Table of Contents
June 29, 2026 | Read Online
GRIDTIDE disrupted, Claude Code vulnerabilities exposed, and AI training data poisoning…
Executive Summary
Cybersecurity threats continue to evolve with malicious actors adapting to disruptions. The recent GRIDTIDE campaign disruption highlights collaborative efforts between industry partners. Meanwhile, critical vulnerabilities in Claude Code have been exposed. Additionally, AI training data poisoning has become a growing concern.
The cybersecurity ecosystem is being forced to re-examine its standards and processes as AI-driven vulnerability discovery accelerates. A new class of weak RSA keys, those with many zeros, has been discovered in the wild. Furthermore, a critical security vulnerability was found in Hoppscotch’s self-hosted backend, allowing attackers to overwrite sensitive configuration values.
Top Articles
The Bear Necessities: A Look at the Drivers, Dynamics, and Applications of the Pro-Russia Influence Ecosystem Google Threat Intelligence Group explores the pro-Russia influence ecosystem’s evolution from a tool of war back into a global strategic asset. The campaign has expedited the development of new influence assets linked to multiple covert information operations campaigns. Google Cloud Blog
Modernizing Global Vulnerability Standards For The Age Of AI As AI-driven vulnerability discovery accelerates, the cybersecurity ecosystem is being forced to examine whether standards and disclosure processes can keep pace. A private sector consultation with the White House in June highlighted the need for modernization. Rapid7 Blog
Factoring RSA Keys with Many Zeros Researchers discovered a new class of weak RSA keys, those with lots of zeros. These keys are present in the wild and can be exploited by attackers. Schneier Blog
Critical Hoppscotch Vulnerability Lets Attackers Overwrite JWT_SECRET and Forge Admin Tokens A critical security vulnerability in the self-hosted Hoppscotch backend allows unauthenticated attackers to overwrite sensitive configuration values, including the JWT signing secret. GBHackers
Splunk Secure Gateway RCE Vulnerability Lets Low-Privileged Attackers Execute Arbitrary Code A high-severity vulnerability in Splunk Secure Gateway allows low-privileged authenticated users to achieve remote code execution on affected systems. GBHackers
NAIC says public data stolen in ShinyHunters’ PeopleSoft breach The National Association of Insurance Commissioners (NAIC) confirms that the ShinyHunters extortion group stole publicly available data, outdated logs, and configuration files after breaching its systems. BleepingComputer
Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input Microsoft discovered a malicious Chrome extension that posed as the AI search engine Perplexity, logging user searches and address bar input. The Hacker News
Turla Hackers Use STOCKSTAY .NET Backdoor to Spy on Ukrainian Government and Military Targets Google Threat Intelligence Group discovered that the Russian state-sponsored threat actor Turla is using a sophisticated .NET backdoor, tracked as STOCKSTAY, for ongoing cyber espionage against Ukrainian government and military organizations. CyberPress
WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private WhatsApp announced the start of global reservations of usernames to protect user phone numbers. The optional feature allows users to connect with others through usernames, rather than sharing their phone numbers. The Hacker News
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.