Weekly Threat Intelligence Summary

Top 10 General Cyber Threats

Generated 2026-06-22T05:00:05.367824+00:00

1. Nearly 15,000 infected websites cleaned in SocGholish crackdown (www.malwarebytes.com, 2026-06-19T16:05:53)
   Score: 7.777
   Thousands of everyday websites were cleaned as part of a global operation targeting the malware network behind fake browser update scams.
2. Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap (www.malwarebytes.com, 2026-06-19T11:47:16)
   Score: 7.747
   Apple has patched a year-old Bluetooth vulnerability that could have let nearby attackers listen through Beats Studio Buds' microphone.
3. Microsoft working on a fix for RoguePlanet, a flaw that grants full PC control (www.malwarebytes.com, 2026-06-18T12:58:30)
   Score: 7.589
   Microsoft says it's working on a fix for an unpatched Defender vulnerability that can give attackers the highest level of access on Windows.
4. Retro gaming fans are the new target for fake GitHub malware (www.malwarebytes.com, 2026-06-18T11:27:42)
   Score: 7.578
   Retro gaming fans should be careful with GitHub projects that claim to be tools or plugins for their consoles. We looked at one example aimed at PlayStation Vita owners.
5. Roblox developers are losing entire games to malware attacks (www.malwarebytes.com, 2026-06-17T20:22:42)
   Score: 7.473
   Attackers are using fake job offers and malware to steal accounts, Robux, and Roblox games from the developers who build them.
6. Rokarolla Android malware can take over your phone and steal banking logins (www.malwarebytes.com, 2026-06-17T15:34:15)
   Score: 7.44
   Researchers have uncovered an Android banking Trojan that targets more than 200 banking and cryptocurrency apps and can take over infected devices.
7. Inside a malicious infrastructure delivering EtherRAT, phishing pages, and malicious software (www.malwarebytes.com, 2026-06-15T20:17:46)
   Score: 7.44
   We found EtherRAT malware being distributed by a website with a strange homepage. Following the trail, we discovered a vast network of malicious infrastructures, distributing malware, malicious documents, remote desktop software, and phishing pages.
8. Malwarebytes earns AV-TEST Top Product award, aces other third-party tests (www.malwarebytes.com, 2026-06-17T09:41:46)
   Score: 7.399
   Malwarebytes got top marks in independent tests against malware, phishing, and other online threats.
9. June 2026 Patch Tuesday: Microsoft Patches 206 Vulnerabilities Including Three Publicly Disclosed Zero-Days (www.crowdstrike.com, 2026-06-09T05:00:00)
   Score: 7.033
10. FortiBleed Campaign Exposing Credentials for 73,932 FortiGate Systems (www.recordedfuture.com, 2026-06-19T00:00:00)
    Score: 5.665
    A dataset containing valid administrative and VPN credentials for tens of thousands of Fortinet FortiGate firewalls.

Top 10 AI / LLM-Related Threats

Generated 2026-06-22T06:00:16.151873+00:00

1. Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime (www.rapid7.com, 2026-06-11T13:00:00)
   Score: 23.25
   Introduction The underground market for criminally oriented generative AI has moved beyond the early hype surrounding 'malicious chatbots.' The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, threat actors are increasingly using AI to accelerate routine, but operationally significant
2. Building Supercharger: How Rocket Close optimized title operations with agentic AI (aws.amazon.com, 2026-06-12T20:43:56)
   Score: 15.465
   In this post, we explore how Rocket Close built a solution using Strands Agents, large language models (LLMs), Amazon Bedrock, Amazon Bedrock Knowledge Bases, and Model Context Protocol (MCP) tools. We cover solution features, the rationale for the technology stack, lessons learned, and the business impact at Rocket Close.
3. Automated Threat Hunting: Turning Threat Intelligence into Executable Hunt Plans (www.rapid7.com, 2026-06-10T16:26:33)
   Score: 15.046
   Blake McDermott is Senior Threat Hunter at Rapid7. Every week, threat hunt teams are faced with a steady flow of blogs, advisories, and DFIR reports containing valuable intelligence about adversary behaviors, tactics, techniques, and procedures. The challenge is turning that intelligence into repeatable, behavior-based hunting logic quickly enough to be useful. Indicators of compromise still have value, but they age quickly. Behavioral detections give defenders a better way to look for how attac
4. Patch Tuesday – June 2026 (www.rapid7.com, 2026-06-09T21:04:53)
   Score: 13.954
   Microsoft is publishing 200 vulnerabilities on June 2026 Patch Tuesday . Microsoft is not aware of exploitation in the wild for any of these vulnerabilities, and is aware of public disclosure for three. This is similar to last month’s Patch Tuesday, however several of last month’s vulnerabilities ended up on CISA KEV in the days following their publication. So far this month, Microsoft has provided patches to address 360 browser vulnerabilities, which is an order of magnitude more than has been
5. Rapid7 Gains Access To Anthropic’s Project Glasswing To Explore Frontier AI For Cybersecurity (www.rapid7.com, 2026-06-09T13:35:36)
   Score: 11.48
   Wade Woolwine is Senior Director, Product Security at Rapid7. Rapid7 is excited to join Anthropic’s Project Glasswing, which includes access to Claude Mythos Preview, giving our teams the opportunity to explore how frontier AI can support legitimate, internal defensive security workflows led by experienced security practitioners. Anthropic has now expanded Project Glasswing from its initial cohort to a broader group of organizations, underscoring how quickly this conversation is moving from mode
6. Why Security Teams Need To Start Earlier (www.rapid7.com, 2026-06-18T14:45:55)
   Score: 11.135
   Security leaders are facing an unusual set of circumstances. The drumbeat for better security prioritization has been rising for years in boardrooms around the world. The desire is there, but the processes of the past aren’t meeting the needs of the new moment we find ourselves in. That gap is not a technology problem. It's an operating model problem. At the opening keynote of Rapid7’s 2026 Global Cybersecurity Summit, Craig Adams, Chief Product Officer, Rapid7, Brian Castagna, CSO, Rapid7
7. Amazon SageMaker AI Async Inference now supports inline request payloads (aws.amazon.com, 2026-06-17T20:56:36)
   Score: 9.358
   Today, we’re announcing inline payload support for Amazon SageMaker AI Async Inference. Customers can now send inference payloads directly in the request body of the InvokeEndpointAsync API, removing the need to upload input data to Amazon Simple Storage Service (Amazon S3) before each invocation.
8. The June 2026 Security Update Review (www.thezdi.com, 2026-06-09T18:12:18)
   Score: 8.926
   I’ve made it through Pwn2Own Berlin, had a little vacation, and now I’m back for Patch Tuesday. Microsoft and Adobe didn’t disappoint. In fact, they have heralded my return with the largest Patch Tuesday release ever. Thanks? Take a break from your regularly scheduled activities and let’s take a look at the latest security patches from Adobe and Microsoft. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for June 2026 For May, June
9. Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more (www.rapid7.com, 2026-06-19T17:08:23)
   Score: 8.896
   This week's release includes five new modules, including a full unauthenticated RCE chain for Paperclip AI and a VS Code extension persistence technique. On the post-exploitation side, the new windows/local/ntlm_relay_2_self module coerces the local machine account to authenticate via OpenEncryptedFileRaw (WebDAV), relays that NTLM authentication to a Domain Controller's LDAP service, then uses the resulting LDAP session to write Shadow Credentials and obtain a Kerberos service ticket
10. Introducing Web Search on Amazon Bedrock AgentCore (aws.amazon.com, 2026-06-19T14:15:24)
    Score: 8.768
    Web Search on Amazon Bedrock AgentCore is now generally available. In this post, we walk through what makes Web Search on Amazon Bedrock AgentCore different, why it matters, and how to wire it in with a few lines of code.
11. Amazon Bedrock AgentCore harness is now generally available: Go from idea to production-grade agent in minutes (aws.amazon.com, 2026-06-18T17:32:22)
    Score: 8.562
    Today, Amazon Bedrock AgentCore harness is generally available. Two API calls (CreateHarness to define an agent, and InvokeHarness to run it), and you have an agent running in seconds. The agent runs in its own isolated environment with a filesystem and shell, so it can read files, run commands, and write code safely. It remembers users and conversations across sessions, picks up skills you point it at (including the AWS-curated catalog), browses the web, calls your tools through gateway or MCP,
12. Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE (unit42.paloaltonetworks.com, 2026-06-16T10:00:29)
    Score: 8.411
    Unit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more. The post Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE appeared first on Unit 42 .
13. New in Amazon Bedrock AgentCore: Build agents with broader knowledge and continuous learning (aws.amazon.com, 2026-06-17T15:29:36)
    Score: 8.304
    Today we're introducing new capabilities on Amazon Bedrock AgentCore, the platform to build, connect, and optimize agents. In this post, we cover how these capabilities close each gap: connecting agents to organizational, web, and paid knowledge; helping teams find and fix what's going wrong in production; and enforcing controls that scale as agents grow more capable. Together, they help you build more capable agents faster, govern them with controls that scale, and improve them contin
14. Safeguard your agentic AI applications with the Amazon Bedrock Guardrails InvokeGuardrailChecks API (aws.amazon.com, 2026-06-16T22:46:46)
    Score: 8.138
    Today, we’re announcing a new API with Amazon Bedrock Guardrails. With this API, you can apply individual safeguards, also referred to as safety checks, at any point in your agentic AI applications without creating guardrail resources. In this post, we walk through how the InvokeGuardrailChecks API works and how to use it to build safe, multi-turn agentic AI applications.
15. Reconstructing AI activity in investigations (www.microsoft.com, 2026-06-09T17:35:06)
    Score: 7.92
    Learn how to investigate AI activity in Microsoft 365 Copilot and Azure AI services using a structured, telemetry-driven approach. This playbook helps security teams reconstruct events, assess data exposure, and detect potential threats faster. The post Reconstructing AI activity in investigations appeared first on Microsoft Security Blog .
16. Introducing Gemma 4 models on Amazon Bedrock (aws.amazon.com, 2026-06-15T20:24:15)
    Score: 7.876
    Today, we are announcing the availability of the Gemma 4 family on Amazon Bedrock. Built by Google DeepMind and released under the Apache 2.0 license, Gemma 4 is a family of open-weight models designed with a focus on intelligence-per-parameter across a broad range of deployment scenarios. The family includes three instruction-tuned variants: Gemma 4 31B, Gemma 4 26B-A4B, and Gemma 4 E2B. These cover dense and mixture-of-experts (MoE) architectures, where only a fraction of the model’s parameter
17. Cybersecurity Firms Impacted by Klue Supply Chain Attack (www.securityweek.com, 2026-06-19T09:19:06)
    Score: 7.819
    The hackers exfiltrated data from Salesforce instances of Klue customers, such as Huntress and Recorded Future. The post Cybersecurity Firms Impacted by Klue Supply Chain Attack appeared first on SecurityWeek .
18. Build context-rich research agents with Deep Agents and Bedrock AgentCore (aws.amazon.com, 2026-06-15T13:56:33)
    Score: 7.812
    In this post, you'll build a competitive research agent that demonstrates this pattern end to end. This walkthrough targets developers building multi-step AI workflows who need isolated execution environments for their agents. In Part 2 of the notebook, you can deploy this same agent to Bedrock AgentCore Runtime using the AgentCore CLI, so it runs as a managed, session-isolated service.
19. Built from the inside out: How AWS Professional Services became a frontier team first (aws.amazon.com, 2026-06-12T13:00:10)
    Score: 7.588
    AWS Professional Services (AWS ProServe) compressed engagement timelines from months to days, not by adding artificial intelligence (AI) tools to an existing process, but by fundamentally rebuilding how we deliver from the inside out. In this post, we share how AWS ProServe became a frontier team, the practices that enabled it, and what your engineering organization can take from our experience.
20. From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet (www.microsoft.com, 2026-06-18T03:43:04)
    Score: 7.525
    A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend against supply chain attacks using Microsoft Defender and actionable threat intelligence. The post From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet appeared first on Microsoft Security Blog .
21. Threat Brief: Mitigating Large-Scale Credential Attacks (unit42.paloaltonetworks.com, 2026-06-20T02:05:33)
    Score: 7.285
    We provide guidance for preparing for and mitigating large-scale credential attacks, focusing on recent campaigns targeting security vendors' devices. The post Threat Brief: Mitigating Large-Scale Credential Attacks appeared first on Unit 42 .
22. Trust No Skill: Integrity Verification for AI Agent Supply Chains (unit42.paloaltonetworks.com, 2026-06-11T10:00:24)
    Score: 7.221
    Protect enterprise AI agents from supply chain risks by auditing third-party skills for hidden vulnerabilities and multi-stage attack chains. The post Trust No Skill: Integrity Verification for AI Agent Supply Chains appeared first on Unit 42 .
23. Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273) (www.rapid7.com, 2026-06-12T13:43:04)
    Score: 7.196
    Overview On June 10, 2026, Oracle published a security alert for CVE-2026-35273 , a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. Oracle released an out-of-band patch the same day as the advisory, underscoring the urgency of remediation. The vulnerability has a CVSSv3.1 score of 9.8 and is remotely exploitable without authentication. Per the vendor advisory, successful exploitation may result in remote code execution (RCE). TrendAI h
24. From PDFs to insights: Architecting an intelligent document processing pipeline with AWS generative AI services (aws.amazon.com, 2026-06-12T14:43:11)
    Score: 7.106
    This post outlines the development of a cost-effective and scalable intelligent document processing pipeline on AWS, powered by Amazon Bedrock and its features. BDA is a managed service within Amazon Bedrock that automates the extraction of insights from documents. We demonstrate how BDA extracts and analyzes document content, while Strands Agent hosted on Amazon Bedrock AgentCore Runtime coordinate specialized processing tasks, and Amazon Bedrock Knowledge Base enable contextual understanding a
25. NIS2 is raising the bar. Here’s how to turn readiness into resilience. (www.rapid7.com, 2026-06-15T17:29:15)
    Score: 6.947
    The NIS2 directive asks covered organizations to take a more structured approach to risk management, governance, supply chain security, and incident reporting. It expands the scope of who may be covered, raises expectations around management body accountability, introduces clearer and more enforceable requirements, and increases pressure on organizations to show that security is being managed in a consistent, defensible way. Reporting timelines are one of the most visible parts of that shift, wi

Auto-generated 2026-06-22