WEEKLY TOP TEN: June 29, 2026, 16:00 GMT
- Sysdig Documents First End-To-End AI Agent Ransomware Attack
Cloud security firm Sysdig reported what it says is the first fully autonomous ransomware attack carried out by a large language model agent, dubbed JadePuffer. The AI agent exploited a critical missing-authentication flaw in Langflow, an open-source LLM application framework, to gain code execution, then independently conducted reconnaissance, harvested cloud and API credentials, moved laterally, and ultimately encrypted and wiped a production MySQL database and Nacos configuration data without human operator intervention at any stage. - FortiBleed Credential Theft Tied To Lynx And INC Ransomware
Threat intelligence firm SOCRadar linked the massive FortiBleed campaign, which exposed credentials from more than 430,000 Fortinet devices, directly to the INC Ransom and Lynx ransomware operations. Investigators found a server tied to FortiBleed’s infrastructure that had been used to access negotiation panels for both ransomware groups, along with victim data overlapping with organizations later listed on INC’s leak site. Researchers estimate the operation involved roughly 20 people and deployed traffic-sniffing tools on close to 19,000 FortiGate devices. - DHS Confirms Breach Of Homeland Security Information Network
The Department of Homeland Security is investigating a cyberattack that compromised the Homeland Security Information Network, a sensitive collaboration platform used by federal, state, local, and private-sector partners. The intrusion, first reported by Nextgov, is believed to have occurred between late May and early June and targeted both HSIN servers and an associated SharePoint collaboration system. DHS has not attributed the attack to a specific actor, and it remains unclear whether documents were stolen, though the timing has raised concerns given ongoing World Cup security coordination in the country. - Kubota North America Discloses Month-Long Network Intrusion
Kubota North America Corporation disclosed that a threat actor had access to parts of its network between March 16 and April 20, accessing files containing personal information belonging to employees and their dependents. The Japanese industrial manufacturer, which operates in 120 countries, said exposed data may include Social Security numbers, dates of birth, taxpayer IDs, government ID numbers, direct deposit bank details, and benefits enrollment information. Kubota began sending individualized notification emails to affected employees on June 30. - Huntress Tracks Massive Password Spray Campaign Against Microsoft 365
Huntress researchers documented an automated password spray campaign against Microsoft’s Azure command-line interface that generated more than 81 million login attempts between June 12 and 26, compromising at least 78 accounts across 64 organizations. The attacker used previously breached but never-rotated credentials, then bypassed multi-factor authentication in many environments by authenticating through the ROPC OAuth flow, which several organizations’ Conditional Access policies failed to cover. The activity, traced to infrastructure provider LSHIY LLC, stopped after that provider terminated the responsible accounts. - Cisco Confirms Exploitation Of Unified Communications Manager Flaw
Prediction-market platform Polymarket disclosed that a compromised third-party vendor injected malicious JavaScript into its website frontend, prompting users to approve fraudulent transactions. Researchers estimated losses of $2.94 million, with the attacker moving stolen funds from Polygon to Ethereum and converting them into roughly 1,893 ETH. Between 11 and 15 user wallets holding pUSD were drained; the platform’s smart contracts functioned as designed, but the web layer was tampered with. Polymarket removed the affected dependency, contacted impacted users, and pledged full refunds. The incident was the platform’s second security failure in five weeks and highlights frontend integrity as an underaddressed DeFi risk. - FBI Warns Of TeamPCP Supply Chain Poisoning Campaign
The FBI published a FLASH alert describing TeamPCP, a threat actor that has been poisoning trusted developer tools to steal cloud credentials, spread malware through software update mechanisms, and extort victims. The alert details how the group compromises legitimate software supply chains to reach downstream organizations, reflecting a broader escalation in attacks that abuse developer trust in package managers and update pipelines rather than targeting victim networks directly. - North Korean Hackers Hide Remote Access Trojan In Npm Packages
Security researchers at JFrog identified npm packages linked to North Korean state-backed actors that impersonate legitimate Rollup polyfill tooling to steal developer secrets. The packages “rollup-packages-polyfill-core” and “rollup-runtime-polyfill-core” closely mimic a real project’s metadata and structure, then quietly install second-stage packages that fetch a remote access toolkit capable of harvesting cloud credentials, cryptocurrency wallet data, and configuration files for tools including AWS, Azure, and developer AI assistants. All six packages have since been removed from the registry. - New CitrixBleed-Style Flaw Exploited Within A Day Of Disclosure
Hackers began exploiting a new memory-disclosure vulnerability in Citrix NetScaler ADC and NetScaler Gateway appliances, tracked as CVE-2026-8451, less than 24 hours after Citrix disclosed and patched it on June 30. The flaw lies in NetScaler’s XML parser and allows attackers to retrieve memory contents, including session cookies, from appliances configured as SAML identity providers. Security firm Lupovis reported the rapid weaponization, underscoring how quickly attackers now move once technical exploit details become public. - FBI And Google Dismantle NetNut Residential Proxy Botnet
Google’s Threat Intelligence Group, working with the FBI, IRS Criminal Investigation, and Lumen, disrupted NetNut, a residential proxy network built on more than two million hijacked home devices, many of them Android smart TVs and streaming boxes. Investigators tied the network to Alarum Technologies, a Nasdaq-listed Israeli firm. In a single week in June, researchers observed 316 distinct threat clusters, including cybercriminal and espionage groups, using NetNut exit nodes for password spraying and credential attacks. Google disabled abusive accounts, updated Play Protect to flag infected apps, and shared intelligence with partners, while the FBI seized related domains.
Our Threat Operations and Intelligence team compiles a daily digest of the most recent online cybersecurity risks. The previous 10 stories were determined to be most significant during the course of the week, ranked by highest risk, and using multiple sources when available.