Ghostwire — Trending Cybersecurity Threats

What the cybersecurity community is reporting right now.

Vulnerability in SOPlanning software

Reported by 9 sources: CERT Poland, Securelist, Infosecurity Magazine, SIPRI via Google News, DIVD CSIRT
vulnerabilsoplansoftware

Vulnerability in BitWizard mtr software

Reported by 8 sources: CERT Poland, Zero Day Initiative, Infosecurity Magazine, SIPRI via Google News, DIVD CSIRT
vulnerabilbitwizardmtrsoftware

Turning software supply chain security into a daily habit

Reported by 8 sources: Help Net Security, Департамент Разработки, ReversingLabs, Unit42, Infosecurity Magazine
turnsoftwaresupchainsecurdaihabit

Cybercriminals Plant Malicious AI Agents in Open Source Tool Repositories

Reported by 8 sources: Habr InfoSec, Infosecurity Magazine, Dark Reading, Snyk, WeLiveSecurity BR
cicdopensource

SubscriberWrites: Securing India’s critical infrastructure in the age of cyber warfare

Reported by 7 sources: Google News · Energy Security, Politico Cyber via Google News, Microsoft MSTIC via Google News, Singapore CSA via Google News, ASD ACSC via Google News
subscriberwritsecurindiacriticinfrastructureagecybwarfare

Microsoft Patches Defender ‘RoguePlanet’ Vulnerability

Reported by 7 sources: SecurityWeek, Security Affairs, The Hacker News, Microsoft MSTIC via Google News, Cybereason
microsoftpatchdefendrogueplanetvulnerabil

Supply chain attack npm: реверс-инжиниринг двухступенчатого payload от bootstrap до C2

Reported by 7 sources: Codeby, Департамент Разработки, Infosecurity Magazine, Snyk, Axios Cyber via Google News
supchainattacknpmpayloadbootstrap

n8n security advisory (AV26-672)

Reported by 6 sources: Canadian Cyber Centre, Singapore CSA via Google News, NSA via Google News, Netherlands NCSC via Google News, New Zealand NCSC via Google News
n8nsecuradvisoryav26672

China issues 'backdoor' security alert over Anthropic's Claude Code - The Hindu

Reported by 6 sources: FreeBuf, The Hindu Cyber via Google News, Xianzhi, Infosecurity Magazine, WeLiveSecurity BR
claudecodecheckc

Palo Alto Networks security advisory (AV26-674)

Reported by 6 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, Risky Business, Italy ACN via Google News, DIVD CSIRT
paloaltonetworksecuradvisoryav26425

Tanium security advisory (AV26-673)

Reported by 6 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, Singapore CSA via Google News, NSA via Google News, New Zealand NCSC via Google News
taniumsecuradvisoryav26673

Rising Cyber Threats Fueling Growth: AI Infrastructure Security Market to Soar at 19.1% CAGR by 2030

Reported by 6 sources: Google News · AI Security, New Zealand NCSC via Google News, Saudi NCA via Google News, ASD ACSC via Google News, Huntress
riscybthreatfuelgrowthinfrastructuresecurmarket

Meeting with Security Council members - Президент России

Reported by 6 sources: Kremlin Cyber via Google News, Axios Cyber via Google News, Zero Day Initiative, Snyk, People's Daily Cyber via Google News
meetsecurcouncilmember

Endpoint Security Market to Reach USD 28.06 Billion by 2031, Fueled by Rising AI-Driven Cyber Threats | Report by MarketsandMarkets™

Reported by 6 sources: Google News · Advanced Threats, WeLiveSecurity, Check Point Research, New Zealand NCSC via Google News, Huntress
endpointsecurmarketreachusd2806billion2031

Spectra Analyze in Action: Hunting Device Code Phishing Pages

Reported by 6 sources: Xakep, ReversingLabs, Detection Engineering Weekly, Zero Day Initiative, Microsoft MSTIC via Google News
devicecodeflowmicrosoft

Multiple Vulnerabilities in BeyondTrust Products - Cyber Security Agency of Singapore

Reported by 6 sources: Singapore CSA via Google News, CISA Advisories, ASD ACSC via Google News, Huntress, NSA via Google News
multiplevulnerabilbeyondtrustproductcybsecuragencysingapore

Active Exploitation Alert: Citrix NetScaler ADC & Gateway Vulnerability (CVE-2023-4966) CitrixBleed-ing Again Under Massive Attack

Reported by 6 sources: Google News · Vulnerabilities, Dark Reading, Canadian Cyber Centre, New Zealand NCSC via Google News, BSI Germany
actexploitaalertcitrixnetscaladcgatewayvulnerabil

Vulnerabilities in R-SOFT DMS software

Reported by 6 sources: CERT Poland, Zero Day Initiative, Infosecurity Magazine, SIPRI via Google News, DIVD CSIRT
vulnerabilrsoftdmssoftware

Bad Epoll Zero-Day Vulnerability Enables Local Privilege Escalation on Linux Systems

Reported by 5 sources: Google News · Zero Days, Exploit-DB, Zero Day Initiative, Belgium CCB via Google News, Snyk
badepolzerodayvulnerabilenabllocprivilegeescala

China issues 'backdoor' security alert over Anthropic's Claude Code - The Hindu

Reported by 5 sources: Kanxue, The Hindu Cyber via Google News, Global Times Cyber via Google News, Xianzhi, WeLiveSecurity BR
claudecode

Critical infrastructure, banks must become quantum-ready to tackle future cyber threats: President, CyberPeace

Reported by 5 sources: Google News · Critical Infrastructure, New America Cyber via Google News, ASD ACSC via Google News, New Zealand NCSC via Google News, Brookings TechStream via Google News
criticinfrastructurebankmustbecomequantumreadytacklefuture

Attackers Exploit WordPress Plugin Vulnerabilities for Remote Code Execution and Webshell Access

Reported by 5 sources: GBHackers, Zero Day Initiative, Exploit-DB, Belgium CCB via Google News, DIVD CSIRT
attackerexploitwordprespluginvulnerabilremotecodeexecu

FreePBX security advisory (AV26-680)

Reported by 5 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, Singapore CSA via Google News, NSA via Google News, New Zealand NCSC via Google News
freepbxsecuradvisoryav26680

Palo Alto Networks Patches 13 Vulnerabilities

Reported by 5 sources: SecurityWeek, Canadian Cyber Centre, The Register, DIVD CSIRT, BSI Germany
paloaltonetworkpatchvulnerabil

Healthcare Cybersecurity: Risks, and Defenses

Reported by 5 sources: Google News · Cyber Attacks, Infosecurity Magazine, Huntress, ENISA EU via Google News, Brookings TechStream via Google News
healthcarecybersecurriskdefens

Google Chrome Update Patches 27 Security Vulnerabilities Including Critical Use-After-Free Flaws

Reported by 5 sources: GBHackers, Canadian Cyber Centre, Singapore CSA via Google News, KrCERT via Google News, Snyk
googlechromeupdatepatchsecurflawincludcritic

A new frontier in artificial intelligence - NCSC NZ

Reported by 5 sources: New Zealand NCSC via Google News, FBI Press, ASD ACSC via Google News, Brookings TechStream via Google News, Hudson Institute via Google News
frontiartificiintelligncsc

Claude AI Prompt Injection Attack Turns Chatbot Into Stealthy C2 Agent to Achieve Remote Code Execution

Reported by 5 sources: GBHackers, FreeBuf, Zero Day Initiative, DIVD CSIRT, Snyk
claudepromptinjecattackturnchatbotstealthyagent

Langflow security advisory (AV26-670)

Reported by 5 sources: Canadian Cyber Centre, NSA via Google News, Netherlands NCSC via Google News, New Zealand NCSC via Google News, Snyk
langflowsecuradvisoryav26670

Active Exploitation of Critical Vulnerabilities in Joomla Extensions - Cyber Security Agency of Singapore

Reported by 5 sources: Singapore CSA via Google News, Belgium CCB via Google News, ASD ACSC via Google News, NSA via Google News, German BSI via Google News
actexploitacriticvulnerabiljoomlaextensioncybsecur

npm 12 Disables Install Scripts by Default to Reduce Supply Chain Risk

Reported by 4 sources: The Hacker News, Департамент Разработки, ReversingLabs, Snyk
npmdisablinstalscriptdefaultreducesupchain

New Research Details How FBI Uncovered Alleged Scattered Spider Member

Reported by 4 sources: CyberPress, The Hacker News, Infosecurity Magazine, DOJ via Google News
researchdetailfbiuncoverallegscatterspidmemb

South Korea proposes new cyber incident reporting and security rules

Reported by 4 sources: Google News · Telecom Security, ASD ACSC via Google News, New Zealand NCSC via Google News, Singapore CSA via Google News
southkoreaproposcybincidentreportsecurrul

Quorum Cyber revamps AI security services for businesses

Reported by 4 sources: Google News · AI Security, New Zealand NCSC via Google News, RUSI via Google News, Israel INCD via Google News
quorumcybrevampsecurservicbusines

JADEPUFFER: First Fully Autonomous AI Ransomware Attack

Reported by 4 sources: Google News · Ransomware, Dark Reading, Infosecurity Magazine, The Register
jadepuffirstfulautonomransomwareattack

AI Era Brings Heightened Cyber Threats… South Korean Government Pledges Dual Focus on Security Industry and Preemptive Response

Reported by 4 sources: Google News · AI Security, ASD ACSC via Google News, New Zealand NCSC via Google News, Huntress
erabringheightencybthreatsouthkoreangovern

EverLine Appoints Cybersecurity and Critical Infrastructure Expert Jason Cradit as Chief Technology Officer and Chief Information Security Officer

Reported by 4 sources: Google News · Critical Infrastructure, ASD ACSC via Google News, Microsoft MSTIC via Google News, Singapore CSA via Google News
everlineappointcybersecurcriticinfrastructureexpertjasoncradit

Warning: Critical vulnerabilities in Ubiquiti UniFi OS, Patch Immediately! - CCB Belgium

Reported by 4 sources: Belgium CCB via Google News, The Hacker News, Infosecurity Magazine, Huntress
warncriticvulnerabilubiquitiunifipatchimmediateccb

BitWarden security advisory (AV26-683)

Reported by 4 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, NSA via Google News, Snyk
bitwardensecuradvisoryav26683

GitLab security advisory (AV26-677)

Reported by 4 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, Singapore CSA via Google News, NSA via Google News
gitlabsecuradvisoryav2667

Microsoft corrige RoguePlanet, un zero-day en Defender que permitía obtener permisos SYSTEM

Reported by 4 sources: Hispasec, Help Net Security, SecurityWeek, The Hacker News
microsoftcorrigerogueplanetzerodaydefendquepermitaobten

Vulnerabilities in GNU patch software

Reported by 4 sources: CERT Poland, Ars Technica Security, Zero Day Initiative, DIVD CSIRT
vulnerabilgnupatchsoftware

Iran's Cyber Crosshairs Focus Beyond Critical Infrastructure

Reported by 4 sources: Dark Reading, ASD ACSC via Google News, State Dept via Google News, NATO CCDCOE via Google News
irancybcrosshairfocubeyondcriticinfrastructure

Microsoft warns AI will drive larger Patch Tuesday releases as update model evolves

Reported by 4 sources: Google News · CyberNews, Google News · Zero Days, Google News · Firewall Security, The Register
microsoftwarndrlargpatchtuesdayreleasupdate

EU Court Action Targets Ireland, Spain, France Over Critical Infrastructure Cyber Law

Reported by 4 sources: Google News · Critical Infrastructure, Dark Reading, Unit42, Huntress
courtactargetirelandspainfrcriticinfrastructure

China issues 'backdoor' security alert over Anthropic's Claude Code - The Hindu

Reported by 4 sources: The Hindu Cyber via Google News, The Register, Xianzhi, Snyk
chinaissubackdosecuralertanthropicclaudecode

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Reported by 4 sources: CISA Advisories, S2W Talon, NSA via Google News, Snyk
cisaaddstwoknownexploitvulnerabilcatalog

June 2026 Dark Web Threat Actor Trend Report

Reported by 4 sources: AhnLab ASEC, Malwarebytes Labs, Huntress, Кибербезопасность и продуктовая экспертиза | Станислав Грибанов
ransomdarkwebissuweekapril2026

CSA’s 2024 Cybersecurity Public Awareness Survey Shows an Improvement in the Adoption of Cyber Hygiene Practices - Cyber Security Agency of Singapore

Reported by 4 sources: Codeby, Singapore CSA via Google News, NSA via Google News, ASD ACSC via Google News
securaware

Progress security advisory (AV26-678)

Reported by 4 sources: Canadian Cyber Centre, Netherlands NCSC via Google News, New Zealand NCSC via Google News, People's Daily Cyber via Google News
progressecuradvisoryav26678