Daily Hunt Feed - 2026-06-09

Threat Hunt Feed (2026-06-09)

Hacker News: Best

• AI is slowing down — Mon, 08 Jun 2026 15:46:37 +0000
  • Matched TTPs: Hardware (T1592.001), Confluence (T1213.001), Web Services (T1584.006), Software (T1592.002), At (T1053.002)
• Anti-social: It’s fads, not friends, which now dominate social media feeds — Mon, 08 Jun 2026 11:58:02 +0000
  • Matched TTPs: Tool (T1588.002), Social Media (T1593.001), At (T1053.002)
• The Smallest Brain You Can Build: A Perceptron in Python — Mon, 08 Jun 2026 00:28:37 +0000
  • Matched TTPs: Hardware (T1592.001), Python (T1059.006), At (T1053.002)

BleepingComputer

• NFCShare Android malware spreads via fake banking app updates on GitHub — Mon, 08 Jun 2026 18:11:58 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
• SoFi confirms third-party data breach at Hong Kong subsidiary — Mon, 08 Jun 2026 17:55:46 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), At (T1053.002)
• New Apple feature automatically changes your compromised passwords — Mon, 08 Jun 2026 17:03:40 -0400
  • Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), At (T1053.002)
• New Shai-Hulud attack trojanizes 19 science-focused PyPI packages — Mon, 08 Jun 2026 16:41:35 -0400
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), SSH (T1021.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• WhatsApp says it disrupted new NSO spyware phishing attacks — Mon, 08 Jun 2026 14:40:53 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Domains (T1584.001), Tool (T1588.002), Phishing (T1566), Software (T1592.002), At (T1053.002)
• Critical UniFi OS bug lets hackers gain root without authentication — Mon, 08 Jun 2026 11:51:19 -0400
  • Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Credentials (T1589.001), At (T1053.002)

Darkreading

• Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks — Mon, 08 Jun 2026 20:59:52 GMT
  • Matched TTPs: Vulnerabilities (T1588.006), Remote Access Tools (T1219), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Impersonation (T1656), Conditional Access Policies (T1556.009), At (T1053.002)
• Check Point VPN Flaw Exploited Since Early May — Mon, 08 Jun 2026 20:28:35 GMT
  • Matched TTPs: Sharepoint (T1213.002), Vulnerabilities (T1588.006), Virtual Private Server (T1583.003), Server (T1584.004), Exploits (T1588.005), At (T1053.002)
• ‘Hades’ Campaign Against PyPI Puts New Spin on Shai-Hulud — Mon, 08 Jun 2026 16:13:41 GMT
  • Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Cloud Services (T1021.007), Software (T1592.002), Exploits (T1588.005), Credentials (T1589.001), Python (T1059.006), At (T1053.002)

The Hacker News

• One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public — Tue, 09 Jun 2026 01:47:39 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001)
• Meta Blocks NSO Group’s New WhatsApp Phishing Attack, Files Contempt Order — Mon, 08 Jun 2026 22:38:44 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Domains (T1584.001), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
• AI Phishing Is Crushing SOCs with Alert Volume: How to Reduce Tier 1 Overload — Mon, 08 Jun 2026 18:49:13 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), Domains (T1584.001), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)
• ⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More — Mon, 08 Jun 2026 18:48:57 +0530
  • Matched TTPs: Sharepoint (T1213.002), Artificial Intelligence (T1588.007), JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), DLL (T1574.001), Botnet (T1584.005), Supply Chain Compromise (T1195), Web Shell (T1505.003), Server (T1584.004), Email Addresses (T1589.002), Tool (T1588.002), Phishing (T1566), Firmware (T1592.003), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), At (T1053.002)
• VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances — Mon, 08 Jun 2026 15:57:32 +0530
  • Matched TTPs: Sharepoint (T1213.002), IP Addresses (T1590.005), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Domains (T1584.001), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), Python (T1059.006), Conditional Access Policies (T1556.009), At (T1053.002)
• VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks — Mon, 08 Jun 2026 11:38:44 +0530
  • Matched TTPs: Sharepoint (T1213.002), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)