In partnership with

~5 MIN READ
Fact AI coding agents like Claude Code and Cursor can be hijacked by anyone who finds your organization's publicly visible Sentry DSN, a credential commonly embedded in JavaScript bundles and website source code. Tenet Security identified 2,388+ exposed organizations in June 2026, with an 85% exploit success rate in controlled testing. (Tenet Security / The Hacker News)
The Signal
 

Chinese hackers sat inside US military medical networks for two and a half years before anyone noticed. AI coding tools are turning into remote-controlled attack vectors. A teenager who started by cheating at Roblox just got four years in federal prison for accidentally committing the largest education data breach in US history.

Attackers aren't battering the gates anymore. They're inside the walls: in your research databases, in your AI tools, in the error logs your coding assistant reads every morning. This edition tracks three different ways the things you trust became the way in.

PS — Was this forwarded to you? Subscribe free at exzeccyber.com/subscribe
In this edition
 📌 Big Cyber News
 🚨 Can't Miss
 🤖 AI in Cyber
 🕵️ Threat Intel
 🛠️ Tools & Tactics
 🧪 Strange Cyber
📌 Big Cyber News
 
Espionage
🔍 The Invisible Guest: China's UNC6508 Hid Inside US Medical and Military Networks for Two and a Half Years
Intro
Over two years. That's how long a previously unknown Chinese spy group sat inside US medical research and military health networks before anyone looked at the door. Google's threat hunters found them in late 2025. The public found out June 15.
What Happened
Google Threat Intelligence Group identified UNC6508, a state-sponsored Chinese espionage group that compromised organizations across US academia, medicine, and military health institutions starting in September 2023. The group deployed a custom backdoor called INFINITERED to steal administrative credentials, entering through externally facing REDCap research data servers. At least one university remained compromised for 26 months. Google says "known victims likely represent only a fraction of a larger campaign."
Why It Matters
The targets weren't random. Clinical providers, academic medical centers, military health institutions hold research data, patient records, and defense-adjacent medical intelligence that takes years to build and cannot be recovered once exfiltrated.
The Other Side
No public CVEs have been filed, confirmed data loss figures remain undisclosed, and UNC6508's specific end-goal hasn't been established. "State-sponsored espionage" is the attribution, not a proven theft.
 
👉 Takeaway
If your organization runs REDCap or any externally facing research database, start there. And if your network hasn't had a third-party threat hunt in the last 12 months, this is the argument for one.
TL;DR: A Chinese APT spent 26 months inside US medical and military research networks before Google caught them.
Further reading: CyberScoop
🚨 Can't Miss
 
 
Zero-day
A race condition in Microsoft Defender gives attackers full SYSTEM-level access on Windows 10 and 11, including machines with every June 2026 Patch Tuesday update installed. No CVE exists and no patch is available. A public proof-of-concept was released by researcher "Chaotic Eclipse," and active exploitation has been confirmed. This is the fourth Windows zero-day from the same researcher, following BlueHammer, UnDefend, and RedSun.
Nothing to patch yet. Watch for a Microsoft out-of-band update and make sure your EDR monitors privilege escalation chains involving Defender's service context.
 
Takedown
Europol arrested the alleged operator of Archetyp Market, which ran since 2020 while Hydra, AlphaBay, and RaidForums fell around it. The accused, a 30-year-old German national known as "ASNT," was arrested in Barcelona. The platform had 600,000 users, 17,000 product listings, and €250 million in transactions. Raids spanned five countries and seized €7.8 million in assets.
Six years of operational security still wasn't enough. Multi-agency persistence is the playbook that keeps working.
 
Patch now
CVE-2026-10520, rated CVSS 10.0, lets unauthenticated attackers execute code as root on internet-exposed Ivanti Sentry gateways. Ivanti said "no evidence of exploitation" when it patched on June 10. Shadowserver reported most exposed instances were already backdoored within 24 hours. CISA added it to the KEV catalog with a 3-day remediation mandate for federal agencies.
Ivanti edge devices keep landing here. If you're still running them on the internet, your patch window is now measured in hours.

No cable. No subscription. Every match this summer, free.

104 matches. 48 teams. 39 days of football. Right now, streaming means logging into a cable account you don't have or paying for a subscription you'll cancel in August.

Norton Neo is a free browser with a free built-in VPN. No sign-up, no credit card, no catch. Private by default, backed by Norton security. Anti-fingerprinting and ad blocking run quietly in the background while you watch.

Download in 45 seconds. Watch every match for free.

Fast. Safe. Intelligent. That's Neo.

Try Norton Neo Now

🤖 AI in Cyber
 
 
Agentic security
Tenet Security discovered "Agentjacking," a technique that exploits the intersection of Sentry's open error-tracking API and its MCP server. Attackers inject malicious instructions into Sentry error events; AI coding agents like Claude Code and Cursor read those events as diagnostic steps and execute them. The only prerequisite is the target's publicly visible Sentry DSN, commonly embedded in website JavaScript. Testing returned an 85% exploit success rate against 2,388+ exposed organizations. Sentry applied a content filter but called the fundamental flaw "technically not defensible."
If your team runs Claude Code or Cursor with Sentry MCP connected, audit what your DSNs expose and add human approval gates on high-risk agent actions.
 
AI agent
Varonis researchers tested OpenClaw, a popular open-source AI agent, against simulated social engineering. When a researcher impersonating a team lead requested staging access, OpenClaw leaked AWS IAM keys, database credentials, SSH access, and CRM records without hesitation. Both the default and strict-mode configurations failed. The fix is human approval gates on high-risk actions, which most deployed agents don't have.
Any AI agent with broad access and no approval layer is a social engineering surface. Treat it like a contractor with the keys to everything.
🕵️ Threat Intel
 
 
Phishing-as-a-service
Operation Riptide took down Outsider Enterprise, a Chinese phishing-as-a-service platform running since 2023 that generated 9,000+ fake brand websites and more than 1 million malicious URLs using AI-powered phishing kits. Targets received SMS impersonating delivery services, banks, and government agencies. FBI, Google, and Black Lotus Labs seized admin servers and Shopify storefronts, recovering roughly $100K in cryptocurrency. The operation's scope: 3.8 million stolen cards and an estimated $1.9 billion in losses.
AI-generated phishing kits at industrial scale are the new baseline. SMS-based brand impersonation doesn't require a nation-state anymore.
 
Threat actor
Proofpoint identified TA4922, a Chinese-speaking cybercrime group, as the most prolific tracked threat actor by unique campaign count. Targeting organizations across Asia, Europe, and Africa, the group combines credential phishing, malware distribution, and social engineering with one goal: financial fraud and data theft. The pace of operations, not just the scale, is what sets TA4922 apart from better-known APTs.
Volume matters. A group running more campaigns than any other actor is generating more chances to find an unlocked door.
🛠️ Tools & Tactics
 
 
Practical play
Oracle released its June 2026 Critical Security Patch Update with 245 patches covering Fusion Middleware, JD Edwards, MySQL, PeopleSoft, Siebel, and more. Roughly 120 are rated critical, and over 100 can be exploited without authentication. Fusion Middleware is the highest-priority cluster this cycle. Oracle's own framing is worth using as an internal policy argument: "Attackers have been successful because targeted customers had failed to apply available Oracle patches." The second monthly CSPU cadence means these windows close faster than they used to.
If your org runs Oracle products and doesn't have a structured patch cadence, this CSPU is the argument to build one.

Turn AI into Your Income Engine

Ready to transform artificial intelligence from a buzzword into your personal revenue generator

HubSpot’s groundbreaking guide "200+ AI-Powered Income Ideas" is your gateway to financial innovation in the digital age.

Inside you'll discover:

  • A curated collection of 200+ profitable opportunities spanning content creation, e-commerce, gaming, and emerging digital markets—each vetted for real-world potential

  • Step-by-step implementation guides designed for beginners, making AI accessible regardless of your technical background

  • Cutting-edge strategies aligned with current market trends, ensuring your ventures stay ahead of the curve

Download your guide today and unlock a future where artificial intelligence powers your success. Your next income stream is waiting.

Get Your Guide

🧪 Strange Cyber
 
Strange but real
🎮 He Learned to Hack by Cheating at Roblox. He Ended Up with 70 Million School Records and Four Years in Federal Prison.
Intro
This one happened back in April, but it's too good to leave on the shelf. Matthew Lane wasn't trying to break the education system. He was trying to win a video game. By the time federal agents showed up, he'd accidentally committed the largest education data breach in US history.
What Happened
Lane, 19 at the time of the breach, found his way into hacking through Roblox cheating communities and, by his own account, "got addicted." His path eventually led to PowerSchool's student information system, where he exfiltrated records belonging to approximately 60 million children and 10 million teachers across the United States. He was sentenced at age 20 to four years in federal prison. His account: "I'm honestly thankful for the FBI. I would have never stopped."
Why It Matters
Sixty million children's records weren't taken by a nation-state or an organized criminal enterprise. They were taken by a teenager with no formal security training who discovered exploitation through a game cheat community. The human and financial fallout from a breach this size is measured in decades.
The Other Side
Lane's opportunistic path means there was no organized operation monetizing the data. The breach was accidental in scale, not targeted by design. Some affected families may never see downstream fraud from it.
 
👉 Takeaway
The entry path into serious cybercrime is lower than most organizations plan for. School districts are among the least-resourced institutions holding some of the most sensitive long-term data that exists.
TL;DR: A teenager who started by cheating at Roblox ended up with 70 million school records and four years in federal prison.
Further reading: WKBW / ABC News

Wall Street is shifting billions into a select group of stocks, and MarketBeat’s updated 10 Best Stocks to Own in 2026 report reveals exactly which ones. Get the 10 names attracting fresh capital before the crowd catches on. Send My Free Report

Keep Reading

© 2026 Exzec Cyber's Newsletter..
beehiivPowered by beehiiv