EPISODE · Jun 2, 2026 · 4 MIN
Jun 02, 2026 · #75
from Security Brief Daily · host Security Brief Daily
Episode 75 — 02 Jun 2026 1. Critical Windows Netlogon RCE flaw now exploited in attacks Source: Bleeping Computer The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks. Netlogon is a remote procedure call (RPC) interface... 2. Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts Source: Krebs on Security The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta’s “AI support... 3. Dashlane password manager users locked out by brute force attacks Source: Bleeping Computer Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. In a statement to BleepingComputer, the password management service confirmed that the suspensions were part of an... 4. Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded Source: The Hacker News Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an "external" threat actor launched a... 5. Spain arrests doxer leaking sensitive data of govt employees Source: Bleeping Computer The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE). According to authorities, the individual is responsible for a massive leak... 6. Red Hat npm packages compromised to steal developer credentials Source: Bleeping Computer More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed "Miasma." The incident was discovered by security firms Aikido and OX... 7. Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm Source: The Hacker News A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm. "This is effectively a Mini Shai-Hulud campaign: it uses the... 8. China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan Source: The Hacker News A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite Labs, targets of the campaign include government, research, academic,...
What this episode covers
Episode 75 — 02 Jun 2026 1. Critical Windows Netlogon RCE flaw now exploited in attacks Source: Bleeping Computer The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks. Netlogon is a remote procedure call (RPC) interface... 2. Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts Source: Krebs on Security The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to trick Meta’s “AI support... 3. Dashlane password manager users locked out by brute force attacks Source: Bleeping Computer Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. In a statement to BleepingComputer, the password management service confirmed that the suspensions were part of an... 4. Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded Source: The Hacker News Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an "external" threat actor launched a... 5. Spain arrests doxer leaking sensitive data of govt employees Source: Bleeping Computer The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE). According to authorities, the individual is responsible for a massive leak... 6. Red Hat npm packages compromised to steal developer credentials Source: Bleeping Computer More than 30 npm packages under Red Hat's '@redhat-cloud-services' namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed "Miasma." The incident was discovered by security firms Aikido and OX... 7. Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm Source: The Hacker News A new Mini Shai-Hulud supply chain attack campaign, codenamed Miasma, has compromised @redhat-cloud-services packages to steal credentials and secrets from developer machines and deliver a self-propagating worm. "This is effectively a Mini Shai-Hulud campaign: it uses the... 8. China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan Source: The Hacker News A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite Labs, targets of the campaign include government, research, academic,...
NOW PLAYING
Jun 02, 2026 · #75
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.