NPM's Git dependency install path can be bypassed by a malicious .npmrc, allowing full code execution even when --ignore-scripts=true is enabled. The flaw weakens Git repository install defenses and sits within the broader PackageGate set of JavaScript package-manager issues. GitHub's npm v12 adds a separate mitigation path by making install-time execution and non-registry sources require explicit approval, reducing abuse of preinstall/install/postinstall scripts, node-gyp builds, Git-based dependencies, and remote URL dependencies.

GitHub announced npm v12 with default-blocking install scripts, Git dependencies, and remote URLs, shifting package installation to explicit opt-in and reducing supply-chain attack risk. The rollout is scheduled for July 2026 and replaces historically permissive dependency handling across the npm ecosystem. Developers can already move to npm 11.16.0+ and use npm approve-scripts to audit blocked scripts and build local allowlists.

A Sentry architectural flaw can let attacker-crafted error events be returned as trusted output to AI coding agents, creating arbitrary code execution risk on developer machines. The weakness affects exposed organizations that publish a usable DSN and connect Sentry to agents through MCP. Sentry acknowledged the issue and relied on a content filter rather than a full fix.

Microsoft has fixed a WUSA problem that caused Windows updates to fail when installed from a network share, disrupting update deployment on Windows 11 24H2/25H2 and Windows Server 2025 enterprise systems. The failure could surface as ERROR_BAD_PATHNAME when a share held multiple .msu files. Microsoft first reduced the impact with Known Issue Rollback on some devices before resolving the issue in June 2026 cumulative updates.

Sports organizations faced sustained cyber targeting across the last 12 months, with 84% of teams, venues and event bodies hit and 57% struck more than once. The pattern raises operational risk for live events, where attackers can time ransomware or DDoS disruption for maximum impact. The same targeting also increases exposure to fan data theft, supply-chain abuse and phishing-led compromise.

Novo Nordisk disclosed externally copied non-public data affecting clinical-trial participants and some healthcare professionals, raising exposure risk for sensitive records and contact details. The exposed material includes patient IDs, trial participation details, biomarkers, health/immunogenicity data, lifestyle factors, and HCP names, phone numbers, and office locations. The company said the patient records were pseudonymized, but the HCP details could support phishing and impersonation attempts. Novo Nordisk took the compromised internal IT systems offline while investigators assess the full scope of the leak.

Researchers disclosed three now-patched LangGraph vulnerabilities affecting self-hosted deployments and including a remote code execution chain. The flaws span SQLite checkpoint SQL injection, unsafe msgpack deserialization, and RediSearch Query Injection. The issue is most serious where deployments accept user-controlled filter input or expose the get_state_history() endpoint. LangSmith Deployment is stated to be unaffected.

CISA ordered FCEB agencies to secure Ivanti Sentry within three days after confirming CVE-2026-10520 is being actively exploited, creating immediate remediation pressure on federal civilian systems. The directive came under Binding Operational Directive 26-04 and adds the flaw to the KEV Catalog. That combination makes the exposure operationally urgent for any federal deployment that still lacks a fix or acceptable mitigation.

Google rolled out Chrome 149 for Windows, macOS, and Linux, resolving 28 critical and high-severity vulnerabilities. The update reduces risk from browser compromise, memory corruption, and possible sandbox-escape chains tied to flaws in core browser components.

INTERPOL-led Operation Ramz disrupted Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, during October 2025-February 2026. Authorities in 13 MENA countries made 201 arrests, including Guedz, the platform’s primary developer and administrator, and seized the site used to offer the service plus hardware containing phishing software and scripts. Group-IB said Sniper Dz had collected more than 45,000 victim records, used 80 phishing templates in five languages, and targeted 30 major global organizations before it was taken down.

A long-running Sniper Dz ecosystem operated as a free phishing-as-a-service (PhaaS) platform that repeatedly rebranded, lowering the barrier for large-scale credential theft and scam delivery. Its bundled kits, hosting, and support helped cybercriminals launch phishing campaigns across major brands and government impersonations.

The Tchap data leak exposed public-sector user information for 73,467 agents after a compromised user account was used to access non-encrypted public chat rooms. The exposed material included names, email addresses, organization details, and avatar images, while attackers also claimed to have taken messages and files. The leak increases the risk of impersonation, phishing, and credential abuse across French public-sector accounts.

A compromised user account enabled an unauthorized breach of Tchap, putting the French government's encrypted messaging platform at risk of exposing conversations and personal data. The incident was detected by ANSSI and disclosed by DINUM on Monday, with investigation still underway.

The Japanese Ministry of Economy, Trade, and Industry ordered Kyushu Electric Power to report full incident details and preventative measures by July 8, adding formal government scrutiny to a customer-data loss affecting up to 10.9 million accounts. The action follows the disappearance of a backup storage device linked to customer names, addresses, usage data, and telephone numbers. The deadline raises compliance pressure on a major regional utility handling sensitive personal information.

Kyushu Electric Power disclosed a missing external storage device that may expose customer data for up to 10.9 million accounts. The drive held names, service locations, electricity usage data, and telephone numbers, and it has not been recovered. The company is notifying affected customers and has reported the matter to police and regulators.

ShinyHunters/UNC6240 exploited CVE-2026-35273, a zero-day in Oracle PeopleSoft Enterprise PeopleTools, between May 27 and June 9 to breach enterprise systems, steal data, and extort victims. Mandiant says the campaign hit universities hardest, and the University of Nottingham is among the confirmed victims after about 455,000 unique email addresses were leaked, along with names, addresses, phone numbers, passport numbers, and sensitive demographic details.

ShinyHunters/UNC6240 exploited CVE-2026-35273, a zero-day in Oracle PeopleSoft Enterprise PeopleTools, between May 27 and June 9 to break into enterprise systems, steal data, and extort victims. Mandiant says the campaign hit universities hardest, notified more than 100 organizations, and confirmed that University of Nottingham was among the victims after about 455,000 email addresses were leaked.

Oracle PeopleSoft PeopleTools CVE-2026-35273 is a critical zero-day RCE affecting versions 8.61 and 8.62. Oracle has released emergency mitigations while a patch is pending. The flaw was reported as actively exploited in ShinyHunters data-theft attacks.

The ShinyHunters data-leak event against Oracle PeopleSoft instances exposed data from 300 instances across 100+ organizations, expanding the risk of theft-driven extortion. The activity was tied to exploitation of CVE-2026-35273, a critical zero-day that allowed unauthenticated remote code execution. Oracle issued emergency mitigations while operators were told to review logs for attacker IPs.

OpenClaw has a patched message-object prompt injection flaw that let hidden instructions inside shared contacts, vCards, and location pins reach the LLM as trusted prompt text, creating code-execution and secret-leakage risk for self-hosted agents. Imperva showed the agent flattening those objects inline with no untrusted boundary, so attacker text could blend into ordinary-looking input. OpenClaw 2026.4.23 fixes the issue by moving contact names, vCard fields, and location labels into a separate untrusted-metadata channel. Systems that have not updated remain exposed whenever they ingest untrusted message content.

OpenClaw operators are adding outbound-mail approval gates, trust-scoped connector access, and human approval for risky actions to reduce agent phishing and unauthorized data exfiltration. The controls limit what a compromised agent can do through normal channels and narrow the blast radius of social-engineering abuse.

CVE-2026-45585 (YellowKey) is a BitLocker security feature bypass affecting Windows 11 24H2/25H2/26H1 and Windows Server 2025, including Server Core. Microsoft disclosed the issue, published mitigation guidance after a public proof of concept, and later Patch Tuesday updates addressed it. Later reporting on the same CVE described GreatXML, which abuses the recovery-partition and WinRE flow to obtain unrestricted access to the BitLocker volume. That reporting also said systems that had used Windows Defender Offline Scan could be automatically affected.

Microsoft's Patch Tuesday updates this week patched YellowKey (CVE-2026-45585), closing a Windows BitLocker bypass that could expose protected volumes. The vendor release gives affected systems an official fix for the previously disclosed flaw. Administrators should move exposed installations to the patched update set.

Phantom Mantis moved The Gentlemen from dependence on other ransomware ecosystems into an independent partnership program, expanding its operational autonomy and affiliate reach. The shift is tied to 478 claimed victims and an active push to recruit affiliates, which strengthens the group’s market position. The operation is also being run by LARVA-368, who has paired the model change with broader tooling and support infrastructure.

AudiA6 was disrupted as an industrial-scale cryptocurrency laundering service used by ransomware gangs and other cybercriminal networks. Europol said the ecosystem laundered more than €336 million since 2021, used thousands of fraudulent exchange accounts and money-mule records, and was linked to more than 15 investigations worldwide. The same network also included Dark2Web, a dark web forum used to advertise illicit services and connect with other offenders. The June 10, 2026 action led to arrests, domain and server seizures, asset freezes, Telegram blocking, and DoJ charges against two alleged administrators.

Law enforcement dismantled AudiA6, a cryptocurrency laundering service used by ransomware gangs and other cybercriminal networks, in a June 10, 2026 multinational operation. Authorities arrested 2 suspected administrators in Georgia, seized 25 domains and more than 30 servers, blocked Telegram accounts, and froze or seized cryptocurrency and assets as part of the action. Europol said the service laundered more than €336 million since 2021 and was tied to more than 15 investigations worldwide.

A malware-luring campaign now uses fake AI study guides and developer resources to target Windows users at organizations, increasing the risk of stealthy AsyncRAT infections. The operation relies on staged execution and trusted system tools to avoid detection. Its AI-themed packaging is designed to exploit demand for learning material and trick professionals into opening malicious files.

A Windows malware chain is now delivering AsyncRAT, increasing the risk of stealthy remote access on targeted systems. The lure uses AI study guides and developer resources to target professionals seeking learning material, then pivots through LNK shortcuts, hidden documents, and scheduled tasks disguised as Realtek services. The final payload relies on AutoHotkey and process hollowing before beaconing to its own C2 server.

The OnyxC2 stealer has expanded into remote-access and persistence-enabled credential theft, giving buyers a way to harvest browser, extension, wallet, and business-app data from infected hosts. Its reach spans dozens of browsers and about 210 apps and extensions, increasing the chance that one compromise yields reusable logins and session material. The package also includes HVNC, a reverse SOCKS5 proxy, and a reverse shell, which makes post-compromise access harder to evict.

OnyxC2 has been sold as a Malware-as-a-Service stealer, giving cybercriminal buyers access to a rentable credential-theft platform instead of a one-off custom build. The offer starts at $250 per month, rises to $500 per month for premium access, and includes a private source-code option for $6k. That packaging lowers the barrier to entry and expands the market for credential theft by combining support, tiering, and prebuilt lures.