06/17/2026-06/24/2026 Cisco Unified CM Flaw Exploited, Malicious npm Packages, 4,300+ Outdated Routers Hijacked And More.

1. Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Threat actors are actively exploiting a critical Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME) vulnerability, tracked as CVE-2026-20230 (CVSS 8.6). The flaw stems from improper input validation in HTTP requests, enabling unauthenticated attackers to perform server-side request forgery (SSRF) attacks and write files to the underlying operating system, potentially leading to root-level access.

Security researchers at Defused Cyber observed real-world exploitation attempts using publicly available proof-of-concept code. However, attacks are only possible when the Cisco WebDialer service is enabled, which is disabled by default. Administrators should verify the service status through Cisco Unified Serviceability and disable it if immediate patching is not possible.

Cisco has fixed the vulnerability in Unified CM and Unified CM SME versions 14SU6 and 15SU5. Additional research from SSD Secure Disclosure indicates attackers can leverage the WebDialer component to write arbitrary files and potentially achieve remote code execution.

2. Malicious npm Packages Use PowerShell and VBS Chain to Drop Windows RAT

Threat actors are increasingly targeting developers through malicious npm packages. Researchers recently discovered a campaign using a typosquatted package, postcss-minify-selector-parser, to deliver a multi-stage Windows Remote Access Trojan (RAT). The package closely imitates the legitimate postcss-selector-parser, a widely used JavaScript dependency with over 150 million weekly downloads, making it difficult to spot during routine reviews. When imported, the package executes hidden JavaScript code that decrypts an embedded payload, writes a PowerShell script to disk, and runs it while bypassing execution policies. The script then downloads additional malware from the deceptive domain nvidiadriver[.]net, disguising files as Windows updates.

Once installed, the RAT performs extensive system profiling to detect virtual machines and security analysis environments. If no threats are detected, it establishes persistence and waits for commands. The malware primarily targets Google Chrome, stealing saved credentials and browser data using advanced decryption techniques before exfiltrating the information through encrypted command-and-control channels.

3. GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

GitHub is enhancing software supply chain security by updating actions/checkout to block “pwn request” attacks that exploit insecure use of the pull_request_target workflow trigger. Starting June 18, 2026, actions/checkout v7 will refuse to fetch code from forked pull requests in pull_request_target and certain workflow_run workflows when unsafe checkout patterns are detected. The protection will be backported to supported versions on July 16, 2026.

The change addresses a common attack scenario where untrusted code from a forked repository is executed with the base repository’s privileges, potentially exposing secrets, write-enabled GITHUB_TOKENs, and other sensitive resources. Such attacks have been linked to several recent software supply chain compromises.

Developers can override the protection by explicitly enabling the allow-unsafe-pr-checkout flag, though this is discouraged. GitHub recommends using pull_request instead of pull_request_target when elevated permissions are unnecessary, limiting workflow permissions, and carefully reviewing workflows that process untrusted code. The update serves as an important safeguard, but not a complete security solution.

4. 4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware

QiAnXin’s XLab detected IP 107.150.106.14 spreading a zero-detection Linux binary through two old vulnerabilities — CVE-2013-3307 and CVE-2016-5681 — targeting Realtek RTL819X-based routers, mainstream hardware from 2012–2015 that has received no firmware updates since. XLab named the malware AryStinger, after a source code path referencing “Ary-Attack.”

Unlike typical IoT malware, AryStinger doesn’t encrypt files or mine crypto. Instead, it turns infected routers into Executor nodes that perform distributed reconnaissance — port scanning, service identification, and subdomain enumeration — while hiding the attacker’s real location behind a relay layer.

Over 4,300 routers are currently compromised, predominantly D-Link DIR-850L devices. South Korea accounts for 48% of infections, followed by China at 32%. XLab has not attributed the campaign to any known threat actor, and the investigation remains ongoing.

5. F5 Patches Critical, High-Severity NGINX Vulnerabilities

F5 released out-of-band security updates addressing multiple NGINX vulnerabilities, including two critical flaws — CVE-2026-42530 and CVE-2026-42055 (CVSS 9.2) — affecting HTTP modules. Both can be exploited without authentication to trigger a use-after-free or heap-based buffer overflow, causing the NGINX worker process to restart and resulting in denial-of-service. If ASLR is disabled or bypassed, arbitrary code execution is also possible.

Patches cover NGINX Plus, NGINX Open Source, and NGINX Gateway Fabric. Two high-severity flaws — CVE-2026-11311 and CVE-2026-50107 — in NGINX Gateway Fabric allow authenticated attackers to inject arbitrary configuration directives, potentially exposing sensitive data, proxying traffic to attacker-controlled endpoints, or causing DoS. Two additional medium-severity bugs enable memory disclosure or worker process restarts.

F5 reports no active exploitation, but urges prompt patching given NGINX’s recent targeting in attacks.

6. Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Threat actors are actively exploiting CVE-2026-4020 (CVSS 5.3), an information disclosure flaw in Gravity SMTP, a WordPress plugin with roughly 100,000 installations. An unauthenticated attacker can send a GET request to the plugin’s REST API endpoint with the ?page=gravitysmtp-settings parameter, triggering a 365 KB JSON response containing PHP version, active plugins, database details, WordPress configuration, and live API credentials for services including Amazon SES, Google, Mailjet, and Zoho.

Exposed credentials enable attackers to abuse connected email services or map the site’s software stack for follow-on attacks. Wordfence has blocked over 17 million exploit attempts since May 2026, peaking at 4 million requests per day in early June.

A patch is available in version 2.1.5. Site owners should update immediately, rotate all configured API credentials, and review server logs for requests from known attacker IPs.

06/10/2026-06/17/2026 Three Critical Forti Sandbox Bugs, LiteSpeed cPanel Plugin Flaw, Over 400 Arch Linux AUR Packages Hijacked And More.

1. Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

Three vulnerabilities in Fortinet FortiSandbox, including one patched just last week, are already being actively exploited, according to cybersecurity firm Defused Cyber.
Two flaws—CVE-2026-39813 (CVSS 9.1), a path traversal vulnerability, and CVE-2026-39808 (CVSS 9.8), an OS command injection flaw—allow unauthenticated attackers to achieve code execution through crafted HTTP requests. Both vulnerabilities have had patches available since April.

The third flaw, CVE-2026-25089, affects FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. It is an OS command injection vulnerability that enables unauthenticated attackers to execute unauthorized commands via specially crafted HTTP requests. Despite being patched only last week, it is already being exploited in the wild.

Researchers also noted that the exploit for CVE-2026-25089 appears to have been developed with AI assistance and contains bugs, yet attackers are still targeting unpatched systems. The incidents underscore how rapidly attackers are weaponizing newly disclosed vulnerabilities, leaving organizations with increasingly narrow patching windows.

2. CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

CISA has added a LiteSpeed cPanel Plugin vulnerability, CVE-2026-54420 (CVSS 8.5), to its KEV catalog. Federal agencies must apply fixes by June 18, 2026.
The flaw is a privilege-escalation issue affecting shared hosting servers running CloudLinux or CageFS. Attackers with FTP or web shell access can potentially gain root privileges due to improper handling of user-provided symlinks in LiteSpeed cPanel Plugin versions before 2.4.8. Although active exploitation details remain unclear, LiteSpeed recommends checking affected servers using a provided grep command. No output indicates the server is likely unaffected, while output should be reviewed against additional indicators to rule out false positives.

The issue was reported by Namecheap on May 31, 2026. Users should upgrade to LiteSpeed WHM Plugin 5.3.2.1 (including cPanel Plugin 2.4.8) or later to remediate the vulnerability.

3. Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

Attackers hijacked more than 400 packages in the Arch User Repository (AUR), modifying build scripts to install malware that steals credentials from systems that build or update affected packages. The official Arch Linux repositories were not impacted.

Dubbed Atomic Arch by Sonatype, the campaign targeted abandoned AUR packages that attackers adopted and modified. Malicious code was inserted into PKGBUILD and install scripts, causing systems to download and execute a Rust-based credential stealer through malicious npm packages such as atomic-lockfile. The malware targets browser cookies, developer tokens, SSH keys, cloud credentials, and messaging app sessions. When run with root privileges, it can also deploy an optional eBPF rootkit for stealth and persistence.

Researchers identified more than 400 compromised packages, with additional malicious packages linked to a second payload distributed through js-digest. Users who installed or updated AUR packages after June 11 should review affected package lists, rotate credentials, check for persistence mechanisms, and consider rebuilding compromised systems from trusted media.

4. OptinMonster Plugin Hack Exposes 1.2 Million WordPress Sites to Cyberattack

A major supply chain attack has exposed more than 1.2 million WordPress websites after attackers injected malicious code into JavaScript files distributed through trusted CDN infrastructure. Security researchers at Sansec found that popular Awesome Motive plugins, including OptinMonster, TrustPulse, and PushEngage, were affected.

Instead of targeting websites directly, attackers compromised JavaScript files hosted on Awesome Motive’s CDN. Any site loading these files unknowingly executed the malware. The payload activates only when a WordPress administrator is logged in, helping it evade detection.

Once active, the malware collects site data, steals authentication tokens, and creates unauthorized administrator accounts such as developer_api1 or randomly generated dev_xxxxxx accounts. Stolen data is encrypted and sent to the command-and-control domain tidio.cc.

Attackers also install hidden backdoor plugins, including content-delivery-helper and database-optimizer, enabling remote code execution and long-term access. Organizations should check for these indicators and suspicious administrator accounts immediately.

5. CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

Cisco has warned that CVE-2026-20262, an actively exploited vulnerability in Cisco Catalyst SD-WAN Manager, could allow authenticated attackers to create or overwrite files on affected systems. The flaw, rated CVSS 6.5, stems from improper validation of user input during file uploads in the web interface.

By sending a crafted HTTP request to a vulnerable API endpoint, an attacker with valid low-privileged credentials and write access can perform arbitrary file writes. These files may then be used to escalate privileges to root, potentially leading to full system compromise. Cisco’s Product Security Incident Response Team (PSIRT) has observed limited exploitation of the flaw since June 2026 and strongly recommends upgrading to a patched software version. While technical details of the attacks have not been disclosed, the targeted nature of the activity suggests involvement by a sophisticated threat actor. CISA has added CVE-2026-20262 to its KEV catalog and ordered federal agencies to apply fixes by June 29, 2026.

6. North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have identified two malicious campaigns linked to the North Korean threat cluster known as Contagious Interview. Proofpoint reports the activity, dubbed UNK_DeadDrop, uses recruitment-themed phishing emails posing as developer job offers or code reviews to target nearly 100 organizations across finance, crypto, education, and tech.

The infection chain begins with emails linking to attacker-controlled GitHub repositories containing malicious scripts. Victims are instructed to open projects in VS Code, triggering cross-platform malware for Windows, macOS, and Linux, including a modified Overlord framework. A key technique uses VS Code’s “runOn: folderOpen” feature to execute code automatically when a project is opened.

The malware installs loaders that deploy a malicious VSIX extension disguised as a Google service, enabling remote command execution, data theft, and credential harvesting, particularly from crypto wallets. Stolen data is exfiltrated to a command-and-control server. Researchers note the campaign has evolved from social-media-based fake interviews to large-scale email phishing, indicating increasing operational scale and sophistication among North Korean-aligned actors.

06/03/2026-06/10/2026 Microsoft Patches Record 206 Flaws, New Veeam Vulnerability, LiteLLM Vulnerability And More.

1. Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

Microsoft’s June 2026 Patch Tuesday addresses a record 206 vulnerabilities — 39 Critical, 167 Important — spanning privilege escalation, RCE, information disclosure, and spoofing flaws, plus two non-Microsoft CVEs and over 350 Chromium fixes bundled with Edge.

The most severe is CVE-2026-45657 (CVSS 9.8), a Windows Kernel use-after-free enabling unauthenticated RCE via malicious TCP/IP traffic. Also critical: CVE-2026-47291 (CVSS 9.8) in HTTP.sys and CVE-2026-44815 (CVSS 9.8), a DHCP Client buffer overflow requiring no credentials or user interaction.

Three publicly disclosed zero-days are patched: CVE-2026-50507 (BitLocker bypass “bitskrieg”), CVE-2026-45586 (CTFMON privilege escalation, linked to “GreenPlasma”), and CVE-2026-49160 (HTTP.sys DoS tied to the HTTP2/Bomb technique, which can exhaust 64 GB RAM in ~45 seconds). The update also fixes “MiniPlasma,” an incomplete patch from December 2020. BitLocker bypass CVE-2026-45585 (“YellowKey”, CVSS 6.8) is additionally addressed.

The record patch volume is attributed to AI-assisted vulnerability discovery, a trend researchers expect to accelerate.

2. Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six vulnerabilities (collectively “Proto6”) have been discovered in protobuf.js, a JavaScript/TypeScript implementation of Google’s Protocol Buffers serialization library, enabling RCE and DoS attacks against Node.js applications, Google Cloud client libraries, messaging frameworks like Baileys, and CI/CD pipelines.

The six CVEs range from CVSS 5.3 to 8.7:

• CVE-2026-44289/44290 (CVSS 7.5): DoS via unbounded recursion and unsafe option paths
• CVE-2026-44292/44294 (CVSS 5.3): Prototype injection and DoS from crafted field names
• CVE-2026-44291 (CVSS 8.1): Code execution via prototype pollution gadget — the most severe
• CVE-2026-44295 (CVSS 8.7): Code injection in static output from malicious schema names

All flaws stem from the library treating schemas and metadata as trusted by default. CVE-2026-44291 is particularly dangerous: attacker-controlled input can pollute Object.prototype, causing protobuf.js to compile arbitrary JavaScript via Function().
Affected versions: protobufjs ≤7.5.5 / 8.0.0–8.0.1 and protobufjs-cli ≤1.2.0 / 2.0.0–2.0.1. Patches are available in protobufjs 7.5.6/8.0.2 and protobufjs-cli 1.2.1/2.0.2.

3. New Veeam Vulnerability Exposes Backup Servers to RCE Attacks

Veeam has patched CVE-2026-44963 (critical), an RCE vulnerability in Backup & Replication (VBR) affecting all version 12 builds up to 12.3.2.4465, discovered by WatchTowr researcher Sina Kheirkhah. Any authenticated low-privileged domain user can exploit it — but only on domain-joined servers, contrary to Veeam’s own workgroup deployment guidance. Version 13.x is unaffected. The fix is in version 12.3.2.4854.

No active exploitation has been reported, though Veeam warns attackers routinely reverse-engineer patches to target unpatched systems.

VBR is a persistent ransomware target: compromising backup servers enables data theft, lateral movement, and destruction of recovery options. CISA has listed four VBR flaws as actively exploited; Akira, Fog, Frag, Cuba, and FIN7-linked groups have all previously weaponized critical VBR RCE bugs — most recently CVE-2024-40711 in late 2024. Veeam serves 550,000+ customers globally, including 82% of Fortune 500 companies.

4. New Shai-Hulud Attack Trojanizes 19 Science-Focused PyPI Packages

A new wave of the Shai-Hulud supply-chain campaign has compromised 19 PyPI packages — including popular bioinformatics tools Dynamo, Spateo, CoolBox, U-FISH, and Napari-UFISH — across 37 malicious releases, collectively downloaded hundreds of thousands of times.

Discovered by Socket, the attack plants a *-setup.pth file and obfuscated _index.js payload inside compromised wheels. Simply starting Python triggers the PTH file, which downloads the Bun JavaScript runtime from GitHub to execute the script — activating silently during pip installs, test runs, or CI jobs.

The malware targets a broad range of developer secrets: GitHub tokens, npm/PyPI/RubyGems publishing tokens, AWS/GCP/Azure/Kubernetes credentials, SSH keys, Docker credentials, shell histories, and Claude/MCP config files. Exfiltration uses auto-created GitHub repositories; a secondary HTTPS channel mimics an Anthropic API endpoint for camouflage. Persistence is established via systemd (Linux) or LaunchAgents (macOS).

Shai-Hulud’s total attributed artifacts now stand at 453. Affected organizations should rotate all secrets and restore from clean backups.

5. LiteLLM Vulnerability Under Active Attack, CISA Warns (CVE-2026-42271)

CISA has added CVE-2026-42271, a command injection flaw in BerryAI’s LiteLLM AI gateway, to its Known Exploited Vulnerabilities catalog. LiteLLM is a widely used open-source library providing a unified interface for multiple LLM APIs.

The vulnerability, disclosed April 2026, stems from two MCP server test endpoints (POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list) that accepted full server configurations — including command, args, and env fields — and spawned supplied commands as subprocesses with proxy privileges. Exploitation required only a valid API key with no role check.

The attack bar drops further when chained with CVE-2026-48710 (“BadHost”), an authentication bypass in the Starlette framework that LiteLLM depends on, enabling unauthenticated RCE. Successful exploitation allows arbitrary command execution, credential theft, lateral movement into connected AI infrastructure, and downstream system compromise.

Fixes are available in LiteLLM v1.83.7 and Starlette v1.0.1. CISA has ordered federal agencies to patch by June 22. This marks the second weaponized LiteLLM flaw within a month.

6. CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog

CISA has added CVE-2026-28318 (CVSS 7.5), a denial-of-service vulnerability in SolarWinds Serv-U file server software, to its KEV catalog due to active exploitation.
The flaw is an uncontrolled resource consumption bug: unauthenticated attackers can crash the Serv-U service by sending specially crafted POST requests using Content-Encoding: deflate. No credentials or user interaction are required.

SolarWinds published an advisory this week confirming the issue. CISA’s cataloging indicates the vulnerability is being actively leveraged in the wild, and federal civilian agencies are required to remediate it within the standard KEV deadline. Users are advised to apply available patches immediately.