In partnership with
|
FACT
|
Cybercriminals have registered more than 19,000 domains containing "FIFA" since January 2026, building what Intel 471 calls "the largest and most complex cyberattack surface in sporting history." The World Cup starts Thursday. (Intel 471 / Help Net Security)
|
|
|
Big week for AI doing both sides of the job. An autonomous agent found 20 years of dormant FFmpeg vulnerabilities for less than a flight. Someone else used Claude Opus to build a ransomware toolkit that now bypasses most enterprise EDR. The line between those two things is getting thinner by the week. This is a snapshot of where that's headed.
PS — Was this forwarded to you? Subscribe free at exzeccyber.com/subscribe →
|
|
AI Security Research
🤖 The $1,000 Bug Hunter: How an AI Just Found 20 Years of Hidden Zero-Days
Intro
An autonomous AI agent spent roughly $1,000 scanning 1.5 million lines of FFmpeg source code and came back with 21 previously unknown vulnerabilities, some of which had been sitting undetected for over two decades.
What Happened
The agent was built by a company called depthfirst, which pointed it at FFmpeg, the open-source media library baked into virtually every video application. Twenty-one confirmed zero-days later, the agent had found bugs that human researchers had missed since 2003. Separately, Google shipped Chrome 149 with patches for 429 security vulnerabilities, the single largest patch release in browser history, with over 100 classified as critical or high severity.
Why It Matters
The economics of vulnerability research just changed. If a $1,000 automated scan can outperform years of manual auditing on a widely-used library, the software security industry's entire threat model for unaudited legacy code needs to be revisited. Google has already revised its bug bounty program to handle the incoming flood of AI-generated reports.
The Other Side
Automated agents produce real bugs but also false positives, and the cost of triaging AI-generated vulnerability reports at scale could offset the savings. Anthropic's Mythos and Google's Big Sleep have found FFmpeg flaws too, but none have shipped a repeatable, low-cost commercial workflow yet.
| |
👉 Takeaway
If you maintain software with legacy C code and no recent formal audit, assume it has undetected vulnerabilities. The cost to find them is now under $1,000. Someone will.
|
TL;DR: An AI found 21 FFmpeg zero-days for $1,000 -- some dormant since 2003 -- while Chrome patched a record 429 bugs in one shot.
|
| |
Zero-day
CVE-2026-20245 is a privilege escalation flaw in Cisco Catalyst SD-WAN Manager that lets an authenticated attacker execute arbitrary commands as root. Mandiant discovered the bug being actively exploited across all SD-WAN deployment types including government FedRAMP environments. There is no patch available. Cisco says attackers have already used it to push configuration changes to edge devices.
→ If you run Cisco SD-WAN, review Cisco's advisory for indicators of compromise and collect diagnostic files before any upgrade attempt.
|
| |
Active threat
Cybercriminals have built what Intel 471 calls the largest cyberattack surface in sporting history ahead of the 2026 World Cup. A Chinese-speaking group called Ghost Stadium is running a single phishing kit across 300+ fake FIFA sites harvesting credentials and payment data. The FBI has warned of spoofed ticketing sites, and a remote access trojan called BTMOB is being distributed through fake World Cup streaming apps. Group-IB estimates ticket fraud losses alone could run $71 million to $474 million.
→ Any World Cup ticket, stream, or travel deal that looks even slightly off probably is. Stick to official FIFA channels.
|
| |
Account takeover
Researchers at Enclave found a debug flag (setIsDebugMode(true)) accidentally left active in production builds of six Microsoft 365 Android apps: Word, Excel, PowerPoint, Copilot, Loop, and OneNote. The flag disabled the security check that limits account-token sharing to trusted Microsoft apps, meaning any malicious app on the same device could silently steal refresh tokens and gain full access to email, files, and calendars. The flaw propagated through a shared internal SDK across all six apps. Microsoft issued four CVEs (CVSS up to 7.7) and all six apps have been patched.
→ Update Microsoft 365 apps on Android now. If your org manages Android devices, verify current app versions via MDM before end of day.
|
|
The New Rules of Revenue: Pricing, Usage, and AI
Usage-based and hybrid pricing unlock serious revenue potential—but they're complex to operationalize. On June 10th, Tabs and PwC break down how leading B2B finance teams are making it work. Walk away with frameworks you can actually use. Count me in.
| |
AI offense
Researchers found an AI-assisted ransomware framework built using Cursor and Claude Opus as co-developers. The toolkit has roughly 80 modules covering Cobalt Strike profile generation, Telegram-based command and control, Python shellcode injection, and Cloudflare Workers as proxy redirectors. The AI agents extracted evasion techniques from published Kaspersky and Palo Alto research, mapped findings to MITRE ATT&CK, and iteratively tested against Sophos, CrowdStrike, and Microsoft Defender until bypasses held.
→ AI-assisted malware development is no longer theoretical. Defenders should assume adversaries have access to the same tooling and treat EDR coverage as one layer, not the last line.
|
| |
Industry report
Verizon's 2026 Data Breach Investigations Report found that 100% of credential theft attempts observed by Keep Aware passed through existing non-browser security controls completely undetected -- network proxies, DNS filters, and endpoint agents all missed them. The shadow AI angle is equally uncomfortable: 67% of employees are accessing AI services on corporate devices through personal accounts, putting 23% of sensitive uploads outside any DLP controls. ClickFix social engineering now accounts for 2.7% of all browser-based attacks.
→ If your threat model still treats the browser as a safe zone, this report is the correction.
|
|
| |
Espionage
UNC5221, also tracked as VerdantBamboo, deployed three malware strains against US legal services, SaaS providers, BPOs, and tech companies: Brickstorm (a Rust-based backdoor), Plenet (a .NET interactive shell), and AgentPSD (a Python fallback). The group spent at least 18 months inside victim networks before detection. In one case they also breached the victim's managed services provider, then regained access after remediation by using stolen credentials to re-enable SSL VPN.
→ This is a long-game operation. If you're in legal, SaaS, or tech with MSP relationships, threat hunt for pfSense and VPN credential abuse going back 18 months.
|
| |
Critical infrastructure
Shadowserver found 1,061 automatic tank gauge (ATG) systems sitting exposed on the public internet, with more than 900 in the US alone. A CISA, FBI, NSA, and DOE joint advisory confirmed active exploitation via hardcoded credentials, authentication bypasses, and command injection. A successful compromise lets an attacker disable leak detection alerts, potentially masking fuel leaks or equipment failures. CNN previously linked the May gas station breaches to Iranian hackers, though government attribution hasn't been formalized.
→ ATG systems should never be directly internet-accessible. If your organization manages these, get them off public-facing ports immediately.
|
|
| |
Practical play
Your Patch Tuesday Window: June 9 Has Two Stories Worth Acting On
Patch Tuesday is this Tuesday, June 9. Two vulnerabilities are already in active exploitation before the patches ship. CVE-2026-42897 is an Exchange Server cross-site scripting flaw (CVSS 8.1) that lets attackers conduct spoofing attacks via Outlook Web Access. The Exchange Emergency Mitigation Service is applying an automatic workaround by default, but you should verify it's running and confirm your Exchange environment is up to date on cumulative updates before Tuesday. The second story is CVE-2026-45659, a SharePoint remote code execution vulnerability (CVSS 8.8) with no known workaround. Prioritize both for same-day patching on Tuesday. Adobe Creative Cloud (inCopy, InDesign, Photoshop) and Chrome 150 are also expected this week.
→ Block time Tuesday for Exchange and SharePoint patches. Check EMES status now so you're not surprised when the patches drop.
|
|
What happens when you throw out the GTM playbook
That investor was wrong. Gamma is now worth $2B, with 50M users and more than half their growth driven by word of mouth.
They're one of 6 AI-native startups in HubSpot for Startups' free Bold Bets Playbook. Replit grew revenue 50x after half the team pushed back on the strategy. Ramp generated 100M+ views from a single stunt. Clay's co-founder wouldn't hang up a sales call until the prospect DMed him in Slack.
Each one took a GTM risk most founders would never greenlight. Each one paid off.
|
Strange but real
😠 When Your Ransomware Affiliate Attacks the Boss's Country and Gets Publicly Fired
Intro
The first rule of ransomware club is you do not attack organizations in CIS countries. The second rule of ransomware club is you do NOT attack organizations in CIS countries. One affiliate missed both memos.
What Happened
An affiliate of the Nova ransomware program (run by the RAlord gang) attacked Eriell Group, a major oilfield services company headquartered in Uzbekistan with a corporate office in Moscow. Nova not only kicked the affiliate out of the program, they issued a public apology to Eriell, promised free recovery assistance, and pinned a statement to their leak site calling the attack an unauthorized action by a "dumbass." Threat-hunter Dominic Alvieri promptly named it the ransom "dumbass of the day."
Why It Matters
Ransomware gangs enforcing geographic rules is old news, but publicly documenting that enforcement is something else. Nova just created a searchable record of their internal compliance standards, complete with an admission that they have affiliates they can't control and a named target they felt bad about hitting. This is the criminal equivalent of a public HR memo.
The Other Side
The apology strategy is not entirely irrational. Gangs that operate in the CIS face real risk from local law enforcement if they draw heat from domestic victims. Staying in the good graces of Uzbek and Russian industry is a survival mechanism, not a moral awakening.
| |
👉 Takeaway
The most useful thing in this story is the proof that ransomware operations have internal governance that breaks down. Affiliates are a weak point, and their mistakes can create the kind of public paper trail that eventually helps investigators.
|
TL;DR: A ransomware affiliate attacked their gang's home turf, got publicly called a "dumbass," and the gang issued a formal apology to the victim.
|
Join over 4 million professionals who start their day with Morning Brew — a free daily newsletter on business, finance, and tech that's actually fun to read. Try it for free.
