Cal Water or authoritative third parties; treat with appropriate skepticism while conducting defensive review. Historical Handala attacks have targeted Israeli and US critical infrastructure. The RTKBase component (open-source GNSS platform) is notable as an attack surface within critical infrastructure operations.

Defensive priorities: Audit internet-exposed billing and geospatial platform interfaces; review authentication logs for Iranian IP range activity; rotate billing system service account credentials.

Vietnam — APT32 / OceanLotus (Domestic Targeting Shift)

Attribution confidence: High (multiple security vendor attribution)

Targeted sectors: Vietnamese financial sector, stock investor platforms, critical infrastructure

Primary TTPs: Software supply chain compromise via update mechanism (T1195.002), DLL side-loading (T1574.002), process injection into OneDrive.Sync.Service.exe (T1055), HTTP/S C2 (T1071.001), data staging and exfiltration (T1560, T1005)

Key activity: APT32 compromised the FireAnt Metakit stock investor software update mechanism to deploy SPECTRALVIPER malware via process injection. This represents a notable shift: a Vietnamese state-adjacent group targeting Vietnamese domestic financial infrastructure, likely for intelligence collection on financial sector activity. The intrusion demonstrated decade-long potential dwell time indicators prior to discovery.

Defensive priorities: Organizations using FireAnt Metakit should immediately suspend the automatic software update mechanism and verify update channel integrity with the vendor; check OneDrive.Sync.Service.exe process trees for injected modules.

Hacktivist — Philippine Senate Website Defacement; Maine Portal Disinformation

Targeted entities: Philippine Senate (senate.gov.ph); Maine Attorney General Breach Notification Portal (impersonation of VRChat and Discord)

Primary TTPs: T1491.002 (External Defacement), T1190 (Exploit Public-Facing Application), T1036 (Masquerading), T1565 (Data Manipulation)

Key activity: The Philippine Senate website was defaced, spotlighting political tensions in that country. Separately, attackers submitted fraudulent breach notifications to the Maine AG portal impersonating VRChat and Discord, exploiting the absence of submitter identity verification in regulatory disclosure systems. The Maine portal disinformation campaign represents a novel attack on the integrity of regulatory notification infrastructure itself — a reputational and operational risk for organizations that may be falsely named.

Defensive priorities: Monitor Maine AG portal and equivalent state AG portals for unauthorized filings naming your organization; enforce MFA on all CMS administrative accounts; establish web page integrity monitoring for public-facing properties.

Phishing & Social Engineering Alert

Outsider Enterprise AI-Powered Smishing (Operation Riptide — Disrupted but Successor Risk Remains)

Status: Platform dismantled by Operation Riptide; successor threat actors likely to replicate model

Attack characteristics: The Outsider Enterprise PhaaS platform used Google Gemini AI to generate grammatically perfect, contextually relevant smishing lures indistinguishable from legitimate carrier, financial, and logistics communications. Lures were delivered via major US carrier SMS infrastructure (AT&T, T-Mobile, Verizon). Approximately 9,000 fraudulent domains were operated, impersonating Google, financial institutions, logistics providers, and carrier brands. The platform operated Telegram bot infrastructure for C2 coordination and used Shopify storefronts as fraudulent e-commerce surfaces. The adversary-in-the-middle session cookie theft technique (T1557, T1539) bypassed standard OTP-based MFA — victims authenticated fully and had session cookies stolen before completing the MFA challenge.

Detection guidance: Query DNS resolver logs for connections to domains registered under 30 days matching carrier brands (att, tmobile, verizon) or logistics providers with unfamiliar TLDs or hyphenated patterns. In authentication platforms, alert on session token reuse from two or more distinct IPs within short time windows. Monitor outbound calls to api.telegram.org from endpoints not authorized for Telegram use as a C2 indicator. Users reporting unexpected carrier-branded SMS messages with shortened URLs or redirects to login pages is a human-sourced behavioral indicator worth funneling into the SOC. Retrieve confirmed domain IOCs from FBI and Black Lotus Labs advisories when published. Framework controls: NIST SI-8, NIST AT-2, CIS 14.2, D3-MFA.

AI-Assisted Precision Phishing — Structural Shift in Email Threat Landscape

Status: Ongoing; structural shift confirmed by multiple intelligence sources

Attack characteristics: Multiple intelligence items this week confirm a documented shift from volume-based phishing to precision, AI-generated targeted attacks. Traditional detection logic relying on volume anomalies, bulk-send pattern heuristics, and grammatical anomaly scoring is structurally mismatched against this threat. AI-generated lures are now indistinguishable from legitimate messages by grammar or formatting alone. Internal spearphishing (T1534) using compromised accounts is a consistent follow-on after initial credential harvest, extending the threat to internal communications trusted by default.

Detection guidance: Shift detection focus from content quality (grammar, spelling) to sender behavior, communication graph anomalies, and link context at render time. Alert on email from external domains mimicking internal sender naming conventions, first-contact senders with no prior communication history targeting executives or finance roles, and URL clicks that redirect through multiple hops before reaching credential capture pages. For behavioral analytics: monitor for authentication events from unexpected geographies within 10 minutes of inbound SMS/email delivery, and flag concurrent sessions from multiple IPs following authentication (session cookie theft indicator). Framework controls: NIST AT-2, NIST SI-8, CIS 14.2, D3-MFA.

Meta Instagram AI-Assisted Account Recovery Bypass — 20,000+ Accounts Compromised

Status: Meta has disclosed the vulnerability and is investigating; patch status for social engineering vector requires confirmation

Attack characteristics: Meta’s High Touch Support (HTS) AI-assisted account recovery system was found to contain an authorization logic flaw that allowed attackers to bypass ownership verification at state transitions within the recovery flow. Approximately 20,225 Instagram accounts were confirmed compromised. The attack maps to T1531 (Account Access Removal), T1078 (Valid Accounts), and T1586.001 (Social Media Accounts). For organizations using Meta Business Suite or Meta API integrations, hijacked Instagram accounts could provide access to connected business tools and advertising infrastructure.

Detection guidance: Monitor for unexpected password reset notifications on organizational Meta accounts; review Meta Business Suite access logs for authentication from unrecognized devices or IPs; monitor brand-controlled social media accounts for unauthorized post activity or link changes. Ensure MFA is enforced on all Meta Business accounts and social media accounts used in marketing or customer engagement. Framework controls: CIS 6.3, CIS 6.5, NIST AC-2, D3-MFA.

Indicators of Compromise

Story / Campaign IOC Type Value Confidence Context
Axios npm Compromise (STARDUST CHOLLIMA) URL https://www.npmjs.com/package/axios/v/1.14.1 High Compromised package — do not install; remove from all lockfiles
Axios npm Compromise (STARDUST CHOLLIMA) URL https://www.npmjs.com/package/axios/v/0.30.4 High Compromised package — do not install; remove from all lockfiles
Axios npm Compromise (STARDUST CHOLLIMA) URL https://github.com/axios/axios/issues/10636 High Official post-mortem — use for clean version guidance and compromise timeline
Axios npm Compromise (multi-campaign) Hash See StepSecurity and Trend Micro advisories for package hashes of v1.14.1 and v0.30.4 High Malicious npm package versions; hash values must be retrieved from upstream advisories
AUR Supply Chain / eBPF Rootkit URL https://www.npmjs.com/package/atomic-lockfile High Malicious npm package delivering eBPF rootkit and credential harvester; block at all registries
AUR Supply Chain / eBPF Rootkit Package Name atomic-lockfile (npm) High Block installation; remove from all dependency manifests and caches
Miasma / Hades Campaign URL https://pypi.org/project/durabletask/ High Official PyPI listing — verify installed version is NOT 1.4.1, 1.4.2, or 1.4.3; all three are malicious
Miasma / Hades Campaign Package Version durabletask 1.4.1, 1.4.2, 1.4.3 (PyPI) High Malicious wheel artifacts; remove from all environments and artifact caches
Miasma / Hades Campaign Package Name dynamo-release (PyPI) High Confirmed compromised package in Hades wave; remove from dependency trees
Miasma / Hades Campaign Package Name spateo-release (PyPI) High Confirmed compromised package in Hades wave; remove from dependency trees
Miasma / Hades Campaign Package Name coolbox (PyPI) High Confirmed compromised package in Hades wave; remove from dependency trees
Miasma / Hades Campaign Domain (C2) github.com (used as C2 channel) Medium Miasma uses GitHub for C2; anomalous outbound calls from CI/CD runners to GitHub outside expected operations are suspicious
FUXA SCADA CVE-2026-25939 URL (PoC) https://github.com/mbanyamer/CVE-2026-25939-SCADA-FUXA-Unauthenticated-Remote-Arbitrary High Public proof-of-concept exploit; presence of requests matching patterns from this repository indicates active exploitation attempts
Outsider Enterprise PhaaS / Operation Riptide Domain ~9,000 fraudulent domains (see FBI/Black Lotus Labs advisories for specific list) Low (pending official publication) Sinkholed as part of Operation Riptide; block at DNS and proxy layer once IOC list is published
Outsider Enterprise PhaaS / Operation Riptide Infrastructure api.telegram.org Medium Telegram used for C2 coordination; outbound connections to Telegram API from non-authorized endpoints are behavioral indicator
Velvet Ant (Operation Highland) Hash Not provided in source material — see Sygnia Operation Highland report for trojanized binary hashes Low (pending primary source retrieval) Trojanized pam_unix.so and OpenSSH binaries; retrieve hashes from Sygnia advisory before using for detection
Langflow RCE (CVE-2026-5027 cluster) URL https://nvd.nist.gov/vuln/detail/cve-2026-33017 High NVD detail record for CVE-2026-33017 — part of Langflow vulnerability cluster
Langflow RCE URL https://www.runzero.com/blog/langflow/ Medium runZero guidance on finding Langflow-impacted assets
St. George Fire Protection District / LotL Breach Tool (leveraged) PowerShell leveraged via living-off-the-land execution to perform lateral movement and command execution while evading detection Medium Confirmed in lawsuit; specific invocation details not publicly disclosed
St. George Fire Protection District / LotL Breach Tool (leveraged) WMI (Windows Management Instrumentation) leveraged via abuse of dual-use utility to execute commands and persist access Medium Cited in litigation as likely tool in LotL attack chain
AudiA6 Cryptocurrency Mixer Domain AudiA6 platform domains (25 total — pending official law enforcement publication) High (pending IOC list) Seized infrastructure; block at DNS and proxy layer once IOC list is published by law enforcement
Handala — Cal Water Breach URL (source) https://www.dataminr.com/resources/intel-brief/cyber-intel-brief-handala-claims-breach-of-california-water-service/ Low (Tier 3 source) Dataminr Intel Brief reporting Handala’s claim — not an authoritative advisory; verify independently
Bishop Fox — UniFi OS RCE Analysis URL (research) https://bishopfox.com/blog/popping-root-on-unifi-os-server-unauthenticated-rce-chain-detection-analysis High Primary technical research on UniFi OS exploit chain and detection analysis

Helpful 5: High-Value Low-Effort Mitigations

1. Audit and Block Compromised npm Package Versions in All Dependency Manifests

Why this week: The Axios v1.14.1 and v0.30.4 compromise (STARDUST CHOLLIMA), the atomic-lockfile AUR/npm rootkit, and the Miasma/Hades PyPI/npm campaign represent three simultaneous package ecosystem attacks. Any Node.js, Python, or JavaScript project that consumed these versions has a confirmed compromise vector that must be addressed before any other remediation activity.

How (step-by-step):

  1. Run npm list axios across all Node.js project directories and CI/CD configurations. Flag any result showing v1.14.1 or v0.30.4.
  2. Search all package-lock.json, yarn.lock, and pnpm-lock.yaml files for “axios” at the two affected version strings: grep -r '"axios"' --include="*.json" | grep -E '1\.14\.1|0\.30\.4'
  3. Search for atomic-lockfile: find / -path '*/node_modules/atomic-lockfile' -type d 2>/dev/null
  4. Search PyPI dependencies for durabletask, dynamo-release, spateo-release, coolbox in requirements.txt, pyproject.toml, and Poetry lockfiles.
  5. Block all flagged versions at artifact registries (Artifactory, Nexus, npm proxy).
  6. Upgrade to clean versions. Rebuild all artifacts from flagged environments from scratch.
  7. Rotate all credentials accessible from any environment that ran flagged packages.

Framework alignment: NIST SI-7 (Software, Firmware, and Information Integrity); NIST SR-3 (Supply Chain Controls and Processes); CIS 2.1 (Establish and Maintain a Software Inventory); CIS 2.3 (Address Unauthorized Software); CIS 7.4 (Perform Automated Application Patch Management)

2. Verify Linux Authentication Binary Integrity Against Vendor-Signed Hashes

Why this week: Velvet Ant’s decade-long persistence via trojanized pam_unix.so and OpenSSH binaries demonstrates that core authentication components are a viable, long-dwell APT target. Standard monitoring will not detect this; only integrity verification against authoritative package manager records will surface a compromise.

How (step-by-step):

  1. On RPM-based systems: rpm -V openssh pam — compare output against known-good; any “5” (MD5 checksum differs) or “T” (file mtime changed) flag on these binaries warrants immediate investigation.
  2. On Debian-based systems: dpkg --verify openssh-server libpam-modules
  3. Compare pam_unix.so, /usr/sbin/sshd, /usr/bin/ssh, and /usr/bin/scp file hashes against the cryptographic hashes published in the distribution vendor’s signed package repository.
  4. If any mismatch is found, do not attempt in-place removal. Reinstall the packages from signed distribution sources on the same system: apt-get install --reinstall openssh-server libpam-modules or equivalent.
  5. Rotate all credentials (passwords, SSH keys, API keys) that have been authenticated through any potentially compromised host.
  6. Deploy file integrity monitoring covering pam_unix.so and OpenSSH binaries as a standing control.

Framework alignment: NIST SI-7 (Software, Firmware, and Information Integrity); NIST IA-5 (Authenticator Management); CIS 2.2 (Ensure Authorized Software is Currently Supported); D3-SFA (System File Analysis); D3-CRO (Credential Rotation)

3. Restrict FUXA and UniFi OS Management Interfaces from Internet Exposure (KEV Items)

Why this week: Both CVE-2026-25939 (FUXA, CVSS 9.8, CISA KEV, public PoC) and CVE-2026-34910 (Ubiquiti UniFi OS, CVSS 9.8, CISA KEV, Bishop Fox exploit chain) are internet-exposed management interface vulnerabilities with active exploitation potential. Network isolation is the highest-impact, fastest-to-implement control while patching proceeds.

How (step-by-step):

  1. Identify all FUXA instances (versions 1.2.8–1.2.10) and UniFi OS Server instances in your environment using asset inventory.
  2. For FUXA: block external access to the web interface port at the perimeter firewall. If operationally required to remain accessible, place behind an authenticated reverse proxy or VPN gateway. Upgrade to FUXA 1.2.11 immediately.
  3. For UniFi OS: restrict management interface access (TCP 8080, 8443, 8880, 8843) to dedicated management VLAN hosts only at the firewall or security group level. Apply the Ubiquiti patch per the official security advisory. Rotate all administrative credentials post-patch.
  4. Verify controls are effective: from outside the management network, attempt to connect to the management ports. Confirm connections are blocked.
  5. After patching UniFi OS, run bpftool prog list or review system logs for exploitation indicators before returning to normal operations.

Framework alignment: NIST SC-7 (Boundary Protection); NIST AC-17 (Remote Access); CIS 4.4 (Implement and Manage a Firewall on Servers); CIS 7.4 (Perform Automated Application Patch Management); D3-PBWSAM (Proxy-based Web Server Access Mediation)

4. Force-Update Chrome and Apply Splunk Enterprise Patch on All Instances

Why this week: The Chrome zero-day (actively exploited, emergency patch issued June 11) and Splunk Enterprise pre-auth RCE with published exploit (CVE-2026-20253, exploit published June 13) are two critical vulnerabilities where proof-of-concept code is publicly available and exploitation is either confirmed or imminent. Both require immediate action ahead of standard patch cycles.

How (step-by-step):

  1. Chrome: Push force-update to the June 11, 2026 stable channel via endpoint management tooling (Intune, JAMF, SCCM, or equivalent). Verify version compliance across Windows, macOS, and Linux managed endpoints. Also check Chromium-based browsers (Edge, Brave, Opera) for pending upstream patches.
  2. Splunk: Identify all instances running Splunk Enterprise 10.0.0–10.0.6 or 10.2.0–10.2.3. If internet-facing and unpatched, restrict access to Splunk management ports (8089, 9997) at the firewall immediately as a containment step.
  3. Apply Splunk patches: upgrade 10.0.x to 10.0.7; upgrade 10.2.x to 10.2.4. Verify version via Settings > About or splunk version CLI.
  4. After Splunk patching, review splunkd.log and audit.log for pre-authentication access indicators against management endpoints.
  5. After Chrome update, confirm compliance via endpoint management reporting. Hunt for any endpoints that missed the update cycle as a priority patching task.

Framework alignment: NIST SI-2 (Flaw Remediation); CIS 7.3 (Perform Automated Operating System Patch Management); CIS 7.4 (Perform Automated Application Patch Management); CIS 8.2 (Collect Audit Logs); NIST AU-6 (Audit Record Review, Analysis, and Reporting)

5. Enforce MFA on All CI/CD Service Accounts and Developer npm/PyPI Publishing Accounts

Why this week: The Axios compromise, Miasma/Hades campaign, AUR rootkit, and TeamPCP security tooling attack all exploited the absence of MFA on package registry maintainer accounts or CI/CD service accounts. MFA on these accounts would have prevented or significantly complicated the initial account compromise that enabled malicious package publication. This is the single control that would have had the most impact across all supply chain attacks observed this week.

How (step-by-step):

  1. Audit all npm and PyPI accounts associated with your organization that have package publish rights. Confirm MFA is enforced on every account. npm and PyPI both provide MFA settings in account security preferences.
  2. Audit all GitHub organization member accounts — enforce MFA at the organization level via GitHub Organization Settings > Authentication security > “Require two-factor authentication.”
  3. For CI/CD service accounts (GitHub Actions, GitLab CI runners, Jenkins): replace long-lived static credentials with short-lived, scoped tokens. GitHub Actions: use OIDC for cloud provider authentication instead of stored secrets. Rotate all existing long-lived tokens.
  4. Audit JFrog Artifactory, Nexus, and AWS CodeArtifact administrative accounts for MFA enforcement.
  5. Confirm MFA is enrolled and enforced — not merely available — for all accounts with package registry publish rights. Review whether MFA bypass conditions exist for legacy workflows and eliminate them.

Framework alignment: CIS 6.3 (Require MFA for Externally-Exposed Applications); CIS 6.5 (Require MFA for Administrative Access); NIST IA-2 (Identification and Authentication); NIST IA-5 (Authenticator Management); D3-MFA (Multi-factor Authentication); D3-CH (Credential Hardening)

Framework Alignment Matrix

Threat MITRE Tactic MITRE Technique(s) NIST 800-53 Controls CIS v8 Controls
Axios / AUR npm Supply Chain Compromise (DPRK) Initial Access; Persistence; Credential Access T1195.001, T1195.002, T1547, T1552, T1554 SI-7, SR-3, SR-2, AC-2, IA-5 2.1, 2.3, 2.5, 2.6, 7.4, 15.1
AUR eBPF Rootkit (atomic-lockfile) Initial Access; Defense Evasion; Credential Access; Exfiltration T1014, T1195.001, T1195.002, T1552.001, T1552.004, T1555, T1041 SI-3, SI-4, SI-7, CM-7, SR-3, CA-7 2.3, 2.5, 2.6, 6.3, 8.2
Miasma Worm / Hades Campaign (PyPI, npm, AI Tools) Initial Access; Execution; Credential Access; Persistence T1195.002, T1059.007, T1552.001, T1552.004, T1528, T1543, T1053.005 CM-7, SA-9, SR-3, SI-7, IA-5, CM-3 2.5, 2.6, 5.2, 6.3, 15.1
Velvet Ant Linux PAM/OpenSSH Binary Trojanization Credential Access; Persistence; Defense Evasion; Lateral Movement T1556, T1556.003, T1554, T1601.001, T1021.004, T1070 SI-7, IA-2, IA-5, CA-8, RA-5, CM-2, CM-3 2.5, 2.6, 6.4, 6.5, 8.2
Microsoft June 2026 Patch Tuesday Zero-Days Initial Access; Execution; Privilege Escalation T1190, T1203, T1068 SI-2, SI-4, SI-3, AC-6, IR-5 7.3, 7.4, 6.5
Splunk Enterprise Pre-Auth RCE (CVE-2026-20253) Initial Access; Execution; Persistence T1190, T1059.006, T1505.003 SI-2, SC-7, RA-5, AU-6 7.3, 7.4, 6.3, 8.2
FUXA SCADA/HMI CVE-2026-25939 (CISA KEV) Initial Access; Execution T1190, T1059, T0883 SI-2, SC-7, AC-3, CM-7 6.1, 7.3, 7.4, 8.2
Ubiquiti UniFi OS CVE-2026-34910 (CISA KEV) Initial Access; Execution; Privilege Escalation T1059, T1190, T1068 SI-2, SC-7, RA-5, AC-6 6.3, 7.3, 7.4
Outsider Enterprise AI-Powered Smishing (PhaaS) Reconnaissance; Credential Access; Resource Development T1598, T1539, T1557, T1583.001, T1656 AT-2, SI-8, SI-3, SI-4 14.2, 6.3, 6.4, 8.2
Mackay Sugar OT/ICS Attack (Critical Infrastructure) Initial Access; Impact T1190, T0816, T1486, T0826 SC-7, CP-9, CP-10, AC-17, IR-4 4.4, 6.4, 7.3
TeamPCP Security Tool Weaponization Initial Access; Execution; Credential Access T1195.001, T1072, T1552.001, T1610, T1609 SI-3, SI-7, SA-9, SR-3, AC-3 2.5, 4.6, 6.1, 6.2, 8.2
AI Agent Prompt Injection / Agentjacking Initial Access; Credential Access; Execution T1566, T1190, T1552.001, T1195.002, T1059 AC-6, AC-3, SI-10, SR-3, IA-5 6.3, 14.2, 15.1, 16.10
CISA BOD 26-04 — Vulnerability Management Mandate Governance / Policy N/A (governance directive) SI-2, RA-5, SI-4, AU-6 7.1, 7.2, 7.3, 7.4, 1.1

Upcoming Security Events & Deadlines

Patch Management Deadlines

  • Next Microsoft Patch Tuesday: July 8, 2026 — Organizations should complete June 2026 Patch Tuesday deployment (zero-days priority) before this date; track any rollback issues from the June 206-CVE cycle before July deployment begins.
  • FUXA CVE-2026-25939 (CISA KEV): FCEB agencies must remediate per KEV due date; retrieve exact date from cisa.gov/known-exploited-vulnerabilities-catalog. All organizations should treat this as emergency priority given public PoC.
  • Ubiquiti UniFi OS CVE-2026-34910 (CISA KEV): Retrieve KEV due date from CISA catalog. Network isolation is available immediately while patching proceeds.
  • Oracle PeopleSoft CVE-2026-35273 (CISA KEV): Retrieve KEV due date from CISA catalog. No patch confirmed at time of reporting; network isolation and ShinyHunters-specific monitoring are primary controls.
  • CISA BOD 26-04 Compliance: FCEB agencies should begin gap assessment this week. Consult the BOD text at cisa.gov for specific compliance milestones and deadlines.
  • CISA 3-Day KEV Remediation Window: Effective under the new CISA directive, highest-risk KEV items require remediation within three days for FCEB agencies. Non-federal organizations should assess current process capacity against this benchmark.

Vendor Security Advisories to Monitor

  • Oracle CPU (next quarterly): Watch for emergency out-of-cycle advisory addressing CVE-2026-35273 (PeopleSoft zero-day chain exploited by ShinyHunters); subscribe to oracle.com/security-alerts/
  • Ivanti Sentry: Ensure R10.5.2, R10.6.2, or R10.7.1 is applied; monitor ivanti.com for additional CVEs in the 10.x series.
  • Schneider Electric EcoStruxure Panel Server: No patch planned for most affected models; subscribe to CISA ICS advisories (cisa.gov/ics) for ICSA-26-160-03 updates. Compensating controls are permanent for most deployments.
  • Siemens KACO Blueplanet Inverters: No fix planned per ICSA-26-160-02; compensating controls are permanent. Monitor CISA ICS for any future advisory updates.
  • OpenClaw AI Agent — Social Engineering Vector: Unpatched as of reporting. Track vendor release notes for patch addressing CWE-345 and CWE-284 (Varonis-documented path). Apply immediately upon release.
  • Microsoft Defender RoguePlanet Zero-Day: No patch available as of June 15, 2026. Monitor MSRC (msrc.microsoft.com/update-guide) for emergency advisory. Compensating control: enforce least privilege on all Windows endpoints.

Regulatory and Compliance Dates

  • HIPAA Breach Notification: Healthcare organizations affected by ransomware claims this week (Advanced Family Surgery Center, Orem Eye Clinic, Belmont Aesthetic & Reconstructive Plastic Surgery) should initiate HHS OCR breach risk assessment immediately. 60-day notification window for breaches affecting 500+ individuals begins at discovery date.
  • UK GDPR — University of Nottingham Breach: ICO notification requirements apply; affected organizations with federated relationships should assess secondary breach exposure.
  • APPI (Japan) — Kyushu Electric Physical Storage Breach: Japan’s Personal Information Protection Commission notification requirements apply; affected organizations should verify obligations under APPI as amended.
  • California Privacy — Handala / Cal Water Claim: Monitor for Cal Water official disclosure; affected customers may have CCPA rights. Organizations in California water sector should review breach notification obligations.
  • China Financial Data Classification Guidelines: Organizations with China-domiciled operations in financial information services should begin mapping data assets against the four-tier classification framework. Engage qualified legal counsel with China regulatory expertise for compliance interpretation.

Intelligence Community Monitoring

  • FBI Operation Ghost Hook IOC Release: Monitor FBI official advisories and Google’s federal complaint exhibits (available via PACER) for Outsider Enterprise domain and infrastructure IOC list publication.
  • Sygnia Operation Highland Full Report: Monitor sygnia.co for complete IOC publication including trojanized binary hashes for Velvet Ant detection.
  • Unit 42 AI Agent Skill Registry Research: Monitor paloaltonetworks.com/unit42 for full publication of OpenClaw skill registry audit findings including compromised skill identifiers.

Sources

Section 1 — Executive Summary

Section 2 — Critical Action Items

Section 3 — Key Security Stories

  • CrowdStrike 2026 Technology Threat Landscape Report (via SCC pipeline)
  • Sonatype Security Advisories (via SCC pipeline)
  • Axios npm Post-Mortem: github.com/axios/axios/issues/10636
  • BleepingComputer — AUR Supply Chain, Splunk, PeopleSoft, FUXA: bleepingcomputer.com
  • Sygnia Operation Highland: sygnia.co/blog (search-retrieved URL — validate before use)
  • Rescana ThreatsDay Bulletin June 2026 (Miasma/Hades): rescana.com
  • Qualys Threat Research — June 2026 Patch Tuesday (via SCC pipeline)
  • Cisco Talos Snort Rules — June 2026 Patch Tuesday: blog.talosintelligence.com
  • Sysdig — Langflow Compromise: sysdig.com/blog
  • runZero — Langflow Asset Discovery: runzero.com/blog
  • NVD — CVE-2026-33017: nvd.nist.gov
  • Check Point Research — May 2026 Ransomware Report (via SCC pipeline)

Section 4 — CVE Table

Section 5 — Supply Chain

Section 6 — Nation-State Activity

  • Sygnia Operation Highland — Velvet Ant: sygnia.co/blog (search-retrieved URL — validate before use)
  • CrowdStrike 2026 Technology Threat Landscape Report (via SCC pipeline)
  • CISA — DPRK IT Worker Advisories: cisa.gov
  • MITRE ATT&CK Group pages: attack.mitre.org/groups/
  • Dataminr Intel Brief — Handala/Cal Water: dataminr.com

Section 7 — Phishing

  • FBI Operation Riptide advisory (monitor: fbi.gov)
  • Black Lotus Labs advisories (monitor: blog.lumen.com)
  • Google federal complaint (PACER): public court records system
  • HelpNet Security — Instagram AI: helpnetsecurity.com
  • Imperva Research — OpenClaw Prompt Injection (monitor: imperva.com/blog/)
  • Varonis Research — OpenClaw Social Engineering (monitor: varonis.com/blog)

Section 8 — IOCs

Section 9 — Helpful 5

Section 10 — Framework Matrix

Section 11 — Events and Deadlines

Briefing prepared by Tech Jacks Solutions Security Command Center (SCC) — Week of 2026-06-15. All IOC URLs labeled as search-retrieved should be validated by human analysts before operational use. Framework citations are derived from the GAIO Knowledge Base Reference data verified as of 2026-03-04. Standards and sources may have been updated since that verification date.

1

Author

Tech Jacks Solutions

Leave a comment