Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Today's episode covers 9 stories across 4 topic areas, including: Google exposes China espionage group that’s been lurking in networks undetected since 2023; Cybersecurity vets protest ‘dangerous’ US government ban on Anthropic’s most powerful models; Cyberattack on Russian tech firm Astral disrupts business, government services for week.

CyberScoop · Jun 15 · Relevance: █████████░ 9/10

Why it matters to CISOs: A Chinese APT group (UNC6508) maintained undetected persistence in North American medical, academic, and military research networks for over a year by compromising REDCap servers and hijacking Google Workspace email rules—a TTPs pattern CISOs at research institutions and defense contractors must immediately assess against their own environments.

📖 Read full article

TechCrunch Security · Jun 15 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The Trump administration's export-control restrictions on Anthropic's Fable and Mythos AI models directly limit defenders' access to frontier AI security tooling, creating a strategic asymmetry that CISOs must factor into their AI-assisted security program roadmaps.

📖 Read full article

The Record (Recorded Future) · Jun 15 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: A sustained cyberattack on a major Russian technology provider disrupted critical business and government services for a week, illustrating how attacks on shared infrastructure platforms cascade across dependent organizations—a supply chain risk model relevant to CISOs assessing third-party concentration risk.

📖 Read full article

BleepingComputer · Jun 16 · Relevance: ████████░░ 8/10

Why it matters to CISOs: DragonForce ransomware's use of Microsoft Teams TURN relay infrastructure to blend C2 traffic with legitimate Microsoft communications is a first-of-kind evasion technique that will defeat most network-based detection tools, requiring CISOs to reassess whether Teams traffic is being adequately monitored.

📖 Read full article

BleepingComputer · Jun 15 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: ShinyHunters targeting the Council of Europe—a major intergovernmental institution—demonstrates that high-profile extortion groups are escalating to politically sensitive targets; CISOs at international organizations, NGOs, and government-adjacent entities should reassess their exposure to this threat actor.

📖 Read full article

Dark Reading · Jun 15 · Relevance: ████████░░ 8/10

Why it matters to CISOs: With SEC disclosure rules and board accountability frameworks in force, CISOs facing organizational pressure to suppress security incident information face direct personal legal and regulatory exposure—this survey data provides critical ammunition for pushing back on executive pressure.

📖 Read full article

Help Net Security · Jun 16 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: ENISA's SBOM Adoption State of Play 2026 report signals that the EU Cyber Resilience Act's December 2027 deadline is creating real compliance urgency; CISOs at organizations selling into EU markets need to assess current SBOM tooling maturity and vendor obligations now.

📖 Read full article

The Hacker News · Jun 15 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The 'SearchLeak' vulnerability chain in Microsoft 365 Copilot Enterprise Search required only a single click on a legitimate microsoft.com URL to exfiltrate emails, files, and MFA codes—bypassing standard phishing defenses—making this a critical review point for any enterprise running M365 Copilot at scale.

📖 Read full article

The Hacker News · Jun 16 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Active exploitation of three FortiSandbox vulnerabilities—including a CVSS 9.1 path traversal flaw—is especially dangerous because FortiSandbox feeds threat verdicts to other Fortinet products that enforce blocking decisions, meaning a compromise could neutralize an organization's entire Fortinet security stack.

📖 Read full article

Alex: Welcome to Cleartext for Tuesday, June 16th, 2026. I'm Alex Chen.

Jordan: And I'm Jordan Reeves. So a Chinese espionage group has been sitting inside North American medical, academic, and military research networks since 2023, stealing emails by hijacking Google Workspace forwarding rules, and nobody noticed until Google itself pulled the thread this year. Three years of dwell time against targets with direct national security implications. That's where we're starting today.

Alex: Yeah, we've got a packed show. That UNC6508 revelation from Google is our lead. We're also covering DragonForce ransomware doing something genuinely novel with Microsoft Teams infrastructure, a Copilot vulnerability chain that should concern every M365 shop, Fortinet FortiSandbox flaws under active exploitation, the growing fight over AI export controls and what it means for defenders, and a survey that confirms what most of us already knew: CISOs are being pressured to bury bad news. Plus, SBOM compliance deadlines are getting real. Let's get into it.

Jordan: So UNC6508. Google's Mandiant team published this yesterday, and the sophistication here isn't in the malware. It's in the patience and the targeting. Initial access came through stolen REDCap credentials. For those not in the research world, REDCap is a web application used extensively across medical and academic research institutions for managing clinical trial data, survey data, sensitive research datasets. It's everywhere in that space, and it's often managed by research IT teams, not security teams.

Alex: That's the critical point. REDCap instances are frequently stood up by departments, sometimes outside central IT governance. They hold extraordinarily sensitive data, and they're often not subject to the same security controls as enterprise systems. If you're a CISO at a research university or a medical center, this is your shadow IT problem manifesting as an espionage vector.

Jordan: Once inside, UNC6508 moved to Google Workspace and set up email forwarding rules to silently exfiltrate communications. This is a technique we've seen before from Chinese groups, but the combination with REDCap targeting is new and deliberate. They weren't after random corporate email. They wanted research communications, grant proposals, collaboration threads between institutions, data that maps to China's stated strategic priorities in biotech and defense research.

Alex: The dwell time is what should keep people up at night. 2023 to 2026. And the detection didn't come from any of the victim organizations. It came from Google observing anomalous Workspace behavior at scale. That raises a hard question: how many CISOs at research institutions have the visibility to detect email rule manipulation across their Workspace tenants? If you're running Google Workspace, you need to be auditing forwarding rules and delegated access systematically. Today.

Jordan: And if you're a defense contractor or a subcontractor working with any of these research institutions, your third-party risk assessment just got a new scenario to model. The research collaboration pipeline is now a confirmed espionage attack surface.

Alex: Let's pivot to something that's going to affect every enterprise running Microsoft 365. DragonForce ransomware has developed a genuinely novel evasion technique. Jordan, walk us through this.

Jordan: DragonForce deployed custom malware that Symantec is calling Backdoor.Turn. What it does is obtain an anonymous Microsoft Teams visitor token and then tunnel command-and-control traffic through Microsoft's own TURN relay infrastructure. TURN relays are the servers that handle media routing for Teams calls and meetings. So the C2 traffic looks identical to legitimate Teams communications. Same destinations, same ports, same traffic patterns.

Alex: This is a detection architecture problem, not a signature problem. Most organizations treat Microsoft traffic as trusted. They're not doing deep inspection on Teams communications because of performance, privacy, and the sheer volume. DragonForce is exploiting that trust assumption.

Jordan: Exactly. Your SIEM sees traffic going to Microsoft relay servers. Your firewall sees traffic going to Microsoft relay servers. Your SOC analyst sees traffic going to Microsoft relay servers. Nobody raises an eyebrow. The only way to catch this is behavioral analysis at the endpoint level or anomaly detection on the specific patterns of TURN relay usage, and that requires tooling most shops don't have tuned for this scenario.

Alex: So the action item here is straightforward but not easy. If you're running Microsoft Teams at enterprise scale, you need to understand your baseline TURN relay traffic patterns. You need to work with your detection engineering team to build analytics around anomalous TURN token generation, particularly anonymous tokens. And you need to pressure Microsoft on what additional telemetry they can provide. This technique will be copied.

Jordan: It's already being copied, guaranteed. When a technique this elegant shows up in one group's playbook, it proliferates within weeks.

Alex: Staying in the Microsoft ecosystem, the SearchLeak vulnerability chain in Microsoft 365 Copilot Enterprise Search is worth attention. Varonis found three bugs that chain together into a one-click exfiltration path. The attack link points to a legitimate microsoft.com domain, which means it sails right past URL filtering and anti-phishing controls. One click, and the attacker gets access to emails, calendar entries, indexed files, and MFA codes.

Jordan: The MFA code exposure is the part that should elevate this for everyone. We've spent years training users and building controls around phishing links to malicious domains. This attack uses a real Microsoft domain. Your users did the right thing, they checked the URL, and they still got compromised.

Alex: If you're running Copilot Enterprise Search, verify your patch status immediately. Microsoft has addressed this, but given how rapidly Copilot has been deployed across enterprises in the last year, there are going to be environments where patching has lagged. This is also a strategic conversation about the attack surface expansion that comes with AI copilot features. Every new capability is a new attack surface.

Jordan: Moving to Fortinet. Three FortiSandbox vulnerabilities under active exploitation, including CVE-2026-39813, a CVSS 9.1 path traversal flaw. One of these was patched only last week, and threat intelligence firm Defused is already seeing exploitation in the wild. They even noted what they called a vibecoded exploit for one of the flaws, meaning someone used an AI coding assistant to generate a working exploit.

Alex: The systemic risk here is what matters. FortiSandbox isn't just a standalone product. It feeds threat verdicts to FortiGate firewalls, FortiMail, FortiClient. If an attacker compromises FortiSandbox, they can manipulate those verdicts and effectively blind your entire Fortinet security stack. Malicious files get marked clean. Malicious URLs get marked safe. Your automated blocking decisions become attacker-controlled.

Jordan: If you're a Fortinet shop, this is a drop-everything priority. Patch FortiSandbox, verify the integrity of your existing sandbox verdicts, and validate that your other Fortinet products haven't been fed poisoned intelligence. The vibecoded exploit angle is worth noting because it confirms what we've been saying for months: AI is compressing the time from patch to exploit. The window is shrinking.

Alex: Let's shift to governance and policy. Two stories that are deeply connected. First, the open letter from dozens of cybersecurity veterans and CISOs protesting the White House's export-control restrictions on Anthropic's Fable and Mythos models. Jordan, you've been tracking this.

Jordan: This is a genuinely consequential policy fight. The administration placed export controls on Anthropic's frontier models, ostensibly to prevent adversary access to advanced AI capabilities. The problem, and it's a fundamental one, is that these same models were being used extensively for defensive security research. Vulnerability analysis, code auditing, threat modeling. The controls restrict defenders' access to the best available tools while doing essentially nothing to limit adversary access, because comparable capabilities exist through other channels.

Alex: I've talked to several CISOs who signed that letter. Their frustration is real and specific. They were integrating these models into their vulnerability management programs, their AppSec pipelines, their threat intelligence workflows. Now they're facing a capability gap that their adversaries don't share. If you're building an AI-assisted security program, you need to be scenario-planning around regulatory restrictions on your tooling. This isn't theoretical anymore. It's happening.

Jordan: The deeper issue is that policymakers are applying Cold War-era export control logic to software that doesn't respect borders the same way hardware does. You can restrict chip exports. Restricting model access when the weights or equivalent capabilities are available through dozens of channels internationally, that's a different proposition.

Alex: The second governance story is the Dark Reading survey confirming that a majority of CISOs report pressure from business leaders to delay or minimize disclosure of security incidents. I want to be direct about this. If you are a CISO in 2026 and you are suppressing or delaying material incident disclosure because your CEO or your general counsel asked you to, you are personally exposed. The SEC rules are clear. The liability framework is clear.

Jordan: And this survey data is actually useful ammunition. If you're a CISO pushing back on executive pressure, you can now point to industry-wide data showing this is a systemic problem, not a personality conflict. It reframes the conversation from "you're being difficult" to "this is a known governance risk that regulators are actively watching."

Alex: Document everything. Every conversation where you're asked to delay or minimize. Every recommendation you make and every response you receive. This is professional self-preservation, and it's also the right thing to do for your organization.

Jordan: Quick hit on the ENISA SBOM report. The EU Cyber Resilience Act requires manufacturers to create, maintain, and provide SBOMs by December 2027. ENISA's data shows larger organizations are building the tooling and processes. Mid-size enterprises are behind. If you sell into EU markets and you haven't started your SBOM program, eighteen months is less time than you think.

Alex: Especially because SBOM maturity isn't just a tooling problem. It requires changes to your development practices, your vendor management, your procurement contracts. Starting now is already arguably late.

Jordan: Two quick notes on remaining stories. ShinyHunters claiming a breach of the Council of Europe, which is under investigation. The pattern of extortion groups targeting intergovernmental institutions continues to escalate. And the Astral attack in Russia, a technology provider whose compromise cascaded across business and government services for a week, is a textbook case study in third-party concentration risk. If one vendor going down takes your operations offline for a week, you have a single point of failure that belongs on your risk register.

Alex: Looking ahead, the theme I see emerging this week is the erosion of trust assumptions. Trusted Microsoft domains used for exfiltration. Trusted Microsoft relay infrastructure used for C2. Trusted security products like FortiSandbox being turned against the defender. Trusted SaaS platforms like Google Workspace being weaponized for espionage. The perimeter between trusted and untrusted has never been less meaningful.

Jordan: And the policy environment is making it harder, not easier. When your government restricts your access to the best defensive AI tools while adversaries operate without those constraints, the asymmetry compounds. CISOs are being asked to defend an expanding attack surface with a shrinking trust model and an increasingly constrained toolkit. That's the strategic reality heading into the second half of 2026.

Alex: Agreed. The organizations that will navigate this well are the ones investing in detection engineering, in behavioral analytics, in zero-trust architectures that don't rely on implicit trust of any traffic source, even Microsoft's own infrastructure.

Jordan: And the CISOs who will survive personally are the ones documenting their risk decisions, pushing back on suppression pressure, and building relationships with their boards that are based on transparency, not comfortable fiction.

Alex: That's our show for today. Show notes and links to every story we covered are at cleartext.fm. I'm Alex Chen.

Jordan: I'm Jordan Reeves. We'll see you tomorrow.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-06-16.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.