
Loading summary
A
From the CISO series, it's Cybersecurity Headlines
B
these are the cybersecurity headlines for Thursday, June 25, 2026. I'm Sarah Lane. Copilot AI knocks down cybercrime tools Microsoft says its Copilot AI helped investigators connect two widely used cybercrime tools and Amaday and Steel C, letting the company disrupt their shared infrastructure and file a single lawsuit under the Racketeer Influenced and Corrupt Organizations, also known as the RICO Act, a US Law designed to prosecute organized criminal enterprises. Microsoft says the malware was linked to more than 140,000 infected computers in the first two weeks of May. The case shows how AI is helping investigators uncover connections across cybercrime networks that might otherwise be missed. Hackers exploit Cisco Zero day Google owned Mandiant says attackers exploited a previously unknown zero day flaw in Cisco's Catalyst SD WAN Manager to gain root level access to a communications service provider, potentially giving them broad visibility into traffic across the company's network. Cisco patched the vulnerability earlier this month, but Mandiant says the attackers used sophisticated anti forensics techniques to hide their activity, highlighting how unpatched edge networking devices are a favorite target for advanced cyber espionage groups. China's 360 says it matches Anthropic's mythos Chinese cybersecurity company 360 says it's developed AI tools to designed to match Anthropic's vulnerability funding model Mythos, arguing that China needs comparable capabilities after the US restricted exports of the technology over national security concerns. The company claims its too long Feng system has already found more than 3,400 software vulnerabilities, though Reuters says it couldn't independently verify those claims. What we do know is that AI powered cybersecurity tools are are now a part of the broader U.S. china Technology Competition. CISA warns of Lantronics exploit CISA is warning that attackers are actively exploiting a critical remote code execution flaw in Lentronic's EDS 5000 devices that can let attackers execute arbitrary commands with root privileges by injecting commands into the username field during failed logins. The agency also confirmed active exploitation of three critical ubiquiti unifi OS vulnerabilities that can be chained to gain full root access, urging organizations to apply the available patches as attackers continue targeting network infrastructure devices. Huge thanks to our sponsor Guardsquare, AI is speeding up development, but at what cost? While 96% of teams now use AI tools, 81% report that AI generated code has introduced new vulnerabilities into their mobile apps. In a world with automated threats, you need multi layered polymorphic security to stay ahead of the curve and you can learn more@guardsquare.com malicious open claw Skills threaten AI supply chain Palo Alto Networks Unit 42 researchers found five malicious third party skills in the Open Claw AI marketplace that bypassed automated security scans and could steal credentials, evade detection or manipulate AI agents for financial fraud. The skills have since been removed, but the researchers say the incident highlights a growing AI supply chain risk where seemingly legitimate plugins can abuse the broad access AI agents have to local files, credentials and connected services. AI browsers get tricked into leaks LayerX researchers say they found a new attack dubbed BioShocking that tricks AI powered browsers and assistants into abandoning their safety rules by convincing them they're playing a fictional game. In tests against six AI browsers and extensions that includes OpenAI's ChatGPT Atlas, Perplexity Comment and Anthropics Claude extension, every agent was persuaded to copy and exfiltrate login credentials from authenticated accounts. It's a new form of prompt injection that exploits an AI agent's understanding of context, but not a true vulnerability. The March toward Quantum Safe security New data from forescout researchers Vadir Labs finds that organizations are making progress towards post quantum cryptography, but the majority of Internet facing systems aren't prepared for quantum era threats. The number of SSH servers supporting quantum resistant cryptography grew 72% over the past year, but only 11.8% are currently PQC capable. Researchers warn that organizations need to start identifying and prioritizing corporate quantum vulnerable encryption now because migrating to quantum safe systems is expected to take years. New triage model reduces supply chain risk Researcher Devashri Datta has proposed a new framework called aivex that adds AI specific safety and operational context to existing software vulnerability scoring, arguing that today's CVSS severity ratings don't capture the real world risks of AI systems. The model, which is already being adopted by security vendors including Flexera and Ankor, is designed to help organizations prioritize vulnerabilities based not just on how severe they are, but on whether exploiting them could affect safety, critical AI systems that such as autonomous vehicles or robots or critical infrastructure. As always, if you have some thoughts on the news from today or about our show in general, be sure to reach out to us feedbackisoseries.com we always want to hear from you. I am Sarah Lane reporting for the CISO series. You stay classy and safe out there.
A
Cybersecurity headlines are available every weekday. Head to cisoseries.com for the full stories behind behind the Headlines.
Host: Sarah Lane (CISO Series)
Episode Theme:
A rapid-fire rundown of the latest security news, highlighting AI-assisted investigations, zero-day exploits, US-China technology rivalry, active vulnerabilities, the evolving AI supply chain threat, quantum-safe cryptography progress, and new frameworks for AI risk.
[00:08–01:08]
[01:09–01:56]
[01:57–02:38]
[02:39–03:16]
[03:38–04:14] (skipping ad segment as directed)
[04:15–04:52]
[04:53–05:24]
[05:25–05:57]