Cyber Threat Brief

By Carolina Clear Tech, LLC

Your daily cybersecurity briefing. Vulnerabilities, ransomware, threat actors, and patches that matter, explained for IT professionals and business leaders protecting small and mid-sized organizations... more

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 129 episodes available.

Cyber Threat Brief episodes:

June 20, 20262026-06-20: CISA orders federal agencies to patch Splunk Enterprise by Sunday as active exploitation confirmed
Show Notes - 2026-06-20
Stories Covered
Today:
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday (CVE-2026-20253) [Critical Alerts]
FortiBleed: 86,000 Fortinet Device Credentials Compromised [Critical Alerts]
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes [Ransomware & Extortion]
DragonForce Abuses Microsoft Teams Relays to Conceal Backdoor Traffic [Ransomware & Extortion]
Klue OAuth breach victim list grows as Icarus hackers claim attack [Ransomware & Extortion]
Threat Brief: Mitigating Large-Scale Credential Attacks (FortiBleed) [Business & Infrastructure Threats]
CryptoBandits Malware Doubles as a Backdoor, Abuses Tor [Business & Infrastructure Threats]
Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites [Business & Infrastructure Threats]
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin (CVE-2026-4020) [Business & Infrastructure Threats]
1.2 million WordPress sites compromised in OptinMonster supply chain attack [Business & Infrastructure Threats]
Texas govt data breach exposes over 3 million driver's licenses [Business & Infrastructure Threats]
Authorities Dismantle PhaaS Network & Clean Sites Infected with SocGholish [General Security News]
MaXSS and Spyder flaws expose 10 million Chrome users to hacking [General Security News]
10-year-old phpBB flaw enables session hijacking [General Security News]
JetBrains Marketplace plugins steal developer AI keys [General Security News]
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution (CVE-2026-25592, CVE-2026-26030) [General Security News]
Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain [General Security News]
Avada Builder WordPress plugin (CVE-2026-8713) [Vulnerability Disclosures]
Microsoft: June 2026 Windows updates break Recycle Bin prompts [Vulnerability Disclosures]
Chromium CVEs (CVE-2026-12446, CVE-2026-12458, CVE-2026-12439, CVE-2026-12447, CVE-2026-12453, CVE-2026-12459, CVE-2026-12460, CVE-2026-12454) [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-12439, CVE-2026-12446, CVE-2026-12447, CVE-2026-12453, CVE-2026-12454, CVE-2026-12458, CVE-2026-12459, CVE-2026-12460, CVE-2026-20253, CVE-2026-25592, CVE-2026-26030, CVE-2026-4020, CVE-2026-8713
Indicators of Compromise
IP Addresses:
0.4.2.2
Read the full brief
...more
29min
June 19, 20262026-06-19: CISA adds actively exploited Splunk vulnerability to its KEV catalog days after disclosure
Show Notes - 2026-06-19
Stories Covered
June 19, 2026
Today:
Splunk Enterprise Authentication Bypass (CVE-2026-20253) [Critical Alerts]
FortiBleed: 74,000 Fortinet Devices Compromised [Critical Alerts]
F5 NGINX Critical Remote Code Execution Flaws [Critical Alerts]
INC Ransomware: 830 Victims Since 2023 [Ransomware & Extortion]
DragonForce Abuses Microsoft Teams Relays to Hide Backdoor Traffic [Ransomware & Extortion]
The Gentlemen Ransomware: Multiple EDR Killers in Active Development [Ransomware & Extortion]
Operation Endgame Disrupts SocGholish Infrastructure [Ransomware & Extortion]
HCRG Care Group Notifies Patients 16 Months After Medusa Ransomware Attack [Ransomware & Extortion]
HHS Settles with Spencer Gifts Health Plan for $450K After Ransomware Investigation [Ransomware & Extortion]
Klue Supply Chain Attack Hits Cybersecurity Firms [Business & Infrastructure Threats]
ShapedPlugin WordPress Supply Chain Attack [Business & Infrastructure Threats]
AutoJack: AI Agent Framework RCE via Localhost Trust Boundary [Business & Infrastructure Threats]
Microsoft 365 Backup Gaps Require Third-Party Solutions [Business & Infrastructure Threats]
Rockwell Automation FactoryTalk Historian Authentication Bypass [Vulnerability Disclosures]
Industrial Control System Vulnerabilities [Vulnerability Disclosures]
Medical Device Bluetooth Vulnerabilities [Vulnerability Disclosures]
Apple Beats Studio Buds Microphone Eavesdropping Flaw [Vulnerability Disclosures]
Unpatchable iPhone SecureROM Exploit for A12/A13 Chips [Vulnerability Disclosures]
Microsoft June 2026 Vulnerabilities [Vulnerability Disclosures]
Windows Server 2016 Security Update Failures Fixed [Windows / AD Security]
CVEs Referenced
CVE-2023-3519, CVE-2023-48788, CVE-2023-52271, CVE-2024-57727, CVE-2025-1055, CVE-2025-13036, CVE-2025-20700, CVE-2025-20701, CVE-2025-20702, CVE-2025-36539, CVE-2025-44019, CVE-2025-5777, CVE-2025-61155, CVE-2026-10275, CVE-2026-12087, CVE-2026-12390, CVE-2026-20253, CVE-2026-32174, CVE-2026-32208, CVE-2026-40624, CVE-2026-42014, CVE-2026-42055, CVE-2026-42530, CVE-2026-42895, CVE-2026-42945, CVE-2026-43966, CVE-2026-44967, CVE-2026-47633, CVE-2026-47646, CVE-2026-4827, CVE-2026-48914, CVE-2026-50034, CVE-2026-52866, CVE-2026-53689, CVE-2026-6865, CVE-2026-8805, CVE-2026-8806, CVE-2026-9669
Indicators of Compromise
IP Addresses:
37.0.2.1
Read the full brief
...more
31min
June 18, 20262026-06-18: FortiBleed exposes 73,000 Fortinet VPN credentials to a Russian-speaking threat group targeting
Show Notes - 2026-06-18
Stories Covered
June 18, 2026
Today:
Joomla Content Editor Plugin Zero-Day (CVE-2026-48907) [Critical Alerts]
FortiBleed: 73,000 Fortinet VPN Credentials Exposed [Critical Alerts]
Fortinet FortiSandbox Vulnerabilities Under Active Exploitation [Critical Alerts]
Microsoft Defender Zero-Day RoguePlanet (CVE-2026-50656) [Critical Alerts]
INC Ransomware Reaches 800+ Victims Through Basic Tactics [Ransomware & Extortion]
DragonForce Ransomware Deploys Custom Backdoor Using Microsoft Teams Infrastructure [Ransomware & Extortion]
EdTech Sector Faces Escalating Ransomware and Data Breach Activity [Ransomware & Extortion]
Mastra npm Supply Chain Attack Poisons 140+ Packages [Business & Infrastructure Threats]
Account Takeover Attacks Rising Through Session Hijacking and MFA Bypass [Business & Infrastructure Threats]
CASB Blind Spot: QUIC Protocol Bypasses Web Traffic Inspection [Business & Infrastructure Threats]
Crypto Clipper Malware Uses Tor and Worm-Like Propagation [Windows / AD Security]
Office Apps Experiencing Launch Issues After June Updates [Windows / AD Security]
Interpol: Cyber Offenses Account for One-Third of Crime in Asia-Pacific [General Security News]
Junior Hacker Uses Tailscale and OpenSSH for Backup Persistence [General Security News]
CVE-2026-48854: Elixir gRPC Unbounded Request Body Memory Exhaustion [Vulnerability Disclosures]
Coordinated SSH Brute Force Attacks Over Three Months [Vulnerability Disclosures]
CVEs Referenced
CVE-2023-3519, CVE-2023-48788, CVE-2024-57727, CVE-2025-5777, CVE-2026-25089, CVE-2026-33825, CVE-2026-39808, CVE-2026-39813, CVE-2026-41091, CVE-2026-45498, CVE-2026-48854, CVE-2026-48907, CVE-2026-50656
Indicators of Compromise
IP Addresses:
2.9.99.6
Read the full brief
...more
32min
June 17, 20262026-06-17: CISA gives federal agencies until tomorrow to patch an actively exploited cPanel plugin
Show Notes - 2026-06-17
Stories Covered
Today:
CISA Orders LiteSpeed cPanel Patch by June 18 (CVE-2026-54420) [Critical Alerts]
Microsoft Working on RoguePlanet Defender Zero-Day Patch (CVE-2026-50656) [Critical Alerts]
Joomla JCE Plugin Flaw Under Active Exploitation (CVE-2026-48907) [Critical Alerts]
Three Fortinet FortiSandbox Flaws Under Active Exploitation [Critical Alerts]
DragonForce Ransomware Abuses Microsoft Teams TURN Relays for Command-and-Control [Ransomware & Extortion]
Kodak Confirms Data Breach, ShinyHunters Claims 2.2 Million Records [Ransomware & Extortion]
Lorem Ipsum Malware Pivots to ClickFix Delivery, Likely Linked to Vice Society [Ransomware & Extortion]
Novo Nordisk Hit by Two Separate Threat Actors Demanding $50M and $25M [Ransomware & Extortion]
144 Mastra npm Packages Compromised via Hijacked Contributor Account [Business & Infrastructure Threats]
15 Malicious JetBrains Plugins Steal AI API Keys from 70,000 Developers [Business & Infrastructure Threats]
Steam Workshop Abused to Spread Malware via Wallpaper Engine [Business & Infrastructure Threats]
30,000 Compromised Fortinet Firewalls Expose Corporate Networks (FortiBleed Campaign) [Business & Infrastructure Threats]
ClickFix Campaigns Expand with BabaDeda, Lorem Ipsum, and Potemkin Loaders [General Security News]
GhostTree Attack Abuses Recursive Windows Junctions to Hide Malware from EDR [General Security News]
Google Vertex AI SDK Flaw Allowed Cross-Tenant Model Hijacking (Pickle in the Middle) [General Security News]
China Arrests 67 Suspects Linked to Silver Fox Cybercrime Group [General Security News]
Chrome Extensions Steal AI Conversations (PromptSnatcher Campaign) [General Security News]
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth [General Security News]
New Rokarolla Android Malware Targets 217 Banking and Crypto Apps [General Security News]
FTC Warns of Record $3.5 Billion Losses to Imposter Scams in 2025 [General Security News]
Rockwell Automation FLEX I/O EtherNet/IP Adapters (CVE-2026-0646, CVE-2026-0647) [Vulnerability Disclosures]
Rockwell Automation RSLinx Classic (CVE-2020-13573) [Vulnerability Disclosures]
Rockwell Automation Logix 5370 & 5570 Controllers (CVE-2026-11317) [Vulnerability Disclosures]
Rockwell Automation FactoryTalk Analytics PavilionX (CVE-2025-14272) [Vulnerability Disclosures]
Chrome and Firefox Memory Safety Updates [Vulnerability Disclosures]
CVEs Referenced
CVE-2020-13573, CVE-2023-52271, CVE-2025-1055, CVE-2025-14272, CVE-2025-61155, CVE-2026-0646, CVE-2026-0647, CVE-2026-11317, CVE-2026-25089, CVE-2026-39808, CVE-2026-39813, CVE-2026-48907, CVE-2026-50656, CVE-2026-54420
Indicators of Compromise
IP Addresses:
2.9.99.4, 2.9.99.5, 39.107.60.51
Read the full brief
...more
36min
June 16, 20262026-06-16: Cisco patches its eighth SD-WAN zero-day of the year
Show Notes - 2026-06-16
Stories Covered
June 16, 2026
Today:
Cisco Catalyst SD-WAN Manager Arbitrary File Write (CVE-2026-20262) [Critical Alerts]
Google Chrome V8 Zero-Day (CVE-2026-11645) [Critical Alerts]
Oracle PeopleSoft Zero-Day Exploited by ShinyHunters (CVE-2026-35273) [Critical Alerts]
LiteSpeed cPanel Plugin Privilege Escalation (CVE-2026-54420) [Critical Alerts]
Mackay Sugar Ransomware Attack Shuts Down Mills [Ransomware & Extortion]
FulcrumSec Leaks Novo Nordisk Data After $25M Demand Goes Unpaid [Ransomware & Extortion]
Conti Ransomware Developer Pleads Guilty [Ransomware & Extortion]
Microsoft 365 Copilot SearchLeak Vulnerability (CVE-2026-42824) [General Security News]
1,500+ Arch Linux Packages Compromised With Malware [General Security News]
FBI Takes Down Outsider PhaaS Enterprise [General Security News]
ShinyHunters Claims Council of Europe Hack [General Security News]
North Korean Hackers Target Developers With Malicious Tools [General Security News]
Chinese APT UNC6508 Targets US Medical and Academic Research [General Security News]
Jaguar Land Rover Ordered 30,000 Staff Password Resets After Cyberattack [General Security News]
VHDX File Delivers Remcos RAT [Vulnerability Disclosures]
Linux-PAM Timing Attack (CVE-2026-54411) [Vulnerability Disclosures]
Microsoft Edge Chromium CVE Batch [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-11640, CVE-2026-11645, CVE-2026-11662, CVE-2026-11668, CVE-2026-11677, CVE-2026-11684, CVE-2026-11685, CVE-2026-11688, CVE-2026-11693, CVE-2026-12010, CVE-2026-12012, CVE-2026-12016, CVE-2026-12019, CVE-2026-20262, CVE-2026-2441, CVE-2026-35273, CVE-2026-3909, CVE-2026-3910, CVE-2026-42824, CVE-2026-5281, CVE-2026-54411, CVE-2026-54420
Indicators of Compromise
IP Addresses:
20.9.9.2, 20.12.7.2, 20.15.4.5, 20.15.5.3, 20.18.3.1, 26.1.1.2, 5.3.2.0
Read the full brief
...more
17min
June 15, 20262026-06-15: Palo Alto GlobalProtect VPN suffers active exploitation with CISA KEV deadline passed
Show Notes - 2026-06-15
Stories Covered
Today: [June 15, 2026]
Palo Alto PAN-OS GlobalProtect VPN Authentication Bypass (CVE-2026-0257) [Critical Alerts]
Arch Linux Supply Chain Attack Hijacks 1,900+ AUR Packages [Critical Alerts]
FBI Dismantles Chinese Phishing-as-a-Service Platform (Outsider Enterprise) [Business & Infrastructure Threats]
WordPress Plugin Supply Chain Attack (Awesome Motive) [Business & Infrastructure Threats]
Maine Attorney General Disables Data Breach Portal Due to Fake Submissions [Business & Infrastructure Threats]
Sniper Dz Phishing-as-a-Service Platform Targets MENA Region [General Security News]
Hotel Chain Data Breach (BWH Hotels) [General Security News]
Novo Nordisk Clinical Trial Patient Data Breach [General Security News]
ShinyHunters Lists New Victims [General Security News]
CVE-2026-11526 (Perl GD Library Command Injection) [Vulnerability Disclosures]
CVEs Referenced
CVE-2026-0257, CVE-2026-11526
Indicators of Compromise
IP Addresses:
23.128.228.6, 104.207.144.154, 146.19.216.119, 146.19.216.120, 146.19.216.125, 179.43.172.213, 185.195.232.139, 198.12.106.60, 202.144.192.47
Read the full brief
...more
11min
June 14, 20262026-06-14: Anthropic disabled its two most advanced AI models after a US government export control order over
Show Notes - 2026-06-14
Stories Covered
Today:
Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack [Critical Alerts]
Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication (CVE-2026-20253) [Business & Infrastructure Threats]
Chinese hackers hijack auth flow, spy on isolated network for a decade [Business & Infrastructure Threats]
Ex-school district employee jailed for hacks on former employer [Business & Infrastructure Threats]
NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks [Business & Infrastructure Threats]
US Gov asks Anthropic to ban 'foreign national' access to Fable, Mythos [General Security News]
Russians are posing as Signal support to launch phishing attacks [General Security News]
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops [General Security News]
DEF CON Franklin project enlists hackers to harden critical infrastructure [General Security News]
Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sight [General Security News]
EQT buys majority share in Swiss cybersecurity biz Acronis [General Security News]
South Korea Hands Coupang a Record-Breaking $409 Million Data Privacy Fine [General Security News]
CVEs Referenced
CVE-2026-20253
Read the full brief
...more
13min
June 13, 20262026-06-13: ShinyHunters exploited Oracle PeopleSoft zero-day CVE-2026-35273 for two weeks
Show Notes - 2026-06-13
Stories Covered
Today:
Oracle PeopleSoft Zero-Day Exploited (CVE-2026-35273) [Critical Alerts]
Conti Ransomware Member Pleads Guilty [Ransomware & Extortion]
Global Schools Foundation Ransomware Negotiation Failure [Ransomware & Extortion]
China-Linked Group Backdoored Linux Login Systems for 9 Years [Business & Infrastructure Threats]
Supply-Chain Attack Early Warning Signs on Dark Web [Business & Infrastructure Threats]
Insider Threat: Iowa School IT Worker Sentenced for Sabotage [Business & Infrastructure Threats]
Maine Data Breach Portal Disabled After Fake Disclosures [Business & Infrastructure Threats]
KPMG AI Report Demonstrates AI Hallucinations [General Security News]
New macOS Tahoe 26 Forensic Artifact Discovered [General Security News]
LabCorp Settles AMCA Breach for $35 Million [General Security News]
DOJ: COVID-19 Relief Fraud Arrests [General Security News]
phpBB Authentication Bypass (10 Years Old) [Vulnerability Disclosures]
Microsoft Security Update Guide CVEs [Vulnerability Disclosures]
CVEs Referenced
CVE-2023-5678, CVE-2024-20399, CVE-2026-34180, CVE-2026-34181, CVE-2026-34182, CVE-2026-34183, CVE-2026-35273, CVE-2026-42764, CVE-2026-42766, CVE-2026-42767, CVE-2026-42768, CVE-2026-42769, CVE-2026-44705, CVE-2026-45445, CVE-2026-45446, CVE-2026-45447, CVE-2026-47162, CVE-2026-47167, CVE-2026-52859, CVE-2026-52860, CVE-2026-7383, CVE-2026-9076
Read the full brief
...more
18min
June 12, 20262026-06-12: CISA gives federal agencies until Sunday to patch an Ivanti Sentry vulnerability already exploited
Show Notes - 2026-06-12
Stories Covered
June 12, 2026
Today:
CISA Orders Ivanti Sentry Patching by June 14 (CVE-2026-10520) [Critical Alerts]
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) [Critical Alerts]
The Gentlemen Ransomware Claims 478 Victims Since March 2025 [Ransomware & Extortion]
Europol Dismantles AudiA6 Crypto Laundering Service [Ransomware & Extortion]
AI-Driven Threats Exposing Limits of MSP Security Stacks [Business & Infrastructure Threats]
Hackers Exploit Langflow Vulnerability for Remote Code Execution (CVE-2026-5027) [Business & Infrastructure Threats]
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to RCE [Business & Infrastructure Threats]
AI Agent Supply Chains Lack Integrity Verification [Business & Infrastructure Threats]
OpenClaw AI Agent Vulnerable to Hidden Command Injection and Phishing [Business & Infrastructure Threats]
French Government Tchap Messenger Breach Affects 73,000 Employees [Business & Infrastructure Threats]
GreatXML Exploit Bypasses BitLocker via Recovery Partition XML Files (CVE-2026-45585) [Windows / AD Security]
CISA Issues New Binding Operational Directive 26-04 [General Security News]
Alert Fatigue Becoming a Security Threat of Its Own [General Security News]
OceanLotus Shifts Focus to Domestic Espionage in Vietnam [General Security News]
North Korean Famous Chollima Accounts for 47% of Tech Sector Intrusions [General Security News]
IoT Platform Vulnerabilities Across Multiple Vendors [Vulnerability Disclosures]
Siemens Desigo CC Patch Files Flagged as Malware by Security Engines [Vulnerability Disclosures]
CVEs Referenced
CVE-2025-67644, CVE-2026-10520, CVE-2026-10557, CVE-2026-27022, CVE-2026-28277, CVE-2026-28742, CVE-2026-35273, CVE-2026-42947, CVE-2026-45585, CVE-2026-50005, CVE-2026-50101, CVE-2026-50108, CVE-2026-50245, CVE-2026-5027, CVE-2026-7368
Indicators of Compromise
IP Addresses:
176.120.22.24, 3.2.3.5
Read the full brief
...more
32min
June 11, 20262026-06-11: A new Windows zero-day exploit bypassing Microsoft Defender was released hours after Patch Tuesday
Show Notes - 2026-06-11
Stories Covered
Today:
New Windows Zero-Day Exploit 'RoguePlanet' Released [Critical Alerts]
'GreatXML' Zero-Day Exploit Bypasses BitLocker [Critical Alerts]
Microsoft Patches Exchange Server Zero-Day Exploited in Attacks (CVE-2026-42897) [Critical Alerts]
CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog [Critical Alerts]
Path Traversal Flaw in AI Dev Platform Langflow Exploited in Attacks (CVE-2026-5027) [Critical Alerts]
Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs [Vulnerability Disclosures]
Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities [Vulnerability Disclosures]
Who Runs the Ransomware Group 'The Gentlemen?' [Ransomware & Extortion]
WA: Chelan County Enters Third Week of Disruptions with No Recovery Timeline [Ransomware & Extortion]
Infostealers Turn Millions of Devices Into Credential Theft Machines [Business & Infrastructure Threats]
Deceptive Installers: How Fake Apps Target macOS [Business & Infrastructure Threats]
GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks [General Security News]
Microsoft Fixes BitLocker Recovery Bug on Windows Server 2025 [General Security News]
Microsoft: Some Windows PCs Fail to Install Latest Monthly Updates [General Security News]
CVEs Referenced
CVE-2026-10520, CVE-2026-10523, CVE-2026-11645, CVE-2026-20245, CVE-2026-22732, CVE-2026-25089, CVE-2026-27671, CVE-2026-33017, CVE-2026-40128, CVE-2026-42897, CVE-2026-44748, CVE-2026-44815, CVE-2026-45586, CVE-2026-45657, CVE-2026-47291, CVE-2026-49160, CVE-2026-5027, CVE-2026-50507, CVE-2026-7473
Read the full brief
...more
28min

FAQs about Cyber Threat Brief:

How many episodes does Cyber Threat Brief have?

The podcast currently has 129 episodes available.