👉 Takeaway

Popa and NetNut are now documented, named sources for residential proxy traffic used in attack chains. If you run enterprise proxy detection, residential IPs sourced from IoT devices are designed to look legitimate; no behavioral flag separates them. The blocklist approach is the only practical defense, and those lists are now public. Add Popa and NetNut infrastructure to your blocklists now.

 

Zero-Day · Mandiant

Mandiant confirmed that CVE-2026-20245 was exploited at a telecom provider at least two months before Cisco patched it. The attacker uploaded a malicious CSV file named "evil_tenant.csv," escalated to root, and created a hidden account called "troot" buried in /etc/passwd. Then they deleted every file they'd touched and ran a cleanup validation script to confirm no traces remained. Two distinct intrusion windows ran from late 2025 through January 2026 and again in March 2026. SD-WAN boxes don't support EDR, so once you're in, cleanup is uncontested and defenders had no visibility.

→ Patch CVE-2026-20245 now and audit /etc/passwd and credential stores on all Cisco Catalyst SD-WAN devices for accounts you don't recognize.

Law Enforcement · Europol / Microsoft

Microsoft, Europol, and six law enforcement agencies disrupted the Amadey malware loader and StealC infostealer in the latest Operation Endgame wave. 326 servers and 142 domains taken down; $47 million in criminal cryptocurrency seized; 27 million stolen credentials recovered from 385,000+ compromised systems. The two platforms together infected more than 140,000 devices in the first two weeks of May 2026 alone. Amadey was the funnel feeding ransomware groups their initial access. StealC was stripping credentials and crypto wallets. No arrests. Takedowns without prosecutions have a shelf life measured in months, not years; Amadey's operators have survived prior disruptions and are presumably reconstituting.

→ If Amadey or StealC infrastructure appears in your threat intel feeds, expect activity to dip and resume under new domains. Watch for rebranding; the operators are free.

Government Breach · France

Tchap is France's sovereign alternative to commercial messaging, built for 825,000+ government employees across every French ministry. The June 7 breach hit 73,467 accounts via account hijacking, with the attacker "misere" claiming 13.5GB stolen including 643,000 internal messages. French officials confirmed names, email addresses, organizational affiliations, and account metadata were exposed. If the message volume claim is accurate, every French ministry now has a fresh spear-phishing targeting set. The breach was account hijacking, not a platform vulnerability, which means sovereign messaging tools can't compensate for weak account security.

→ Government-mandated secure messaging only helps if account access is hardened. DINUM was still confirming the full scope weeks after discovery.

 

AI Evasion · SentinelOne / BleepingComputer

A newly documented Rust-based macOS implant linked to North Korea treats AI malware analysis tools as the primary target, not the sandbox. SentinelOne found 38 fabricated "system" messages embedded in the binary (fake token expiry errors, memory dumps, Redis connection failures, SQL injection alerts) designed specifically to make LLM-based triage agents abort, truncate, or refuse analysis of the artifact. Named Gaslight, the implant also functions as a full infostealer: it harvests macOS Keychain data, browser credentials from Chrome, Brave, Firefox, and Safari, terminal command histories, installed applications, and running processes, then compresses everything into a ZIP and exfiltrates it via a Telegram bot API channel. Persistence is via a LaunchAgent labeled "com.apple.system.services.activity."

→ If you use AI-assisted malware triage, treat LLM output from analysis of unknown binaries as potentially manipulated. Threat actors are now engineering samples to corrupt the analysis pipeline, not just evade detection.

AI Misuse · Google / The Hacker News

Google filed a civil lawsuit against the operators of Outsider, a Chinese phishing-as-a-service platform that weaponized Gemini to generate fraudulent web pages by framing requests as innocent programming help, asking the AI to write HTML code for "gift redemption pages," then piping the output directly into a 290-template phishing kit. Between November 2025 and June 2026, Outsider generated 1.59 million fraudulent URLs, sent 55,000 spam texts in a two-week window, hit 100,000+ victims, and caused millions in losses. Licenses ran $88 a week or $200 a month, with real-time keystroke logging and performance dashboards included. FBI Operation Ghost Hook seized approximately $100,000 in USDT and disrupted thousands of phishing domains. Google partnered with AT&T, T-Mobile, and Verizon to block messages.

→ Guardrail bypass through innocent framing is now a documented attack pattern in active criminal use. Audit what framing techniques could be used to extract operational output from AI tools in your internal workflows without triggering safety filters.

 

Backdoor · BleepingComputer

Researchers linked a newly documented backdoor called Mistic to KongTuke, a known initial access broker that sells network footholds to ransomware operators. Mistic routes command-and-control traffic over standard HTTPS ports using encrypted channels designed to look like normal web traffic. It avoids process injection to stay off behavioral detection tools and maintains persistence via scheduled tasks rather than registry modifications, chosen specifically to slip past the most common EDR detection categories. Active Mistic infections were confirmed as recently as late May 2026. KongTuke's broker model means multiple ransomware groups can simultaneously be renting access to the same compromised network.

→ Mistic avoids process injection and the registry specifically to escape standard behavioral detection. Hunt for it via scheduled task creation events (Windows Event ID 4698) on externally accessible systems and review any new tasks created in the last 30 days.

Threat Intel · Sygnia / The Hacker News

China-nexus Velvet Ant has been modifying Linux PAM and OpenSSH since 2016, with nine distinct backdoored versions identified by Sygnia (Operation Highland). Standard credential hygiene doesn't work if the system that verifies credentials is compromised. The group accessed an air-gapped network segment via a bridge host, and credential harvesting persisted even after server refreshes and OS reinstalls. Velvet Ant's pattern is targeting the authentication layer itself: prior operations include F5 BIG-IP (CVE-2024-21793) and Cisco NX-OS (CVE-2024-20399). Every reboot, every password reset, every upgrade cycle left the backdoor intact.

→ Detecting Velvet Ant requires integrity checks on PAM module binaries against known-good baselines. Compare PAM module timestamps and hashes against your deployment baseline today.

 

Practical Play

Microsoft's original Secure Boot certificates are expiring this week. The KEK CA 2011 already expired June 24; the UEFI CA 2011 (the one covering third-party boot software) expires June 27. Microsoft is rolling out replacements via Windows Update and monthly patching cycles. Devices that miss the update won't lose existing boot protections immediately, but they will enter a "degraded security state" that prevents installation of any new boot-level mitigations going forward. Windows 10 devices will not receive new certificates. For IT admins, the right order is: check OEM support pages for firmware updates first, then apply the June 2026 Windows Update via your standard process or Group Policy. Microsoft calls this one of the largest coordinated security infrastructure updates across the Windows ecosystem in years.

→ Verify June 2026 patches are applied across your Windows 11 fleet today. Windows 10 machines need OEM-specific steps and will not be handled automatically.

 

👉 Takeaway

Contractor offboarding is not a completion form. Access must be terminated the moment employment ends, not in the next IT ticket cycle. The window to cause catastrophic damage opened the second these two were fired.