Risky Bulletin: Researcher drops giant cache of zero-day exploits

In other news: Breach at a sensitive DHS network; US Supreme Court restricts geofence warrants; Huntress denies malicious insider threat accusations.

Share
Risky Bulletin: Researcher drops giant cache of zero-day exploits

This newsletter is brought to you by Corelight. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. You can also add the Risky Business newsletter as a Preferred Source to your Google search results by going here.

An anonymous security researcher going online by the pseudonym of Bikini has published proof-of-concept exploit code and detailed write-ups for more than a dozen zero-day vulnerabilities in popular open-source projects.

The exploits were published without notifying any of the vendors.

They impact 15 software projects, including some big names like the Linux kernel, Libssh2, Anydesk, FFmpeg, Gogs, Gitea, Ghidra, 7-Zip, MyBB, PHP, OpenVPN, the VLC player, and more.

Since the disclosure last week, several of the project has learned of the exploits and started working on patches. Nine vulnerabilities have been confirmed and received official CVE identifiers, so far.

The researcher claims he used OpenAI's GPT-5.5-3-Codex-Spark AI model to fuzz the project's code and find irregularities that he later confirmed with a manual review.

"You do NOT need a SOTA [State-of-the-Art] model to help you identify these issues, I promise! While being able to afford a better model is helpful, my data seems to show that it is only marginal when paired with decent human oversight and a good harness. None of the actual PoCs themselves were vibe-coded; I did, in fact, hand-type them."

Bikini has also promised to drop new zero-days in the coming days, the repo will likely become one of the most watched on the platform, if it doesn't get taken down (again, cause it was already suspended two times over the weekend).

The zero-day dump, which the researcher is calling Exploratorium, is starting to become a general trend in the infosec community of 2026. Since AI tools have been slowly creeping into the vulnerability research space, the number of vulnerabilities that were not disclosed to the project owners has exploded this year.

We've seen it a couple of times for some Linux kernel bugs, but expect incidents like these to grow in number in the coming months, as researchers get flooded in new findings by their own tools and decide to YOLO it instead of going to the daily grind of bug reporting and waiting months for replies.

Risky Business Podcasts

In this episode of Risky Business Features, James Wilson chats with Karsten Nohl about his research into using local LLMs to replace cloud AI in security code reviews.


Breaches, hacks, and security incidents

Hackers breach DHS HSIN: Hackers have breached a DHS internal network for sharing sensitive data with federal, state, local and industry partners. The intrusion occurred between late May and early June and impacted the Homeland Security Information Network. The attack targeted HSIN servers and a connected SharePoint system. Details about the intruders and what they took are still unknown. [NextGov]

NAIC discloses breach: The US insurance sector's standards body has suspended risk designations for insurers in the aftermath of a cyberattack. The National Association of Insurance Commissioners was hacked at the start of June by the ShinyHunters group. Some credit rating agencies paused data sharing with the NAIC to avoid exposing sensitive information if the hackers were still in its network. NAIC was using the data to compile risk designations for members, which told them how much capital they needed to cover policies. NAIC says it has now evicted the hackers and is meeting with credit agencies to restore full operations. [NAIC // The Financial Times // DsyruptionHub]

Aflac breach: Hackers have stolen customer data from the Japanese branch of life insurance company Aflac. More than 4.38 million customers are impacted. The company disclosed a data breach in June of last year as well. [The Japan Times]

CBL breach: Libyan authorities are investigating a security breach of the country's central bank. Files allegedly taken from the CBL's network were leaked on the dark web on Monday by the Qilin ransomware group. CBL officials say they've traced the breach to an incident three weeks ago. [Aaswat // Libya Review]

Nidec ransomware attack: A new ransomware group is demanding a $2 million ransom from Nidec, a major Japanese company that makes motors and electronic components. The incident took place last week and the company had to take its entire IT network offline. A group named BLackField took credit for the attack. Nidec was previously known as the Nippon Densan Corporation, and was also hit by a ransomware attack at the end of 2024. [Nidec, PDF // BleepingComputer]

Fox Rothschild breach: The Silent Ransom Group has breached American law firm Fox Rothschild in May this year. The law firm refused to pay a ransom. [DataBreaches.net]

Nissan discloses breach: Nissan NA has disclosed a security breach linked to the recent Oracle PeopleSoft zero-day hacking spree. [California OAG]

DCHA breach: A cyberattack has disrupted the website and email server of the District of Columbia Housing Authority. The agency provides public housing and voucher services for residents and landlords across the US capital Washington. The Housing Authority said the incident won't affect payments scheduled for this month. [DCHA // DysruptionHub]

iPhone 18 photos leak in Tata hack: Images of the upcoming iPhone 18 and its electronic components have leaked after a leak at one of its suppliers, Indian company Tata Electronics. Photos of the phone's battery, chips, and circuit boards were included. The World Leaks data extortion group breached Tata Electronics last month and leaked 200,000 documents after the company refused to pay a ransom. [MacRumors]

General tech and privacy

WhatsApp rolls out usernames: Meta is rolling out username support for its WhatsApp instant messenger app. Starting this week, users will be asked to reserve a username before the feature launches later this year. The company is also adding a new security feature system called a username key, which others will need to know before they can message your new username. The username key is optional and can be used by users who don't want to be spammed by random accounts. [Meta]

Microsoft accelerates quantum-safe timeline: Microsoft has accelerated its quantum-safe timeline and will focus on transitioning its critical products to quantum-safe algorithms by 2029. The company cited the recent advancements in quantum computing technologies for the move. Both Cloudflare and Google also moved their PQC adoption timeline to 2029, citing the same advances. [Microsoft]

Microsoft adds Teams bot protection: Microsoft is adding bot protection to the Teams collaboration platform. Teams can now block bot access to meetings and prompt administrators to let selected bots through on a case by case basis. The feature is designed to prevent AI-based scrapers but still allow meeting assistants and note-taking apps in. [Microsoft]

WSL containers are here: Windows now supports Linux containers through a new feature called WSL containers. This is now in public preview after being announced at the Microsoft Build dev conference this year and is meant to go after Docker's market. [Microsoft]

Apple raises prices: Last week, Sony and Valve raised the prices of their gaming consoles due to memory chip shortages, but something else that I missed was that Apple also did the same for its desktops, laptops, and tablets. [Reuters]

Swift Package Index joins Apple: The Swift Package Index has joined Apple and will become the official package repository for the Swift programming language. The open-source community project currently indexes more than 10,000 Swift libraries and packages. The Swift Package Index said it needed Apple's help to scale up the project. [Swift Package Index]

Amazon to pay fine for ignoring scam victims: American mega-corp Amazon has agreed to pay a measly $2.25 million fine for refusing to share data of illegal transactions with victims of identity fraud. The FTC says the company had no policies in place to deal with these requests until the agency reached out last year and was being late in proving the data even to law enforcement. [FTC]

4chan pulls Adult Requests section: Internet cesspool 4chan has removed the section on its website where users could request the creation of non-consensual adult content. The Adult Requests section has been removed and has been offline since May 21. The section also hosted tutorials on producing non-consensual deepfakes, and also acted as a marketplace where users could pay for requests or trade in adult deepfakes. [OpenMeasures]

Tidal demonetizes AI songs: Music streaming service Tidal will detect, label, and demonetize AI-generated songs on its platform. [Variety // Tidal AI Policy]

First sub-nano chip: IBM has developed the world's first sub-1 nanometer (nm) chip at only 0.7 nm. The entire chip is just over the size of a fingernail. [IBM]

Government, politics, and policy

Iranian cyberattacks surged this year: Iranian cyberattacks targeting Israel have tripled compared to last year. Israel's National Cyber Directorate investigated 4,800 incidents in June, compared to only 1,600 the same month last year. Most of the attacks have been traced back to Iran's military and the Islamic Revolutionary Guard Corps. [The Times of Israel]

Russia's national IMEI database: We first covered this in June last year, but a Russian law establishing a national phone IMEI codes database is close to passing in the Duma this month. [Forbes Russia]

Austria wants Anthropic to move to the EU: The Austrian government is lobbying the European Union to host American AI company Anthropic in the EU. The proposal comes as Anthropic is at odds with the Trump administration, which imposed export controls on its two latest AI models. The EU is in the process of passing new laws to boost its AI industry. [Bloomberg // Reuters]

Netherlands warns of VMware dependence: A Dutch government report warns about the country's dependence on VMware products for virtualization technologies and encourages agencies to start seeking alternatives. [Dutch government]

Barcelona court reopens spyware case: The Court of Barcelona has taken two years to hear a case, but has now re-opened an investigation into the hacking with the Pegasus spyware of smartphones of Roger Torrent and Ernest Maragall, two members of the pro-Catalan independence movement. [El Diario] [h/t Vas Panagiotopoulos]

Canada bans "sophisticated" political deepfakes: The Canadian government has banned AI-generated deepfakes of political figures meant to deceive and mislead Canadian voters. The new rules cover political candidates, party leaders, and chief electoral officers. Bill C-25 received royal assent last month and has now amended Canada's election rules. [Betakit] [h/t Alex Rudolph]

Supreme Court restricts geofence warrants: The US Supreme Court on Monday limited the use of geofence search warrants by law enforcement agencies. The technique allows investigators to request geolocation and other data from telcos and law firms about individuals who were near a crime scene. The Court ruled that historical geolocation data is protected by the 4th Amendment against unreasonable searches. Law enforcement will need to obtain a court-approved search warrants with a suspect's name on it going forward—instead of using a blind warrant to get the geolocation data and identify suspects in the data. [NPR // USSC ruling, PDF]

House passes KIDS Act: The US House of Representatives has passed the Kids Internet and Digital Safety (KIDS) Act, a bill that would introduce age-verification procedures for all Americans trying to access adult sites. The bill has small chances to pass in the Senate. [The Record]

So while yes, the House passage is bad news, it's been expected. It's an election year and every one of the House members is up for re-election. This gives them the ability to say they passed major legislation reigning in Big Tech. (It doesn't do that, which is why Big Tech loves it)

— Mike Stabile (@mikestabile.bsky.social) June 30, 2026 at 3:02 AM

In this Risky Business sponsor interview, James Wilson chats with Corelight’s VP of Product Vijit Nair defence strategies for the AI era. When agents can find and exploit vulnerabilities at machine speed, you need to balance between proactive and reactive measures. On the proactive side, you need modelling of assets and threats. On the reactive side you'll need telemetry so you can act quickly if a threat becomes a reality. 

Arrests, cybercrime, and threat intel

Phishers arrested in the Netherlands: Dutch police have detained two suspects involved in phishing operations. The two created phishing sites that collected credit card data from their victims. A 23-year-old man was arrested in Zaandam and a 21-year-old was detained in Amsterdam last week. Both had devices, property, and funds seized in the raid. [Dutch Police]

Two EY employees charged in Australia: Australian authorities have charged two former Ernst & Young Australia employees for accessing the personal data of Australian prime minister Anthony Albanese. Charges were levied this week against Paul and Phillip Issa. The former accessed the prime minister's personal data while delegated at Commonwealth Bank, where Albanese has a savings account. [The Guardian]

Malicious Chrome and Firefox extensions: There's a Chrome and Firefox extensions mimicking the "VPN Go: Free VPN" service to deploy a clipboard stealer on users' devices. [Socket Security]

Split-click technique in the wild: The Sneaky 2FA phishing platform has been seen using phishing pages that employ buttons with a "split-click" feature that has two outcomes, but in a very weird way. [Barracuda]

"Clicking the top half of the button opens a legitimate Microsoft page, while clicking the bottom half triggers a malicious redirect. [...] The split-click interaction is a rarely seen technique. It is used to evade automated link analysis and ensure testing tools can only see the safe version."

FortiBleed linked to INC ransomware group: Security firm SOC Radar has linked the FortiBleed attacks to an individual connected to the INC ransomware operation. The attacks took place this year and allowed a threat actor to collect credentials from more than 86,000 Fortinet devices. The attacker compromised firewalls and then deployed a sniffer that collected additional credentials going through the device. The collected data was discovered accidentally after the attacker left a directory open and exposed on the internet on one of their servers. [SOC Radar]

StealC sells its source code: The StealC developer has put up the source code of their infostealer up for sale after law enforcement seized large chunks of their server infrastructure last week. This only covers the current v2, while work on an upcoming v3 is apparently underway.

🧵1/ The developers behind the Stealc malware have announced the sale of the complete Stealc v2 source code ahead of the planned v3 release. According to the advertisement, only two copies of the source code will be sold for $60,000 each. #ThreatIntel #Malware #secops

[image or embed]

— marktsec (@marktsec.bsky.social) June 29, 2026 at 3:01 PM

Malware technical reports

The Gentlemen: Kaspersky has spotted The Gentlemen ransomware group employing a new Go-based backdoor and a new C-based ransomware strain in recent attacks. [Kaspersky]

RedLine Stealer: Despite a major takedown in 2024, versions of the RedLine infostealer are still live and used in active attacks. [VMRay]

RustDuck: There's a new DDoS botnet being built in the shadows. Named RustDuck, this one is barely taking its baby steps, but has already been spotted infecting IoT devices, web apps, routers, and various servers. [QiAnXin]

Blacksite phishing kit: Abnormal Security has spotted a new phishing kit named Blacksite that is being sold in underground circles. The kit is capable of AitM phishing and comes with baked-in support for cloaked.gg, a service for avoiding security scanners. [Abnormal Security]

James Pope, Corelight's Director of Technical Marketing Engineering, demonstrates the company's Open NDR Platform and how it combines network detections with a whole host of other data sources. 

APTs, cyber-espionage, and info-ops

Mustang Panda: A Chinese cyber-espionage group is targeting India's government agencies and hydropower sector. The  campaigns took place this year and employed three new malware toolkits—SHARDLOADER, MINIRECON and ZOHOMURK. Researchers linked the attacks to a group tracked as Mustang Panda. [Acronis]

ToddyCat's new Umbrij tool: The ToddyCat APT group has developed a new tool named Umbrij that can extract data from a victim's Gmail account using the Google API. [Kaspersky]

Russian info-ops: Google has published a comprehensive report on Russia's current influence operations, their motives, and the current active actors. Despite having a Trump presidency that's quite friendly with the Kremlin, the goals of info-up operations to undermine US and EU influence across the world have not changed. [Google Cloud]

Vulnerabilities, security research, and bug bounty

Security updates: Adobe, Apple, Canon, HP, Podman.

Adobe switches to semi-monthly security updates: Adobe will release security updates for its products two times a month in a major update from its monthly model. Security updates will go live on the second and fourth Tuesday of each month. The company cited the rising risks from AI security tools. Adobe joins Oracle, which also recently switched from a quarterly to a monthly security release model, also citing risks from AI. [Adobe]

BioShocking technique: Researchers have used simple puzzle games to trick AI-based browsers into executing malicious commands. Truly, these AI browsers are revolutionary products. Anyway, researchers are calling this technique BioShocking, as a nod to the game BioShock where the player could be forced into doing unwanted actions with a coded phrase. [LayerX]

GuardFall technique: Ten open-source AI agents will execute malicious Bash commands that are hidden using tricks that many apps and Bash itself have mitigated decades ago. [Adversa AI]

Kemp LoadMaster bug write-up: The WatchTowr team has published a technical write-up of CVE-2026-8037, an unauth command injection bug in the Kemp LoadMaster that can be abused for RCE attacks. This isn't exploited in the wild yet, but the company's write-ups are often used by threat actors to put together exploits and start attacks shortly after, so patch or be on the lookout! [WatchTowr Labs // Progress Software patches]

New SimpleHelp exploitation: Hackers are exploiting a recently disclosed vulnerability to bypass authentication and take over SimpleHelp remote management servers. The bug only impacts servers where the OpenID Connect module is enabled. Patches were released in May, and a technical write-up also exists. The bug was discovered by security firm Horizon3, which decided to use AI to find bugs in software that's commonly listed in the CISA KEV database. The vulnerability was added to CISA KEV on Monday. According to Blackpoint Cyber, it is being used to drop the TaskWeaver loader and Djinn infostealer on hacked servers. [CISA // CVE-2026-48558 patches // Horizon3 write-up // Blackpoint Cyber]

Android apps expose signing keys: More than 4,000 Android apps have left their signing keys exposed online in public repositories. A team of researchers from China, Germany, and Ireland has found more than 5,600 keystores or passwords that could recover the keys published on GitHub. Some of the keys were for 252 apps preinstalled on devices from seven manufacturers, collectively affecting over 10 billion Android devices. [ArXiV]

Infosec industry

Threat/trend reports: AIC, F6, Flux, and XBOW have recently published reports and summaries covering various threats and infosec industry trends.

Huntress denies inside threat rumor once again: Cybersecurity firm Huntress has denied accusations that the company was hiding a security breach caused by a malicious insider. Huntress CEO Kyle Hanslovan says internal and law enforcement investigations found no evidence of an employee behaving improperly. The company was accused by a former employee last week that a current employee had shared customer data and sensitive information with ransomware groups. Huntress confirmed that employees had spoken with ransomware groups and shared info that they were under formal law enforcement investigations in what it described as "poor judgment" but not illegal. [Huntress CEO statement // Accusations on LinkedIn]

Acquisition news: DevSecOps company Aikido Security has acquired Israeli cybersecurity startup Root in a transaction estimated between $70-$100 million. [Aikido // CTech]

New tool—Jailbreaker: Security firm SpecterOps has released Jailbreaker, a local evaluation tool for testing chatbot and agent-style systems against jailbreak, prompt-injection, and related failure modes. 

New tool—Lazarus.day: A threat intel analyst going by the name of Lazarusholic has launched Lazarus.day, a portal that aggregates news and reports on North Korean hacking activity.

Risky Business podcasts

In this edition of Between Two Nerds, Tom Uren and The Grugq discuss whether cyber organisations should be separated from Signals Intelligence organisations. The Grugq argues that having cyber expertise subordinate to intelligence collection means that many opportunities are never explored.