Daily Drop (1321)
06-20-26
Saturday, Jun 20, 2026 // Buy Bob a Coffee // Ghostwire
Unit 42 Warns of Large-Scale Credential Attacks Targeting Fortinet, Sophos, and MSSQL Services
Bottom Line Up Front (BLUF): Palo Alto Networks' Unit 42 has issued a threat brief on the ongoing FortiBleed campaign, a massive credential theft and password spraying operation targeting internet-exposed Fortinet SSL VPNs, Sophos devices, and MSSQL services. Threat actors are using previously compromised credentials and offline password cracking to build an expanding password corpus that enables persistent, high-privilege access across organizations worldwide. Unit 42 has also observed suspicious login activity in customer telemetry and is urging organizations to harden remote access services immediately.
Analyst Comments: The attackers are treating credentials as a renewable resource: stolen passwords are cracked, validated, and recycled into future password spraying operations, creating a compounding effect where each successful compromise fuels subsequent attacks. The mention of an Initial Access Broker (IAB) advertising harvested credentials on the Russian-language forum Exploit[.]in is noteworthy, although Unit 42 has not independently validated those claims. If accurate, it suggests the campaign is feeding into the broader cybercrime ecosystem, where compromised VPN and infrastructure credentials are sold to ransomware affiliates, espionage actors, and other threat groups.
READ THE STORY: Unit42
China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and Potential UEFI Bootkit Capability
Bottom Line Up Front (BLUF): ESET researchers have identified two previously undocumented Windows variants of the SprySOCKS backdoor, a malware family previously exclusive to Linux and attributed with high confidence to the China-linked FishMonger espionage group. The new variants, dubbed WIN_DRV and WIN_PLUS, target primarily government organizations in Honduras, Taiwan, Thailand, and Pakistan and significantly expand the group's cross-platform capabilities through kernel drivers, rootkit functionality, hidden network communications, and possible UEFI bootkit deployment.
Analyst Comments: The porting of SprySOCKS to Windows represents a notable evolution in FishMonger’s tooling and demonstrates continued investment in long-term espionage capabilities. The most concerning development is the WIN_DRV variant’s use of kernel drivers to hide processes, files, registry keys, and network connections while silently redirecting traffic to hidden backdoor ports. This is not commodity malware behavior; it is the kind of operational security typically associated with mature state-sponsored operators. The limited evidence suggesting potential exploitation of CVE-2023-24932 to deploy a UEFI bootkit is equally significant. UEFI-level persistence dramatically raises the cost and complexity of remediation, allowing attackers to survive reinstallation efforts and maintain long-term access to targeted networks. Even though ESET characterizes the evidence as limited, the possibility alone warrants attention from government and critical infrastructure defenders.
READ THE STORY: welivesecurity
Russia-Linked Hackers Breached NATO Networks; Evidence Remains Limited
Bottom Line Up Front (BLUF): The Odessa Journal, citing Eastern Herald, reports that Russia-linked hackers allegedly bypassed NATO cyber defenses and gained access to restricted systems within several NATO member states. If accurate, the incident would represent a significant cyber espionage escalation. However, the report provides few technical details, no named victims, and no official NATO confirmation, making independent verification difficult.
Analyst Comments: The allegations align with established Russian cyber objectives of long-term intelligence collection and pre-positioning within sensitive networks. However, extraordinary claims of breaching protected NATO systems require substantial evidence. At present, the report should be treated as unverified intelligence reporting rather than a confirmed cyber incident.
READ THE STORY: The Odessa Journal
History Shows Why AI Export Controls Struggle: Mythos Ban Echoes Encryption and Spyware Failures
Bottom Line Up Front (BLUF): The Trump administration’s emergency restriction on Anthropic’s Fable and Mythos models marks the first major attempt to apply traditional cyber export controls to frontier AI. History suggests such efforts rarely prevent the spread of dual-use technologies, instead creating compliance burdens, incentivizing workarounds, and potentially weakening domestic competitiveness while foreign capabilities continue to advance.
Analyst Comments: The Mythos ban is less about one model and more about whether governments can realistically contain software-based capabilities once they become strategically valuable. The U.S. tried this with strong encryption in the 1990s and with spyware exports under the Wassenaar Arrangement, with mixed to poor results. Encryption proliferated despite export restrictions, and spyware vendors routinely relocated to jurisdictions with weaker oversight. The same dynamics likely apply to AI. Frontier models are expensive to train, but capabilities diffuse quickly through talent movement, research publication, model distillation, and international competition. Restricting access to U.S. models may temporarily delay proliferation, but it is unlikely to stop determined state or commercial actors from achieving similar capabilities independently.
READ THE STORY: TC
ShinyHunters Leaks Madison Square Garden Data After Alleged June 5 Breach
Bottom Line Up Front (BLUF): ShinyHunters has published data allegedly stolen from Madison Square Garden, including customer communications and files referencing Knicks-related personalities, talent details, addresses, representative contacts, and risk labels. The leak appears tied to an extortion attempt after MSG allegedly declined to pay.
Analyst Comments: Talent rosters, contact details, pricing, internal classifications, and customer emails can be abused for phishing, impersonation, harassment, and social engineering. The Knicks’ NBA Finals win likely increases media attention and attacker leverage, but the alleged breach date of June 5 suggests the compromise may have preceded the championship spotlight. ShinyHunters’ involvement matters. The group has a history of high-profile data theft and extortion, so defenders should treat the leak as credible until disproven. MSG should assume exposed contacts may receive targeted phishing and fraud attempts using real internal data as lure material.
READ THE STORY: 404
Vidar Infostealer Bypasses Chrome ABE Protections Using APC Injection
Bottom Line Up Front (BLUF): Vidar operators have developed a technique to bypass Google Chrome’s Application-Bound Encryption (ABE) by extracting the browser’s master decryption key from live memory. The malware uses process forking, memory scanning, and APC injection to execute decryption inside Chrome’s process context, allowing theft of cookies and stored credentials protected by ABE.
Analyst Comments: Chrome’s ABE raised the bar by preventing simple offline decryption of browser secrets, but Vidar sidesteps the control by moving into the browser’s runtime environment where the key can still be decrypted legitimately. The key point: this is not breaking Chrome encryption outright. It is abusing trusted Windows and browser process behavior to make Chrome decrypt its own protected material. That makes detection harder because the technique leans on legitimate APIs such as NtCreateProcessEx, NtQueryVirtualMemory, NtReadVirtualMemory, and APC queuing rather than noisy, traditional code injection.
READ THE STORY: GBhackers
MDR Provider Response Times Vary Widely as Organizations Continue to Struggle With Threat Detection Speed
Bottom Line Up Front (BLUF): A comparison of major Managed Detection and Response (MDR) providers found significant differences in mean time to respond (MTTR), with publicly reported response timelines ranging from six minutes to several days. The analysis, benchmarked against Verizon's 2025 Data Breach Investigations Report (DBIR), highlights a persistent industry challenge: organizations still take a median of 16 hours to detect active threats, allowing attackers substantial dwell time before containment measures begin.
Analyst Comments: Speed remains one of the most meaningful metrics in incident response because attacker success is largely determined by dwell time. Whether the threat is ransomware, credential theft, or data exfiltration, every additional hour of undetected access increases the likelihood of lateral movement, persistence, and broader business impact. However, MTTR figures should be interpreted cautiously. Vendors often measure response speed differently, and aggressive automation can improve response times at the expense of false positives. Conversely, analyst-driven investigations may take longer but provide more accurate containment decisions. The operational question for organizations is not simply who is fastest, but which response model aligns with their risk tolerance and staffing capabilities.
READ THE STORY: HR
Malicious npm Packages Can Hijack Claude Code MCP and Steal Persistent OAuth Tokens
Bottom Line Up Front (BLUF): Mitiga Labs demonstrated an attack chain that uses a malicious npm package to silently modify Claude Code's Model Context Protocol (MCP) configuration and redirect OAuth traffic through attacker-controlled infrastructure. The technique allows interception of persistent bearer and refresh tokens for SaaS platforms such as Jira, Confluence, and GitHub, potentially granting long-term access to enterprise environments. Anthropic acknowledged the report but classified it as out of scope because the attack requires initial code execution on the endpoint.
Analyst Comments: The initial compromise vector—a malicious npm package with a postinstall hook—is well understood. The innovation is what happens next: the attacker inherits the user’s trust posture, persistently rewrites MCP endpoints, and captures OAuth tokens that continue to appear legitimate to service providers. The most concerning aspect is attribution and detection. SaaS providers see a real user, valid OAuth tokens, and requests originating from Anthropic’s trusted egress infrastructure. Traditional indicators such as suspicious IP addresses, impossible travel, or invalid credentials are unlikely to trigger. The compromise lives entirely within local Claude Code configuration files, meaning organizations must shift toward configuration integrity monitoring and behavioral analytics.
READ THE STORY: CyberPress
Gravity SMTP Flaw Exposes API Keys on 100,000+ WordPress Sites; Mass Exploitation Already Underway
Bottom Line Up Front (BLUF): Threat actors are actively exploiting a medium-severity information disclosure vulnerability in the Gravity SMTP WordPress plugin (CVE-2026-4020, CVSS 5.3), affecting approximately 100,000 websites. The flaw allows unauthenticated attackers to retrieve sensitive system information, including API keys, OAuth tokens, and detailed server configuration data through an exposed REST API endpoint. Wordfence has blocked more than 17 million exploitation attempts, with activity peaking at over four million requests in a single day.
Analyst Comments: Although CVE-2026-4020 carries only a medium CVSS score, its operational impact is potentially significant because it exposes live credentials rather than merely leaking metadata. This is a classic example of why information disclosure vulnerabilities are often underestimated. Exposed email service credentials could enable attackers to send phishing emails from trusted domains, conduct business email compromise (BEC) operations, or abuse email infrastructure for spam campaigns.
READ THE STORY: THN
FortiBleed Exposes Industrial-Scale Credential Spraying Against Fortinet VPNs Across 21,000+ Organizations
Bottom Line Up Front (BLUF): Researchers uncovered an exposed attacker infrastructure dubbed FortiBleed, revealing a massive credential-spraying operation targeting Fortinet SSL VPNs, Sophos portals, and MSSQL servers worldwide. The campaign conducted billions of login attempts, leveraged network sniffers and GPU-based password cracking, and allegedly compromised organizations across multiple countries. The findings underscore that internet-exposed VPN infrastructure remains a high-value target and that compromised credentials continue to be the primary initial access vector.
Analyst Comments: The reported scale is significant: more than 1.16 billion FortiGate login combinations and 2.1 billion MSSQL authentication attempts executed through highly parallelized tooling. The operation demonstrates how attackers increasingly treat credential theft and password spraying as a manufacturing process rather than a targeted intrusion activity. Perhaps the most concerning finding is the overlap between exposed FortiGate devices and existing compromise indicators. According to the report, 88% of sampled organizations appeared in breach or stealer-log datasets, and 38% had active infostealer infections. This reinforces a growing trend in intrusion operations: attackers correlate multiple sources of compromised credentials, replay VPN session cookies, and move rapidly from perimeter access to Active Directory compromise.
READ THE STORY: SA
AutoJack Exploit Chain Enables Zero-Click RCE Against Microsoft AutoGen Studio Browsing Agents
Bottom Line Up Front (BLUF): Researchers disclosed a critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft AutoGen Studio's browsing agent and execute arbitrary code on the host machine without user interaction beyond submitting a URL. The attack chains three vulnerabilities in AutoGen Studio's Model Context Protocol (MCP) WebSocket implementation to bypass localhost protections, evade authentication, and achieve OS command execution. Developers building from source are most at risk, while the vulnerable MCP surface was reportedly never shipped in the current PyPI release (autogenstudio 0.4.2.2).
Analyst Comments: AutoJack is an early example of a new class of vulnerabilities emerging in AI agent frameworks: agent-mediated localhost compromise. Traditionally, localhost has been treated as a trusted security boundary because external websites cannot directly access services running on 127.0.0.1. AI browsing agents fundamentally change that assumption. The exploit is notable because it requires neither phishing attachments nor user approval prompts. Instead, the AI agent becomes the attacker’s proxy. Once the agent renders malicious content, its inherited localhost identity allows attacker-controlled JavaScript to communicate with privileged local services that were never designed to face hostile web content.
READ THE STORY: Ghostwire
Texas TPWD Vendor Breach Exposes 3 Million Customer Records
Bottom Line Up Front (BLUF): A third-party vendor breach affecting the Texas Parks and Wildlife Department exposed personal records for 3,087,721 customers. The stolen data includes driver’s license details, passport numbers where provided, emails, phone numbers, and residential addresses. TPWD says Social Security numbers, dates of birth, and credit card data were not compromised.
Analyst Comments: Driver’s license data, addresses, phone numbers, and email addresses are more than enough for convincing impersonation, account recovery abuse, and targeted scams posing as TPWD, license vendors, law enforcement, or state agencies. The vendor angle matters. TPWD did not need to be directly breached for millions of customers to be exposed, which is exactly why third-party access and data retention deserve hard scrutiny. Hunters, anglers, and TPWD employees who used the same licensing systems should expect follow-on phishing attempts.
READ THE STORY: GBhackers
Items of interest
Go Security Pitfalls Persist: GolangConf Presentation Highlights Injection, Request Smuggling, and Authentication Risks
Bottom Line Up Front (BLUF): A presentation by MTS Web Services Application Security Engineer Georgy Fateev warns that Go’s simplicity and strong standard library do not inherently produce secure applications. Common vulnerabilities—including command injection, SQL injection, HTTP request smuggling, insecure logging, and authentication flaws—continue to affect production Go environments. The presentation emphasizes that secure development depends more on engineering discipline, testing, and security culture than on language choice.
Analyst Comments: The presentation’s emphasis on “never trust user input” remains highly relevant, as injection-based vulnerabilities continue to drive breaches despite decades of awareness. The recommendation to use reachability-based dependency analysis tools such as govulncheck is particularly noteworthy because it reduces alert fatigue by prioritizing vulnerabilities that are actually exploitable within an application’s code path. The discussion of HTTP request smuggling is also timely. Misconfigurations between reverse proxies and backend services remain a frequent source of high-impact vulnerabilities capable of enabling authentication bypass and request desynchronization attacks. Likewise, insecure logging practices continue to be an underappreciated source of credential exposure and compliance violations.
READ THE STORY: HABR
The GO Situation Is CRAZY... (Video)
FROM THE MEDIA: The video correctly identifies a real concern—software supply-chain attacks in the Go ecosystem
What is LLM Distillation?(Video)
FROM THE MEDIA: Welcome to another Software Architecture in Go/Golang video, in today's episode I'm discussing Security, specifically in the context of Dependencies, this is narrowed down to Standard Library Packages and Third Party Packages.
The selected stories cover a broad range of cyber threats and are intended to help readers frame key publicly discussed threats and improve overall situational awareness. InfoDom Securities does not endorse any third-party claims made in its original material or related links on its sites; the opinions expressed by third parties are theirs alone. For further questions, don’t hesitate to get in touch with InfoDom Securities at dominanceinformation@gmail.com.


