Hello, stay ahead with CISO Brief 🚀

⚙️ This announcement details Google Cloud’s updates to Managed Service for Apache Spark, now offered as Managed Spark clusters with serverless and managed modes. Key enhancements include Lightning Engine, a native C++ vectorized execution engine delivering up to 4.9x faster Spark performance, Flexible VMs for improved capacity resilience, and FinOps features like zero-scale clusters and scheduled stops. The release also adds the Model Context Protocol server and Data Agent Kit integrations to connect LLMs and developer tools securely to clusters, plus Lakehouse interoperability and Cluster Image 3.0 with Spark 4.1 preview.

🔐 This post introduces the new inbound federation Lambda trigger for Amazon Cognito, which intercepts external IdP responses so you can transform, filter, and enrich attributes before a user profile is created. It explains how the trigger receives SAML and OIDC attributes, and outlines common B2B and B2C problems such as oversized group lists and duplicate accounts from different social sign-ins. The article shows how to normalize group attributes, filter excessive data, and implement automated account linking to maintain a single primary identity. It also covers performance and error-handling best practices for Lambda functions.

🔒 A researcher discovered a vulnerability in Anthropic's Claude Code GitHub Action that allowed takeover of public repositories via a single opened GitHub issue. Anthropic patched the core bypass in January and released fixes in claude-code-action v1.0.94, rating the issue 7.8 under CVSS v4.0 and issuing a bounty. The flaw arose from overly permissive triggers that trusted actors ending in "[bot]" and example workflows allowing non-write users, enabling indirect prompt injection to exfiltrate environment secrets and OIDC credentials. Administrators should update to v1.0.94, audit workflows for untrusted inputs, and remove unnecessary permissions and tools to prevent exfiltration.

🛡️ Fortinet announces that FortiEDR earned certification in the AV‑Comparatives 2026 EDR Detection Validation Test, with the same EDR capabilities available via FortiEndpoint. The product demonstrated validated visibility across 12 of 14 attack stages, combining active alerts with telemetry to support investigation and threat hunting. AV‑Comparatives evaluated detection visibility mapped to the MITRE ATT&CK framework, highlighting strong coverage for service‑based staging, process injection, and server lateral movement.

🛡️ A forum tutorial by an actor named "Hercules" outlines a simple, practical workflow for scanning, validating, exploiting, and monetizing vulnerabilities, blending «legal» disclosure steps with clear illegal options. Flare researchers tracked the post and responses across multiple forums, noting demand for mentorship and the tutorial’s repeat reposting. The write-up highlights use of public tools like Nuclei, emphasizes accessibility for beginners, and explains monetization paths including direct extortion, underground sales, and asset resale. The analysis warns defenders that readable, motivational guides scale criminal capability and underscores the importance of effective vulnerability disclosure programs.

🛡️ Cisco patched a high-severity SSRF in Unified Communications Manager, while Russia reported large-scale mobile spyware targeting officials and ongoing investigations. Threat actors continue to distribute VIP Keylogger via layered social engineering and JavaScript loaders, and DriveSurge operates a widespread malware delivery network using ClickFix and FakeUpdates. U.S. sanctions hit major Iranian crypto exchanges; RMM and trusted tools are increasingly abused for persistence and privilege escalation.

🔒 Microsoft’s Detection and Response Team (DART) warns that AI adoption has introduced new attack surfaces, with threat actors weaponizing AI tools in social engineering and supply chains. A highlighted campaign, ‘JustAskJacky’, disguised a malicious AI assistant that installed a Java backdoor and persistence tasks. Experts urge organisations to assess nonstandard AI apps, enforce security reviews, and make AI risk a board-level priority.

🔧 Microsoft acknowledged and fixed an issue where a Windows Update caching misconfiguration caused some devices to install driver updates despite policies preventing auto-updates. The company said the caching service temporarily dropped device enrollment information, causing driver-approval controls to be bypassed. Microsoft updated the service cache and enrollment status, confirmed remediation, and is investigating root causes to prevent recurrence.

🛡️ Check Point Research and Exposure Management tracked a year-long rise in coordinated cyber threats aimed at FIFA World Cup 2026. Attackers have pre-positioned infrastructure across finance, travel and hospitality, and gambling, with active domains, fake apps, and social schemes ready to scale. The report highlights escalating fraud, domain impersonation, mobile-app impersonation, B2B spoofing risks, and potential operational impacts like ransomware and DDoS.

🛡️ FortiGuard Labs warns that cybercriminals are actively exploiting FIFA World Cup 2026 demand, registering thousands of themed domains and creating fake ticketing sites, malicious apps, and impersonation accounts to steal credentials and payments. Their research found over 13,000 new tournament-related domains and identified numerous scams across social media, underground forums, and stealer telemetry. Organizations and fans are urged to prepare early and verify official channels.

🔍 At Infosecurity Europe 2026, Bugcrowd unveiled ExploitBench, a graded benchmark assessing AI models' ability to chain vulnerability discovery into staged exploits against a vulnerable V8 build. Anthropic’s Claude Mythos outperformed OpenAI’s GPT‑5.5 in head‑to‑head runs, achieving higher average scores and more top‑tier exploits, often with occasional human nudges. The report highlights rising offensive potential of frontier LLMs and urges defenders to adopt automated remediation and prioritization.

🔒 Proton struggles to block criminals while preserving its core privacy guarantees. COO Raphael Auphan explained that the service cannot access encrypted message contents or geolocate users due to its end-to-end encryption model. Instead, Proton invests in account-level and behavioral defenses, including ML models to detect bot-driven sign-ups and abuse. Lawful takedown requests are handled only after Swiss authorities vet and validate them.

🔍 French and Spanish authorities dismantled an online marketplace selling counterfeit identity documents used by migrant smuggling rings across the EU. On May 27, police arrested a suspect in Alicante and seized document-production equipment and about 800 fake European IDs from an apartment rented under a false name. Europol said the platform provided forged physical and digital documents to facilitate border evasion, fraudulent residence claims, and secondary movements within the Schengen Area.

🔥 Tony Giandomenico of Cisco Talos discusses how endurance from Ironman training informs his approach to leading major cybersecurity product launches. He highlights rapid advances in frontier AI models, the evolving threat landscape, and the need to apply similar AI-driven speed to defensive tools. Tony explains Cisco Talos Threat Hunting, its focus on endpoint telemetry and expansion into firewalls and identity, and stresses communication, influence, and purpose as keys to sustaining focus across long careers.

🔍 Cisco Talos Threat Hunting adopts a hypothesis-first approach: rather than waiting for alert thresholds, analysts formulate theories about adversary behavior and search telemetry to validate them. Using AI for scale and human expertise for context, continuous hunts run across global telemetry to surface candidates that automated detection misses. Confirmed findings are reported with remediation guidance and feed back into detection tuning and product improvements.

🛡️ A high-severity RCE vulnerability in Hugging Face Transformers lets attackers leverage a hidden config field to execute remote code when loading models. The flaw abuses an underscore-prefixed parameter, _attn_implementation_internal, bypassing trust_remote_code=false and triggering unsandboxed kernel downloads. A silent patch was released in Transformers 5.3.0; users should upgrade and scan cached configs.

🔒 Hitachi Energy reported a heap-based buffer overflow in MACH HiDraw XML parser where an authenticated local user can trigger memory corruption using a crafted XML file. Successful exploitation may cause application crashes (DoS) or enable arbitrary code execution. A vendor fix is available in version 9.23; contact your local account team for upgrade assistance. CISA recommends network segmentation, firewall controls, and minimizing exposure of control systems to the internet.

🛡️ Hitachi Energy disclosed vulnerabilities in the ITT600 Explorer that can enable Denial of Service (DoS) via crafted IEC61850 messages when IEC61850 server simulation is used. A stack overflow in the libexpat library and uncontrolled recursion/resource allocation issues are identified; affected versions should be updated to 2.1 SP6 HF1 or later and plan for 2.2. CISA republishes the vendor advisory and recommends standard ICS network protections and patching.