I go through about 25 cybersecurity news portals and blogs every week and pull out the most interesting stories. Then I turn them into this short, digestible summary, so you can stay up to date without trying to follow 25 different sources yourself. đŸ˜±

My aim is to create a summary that gives you the gist without needing to open up the source article. But if you do want to dig deeper, all the sources covering the event are linked below each story.

If you enjoy these, come back next Monday

scroll to the bottom to subscribe to the e-mail newsletter.

Grafana Labs Discovers a Source Code Breach After Canary Token Triggers Alert

Grafana Labs disclosed that an attacker obtained a privileged GitHub token and used it to download the company’s private codebase. Grafana said it invalidated the credentials, removed the vulnerable automation, and refused an extortion demand, reporting no evidence of customer data access or impact to customer systems.

Key Details

  • Grafana detected the intrusion when a deployed canary token was triggered, prompting an immediate incident response and forensic investigation.
  • Grafana said the attacker deleted their forked repository after extracting secrets and then used the compromised credentials to repeat the activity against four additional private repositories.
  • Grafana stated it rejected a ransom demand, citing FBI guidance that paying does not guarantee data recovery or non-disclosure.

Next Steps

  • Consider adopting canary tokens for breach discovery.

Read more at Hackread, Cyber Security News, The Hacker News

OpenAI Launches Daybreak, an AI Platform for Finding and Fixing Code Vulnerabilities

OpenAI launched Daybreak, a cybersecurity platform that uses GPT-5.5 and Codex Security to help teams triage vulnerabilities and generate/test fixes directly in their repositories. It also ships with tiered access controls (including a restricted “GPT-5.5-Cyber” tier) aimed at enabling advanced defensive workflows while limiting dual-use exposure.

Key Details

  • Daybreak is positioned to support multiple SecOps/AppSec workflows, including secure code review, vulnerability triage, patch validation, and detection engineering (as well as threat modeling, malware analysis, and dependency risk analysis).
  • The platform’s “Codex Security” component can construct an editable threat model from an organization’s source repository to prioritize realistic attack paths and high-impact findings.

Next Steps

  • Consider requesting for access to Daybreak. Currently not widely available.

Read more at CSO Online, The Cyber Express, Cybersecurity News, The Hacker News

First Public macOS Kernel Exploit on Apple M5 Prepared Using Mythos Preview in Five Days

Researchers reported a working macOS kernel memory-corruption exploit for M5 devices that bypasses Apple’s Memory Integrity Enforcement (MIE) to achieve local privilege escalation to root on macOS 26.4.1. The chain was built by linking two previously unknown bugs with help from Anthropic’s Mythos Preview, underscoring how AI can accelerate finding and weaponizing familiar vulnerability classes even against new hardware mitigations.

Key Details

  • Exploit constraints: the researchers said the chain uses only standard system calls and still succeeds with MIE enabled.
  • Disclosure approach: the team said they delivered a 55-page printed report directly on paper to Apple and are withholding technical details until a patch is released.

Read more at Cybersecurity News, SC Media

Fired Hacker Twins Forget to End Teams Recording, Transcription Captures their Crimes

Two twin brothers and former federal contractor employees pleaded guilty after destroying 96 government databases in a retaliatory attack following their termination. Their planning and execution were captured because they allegedly left the Microsoft Teams firing meeting running, which recorded and transcribed their discussion.

Key Details

  • The defendants were Muneeb and Sohaib Akhter (both 34), former employees of federal contractor Opexus.
  • Court records described hours of recorded audio and a transcript from the ongoing Teams meeting that continued after the firing call ended.

Next Steps

  • Review offboarding controls to ensure access is terminated immediately at separation.
  • Review video call policies.
  • When talking on video calls, always be aware of transcribing services listening.

Read more at WIRED

Fake Ledger “Quantum Resistance” Phishing Letters Mailed to Steal 24-Word Recovery Phrases

Scammers are sending physical letters that impersonate Ledger and claim a mandatory “Quantum Resistance” security update, using a QR code to funnel recipients to a phishing site that asks for their 24-word recovery seed phrase. The seed phrase provides full control of the wallet, enabling attackers to drain cryptocurrency immediately once it’s entered.

Key Details

  • The letters use Ledger branding, a reference number, and a fake security notice to appear legitimate and create urgency with a deadline and threats of lost functionality.
  • Ledger’s support advisory states any message (including physical letters) requesting a recovery phrase is a scam and that Ledger will never ask for the 24-word phrase via QR code, website, phone call, or printed document.

Next Steps

  • Warn employees that scams and phishing can arrive on paper as well.

Read more at HackRead, Ledger

Claude Mythos Test on Curl Surfaced One Low-Severity Flaw. cURL Shares Experience With Mythos

A third-party assessment using Anthropic’s restricted Claude Mythos model on curl’s codebase ultimately produced one low-severity vulnerability accepted by curl maintainers after most reported findings were determined to be documented behavior or non-security bugs. The outcome is fueling debate over whether Mythos’ much-hyped “thousands of zero-days” capability is overstated or whether curl’s heavily audited codebase simply leaves little for any tool to find.

Key Details

  • The report claimed five “confirmed” vulnerabilities, but review found three were already known/documented issues and one was a non-security bug.
  • The remaining vulnerability was rated low severity and is planned to be patched in late June (per the curl developer’s post).
  • Stenberg contrasted Mythos with other AI tooling previously used on curl (Zeropath, AISLE, OpenAI Codex), which he said flagged 200–300 issues including “a dozen or more” confirmed vulnerabilities.

Next Steps

  • Evaluate and maximize existing AI security tooling within secure development processes.

Read more at Daniel Stenberg, SecurityWeek

Typosquatted OpenAI “Privacy Filter” Model Hit #1 on Hugging Face and Pushed a Windows Infostealer to 244K Downloaders

A Hugging Face repo impersonating OpenAI’s Privacy Filter model climbed to the top of trending and tricked users into running scripts that pulled down and executed an infostealer.

Key Details

  • The fake repo was Open-OSS/privacy-filter, a near-verbatim clone of OpenAI’s legitimate openai/privacy-filter page; Hugging Face has since disabled access to the malicious model.
  • HiddenLayer reported the repo reached ~244,000 downloads and 667 likes in under 18 hours, and identified six additional Hugging Face repos with a similar Python loader (all under the anthfu account).

Next Steps

  • Immediately block api[.]eth-fastscan[.]org and recargapopular[.]com.
  • When pulling models from Hugging Face, restrict and review execution of repository-provided scripts (e.g., “start.bat”, “loader.py”) and require internal vetting before running setup instructions from third-party model repos.

Read more at CSO Online, The Hacker News

UK Regulator Fines South Staffordshire Water ÂŁ963,900 After Phishing-Led Breach Exposed Data of 663,887 People

The UK Information Commissioner’s Office fined South Staffordshire Water Plc and parent South Staffordshire Plc £963,900 after a phishing attack led to malware that sat undetected for ~20 months and enabled data theft and dark-web publication. The regulator found the exposed data—affecting 663,887 customers and employees—was authentic, and said the incident reflected significant failures in the company’s approach to data security.

Key Details

  • The breach was discovered after two years in July 2022 when IT performance issues prompted an internal investigation.
  • Exposed data included names, addresses, emails, phone numbers, dates of birth, customer account credentials, bank details, and employee HR data including National Insurance numbers.
  • The ICO cited control gaps including monitoring covering only ~5% of the IT environment, obsolete systems (e.g., Windows Server 2003), poor patching/vulnerability management, and lack of regular internal/external security scanning.

Next Steps

  • Retire or isolate end-of-life systems and close patching backlogs to reduce exploitability and privilege-escalation paths.

Read more at BleepingComputer

node-ipc npm Package Compromised Using Expired Domain Account Takeover Attack

Newly published versions of the widely used Node.js dependency node-ipc were found to contain an obfuscated stealer/backdoor that harvests local secrets and attempts exfiltration. The compromise matters because the malicious code runs when the package is loaded (for CommonJS consumers). Reporting indicates it was published via a takeover of a dormant maintainer account: the attacker bought the account owner’s expired email domain, reset the npm password, and gained publish rights—no hacking required.

Key Details

  • Socket identified the malicious releases as [email protected], [email protected], and [email protected] and recommends blocking them.
  • The malware collects broad host data and secrets, including full process environment variables written to an envs.txt file, plus targeted grabs of cloud credentials, SSH material, Kubernetes/Docker/Terraform artifacts, and various developer/CI configuration files.
  • Exfiltration is performed via DNS TXT queries (not HTTP/HTTPS), including use of a lookalike domain sh[.]azurestaticprovider[.]net (designed to resemble Azure Static Web Apps traffic).

Next Steps

  • Immediately block and remove node-ipc versions 9.1.6, 9.2.3, and 12.0.1 from builds and lockfiles; use the Socket tracking page for the evolving indicator list: https://socket.dev/supply-chain-attacks/node-ipc
  • If you suspect installs occurred, hunt endpoints/CI runners for unexpected DNS TXT lookups to sh[.]azurestaticprovider[.]net and any temporary archives matching nt-/*.tar.gz under OS temp directories.
  • Tighten npm maintainer governance and monitor for account recovery risk (e.g., require verified/managed email domains for publisher accounts and review dormant maintainers with publish rights).

Read more at Socket, CSO Online, BleepingComputer, The Hacker News, The Cyber Express

TanStack npm Supply-Chain Malware Hit Two OpenAI Employee Devices

OpenAI confirmed that two employee devices were impacted via the TanStack npm supply-chain compromise, with the attackers accessing a limited set of internal source repositories and exfiltrating limited credential material.

Attackers published malicious updates to widely used open-source packages (including TanStack and Mistral AI), embedding a stealer that runs during install/build and targets cloud and developer secrets. Because affected repositories included OpenAI app signing certificates, OpenAI revoked and reissued certificates and is requiring macOS users to update OpenAI apps by June 12 to avoid blocks on software signed with the old certs.

Key Details

  • Reports describe an initial GitHub Actions compromise path using workflow/automation abuse (including an “orphaned commit” and overly broad permissions) to trigger automated releases.
  • The broader campaign involved 84 compromised TanStack npm package artifacts modified to add credential-stealing functionality, and TanStack warned the malware could self-propagate by targeting other packages maintained by infected developers.
  • OpenAI said it saw credential-focused exfiltration activity in a limited subset of internal source code repositories accessible to the two impacted employees, and that no other information or code was impacted.
  • The malware’s payload was designed to exfiltrate secrets from cloud/dev environments (AWS, GCP, Kubernetes, HashiCorp Vault, SSH keys) and establish persistence in developer tooling such as VS Code and Anthropic’s Claude Code directories.

Next Steps

  • Update OpenAI macOS apps before June 12.
  • Identify and remove affected package versions in developer workstations and CI runners (start with TanStack Router and Mistral AI SDK dependencies) and rebuild from known-good lockfiles/artifacts.
  • Rotate credentials that may have been present on machines that installed the compromised versions (GitHub tokens, cloud access keys, Kubernetes/Vault credentials, SSH keys) per TanStack’s guidance.
  • Hunt/block known campaign endpoints where appropriate, including filev2.getsession[.]org and api.masscan[.]cloud.

Read more at BleepingComputer, The Record, The Hacker News, SecurityWeek, CyberScoop, BleepingComputer, Socket, CSO Online, SecurityWeek, The Hacker News

Subscribe

Subscribe to receive this weekly cybersecurity news summary to your inbox every Monday.