< ciso
brief />
Telegram

Hello, stay ahead with CISO Brief 🚀

Every day the cybersecurity world moves fast — new incidents, evolving AI risks, changing regulations, and critical vendor updates. We cut through the noise to deliver only what matters most for your business and security strategy.

CISO Brief brings you a daily digest of high-signal news: major breaches, hyperscaler security releases, AI and compliance shifts, and the latest threat intelligence — all in one concise update.

Built for CISOs, CTOs, and architects, our goal is to save you time, reduce distraction, and keep you always on pulse with the risks and opportunities that shape tomorrow.

👉 Join our Telegram channel for your daily update — stay informed, stay ready.

Cybersecurity News Digest — Daily Briefings

Latest News

all posts →

KDDI breach may expose millions of ISP email logins

📧 KDDI Corporation disclosed a breach affecting an email system shared with five Japanese ISPs after discovering unauthorized access on June 17. The company attributes the intrusion to a vulnerability in unnamed third-party software and says it immediately blocked the attacker and implemented defenses. Up to 14.22 million current, former, and inactive customer email addresses and passwords may have been exposed, though some credentials were stored hashed or encrypted. KDDI is notifying regulators and working with affected ISPs while advising customers to reset passwords and enable 2FA where possible.
Data BreachCredential StuffingThird-Party Risk
read more →

Agentic coding tools tricked into running shell

🔎 Researchers at Mozilla's 0DIN demonstrated that an AI coding agent like Claude Code can be manipulated into executing a remote payload by following innocuous setup instructions in a clean GitHub repo. The approach uses three benign-looking components—a standard repo, an initialization error prompting a recommended command, and a script that pulls a command from a DNS TXT record—to spawn an interactive shell with developer privileges. 0DIN warns this chain leaves no explicit malicious code in the repo and is difficult for scanners or human reviewers to detect.
ClaudeAI Agent HijackingPrompt Injection Attack
read more →

OpenAI restricts GPT-5.6 Sol rollout amid safety checks

🛡️ OpenAI released three GPT-5.6 variants—Sol, Terra, and Luna—as a limited preview to select companies while engaging with the U.S. government. Sol is the flagship and most capable for cybersecurity work, Terra balances efficiency and power, and Luna is optimized for speed and cost. OpenAI emphasized strengthened safety controls, warned of potential legitimate-request blocks during preview, and plans a wider release in the coming weeks.
OpenAIProduct Launch
read more →

Critical PTC Windchill PLM Flaw Under Active Exploitation

🛡️ Hackers are exploiting a critical unsafe deserialization vulnerability in PTC Windchill and FlexPLM that enables remote code execution. The flaw, tracked as CVE-2026-12569 and scored 9.3 CVSS, affects the Windchill PDMLink web component. PTC issued mitigations and patches on June 17–19 and provided indicators of compromise after reports of web shell deployment. CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog.
Insecure DeserializationRemote Code ExecutionActive ExploitationCISA KEV
read more →

FBI warns Russian actors stealing Signal backup keys

🔐 The FBI and CISA warn that Russian-linked threat actors have shifted phishing tactics to steal Signal Backup Recovery Keys, enabling access to users' historical messages. The campaign, tracked as UNC5792 and UNC4221, targets high-value individuals including officials, journalists, and military personnel. Attackers impersonate Signal support, trick users into enabling backups and then request the recovery key to restore data to attacker-controlled devices. Authorities advise that official support never asks for codes or recovery keys and recommend reporting incidents to the FBI or CISA.
Russia-nexusPhishingCredential AccessAdvisory
read more →

CISA orders urgent patches for exploited Cisco and PLM flaws

🔔 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has set a June 28 deadline under BOD 26-04 for federal agencies to patch a critical Cisco Unified Communications Manager Server SSRF vulnerability, CVE-2026-20230, which is being actively exploited. Cisco released a patch on June 3 and labeled the issue critical after a proof-of-concept existed; subsequent reports showed active attacks writing arbitrary files. CISA also added a critical RCE flaw, CVE-2026-12569, affecting PTC Windchill and FlexPLM products to its Known Exploited Vulnerabilities list, requiring immediate remediation.
CiscoActive ExploitationCISA KEVPatch Tuesday
read more →

New VPC-SC Controls to Secure Agentic AI Workloads

🔒 Google Cloud announces new VPC Service Controls features to secure agentic AI deployments by enforcing network-level perimeters and integrating agent identities. These updates let administrators add agent principals and principalSets to ingress/egress rules, apply conditional rules based on MCP attributes like mcp.toolName and mcp.method, and automatically protect the Gemini Enterprise Agent Platform from public internet access. The enhancements are designed to complement IAM and resource policies to prevent exfiltration and tool misuse in production agent fleets.
Google CloudAgentic AIMCP SecurityAgent Security
read more →

Fraudulent OpenAI organization invites target security firms

🔔 Push Security discovered a campaign where attackers create fraudulent OpenAI tenants impersonating real companies and send legitimate-looking invites to employees. The invites originate from OpenAI notification addresses, pass authentication checks, and assign recipients Owner privileges within the fake organization. Attackers used Gmail accounts to pose as company executives and even attached a billing card to the tenant, likely to reduce suspicion. Push Security warns employees could be tricked into submitting sensitive data into the workspace and advises verification and monitoring of SaaS memberships.
OpenAIDomain ImpersonationBusiness Email CompromiseSaaS App Abuse
read more →

Optimizing PostgreSQL on Azure within VS Code

🔍 Microsoft highlights tighter integration for PostgreSQL on Azure by embedding performance tools directly into Visual Studio Code. The PostgreSQL extension centralizes query authoring, server metrics, Azure‑specific telemetry, and Azure Advisor recommendations to shorten detection-to-resolution time. Enhanced query plan visualization and AI‑assisted analysis help teams troubleshoot and tune queries faster, while schema‑aware authoring and Entra ID integration support secure, consistent workflows at enterprise scale.
MicrosoftAzureProduct Update
read more →

Meta Prototypes Facial Recognition for Authorities

🔎 Meta is prototyping facial recognition systems intended for use by police and military, reportedly working with a Pentagon supplier to develop tools that can identify people in real time. The project follows longstanding interest from agencies like ICE in deploying camera-equipped eyewear and other devices for live identification. Concerns persist about privacy, accuracy, and potential misuse as the company explores real-time identification capabilities.
MetaPrivacy Engineering
read more →

Create SQL-based alerts in Cloud Monitoring

📣 Google Cloud now lets you create alerts in Observability Analytics using SQL to query logs and traces. This preview feature runs scheduled SQL queries via BigQuery on telemetry linked datasets and supports row count and boolean conditions. When conditions are met, Cloud Monitoring opens incidents and notifies configured channels. Note that BigQuery execution costs apply under your billing model.
Google CloudBigQuery
read more →

Amazon EC2 R8g instances reach additional regions

🔔 Amazon EC2 R8g instances are now available in AWS Asia Pacific (Thailand, New Zealand), AWS Africa (Cape Town), AWS Europe (Milan), and AWS Canada West (Calgary). These instances use AWS Graviton4 processors and deliver up to 30% better performance than Graviton3-based instances, targeting memory-intensive workloads such as databases and real-time analytics. Built on the AWS Nitro System, R8g offers larger sizes, enhanced networking, and improved EBS bandwidth for demanding applications.
AWS EC2AWS
read more →

High-severity Amazon Q MCP flaw enables cloud theft

🛡️ A high-severity flaw in Amazon Q Developer allowed a malicious repository to spawn MCP servers and execute commands, exposing a developer's cloud credentials. Wiz Research discovered the issue and demonstrated that a single config file (.amazonq/mcp.json) in a cloned repo could trigger AWS credential theft. Amazon patched the vulnerability, tracked as CVE-2026-12957 (CVSS 8.5), and updated Language Servers for AWS and IDE plugins to require explicit consent for untrusted MCP servers.
WizMCP SecurityCloud Account Compromise
read more →

Linux pedit COW exploit lets local users gain root

⚠️ A critical memory-corruption bug in the Linux traffic-control subsystem (CVE-2026-46331, “pedit COW”) enables a local unprivileged user to gain root by corrupting shared page-cache memory. The flaw allows modification of a cached setuid binary image in memory without touching the on-disk file; a public exploit appeared within a day of CVE assignment. The exploit requires the act_pedit module be loadable and unprivileged user namespaces enabled; affected vendors have issued patches and mitigations.
Memory CorruptionPrivilege EscalationActive ExploitationZero-Day Exploitation
read more →

AI Adoption Is Accelerating Risks for SMEs

🔒 Small and mid-sized businesses are rapidly adopting AI, often ahead of large enterprises, and this pace is outstripping their ability to govern associated cyber risks. Shadow AI—employees using public tools without oversight—exposes customer data, financial records, and intellectual property, while attackers increasingly exploit these weaker links in supply chains. The author urges owners and CFOs to map AI use, restrict sensitive data, treat AI access like hires, and engage advisors who can secure AI adoption effectively.
AI SecurityInsider RiskSupply Chain CompromiseData Breach
read more →

Shai Hulud CI/CD to Redshift breach analysis

🔍 This FortiGuard Labs analysis examines the Shai Hulud supply chain worm that poisoned CI/CD dependencies to harvest Jenkins credentials and pivot into AWS. The report outlines a mid‑May 2026 incident where FortiCNAPP traced external use of a Jenkins instance role, IAM escalation to a cloudops-monitor identity, and subsequent Redshift data extraction. It highlights detection signals, MITRE mappings, and recommended containment actions.
FortinetSupply Chain CompromiseCI/CD SecurityAWS IAM
read more →

CISA Adds PTC Windchill RCE to KEV Catalog

🔒 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical RCE vulnerability affecting PTC Windchill PDMlink and PTC FlexPLM to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The flaw, tracked as CVE-2026-12569 with a CVSS score of 9.3, allows arbitrary code execution via improper input validation and deserialization of untrusted data. Patches were released last week, but PTC warns of ongoing attacks deploying JSP web shells and published IoCs and mitigations.
Active ExploitationRemote Code ExecutionInsecure DeserializationCISA KEV
read more →

DirtyClone Linux kernel flaw enables local root

🛡️ JFrog Security Research published a working exploit for DirtyClone (CVE-2026-43503) on June 25, demonstrating a local privilege escalation in the DirtyFrag family. The flaw lets a local user corrupt file-backed memory via cloned network packets to gain root; the upstream patch landed in mainline on May 21. Exploitation requires CAP_NET_ADMIN to configure an IPsec tunnel, and unprivileged user namespaces on Debian and Fedora enable the default attack path. Ubuntu 24.04+ mitigates the default vector via AppArmor restrictions.
Privilege EscalationVulnerability Disclosure
read more →