AI workloads are scaling rapidly across cloud environments, giving security teams better visibility into what that means for cloud operations, development workflows, and security strategy.

On June 16 at 12:00 PM ET, Wiz Research will break down key findings from the State of AI in the Cloud 2026 report.

You’ll learn:
🔸 Where AI adoption is growing fastest
🔸 How AI changes cloud identity, data, and infrastructure risk
🔸 How attackers use AI to find and exploit misconfigurations faster

Save your spot ➝ https://thn.news/cloud-security-reshaping

🛑 One trusted Microsoft link could have been enough.

> No fake login page
> No password theft
> No second click

Researchers showed how 3 chained bugs in #Microsoft 365 Copilot Enterprise Search could let an attacker pull emails, calendar data, indexed files, and one-time codes.

See how the attack worked: https://thehackernews.com/2026/06/one-click-microsoft-365-copilot-flaw.html

🚨 One weak LiteLLM account could take over an AI gateway.

A CVSS 9.9 flaw chain lets attackers become admin, run code, steal AI keys, read prompts, and tamper with AI agent responses.

Read the full story: https://thehackernews.com/2026/06/litellm-vulnerability-chain-lets-low.html

A first-day password can become a long-term security hole.

Many onboarding passwords are sent by email or SMS, reused, or never changed.

That gives attackers an easy way into corporate systems before anyone notices.

Read the full article: https://thehackernews.com/2026/06/the-onboarding-password-mistake-that.html

⚡ Developers are being targeted where they work:

</> GitHub repos
</> VS Code projects
</> npm packages
</> Packagist
</> Crypto/Web3 lures

Researchers say North Korea-linked activity sent 250+ phishing emails to targets at nearly 100 organizations, aiming to steal credentials, wallet data, keys, and access.

Read ➝ https://thehackernews.com/2026/06/north-korean-hackers-are-turning.html

🚨 A trusted cloud feature became a spying tool.

Google says China-linked hackers breached North American research networks via REDCap, then abused Google Workspace rules to secretly BCC emails matching nearly 150 keywords.

Read: https://thehackernews.com/2026/06/chinese-hackers-abused-google-workspace.html

🚨 A shared hosting flaw just landed on CISA’s exploited list.

CVE-2026-54420 affects the LiteSpeed cPanel Plugin and can let a user with FTP or web shell access gain root on CloudLinux/CageFS servers.

Federal agencies must patch by June 18, 2026.

Read: https://thehackernews.com/2026/06/cisa-flags-litespeed-cpanel-plugin-flaw.html

⚠️ Cisco has released patches for a Catalyst SD-WAN Manager flaw now exploited in the wild.

CVE-2026-20262 lets an authenticated attacker with write access create or overwrite files on affected systems.

Cisco says exploitation is limited, but CISA added it to KEV and set a June 29 patch deadline.

Read: https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html

A fake Microsoft security alert
A ZIP attachment
A malicious shortcut inside

Researchers say North Korea-linked ScarCruft is using the lure to deploy NarwhalRAT, a Python RAT that can log keystrokes, capture screenshots, record audio, collect USB data, and use pCloud as a C2 channel.

Read ➝ https://thehackernews.com/2026/06/fake-microsoft-alerts-used-to-deploy.html

🚨 A backdoor once thought to target #Linux has now moved to Windows.

ESET found two Windows versions of SprySOCKS, linked to a China-nexus espionage group.

One version uses kernel drivers to hide files, processes, registry keys, and network connections.

Read ➝ https://thehackernews.com/2026/06/china-linked-sprysocks-backdoor-expands.html

Ungoverned agent identities act without human oversight, improperly use privileged access, and violate compliance policies, exposing organizations to real security and compliance risk.

AppViewX's new Agent Identity Security tackles it directly: discovering shadow agents, managing their lifecycle, enforcing privileged access, responding to agent-driven threats, and keeping compliance continuous.

Explore Agent Identity Security here: https://thn.news/ai-agent-security

#AIAgents #AIGovernance #AppViewX #AgentIdentitySecurity

> fake security check
> copied PowerShell command
> then the malware starts

Researchers say ClickFix attacks are now delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and #ransomware-linked payloads.

You think they’re fixing a problem... but you're running the attack.

Read the full story ➝ https://thehackernews.com/2026/06/clickfix-campaigns-expand-malware.html

A clean-looking IP can still hide a real attack.

VPNs and residential proxies now appear in nearly every security incident, according to a Spur study of 200+ security practitioners.

The problem: many teams still lack the context to know who is behind the traffic — and what to do next.

Read the full story ➝ https://thehackernews.com/2026/06/survey-94-of-incidents-involve.html

🛑 Your AI model upload could be hijacked before it even lands.

Researchers found a Google Vertex AI SDK flaw that let attackers pre-create a predictable bucket, intercept an ML model upload, and swap in a malicious model in under 2 seconds.

Read ➝ https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html

EDR bypass doesn’t always mean killing the agent.

A new technique called EDRChoker throttles EDR processes using Windows QoS policies, cutting bandwidth to 8 bits per second.

The agent may still run — but its server connection can time out, weakening telemetry and remote control.

Read more: https://thehackernews.com/2026/06/threatsday-bulletin-worm-code-leaked-ai.html#edr-telemetry-throttled

⚠️ A patched AD bug may not end the risk.

Richard Lambert of One Identity explains how CVE-2026-25177 exposes a deeper problem: overbroad AD rights, service account sprawl, and weak governance.

Patch fast. Then fix the permissions underneath.

Read the article: https://thehackernews.com/expert-insights/2026/06/why-active-directory-vulnerabilities.html

🚨 A Joomla flaw is now on CISA’s exploited bug list.

CVE-2026-48907 has a max CVSS score of 10.0 and can let attackers upload and run PHP code through JCE editor profiles.

Affected versions: 1.0.0 through 2.9.99.4
Fixed in: 2.9.99.5

Details here: https://thehackernews.com/2026/06/cisa-warns-of-actively-exploited-joomla.html

⚡ Can you trust your own AI?

Jailbreaks, prompt injection, model extraction, and poisoned data are forcing companies to rethink how they test AI systems.

The article explains why AI red teaming is becoming part of production security.

Read it here: https://awards.thehackernews.com/blog/ai-red-teaming-production-risk/

A trusted npm scope.
A hidden dependency.
A payload that runs on install.

144 Mastra npm packages were compromised after attackers abused a hijacked contributor account and added the malicious easy-day-js dependency.

Any developer machine, CI runner, or build system that installed affected versions may be exposed.

Read: https://thehackernews.com/2026/06/144-mastra-npm-packages-compromised-via.html

Most breaches do not need a zero-day.

Intruder analyzed 3,000 attack surfaces and found:

- 60% exposed HTTP panels
- 49% exposed risky ports or services
- 42% exposed databases
- 30% exposed files or information that should not be public

The real question: why were they online at all?

Read 🠖 https://thehackernews.com/2026/06/the-top-10-attack-surface-exposures-in.html

AI tools are becoming a new place to steal secrets.

Researchers found 15 malicious JetBrains plugins stealing AI provider API keys from developers.

Separately, two Chrome ad blocker extensions were found capturing AI chatbot conversations across major platforms.

Read: https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html