Threat Hunt Feed (2026-06-11)
Hacker News: Best
- RIP software hackathons. Long live the hardware hackathon — Tue, 09 Jun 2026 22:35:57 +0000
- Matched TTPs: Hardware (T1592.001), Server (T1584.004), Software (T1592.002), Social Media (T1593.001), At (T1053.002)
BleepingComputer
- GitHub announces npm security changes to tackle supply-chain attacks — Wed, 10 Jun 2026 15:41:44 -0400
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
- China-linked JDY botnet expands targeting of U.S. military networks — Wed, 10 Jun 2026 11:00:00 -0400
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
- The 5 Best Practices for Secure Identity Verification — Wed, 10 Jun 2026 10:05:15 -0400
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Tool (T1588.002), Phishing (T1566), Multi-Factor Authentication (T1556.006), Software (T1592.002), Credentials (T1589.001), Impersonation (T1656), At (T1053.002)
- Microsoft patches Exchange Server zero-day exploited in attacks — Wed, 10 Jun 2026 09:44:19 -0400
- Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002)
- Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days — Wed, 10 Jun 2026 05:57:33 -0400
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
- Ivanti: Max severity Sentry flaw allows code execution as root — Wed, 10 Jun 2026 02:26:28 -0400
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), At (T1053.002)
The Hacker News
- China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance — Wed, 10 Jun 2026 21:38:42 +0530
- Matched TTPs: IP Addresses (T1590.005), Malware (T1588.001), Vulnerabilities (T1588.006), Botnet (T1584.005), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
- Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities — Wed, 10 Jun 2026 20:40:59 +0530
- Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
- Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE — Wed, 10 Jun 2026 20:30:59 +0530
- Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
- CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation — Wed, 10 Jun 2026 20:14:29 +0530
- Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
- Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs — Wed, 10 Jun 2026 15:08:13 +0530
- Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002), Compression (T1027.015)
- Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS — Wed, 10 Jun 2026 10:38:35 +0530
- Matched TTPs: JavaScript (T1059.007), Malware (T1588.001), Databases (T1213.006), Vulnerabilities (T1588.006), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)