Stay informed with today's critical security updates
Every organisation is different. The free "Daily Pulse" feed shows the broader threat landscape.
Want this specific and tailored to your organisation?
ThreatInsights – Click for more infoThe Daily Pulse is refreshed automatically every day at 9:00 AM GMT
Want to learn more about Cyber Threat Intelligence?
Check out our free online self-paced training course.
Start Learning NowMonday, June 15, 2026
CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
“Defenders cannot afford to take weeks to patch,” one Cybersecurity and Infrastructure Security Agency official warned on Wednesday.
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Monday, June 15, 2026
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Monday, June 15, 2026
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub a...
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Monday, June 15, 2026
Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Update threat detection rules, brief security team on TTPs, enhance monitoring for IoCs, and review defensive posture against similar attacks.
Monday, June 15, 2026
Phishing Attack Volume Down 20%, But Risk Still Rising
Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiply them.
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Monday, June 15, 2026
A Record-Breaking Patch Tuesday for June 2026
Nearly three dozen of those bugs earned Microsoft's most dire "critical" rating, and exploit code for at least three of the weaknesses is now publicly available.
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Monday, June 15, 2026
Turn specs into evals for any agent with ASSERT
Adaptive Spec-driven Scoring for Evaluation and Regression Testing (ASSERT) is an open-source framework for converting natural language behavior requirements into executable evaluations of AI models and agents. The post Turn specs into evals for any agent with ASSERT appeared first on Microsoft S...
Update threat detection rules, brief security team on TTPs, enhance monitoring for IoCs, and review defensive posture against similar attacks.
Monday, June 15, 2026
Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps
The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance.
Assess potential impact to your environment, update security controls, inform relevant stakeholders, and monitor for related activity.
Monday, June 15, 2026
CISA Adds One Known Exploited Vulnerability to Catalog
gov/known-exploited-vulnerabilities-catalog">Known Exploited Vulnerabilities (KEV) Catalog</a>, based on evidence of active exploitation. id=CVE-2026-35273" target="_blank">CVE-2026-35273</a> Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability</li> ...
Review affected systems, apply patches immediately, monitor for exploitation attempts, and verify patch deployment across all endpoints.
Monday, June 15, 2026
In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine
Other noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook for AI, IBM and AT&T accused of hack cover-ups.
Check if your organization uses affected services, reset credentials, monitor for phishing attempts using leaked data, and review third-party risk.
Monday, June 15, 2026
Chinese hackers hijack auth flow, spy on isolated network for a decade — Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. [...]
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity. [...]
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
BBVA puts AI at the core of banking with OpenAI — Learn how BBVA scaled ChatGPT Enterprise to 100,000 employees and partnered with OpenAI to accelerate AI-powered banking transformation worldwide.
Learn how BBVA scaled ChatGPT Enterprise to 100,000 employees and partnered with OpenAI to accelerate AI-powered banking transformation worldwide.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Why AI Projects Stall and How CIOs Can Respond
Why AI Projects Stall and How CIOs Can Respond
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
FBI disrupts massive AI-powered phishing service using a million URLs — In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing we...
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider Enterprise with thousands of phishing websites used to steal credit card data and passwords. [...]
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Securing CI/CD in an agentic world: Claude Code Github action case — Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions. This research examines the attack...
Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions. This research examines the attack chain, responsible disclosure process, Anthropic's mitigation, and guidance for securing AI-powered CI/CD workflows. The post Securing CI/CD in an agentic world: Claude Code Github action case appeared first on Microsoft Security Blog. ]]>
Implement input validation, deploy prompt injection detection classifiers, limit AI agent permissions, and monitor for unusual API patterns.
Monday, June 15, 2026
AI Risk Worries Insurers & Businesses Alike — As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage?
As companies adopt AI, many insurance firms are explicitly excluding AI risks, while others are forging ahead to create the right framework. What risks can firms reasonably manage?
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Introducing the OpenAI Partner Network — OpenAI launches the Partner Network, investing $150M to help global partners accelerate enterprise AI adoption, deployment, and transformation.
OpenAI launches the Partner Network, investing $150M to help global partners accelerate enterprise AI adoption, deployment, and transformation.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.
Monday, June 15, 2026
Turn Blind Trust into Verified Control with Prompt Security for Agentic AI — Prompt for Agentic AI Security empowers organizations with proactive governance, meaning security teams can deploy agents with confidence.
Prompt for Agentic AI Security empowers organizations with proactive governance, meaning security teams can deploy agents with confidence.
Deploy adversarial robustness testing, implement input anomaly detection, use ensemble models for critical decisions, and add confidence thresholds.