The Canadian Centre for Cyber Security published a daily advisory digest on 2026-07-06 compiling eight security advisories from Red Hat, Ubuntu, Dell, CISA ICS, IBM, Roundcube, OpenSSH, and Microsoft Edge. The advisories address vulnerabilities across a broad range of products including Linux kernels, industrial control systems, enterprise software suites, webmail, SSH, and browser software. No specific CVEs, IOCs, or threat actor details are provided in the digest; administrators are directed to vendor advisories for patching guidance.
This weekly threat intelligence bulletin covers multiple active ransomware campaigns, four critical vulnerabilities under active exploitation, and emerging AI-driven threats. Notable items include actively exploited RCE flaws in Oracle E-Business Suite and Progress Kemp LoadMaster, a Citrix NetScaler memory disclosure flaw exploited within 24 hours of disclosure, a North Korean supply-chain campaign (PolinRider) deploying 108 malicious packages, and a proof-of-concept browser-native ransomware generated by an LLM abusing Chrome's File System Access API.
QuimaRAT is a cross-platform, Java-based remote access trojan sold as a malware-as-a-service subscription on the dark web. It targets Windows, macOS, and Linux systems by embedding JNA native libraries for multiple architectures within a JAR archive built for Java SE 8. The RAT decrypts an internal configuration file using repeating-key XOR, performs anti-analysis and virtualization checks, establishes persistence via OS-specific mechanisms, and maintains resilient C2 communication through HANDSHAKE and HEARTBEAT protocols. With 23 implemented commands and 212 protocol-only commands, the platform is highly extensible through runtime modules and fileless payloads.
UNK_DeadDrop is a likely North Korean threat actor conducting broad phishing campaigns targeting software developers with fake job offers and code review requests. The campaign delivers malicious GitHub/GitLab repositories that abuse VS Code and Cursor IDE task automation to silently execute cross-platform malware. Linux and macOS systems receive the Overlord Go RAT with custom credential and wallet theft modules, while Windows runs a fileless Node.js/Python pipeline inside the editor's Electron process. The malware exfiltrates cryptocurrency wallets, browser credentials, and OS keychain data to a hardcoded C&C server at 23.137.105.75:5173.
Kaspersky's 2025 compromise assessment report reveals that organizations consistently fail to detect long-dwelling threats, with 30.8% of incidents persisting over 3 months and 52% of high-severity compromises going undetected for 90+ days. Key findings include widespread abuse of LoLBins and remote management tools in every incident-bearing engagement, 40% of web shells surviving in backups to be restored post-remediation, and a strong correlation between in-house forensics/reverse-engineering capability and reduced incident severity. Multiple case studies document dormant crypto-mining on domain controllers (4 years), in-memory LionTail implants on critical servers, PurpleFox rootkit infections evading EDR with disabled memory scanning, and ClipBanker persistence via registry Run keys with Defender exclusions.
Arctic Wolf Labs documents Anubis ransomware affiliate tradecraft observed across multiple 2026 intrusions, featuring CitrixBleed 2 (CVE-2025-5777) exploitation and valid VPN credential abuse for initial access. Affiliates consistently deploy legitimate RMM tools for persistence, use Mimikatz and ntds.dit extraction for credential access, establish alternate egress via cloudflared and SSH SOCKS tunnels, and employ exfiltration tools like S3 Browser and rclone before deploying encryptors on Windows and Linux systems. The attack chain relies on commodity tools and living-off-the-land techniques that resemble legitimate administration in isolation but form a distinctive kill chain when correlated.
AI Attacked and Abused While Perimeter Authentication Collapses
The month's defining shift was the emergence of AI as a two-sided battlefield: organizations deployed AI tools faster than they secured them, while attackers weaponized the same technology against defenders. Critical flaws in LangGraph allowed SQL injection chained to remote code execution, M365 Copilot could be turned into a one-click data exfiltration weapon via SearchLeak, and Langflow was exploited to deploy cryptominers. Meanwhile, the ongoing Shai-Hulud campaign injected prompts to blind AI malware scanners, macOS.Gaslight turned prompt injection against human analysts, and Russia's APT28 began experimenting with LLM-integrated malware. At the same time, perimeter authentication collapsed at scale: FortiBleed exposed credentials for over 73,000 FortiGate firewalls, CVE-2026-50751 let attackers bypass Check Point VPN authentication entirely, and ShinyHunters exploited an Oracle PeopleSoft zero-day across over 100 organizations.
Supply chain attackers followed developers to their new AI tools, compromising the ecosystems where code is written and built. The Shai-Hulud/Miasma worm expanded from npm into PyPI and injected persistent backdoors into AI coding assistant configurations, while North Korea's Sapphire Sleet compromised over 140 Mastra npm packages to steal cryptocurrency wallets, and the ongoing GlassWorm campaign pivoted to WebAssembly malware in VS Code extensions using the Solana blockchain as command-and-control. Social engineering also industrialized: the ErrTraffic framework turned ClickFix deception into a Malware-as-a-Service operation with blockchain dead drops, and EvilTokens hid phishing flows inside browser-side encryption to defeat network scanners while hijacking Microsoft device-code authentication.
Organizations should treat AI deployments as untrusted perimeter assets—restrict their network access, audit third-party skills and extensions, and assume prompt-injection attacks will target both automated scanners and human analysts. Every internet-facing VPN, firewall, and edge appliance should be patched immediately, with credentials rotated and phishing-resistant MFA enforced, because perimeter authentication failures now cascade directly into internal network compromise.
A cryptocurrency-mining campaign is actively exploiting CVE-2026-33017, an unauthenticated RCE vulnerability in Langflow, to deploy the lambsys malware. The attack chain involves a bash dropper that establishes SSH-based lateral movement, followed by a Go-based payload that systematically disables Linux security controls, eliminates rival miners, and deploys a customized XMRig miner.
The Canadian Centre for Cyber Security published a daily digest summarizing security advisories from IBM, Ubuntu, Dell, CISA (ICS), and Red Hat. The advisories cover a wide range of enterprise software, Linux kernels, and industrial control systems requiring immediate patching to address newly disclosed vulnerabilities.
Trust Chains Broken at Scale While ClickFix Becomes a Service
This week, attackers stopped trying to kick down the front door and instead walked in through the trust chains that hold digital ecosystems together. North Korea's Sapphire Sleet compromised over 140 Mastra npm packages through a single typosquatted dependency, stealing cryptocurrency wallets and planting persistent backdoors on developer machines. The GlassWorm group trojanized Open VSX extensions with WebAssembly malware that uses the Solana blockchain as an unkillable command channel, while SmartApeSG hijacked the Okendo Reviews widget to serve malicious prompts on thousands of e-commerce sites. Even vendor integrations became a liability: the Klue breach exposed Recorded Future client data through a compromised OAuth token connecting a marketing tool to Salesforce.
Deception also became an industrial product. The ErrTraffic framework now operates as full Malware-as-a-Service, using blockchain smart contracts to hide its infrastructure and compromised WordPress sites to serve fake error prompts that trick users into running malicious commands. Attackers weaponized trusted AI platforms too—one campaign abused claude.ai's shared chat feature to deliver MacSync infostealer on macOS, while the shai_hulululud npm package uses prompt injection to blind AI-powered security scanners. On the infrastructure side, the FortiBleed campaign cracked credentials for over 73,000 FortiGate firewalls with a 45-GPU cluster, handing attackers valid keys to government and defense networks worldwide.
Defenders should immediately hunt for the easy-day-js dependency in their npm projects, reset credentials on any FortiGate firewall, enable Azure AD Graph Activity Logs to close a years-long reconnaissance visibility gap in Microsoft cloud environments, and audit OAuth tokens on all third-party vendor integrations.
ESET researchers analyzed the Gentlemen ransomware-as-a-service (RaaS) operation, highlighting their unique approach of providing an in-house developed EDR killer framework, GentleKiller, directly to affiliates. The framework leverages Bring Your Own Vulnerable Driver (BYOVD) techniques to terminate over 400 security processes and is augmented by third-party tools like HexKiller and HavocKiller, all standardized with a shared defense-evasion layer.
Threat researchers discovered GlassWASM, a WebAssembly-based malware distributed via trojanized extensions on the Open VSX marketplace. The malware uses ChaCha20 encryption to evade static analysis and leverages the Solana blockchain as a resilient C2 dead-drop to retrieve and execute OS-specific second-stage payloads via Node.js.
The Canadian Centre for Cyber Security released a daily digest summarizing five security advisories for vulnerabilities patched between June 8 and 14, 2026. The advisories cover a wide range of enterprise software, infrastructure, Linux kernels, and industrial control systems from vendors including IBM, Dell, Ubuntu, Red Hat, and various ICS manufacturers. Organizations are strongly encouraged to review the specific vendor advisories and apply necessary updates.
This threat intelligence report highlights multiple critical vulnerabilities and active exploits, including a zero-day in Oracle PeopleSoft (CVE-2026-35273) exploited by ShinyHunters and an IKEv1 authentication bypass in Check Point VPNs (CVE-2026-50751) linked to Qilin ransomware. Additionally, the report details emerging AI-driven threats, a supply-chain compromise in the Arch User Repository deploying eBPF rootkits, and widespread patching efforts by Microsoft and Veeam.
The Canadian Centre for Cyber Security released a daily digest highlighting critical security updates for Microsoft Edge, Spring framework components, Google Chrome, and Moxa industrial computers. Notably, the Microsoft Edge update addresses CVE-2026-11645, a vulnerability with a known exploit available in the wild, necessitating urgent patching.
Between 2024 and 2026, the Vietnam-aligned threat actor OceanLotus (APT32) shifted its focus toward domestic espionage, conducting a supply-chain attack against the FireAnt MetaKit stock investment platform and compromising a major infrastructure corporation. The campaigns leveraged DLL side-loading to deploy the SPECTRALVIPER backdoor, which features advanced orchestration capabilities and exfiltrates encrypted host data via HTTP Cookie headers.
Mandiant and Google Threat Intelligence Group identified an active extortion campaign by UNC6240 (ShinyHunters) exploiting CVE-2026-35273, a critical zero-day RCE vulnerability in Oracle PeopleSoft. The threat actors targeted the higher education sector, deploying customized MeshCentral agents for C2 and utilizing custom scripts for lateral movement, defacement, and data exfiltration.
The third wave of the Shai-Hulud supply chain worm, dubbed Miasma, targets the npm ecosystem by utilizing weaponized binding.gyp files to bypass lifecycle script monitoring. It establishes deep persistence within AI assistant and IDE configuration directories, evades detection through dormancy and EDR checks, and abuses valid Sigstore attestations to masquerade as legitimate packages.
Trojanized Build Pipelines and Blind-Spot Appliances Redefine the Perimeter
Attackers are bypassing traditional network defenses by compromising the tools developers use to build software and the AI assistants they rely on to write code. Campaigns like Mini Shai-Hulud and Miasma - The Spreading Blight flooded package registries with malicious code that steals cloud credentials and CI/CD tokens, while researchers proved that public AI agent skill marketplaces are completely ineffective at catching malicious add-ons.
Nation-state actors and cybercriminals are simultaneously shifting their focus to blind spots in corporate networks and trusted platforms. The VerdantBamboo group exploited firewalls to bypass conditional access, while UNC3753 used IT impersonation to trick law firm employees into installing remote access tools, and Kali365 expanded its phishing infrastructure to steal multi-factor authentication tokens.
Defenders must shift their focus from perimeter email filtering to securing the software build pipeline and monitoring edge appliances for anomalous traffic. Hunt for unexpected connections to cloud storage APIs and review developer environments for compromised packages or AI skills.
VerdantBamboo, a Chinese threat actor, compromised edge appliances including Egnyte Storage Sync, pfSense firewalls, and Synology NAS devices to deploy custom malware (BRICKSTORM, PLENET, AGENTPSD). The attackers exploited a compromised MSP and local privilege escalation misconfigurations to maintain long-term persistence, using the compromised devices to proxy traffic and bypass Microsoft 365 Conditional Access policies.
The Canadian Centre for Cyber Security released a daily digest highlighting vulnerabilities in Google Chrome, ABB T-MAC Plus control systems, and Phoenix Contact CHARX SEC-3xxx charging controllers. Organizations are advised to apply the latest patches and firmware updates to mitigate potential exploitation, particularly concerning an unauthenticated log download vulnerability in Phoenix Contact devices.
CISA has updated its Known Exploited Vulnerabilities (KEV) Catalog to include CVE-2022-0492, a Linux Kernel improper authentication vulnerability, and CVE-2025-48595, an Android Framework integer overflow vulnerability, citing evidence of active exploitation in the wild.
The Canadian Centre for Cyber Security published a daily digest of nine security advisories covering critical updates for major vendors including Microsoft, IBM, Dell, Ubuntu, Red Hat, Ivanti, and Plesk. Notably, the digest highlights that CVE-2026-41089, a Windows Netlogon Remote Code Execution vulnerability, is actively being exploited in the wild.
This report details primary attack vectors against containerized environments, focusing on container escapes, orchestration API abuse, and supply chain compromises. Threat actors exploit misconfigurations such as excessive Linux capabilities and exposed Docker sockets to break out of containers, while also targeting CI/CD pipelines and public image repositories to establish initial footholds.
Cisco Talos has introduced EvidenceForge, an open-source tool designed to generate high-fidelity, correlated synthetic security logs across multiple formats. The tool addresses the data bottleneck in detection engineering and SOC training by providing realistic datasets with causal ordering, background noise, and AI-assisted scenario authoring.
CrowdStrike, in collaboration with Google and Shadowserver, successfully dismantled the Glassworm botnet, a highly resilient threat targeting software developers. The threat actors utilized trojanized IDE extensions and malicious package dependencies to deploy GlasswormRAT, leveraging a complex C2 infrastructure spanning the Solana blockchain, BitTorrent DHT, and Google Calendar to maintain persistent access to developer environments.
In May 2026, ANY.RUN observed a surge in sophisticated phishing and malware campaigns utilizing fileless execution, browser-based credential theft, and legitimate workflow abuse. Key threats included Agent Tesla credential harvesting, ClickFix fileless malware, BlobPhish in-memory page generation, and phishing-to-RMM chains bypassing traditional MFA via real-time OTP interception.
CVE-2026-31431, dubbed Copy Fail, is a critical local privilege escalation vulnerability in the Linux kernel affecting distributions released since 2017. By abusing the AF_ALG socket interface and the authencesn cryptographic template, an attacker can perform a controlled write into the in-memory page cache of setuid binaries, gaining root access without altering on-disk files.
CVE-2026-31431, also known as Dirty Frag or Copy Fail, is a Linux kernel local privilege escalation vulnerability that allows attackers to write to read-only memory regions via page-cache abuse. Active exploitation was observed prior to the public embargo break, with threat actors deploying ELF binaries, Python scripts, and malicious PyPI packages to achieve root access, notably including adoption by the Multiverze trojan family.
A massive supply chain attack compromised over 700 historical versions of Laravel Lang packages, injecting an RCE backdoor via Composer's autoloader. The backdoor delivers a sophisticated, cross-platform PHP information stealer designed to harvest cloud credentials, CI/CD secrets, browser data, and local configuration files.
A widespread supply chain attack compromised hundreds of GitHub repositories by injecting malicious postinstall scripts into package.json files and GitHub Actions workflows. The payload uses curl to download a remote Linux binary disguised as an SSH daemon, primarily targeting PHP projects that bundle JavaScript build tools to bypass standard Composer dependency reviews.
A sophisticated attack campaign is targeting Ollama AI endpoints to deploy a custom Go-based P2P remote access Trojan (RAT) and cryptominer. The malware, named 'vc', leverages decentralized networking via libp2p to evade traditional C2 blocking and utilizes RAM disk execution and process masquerading to maintain stealth.
The Canadian Centre for Cyber Security released a daily digest of five security advisories on May 20, 2026. The advisories highlight critical and high-severity vulnerabilities across FreePBX, F5 NGINX, Google Chrome, HPE Aruba Networking products, and cPanel, urging administrators to apply vendor-supplied patches immediately to prevent potential exploitation.
Recent versions of the popular npm package node-ipc (9.1.6, 9.2.3, 12.0.1) were compromised to include an obfuscated credential stealer. The malware executes upon CommonJS module load, harvests sensitive developer and cloud credentials, and exfiltrates the compressed data via DNS TXT queries to attacker-controlled infrastructure.
The TeamPCP threat actor deployed the Mini Shai-Hulud worm in a sophisticated supply chain attack targeting the npm ecosystem via a GitHub Actions CI cache-poisoning technique. The malware steals credentials, establishes persistence via developer tools like VS Code and Claude Code, and features a destructive dead man switch that wipes the victim's home directory if access tokens are revoked.
The Talos Threat Source newsletter highlights an impending surge in software patching driven by AI vulnerability discovery tools. It also contrasts state-sponsored espionage tactics—which leverage valid credentials and native tools to bypass traditional defenses—with commodity ransomware, while summarizing recent supply chain compromises across developer platforms like Hugging Face and Jenkins.
SentinelLABS discovered PCPJack, a cloud-focused worm designed to harvest credentials at scale while actively evicting artifacts of a rival threat actor, TeamPCP. The framework targets exposed cloud services like Docker, Kubernetes, and Redis for propagation and lateral movement, notably omitting cryptomining payloads in favor of credential theft and Sliver C2 deployment.
A recent leak of internal communications and backend data from 'The Gentlemen' RaaS operation has revealed the group's highly structured operational model and mature toolset. The threat actors actively exploit edge appliances and NTLM relay vulnerabilities for initial access, followed by extensive use of red-team tools and custom EDR evasion techniques to deploy their cross-platform ransomware.
Project Zero researchers developed a 0-click exploit chain for the Google Pixel 10 by chaining a known Dolby vulnerability (CVE-2025-54957) with a newly discovered, trivial local privilege escalation flaw in the device's VPU driver. The VPU vulnerability allowed unbounded physical memory mapping via the mmap syscall, granting arbitrary read/write access to the kernel image and enabling full device compromise.
In Q1 2026, the ransomware ecosystem experienced significant consolidation, with top groups like Qilin, Akira, The Gentlemen, and LockBit 5.0 dominating the landscape. Notably, The Gentlemen leveraged a massive stockpile of pre-exploited FortiGate devices (CVE-2024-55591) to rapidly scale operations, while LockBit 5.0 returned with multi-platform capabilities and a strategic shift away from US targets to evade law enforcement.
Copy Fail and DirtyFrag are critical Linux kernel privilege escalation vulnerabilities that exploit page cache corruption via legitimate kernel interfaces like AF_ALG and splice(). These flaws allow local attackers to corrupt the in-memory view of setuid binaries or critical files like /etc/passwd to gain root access. Copy Fail has been exploited in the wild, prompting CISA to add it to the Known Exploited Vulnerabilities catalog.
The Canadian Centre for Cyber Security issued advisories for Microsoft Edge, cPanel/WHM, and critical Linux kernel vulnerabilities (CVE-2026-43284, CVE-2026-43500) dubbed 'Dirty Frag'. The Linux flaws allow local privilege escalation to root, have public PoCs, and currently lack a universal patch, requiring immediate module-disabling mitigations.
Akamai has disclosed CVE-2026-34354, a local privilege escalation vulnerability in the Guardicore Platform Agent and Zero Trust Client for macOS and Linux. The vulnerability leverages an unauthenticated IPC socket and a TOCTOU flaw to make root-owned files world-writable, alongside a secondary command injection vector in a diagnostic tool.
Kaspersky researchers discovered CVE-2025-68670, a pre-authentication Remote Code Execution (RCE) vulnerability in the xrdp server for Linux. The flaw stems from a stack buffer overflow in the xrdpwmparsedomaininformation function when processing specially crafted domain names during the Secure Settings Exchange phase, allowing an attacker to overwrite the return address and execute arbitrary code.
A supply chain attack utilizing five malicious NuGet packages typosquatting Chinese .NET libraries has been discovered distributing a cross-platform infostealer. The malware leverages .NET Reactor and JIT hooking via module initializers to execute automatically upon assembly load, targeting credentials and cryptocurrency wallets across developer workstations and CI/CD pipelines.
In Q1 2026, vulnerability registrations continued to rise, heavily influenced by AI-assisted discovery tools. Threat actors and APT groups actively exploited a mix of legacy and newly discovered vulnerabilities across Windows, Linux, and Microsoft Office, frequently utilizing C2 frameworks like Metasploit and Sliver to bypass authentication and gain initial access.
OceanLotus is suspected of orchestrating a PyPI supply chain attack using malicious wheel packages to deliver a novel cross-platform malware named ZiChatBot. The malware acts as a dropper for Windows and Linux systems, establishing persistence and utilizing the Zulip team chat application's REST APIs for command and control.
The Canadian Centre for Cyber Security released a daily digest highlighting three security advisories. The most critical is an actively exploited, unauthenticated buffer overflow vulnerability (CVE-2026-0300) affecting the Palo Alto Networks PAN-OS User-ID Authentication Portal. Additional routine security updates were announced for Google Chrome and VMware Tanzu GemFire Management Console.
Quasar Linux (QLNX) is an advanced, previously undocumented Linux Remote Access Trojan (RAT) designed to compromise developer workstations and facilitate supply chain attacks. It employs sophisticated evasion techniques, including fileless execution, process name spoofing, and dynamically compiled LD_PRELOAD and eBPF rootkits, alongside a PAM backdoor to harvest critical cloud and repository credentials.
CVE-2026-31431, dubbed 'Copy Fail', is a high-severity (CVSS 7.8) local privilege escalation vulnerability in the Linux kernel affecting distributions released since 2017. A reliable public PoC is available, allowing unprivileged local users to achieve root access by corrupting the kernel's in-memory page cache of privileged binaries. Immediate patching is recommended, particularly for multi-tenant and containerized environments.