Threat Hunt Feed (2026-06-13)
BleepingComputer
- phpBB forum fixes auth bypass bug lurking for a decade — Fri, 12 Jun 2026 14:19:34 -0400
- Matched TTPs: Rootkit (T1014), Malware (T1588.001), Hardware (T1592.001), Control Panel (T1218.002), Server (T1584.004), Tool (T1588.002), Software (T1592.002), At (T1053.002)
- Over 400 Arch Linux packages compromised to push rootkit, infostealer — Fri, 12 Jun 2026 13:03:55 -0400
- Matched TTPs: Rootkit (T1014), Malware (T1588.001), Hardware (T1592.001), Databases (T1213.006), SSH (T1021.004), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
- Early Warning Signs of Supply-Chain Attacks Live in the Dark Web — Fri, 12 Jun 2026 10:01:11 -0400
- Matched TTPs: Rootkit (T1014), Malware (T1588.001), Hardware (T1592.001), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Credentials (T1589.001), At (T1053.002)
Darkreading
- ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed — Fri, 12 Jun 2026 20:26:32 GMT
- Matched TTPs: Vulnerabilities (T1588.006), SSH (T1021.004), Software (T1592.002), Exploits (T1588.005), At (T1053.002), Compression (T1027.015)
- Phishing Attack Volume Down 20%, But Risk Still Rising — Fri, 12 Jun 2026 00:58:07 GMT
- Matched TTPs: Artificial Intelligence (T1588.007), Vulnerabilities (T1588.006), Cloud Services (T1021.007), Web Services (T1584.006), Phishing (T1566), Exploits (T1588.005), Impersonation (T1656), At (T1053.002)
The Hacker News
- Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit — Sat, 13 Jun 2026 01:03:25 +0530
- Matched TTPs: Rootkit (T1014), Malware (T1588.001), Vulnerabilities (T1588.006), SSH (T1021.004), Trap (T1546.005), Proxy (T1090), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), Systemd Service (T1543.002), At (T1053.002)
- Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing — Sat, 13 Jun 2026 00:29:32 +0530
- Matched TTPs: Artificial Intelligence (T1588.007), JavaScript (T1059.007), Malware (T1588.001), Vulnerabilities (T1588.006), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
- China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade — Fri, 12 Jun 2026 23:47:55 +0530
- Matched TTPs: Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
- Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code — Fri, 12 Jun 2026 17:34:33 +0530
- Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)
- LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution — Fri, 12 Jun 2026 15:20:36 +0530
- Matched TTPs: Artificial Intelligence (T1588.007), Malware (T1588.001), Vulnerabilities (T1588.006), Server (T1584.004), Tool (T1588.002), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), At (T1053.002)
- INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator — Fri, 12 Jun 2026 14:22:55 +0530
- Matched TTPs: Malware (T1588.001), Hardware (T1592.001), Social Media Accounts (T1585.001), Vulnerabilities (T1588.006), Domains (T1584.001), Server (T1584.004), Proxy (T1090), Tool (T1588.002), Phishing (T1566), Software (T1592.002), Exploits (T1588.005), Social Media (T1593.001), Credentials (T1589.001), At (T1053.002)