IAM & Security Weekly Briefing

Week of: 2026-06-07 to 2026-06-13

---

1. Executive Summary (TL;DR)

• Chinese state hackers (Velvet Ant) backdoored Linux PAM/OpenSSH authentication stack, maintaining undetected access for nearly a decade in an isolated network.
• Microsoft released a record 206 patches on Patch Tuesday, including three zero-days and 39 critical flaws — exploit code for at least three bugs is already public.
• CISA issued Binding Operational Directive 26-04, giving federal agencies three days to patch the most dangerous flaws, starting with an actively exploited Ivanti Sentry vulnerability.
• The ShinyHunters extortion group exploited an Oracle PeopleSoft zero-day (CVE-2026-35273) to breach universities, with Oracle's advisory arriving after attacks began.
• Over 400 Arch Linux AUR packages were hijacked to deploy credential-stealing malware and an eBPF rootkit, targeting developer secrets and access tokens.
• Researchers demonstrated "Agentjacking" and other attacks that trick AI coding agents into running malicious code or leaking secrets through ordinary-looking inputs.
• The Gentlemen ransomware group emerged as the second most active ransomware operation, claiming 478 victims and capable of worm-like self-propagation.
• INTERPOL's Operation Ramz disrupted the decade-old Sniper Dz phishing-as-a-service platform, arresting 201 individuals across 13 countries.

---

2. Top IAM & Security News

Chinese Hackers Backdoored Linux Login System (PAM/OpenSSH) to Spy for Nearly a Decade

• Source: BleepingComputer
• Link: BleepingComputer
• Date: 2026-06-13
• What happened: A China-nexus group tracked as Velvet Ant compromised the PAM and OpenSSH authentication components on a target's isolated network, planting persistent backdoor access that went undetected for close to 10 years.
• Why it matters: This attack directly subverts the core identity verification layer — PAM and OpenSSH — meaning even "clean" systems could have compromised authentication, making this a critical lesson for Zero Trust and privileged access monitoring.

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-10
• What happened: Microsoft's June Patch Tuesday addressed 206 CVEs (39 critical, 167 important), including 63 privilege escalation flaws, 56 RCE bugs, and three publicly disclosed zero-days.
• Why it matters: The record volume — driven partly by AI-accelerated vulnerability discovery — demands that IAM teams prioritize patching identity-related privilege escalation flaws and ensure MFA is enforced for all administrative accounts.

CISA Orders Federal Agencies to Patch Actively Exploited Ivanti Flaw Within Three Days

• Source: BleepingComputer
• Link: BleepingComputer
• Date: 2026-06-12
• What happened: CISA issued BOD 26-04, requiring federal agencies to patch a critical Ivanti Sentry vulnerability (CVE-2026-50751, CVSS 9.3) within three days, after attackers exploited it within 24 hours of disclosure.
• Why it matters: This is the first directive under CISA's new accelerated patching framework for the AI threat era, signaling that identity and access infrastructure (VPNs, gateways) will face faster exploitation timelines.

ShinyHunters Exploits Oracle PeopleSoft Zero-Day to Breach Universities

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-11
• What happened: The ShinyHunters extortion group exploited an unpatched Oracle PeopleSoft flaw (CVE-2026-35273) to steal data from university enterprise systems, with Oracle's advisory published after attacks began.
• Why it matters: ERP and HR systems are identity-rich environments; a zero-day in PeopleSoft can expose employee/student credentials, PII, and privileged access paths — organizations using Oracle PeopleSoft should apply patches immediately.

Over 400 Arch Linux AUR Packages Hijacked to Deploy Credential Stealer and Rootkit

• Source: BleepingComputer
• Link: BleepingComputer
• Date: 2026-06-12
• What happened: Attackers compromised 400+ packages in the Arch User Repository, rewriting build scripts to install a Rust-based credential stealer targeting developer secrets, with an eBPF rootkit for persistence when run with root privileges.
• Why it matters: This supply-chain attack directly targets credentials, API tokens, and SSH keys — the lifeblood of IAM — and demonstrates how package repositories can be weaponized against development and DevOps teams.

Check Point VPN Critical Flaw Exploited Since Early May — Qilin Ransomware Affiliate Implicated

• Source: Dark Reading
• Link: Dark Reading
• Date: 2026-06-08
• What happened: A critical vulnerability (CVE-2026-50751, CVSS 9.3) in Check Point Remote Access VPN and Mobile Access using deprecated IKEv1 protocol was exploited in the wild since early May, with a Qilin ransomware affiliate blamed for at least one incident.
• Why it matters: VPNs are the perimeter for remote identity access; this flaw allows unauthenticated attackers to bypass user authentication entirely, making it imperative to disable IKEv1 and patch immediately.

phpBB Forum Fixes 10-Year-Old Authentication Bypass Bug

• Source: BleepingComputer
• Link: BleepingComputer
• Date: 2026-06-12
• What happened: A decade-old authentication bypass vulnerability in phpBB forum software was patched, allowing attackers to log in as any user, including administrators.
• Why it matters: This highlights the risk of long-dormant auth bypass flaws in widely deployed software — organizations running phpBB should update immediately and audit for any signs of unauthorized admin access.

---

3. AI, Identity & Emerging Tech

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-12
• What happened: Researchers at Tenet Security demonstrated "Agentjacking," a new attack class that tricks AI coding agents into executing arbitrary code on developer machines via fake error reports crafted using Sentry.
• Why it matters: As AI coding agents gain access to code repositories, CI/CD pipelines, and cloud credentials, this attack vector directly threatens the identity and access tokens these agents hold — organizations must apply least-privilege to AI agent identities.

New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-11
• What happened: Two security teams (Imperva and Varonis) independently demonstrated that OpenClaw AI agents can be driven to execute attacker-controlled code or leak sensitive data through ordinary-looking inputs like shared contacts and vCards.
• Why it matters: AI agents are increasingly treated as privileged identities with access to sensitive data and systems — these findings show that input validation and agent identity isolation are critical controls that are currently immature.

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-12
• What happened: Researchers disclosed three patched vulnerabilities in LangGraph, including a critical SQL injection chain that could lead to RCE in self-hosted multi-agent AI applications.
• Why it matters: Organizations building agentic AI workflows on LangGraph must treat these frameworks as identity-bearing infrastructure — a compromise can lead to lateral movement via the agent's access tokens and credentials.

Researchers Build Self-Replicating AI Worm Operating Entirely on Local Open-Weight Models

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-09
• What happened: University of Toronto researchers created a proof-of-concept AI worm that uses a local open-weight LLM to autonomously reason through networks, generate tailored attack strategies, and replicate — all without human intervention or commercial AI services.
• Why it matters: This demonstrates that AI-powered worms can autonomously compromise identity stores, steal credentials, and propagate — the era of AI-driven identity attacks is no longer theoretical.

Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-12
• What happened: Google filed a lawsuit against a Chinese cybercrime network accused of using its Gemini AI agent to generate phishing text messages targeting Americans, as part of a PhaaS platform called Outsider.
• Why it matters: Attackers are weaponizing commercial AI to scale phishing attacks — this directly impacts MFA bypass risk and credential theft, requiring organizations to deploy AI-aware phishing detection and phishing-resistant MFA.

US Gov Orders Anthropic to Ban Foreign National Access to Fable 5 and Mythos 5

• Source: BleepingComputer
• Link: BleepingComputer
• Date: 2026-06-13
• What happened: The US government ordered Anthropic to block foreign nationals from accessing its most advanced AI models (Fable 5 and Mythos 5), forcing the company to suspend both models worldwide.
• Why it matters: This unprecedented identity-based access control on AI models signals that AI capabilities are now treated as national security assets — IAM teams should watch for similar access restrictions on AI/ML platforms in regulated industries.

---

4. Cyber Threats & Attack Trends

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm

• Source: The Hacker News
• Link: The Hacker News
• Date: 2026-06-11
• What happened: The Gentlemen ransomware group has become the second most active ransomware operation, claiming 478 victims, with worm-like self-propagation capabilities and an aggressive affiliate model offering 90% ransom share.
• Why it matters: Worm-capable ransomware directly threatens identity infrastructure — lateral movement via compromised credentials is a primary vector; organizations must enforce strict network segmentation and privileged access controls.

Silent Ransom Group Hits US Law Firms Using Vishing, IT Impersonation, and In-Person Intrusions

• Source: Dark Reading
• Link: Dark Reading
• Date: 2026-06-08
• What happened: A financially motivated group called Silent Ransom is combining vishing, IT impersonation, and physical office intrusions to steal data and extort victims, targeting US law firms.
• Why it matters: This multi-modal attack chain targets human identity — social engineering to obtain credentials, then physical access to bypass technical controls — requiring IAM teams to strengthen identity verification for helpdesk and physical access.

Phishing Attack Volume Down 20%, But Risk Still Rising

• Source: Dark Reading
• Link: Dark Reading
• Date: 2026-06-12
• What happened: Researchers report phishing volume dropped 20%, but attackers are using AI to upgrade attack quality rather than quantity, making each phishing attempt more convincing and harder to detect.
• Why it matters: Quality-over-quantity phishing means traditional volume-based detection is less effective — organizations must invest in AI-powered phishing detection and phishing-resistant MFA (FIDO2/passkeys) to counter sophisticated credential theft.

WinRAR Flaw Expl