Daily Hunt Feed - 2026-06-04

Threat Hunt Feed (2026-06-04)

Hacker News: Best

• Meta workers can opt out of being tracked at work up to 30 min — Wed, 03 Jun 2026 12:42:07 +0000
  • Matched TTPs: Artificial Intelligence (T1588.007), Tool (T1588.002), At (T1053.002)
• Uber’s $1,500/month AI limit is a useful signal for AI tool pricing — Wed, 03 Jun 2026 12:25:14 +0000
  • Matched TTPs: Tool (T1588.002), Software (T1592.002), At (T1053.002)

BleepingComputer

• Chinese hackers use new Atlas RAT malware in European cyberattacks — Wed, 03 Jun 2026 17:45:27 -0400
  • Matched TTPs: Keylogging (T1056.001), Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Botnet (T1584.005), Financial Theft (T1657), Tool (T1588.002), Phishing (T1566), Process Hollowing (T1055.012), Software (T1592.002), Credentials (T1589.001), Python (T1059.006), At (T1053.002), System Shutdown/Reboot (T1529)
• CISA warns of active attacks exploiting Android, Linux bugs — Wed, 03 Jun 2026 11:36:16 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Phishing (T1566), Software (T1592.002)
• What 345 Days of Untested Exposure Looks Like at a Bank — Wed, 03 Jun 2026 10:02:12 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Email Addresses (T1589.002), Tool (T1588.002), Phishing (T1566), Software (T1592.002), At (T1053.002)
• Acer working to patch max severity zero-days in Wave 7 routers — Wed, 03 Jun 2026 07:35:47 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), IP Addresses (T1590.005), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Firmware (T1592.003), Software (T1592.002), Credentials (T1589.001)
• Google adds Android protection against AI deepfake scam calls — Wed, 03 Jun 2026 05:02:11 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Impersonation (T1656)
• Over 116,000 Minecraft systems infected in WeedHack malware campaign — Tue, 02 Jun 2026 17:54:49 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Remote Access Tools (T1219), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Credentials (T1589.001), SEO Poisoning (T1608.006)

Darkreading

• Attackers Use AI to Automate EDR Evasion Testing — Wed, 03 Jun 2026 21:34:07 GMT
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Python (T1059.006), At (T1053.002)
• Tropical Blend: Cyber & Politics Ramp Up Across Latin America — Wed, 03 Jun 2026 19:52:32 GMT
  • Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Python (T1059.006), At (T1053.002)

The Hacker News

• [Beyond the Zero-Day: See Your Network Like an Attacker

  Webinar with HD Moore](https://thehackernews.com/2026/06/beyond-zero-day-see-your-network-like.html) — Wed, 03 Jun 2026 20:26:46 +0530

  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479) — Wed, 03 Jun 2026 19:17:09 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Databases (T1213.006), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Lua (T1059.011), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
• Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes — Wed, 03 Jun 2026 15:48:52 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare — Wed, 03 Jun 2026 14:03:35 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Compression (T1027.015)
• Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content — Wed, 03 Jun 2026 11:46:54 +0530
  • Matched TTPs: Keylogging (T1056.001), Sharepoint (T1213.002), JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), DLL (T1574.001), Server (T1584.004), Mshta (T1218.005), PowerShell (T1059.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), SEO Poisoning (T1608.006), At (T1053.002), Dead Drop Resolver (T1102.001)