Cybersecurity Daily: News & Threats

AI-Generated Zero-Day Confirmed & Defender Exploited in the Wild

(00:00:00) AI-Generated Zero-Day Confirmed & Defender Exploited in the Wild (00:00:51) Nightmare-Eclipse Researcher Dispute (00:01:29) SharePoint RCE and AI-Generated Exploits (00:02:14) Starlette BadHost and AI Agent Exposure (00:02:42) Nation-States and the Gemini Abuse Pattern (00:03:08) 7-Eleven, Beacon Mutual, and Heretic Tool (00:03:59) Key Watchpoints Going Forward Three Microsoft Defender vulnerabilities are under active exploitation, a researcher-vendor dispute has turned public with open threats, and Google has confirmed the first documented AI-generated zero-day exploit in the wild — all in the past 24 hours. CVE-2026-41091 enables privilege escalation to SYSTEM level on enterprise endpoints. CVE-2026-45498 causes denial of service. Both were being exploited before patches shipped, and CISA has set a June 3rd federal remediation deadline. Meanwhile, researcher Nightmare-Eclipse claims Microsoft suspended their GitHub account following zero-day publications and has issued a July 14th threat — a dispute that leaves downstream organizations exposed while the conflict plays out publicly. On May 25th, Google blocked what is now confirmed as the first AI-generated zero-day exploit, targeting two-factor authentication infrastructure. Automated exploit generation is no longer theoretical. Separately, three nation-state actors — North Korea's UNC2970, Iran's APT42, and China's APT31 — were documented running over 100,000 distillation-attack queries through the Google Gemini API for phishing refinement and vulnerability research. The Starlette framework's BadHost flaw (CVE-2026-48710) threatens 325 million weekly downloads across FastAPI, vLLM, and LiteLLM deployments, exposing AI agent credentials and cloud keys. On the breach front, 7-Eleven confirmed 185,000 records stolen by ShinyHunters, Beacon Mutual disclosed a January INC Ransom attack affecting 162,000 people, and the Heretic GitHub tool has stripped safety filters from over 13 million downloaded AI models. AI infrastructure is now the primary attack surface. Patch Starlette now. This episode includes AI-generated content.

TrapDoor Supply Chain Attack & Cisco's New Disclosure Model

(00:00:00) TrapDoor Supply Chain Attack & Cisco's New Disclosure Model (00:01:17) TrapDoor Supply Chain Attack (00:02:05) Version Churn Evasion Tactic (00:02:52) AI as Pressure Multiplier A live supply chain attack and a major vendor policy shift dominate today's briefing — and both trace back to the same root cause: AI is accelerating the pace of discovery and exploitation faster than traditional security workflows can absorb. The TrapDoor campaign is currently active across npm, PyPI, and Rust's Crates.io. Thirty-four malicious packages spanning three hundred and eighty-four versions are targeting developers in crypto, DeFi, and AI tooling. TrapDoor doesn't go after a single asset — it simultaneously harvests local crypto wallets, SSH keys, cloud credentials, GitHub tokens, and API keys. The operators used rapid version churn across all three package ecosystems to outpace reputation-based detection systems. Socket's detection engine flagged contamination with a median response time of five minutes and twenty-seven seconds — fast, but potentially long enough for an automated install to pull a malicious package before any alert surfaces. On the vendor side, Cisco has formally changed its vulnerability disclosure model. Lower-priority CVEs will no longer receive standalone advisories; they'll be bundled into release notes instead. Advisories are now reserved for actively exploited or high-risk findings. Cisco's VP cited AI-accelerated adversary discovery as the driver — rising CVE volume was creating patch fatigue and burying critical issues in noise. The tradeoff: security teams that built workflows around advisory counts will need to rethink how they track exposure, since the definition of 'advisory-worthy' is now Cisco's call. For security teams this week: check your dependency trees against TrapDoor's package list if your developers work in npm, PyPI, or Crates.io, and review Cisco's updated advisory criteria if you rely on their disclosures as a primary signal. This episode includes AI-generated content.

GitHub Poisoned at Scale: Megalodon, Laravel-Lang & YellowKey BitLocker

(00:00:00) GitHub Poisoned at Scale: Megalodon, Laravel-Lang & YellowKey BitLocker (00:00:46) Infostealers Confirmed as Entry Point (00:01:29) Laravel-Lang and Packagist Widen Blast Radius (00:02:27) npm Staged Publishing Goes Live (00:03:07) YellowKey BitLocker Bypass Mitigation (00:03:47) What to Watch Next In one of the most technically revealing supply chain disclosures of the year, researchers have confirmed that infostealer malware on developer machines was the direct pipeline into Megalodon — a campaign that poisoned 5,561 GitHub repositories across a single six-hour window, injecting malicious CI/CD workflows into 5,718 commits to silently exfiltrate CI secrets, cloud credentials, SSH keys, and OIDC tokens. Analysis of affected accounts found that 33% matched machines with known infostealer infections, turning a credential-theft problem into a confirmed first stage of supply chain compromise. Two days later, attackers rewrote git tags across more than 700 versions of Laravel-Lang PHP packages, injecting a cross-platform credential stealer targeting Windows, Linux, and macOS. In the same window, eight Composer packages on Packagist were compromised via postinstall hooks that fetched and executed external Linux binaries — scope still unresolved after the payload repository was taken down. GitHub responded on May 23rd with npm's new staged publishing model, requiring two-factor approval before package publication, alongside install flags to block external binary fetches. Whether enterprise adoption keeps pace with attacker adaptation is the critical open question. Also covered: Microsoft's May 20th mitigation for CVE-2026-45585, the YellowKey BitLocker bypass that allows physical-access attackers to defeat drive encryption via WinRE — and why migrating enterprises from TPM-only to TPM-plus-PIN at scale is the harder half of the fix. This is Cybersecurity Daily. A YesWee production, built using AI technology. This episode includes AI-generated content.

Extortion Without Encryption, Third-Party Breach Surge & Q-Day Risk

(00:00:00) Extortion Without Encryption, Third-Party Breach Surge & Q-Day Risk (00:00:45) Spain's Pure Extortion Alert (00:01:24) Third-Party Breach Epidemic (00:02:11) AI Poisoning Supply Chains (00:02:41) Q-Day Amplifies Stolen Data Risk (00:03:01) What Defenders Should Watch Ransomware's economic model has collapsed — and attackers have already moved on. In today's briefing, we unpack the most significant shift in threat actor behaviour in years: gangs abandoning file encryption entirely in favour of silent exfiltration and pure extortion. When only 28% of victims now pay ransoms — down from 76% in 2019 — the incentive to encrypt evaporated. What replaced it is stealthier, leaves almost no forensic artifact, and renders traditional EDR tooling blind. Kaspersky has confirmed an active pure-extortion campaign targeting Spanish enterprises right now. Infiltrate, exfiltrate, disappear, extort. No encrypted files. No ransom note dropped to disk. The signal most defenders are watching for never fires. Running parallel to that story: third-party and supply chain breaches have doubled in a single year, from 15% to 30% of material incidents. SecurityScorecard puts the broader figure at 35.5% of all breaches — up 6.5 points year over year. Vendors and supply chain partners are now a more reliable attack pathway than direct compromise, and a single weak vendor can cascade into dozens of customers simultaneously. Layered on top: adversaries are deploying machine learning against vendor logistics and manufacturing systems — model poisoning, prompt injection, adversarial inputs — at a scale and cost defenders haven't matched yet. Finally, the harvest-now, decrypt-later threat ties it all together. Data silently stolen today in extortion campaigns could be decrypted after a future quantum breakthrough, making Q-Day a compounding risk for every organisation that isn't already migrating to post-quantum cryptography. Detection priorities, SBOM mandates, zero-trust baselines, and DLP reconfiguration — all covered in today's episode. This episode includes AI-generated content.

Three Microsoft Flaws, Drupal RCE & Iran Wiper Escalation | This Week's Threats

(00:00:00) Three Microsoft Flaws, Drupal RCE & Iran Wiper Escalation | This Week's Threats (00:01:01) Exchange XSS Now Weaponized (00:01:30) Drupal PostgreSQL RCE Flaw (00:02:11) CISA KEV Legacy Flaws (00:02:44) Iran-Linked Wiper Attacks Escalate (00:03:21) ShinyHunters Telus Breach Three Microsoft vulnerabilities are under active exploitation this week, and the story is bigger than the individual CVEs. A critical remote code execution flaw in Microsoft Defender scores 8.1, flanked by two privilege escalation bugs — all three confirmed exploited in the wild. The same week, the Exchange Server cross-site scripting flaw CVE-2026-42897 was added to the CISA Known Exploited Vulnerabilities catalog with a federal remediation deadline. Three Microsoft flaws, one week. The pattern matters. On the web infrastructure front, Drupal issued an emergency patch for CVE-2026-9082, a SQL injection vulnerability in the PostgreSQL layer that requires zero authentication and already has a public proof-of-concept. Every PostgreSQL-backed Drupal installation — government portals, shared hosting, content platforms — is in scope until patched. CISA also added four legacy flaws dating back to 2008–2010 to its KEV catalog, including Internet Explorer RCE and Windows RPC vulnerabilities. Federal agencies have until June 3 to remediate. Vulnerability debt doesn't expire. On the threat actor front, the Iranian-linked Handala group claims a destructive wiper attack against medical device manufacturer Stryker, asserting 50 TB stolen and disruption across 79 countries — consistent with a U.S. intelligence warning of elevated Iranian cyber activity. Separately, ShinyHunters claimed a 1-petabyte breach of Telus Digital with a $65 million extortion demand. This episode covers all six stories with the technical context security professionals need and the accessible framing that keeps everyone else current. This episode includes AI-generated content.