Daily Hunt Feed - 2026-06-05

Threat Hunt Feed (2026-06-05)

Hacker News: Best

• French-Iranian author Marjane Satrapi, author of ‘Persepolis’, dies at 56 — Thu, 04 Jun 2026 11:39:28 +0000
  • Matched TTPs: Browser Extensions (T1176.001), At (T1053.002)
• U.S. to dismantle system tracking Atlantic currents that are at risk of collapse — Thu, 04 Jun 2026 00:44:13 +0000
  • Matched TTPs: At (T1053.002)
• Artificial intelligence is not conscious – Ted Chiang — Wed, 03 Jun 2026 17:51:37 +0000
  • Matched TTPs: Artificial Intelligence (T1588.007), Domains (T1584.001), Code Repositories (T1213.003), Tool (T1588.002), Software (T1592.002), At (T1053.002)

BleepingComputer

• Brave Software releases Origin for a paid, bloat-free browsing experience — Thu, 04 Jun 2026 17:37:10 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002)
• DentaQuest data breach exposed info of 2.6 million accounts — Thu, 04 Jun 2026 14:36:27 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Email Addresses (T1589.002), Tool (T1588.002), Phishing (T1566), Software (T1592.002), At (T1053.002)
• New IronWorm malware hits 36 packages in npm supply-chain attack — Thu, 04 Jun 2026 11:25:37 -0400
  • Matched TTPs: Rootkit (T1014), JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), SSH (T1021.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Credentials (T1589.001), At (T1053.002)

Darkreading

• Rust-Written IronWorm Hits NPM Supply Chain — Thu, 04 Jun 2026 21:47:06 GMT
  • Matched TTPs: Rootkit (T1014), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Code Repositories (T1213.003), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), Python (T1059.006), At (T1053.002)

The Hacker News

• Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public — Thu, 04 Jun 2026 22:25:51 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Server (T1584.004), Web Service (T1102), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa — Thu, 04 Jun 2026 17:52:25 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), DLL (T1574.001), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads — Thu, 04 Jun 2026 16:49:53 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), JavaScript (T1059.007), Malvertising (T1583.008), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS — Thu, 04 Jun 2026 15:21:28 +0530
  • Matched TTPs: Sharepoint (T1213.002), JavaScript (T1059.007), Malware (T1588.001), Browser Extensions (T1176.001), Vulnerabilities (T1588.006), DLL (T1574.001), Password Managers (T1555.005), Domains (T1584.001), Server (T1584.004), Search Engines (T1593.002), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• Hackers Spied on a Stock Exchange Executive’s Outlook Mailbox for Five Months — Thu, 04 Jun 2026 15:03:57 +0530
  • Matched TTPs: Sharepoint (T1213.002), IP Addresses (T1590.005), DNS (T1071.004), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Cloud Services (T1021.007), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), System Services (T1569), At (T1053.002)
• DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets — Thu, 04 Jun 2026 11:36:25 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog — Wed, 03 Jun 2026 22:00:00 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), CDNs (T1596.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001)