Self-replicating Miasma worm hits 73 Microsoft GitHub repositories in supply chain attack
The Miasma worm has reached Microsoft’s own GitHub repositories, forcing GitHub to disable 73 repos across Azure, Azure-Samples, Microsoft, and MicrosoftDocs after the worm planted malicious code designed to harvest developer credentials. The attack exploited previously compromised contributor credentials — the same account that was used in a May attack on a PyPI package — and deployed a payload wired to detonate automatically when developers open affected repositories in AI coding agents like Claude Code, Gemini CLI, Cursor, or VS Code. Once triggered, the worm steals tokens for AWS, Azure, GCP, Kubernetes, npm, and GitHub, then uses those credentials to commit itself into any repo the victim can write to. GitHub contained the sweep in 105 seconds, but the scope of downstream impact remains unclear, and the campaign marks a troubling evolution in supply chain malware explicitly designed for the era of AI-assisted development.
New Veeam vulnerability exposes backup servers to RCE attacks
Veeam has released an emergency patch for CVE-2026-44963, a critical (CVSS 9.4) vulnerability in Backup & Replication that allows any authenticated domain user to achieve remote code execution on a domain-joined backup server. The flaw, reported by WatchTowr researcher Sina Kheirkhah, affects all version 12 builds up to 12.3.2.4465 and is fixed in version 12.3.2.4854, released June 9. While no active exploitation has been confirmed yet, Veeam warns that attackers typically begin reverse-engineering patches immediately after disclosure — a well-founded concern given that ransomware groups including Akira, Fog, Frag, FIN7, and Cuba have exploited previous Veeam flaws to steal data, move laterally, and delete backups across hundreds of thousands of enterprise customers worldwide.
Microsoft June 2026 Patch Tuesday fixes 206 flaws and 3 zero-days
Microsoft’s June 2026 Patch Tuesday is one of the largest updates in recent memory, resolving 206 vulnerabilities including 33 critical flaws and three zero-days whose technical details were publicly disclosed before fixes were ready. The zero-days include CVE-2026-49160, an HTTP.sys denial-of-service flaw allowing unauthenticated remote server crashes; CVE-2026-45586, a privilege escalation in the Windows CTFMON service enabling SYSTEM-level access from a low-privilege foothold; and CVE-2026-50507, a BitLocker bypass exploitable by a physical attacker. Highlights among the critical patches include a CVSS 9.8 use-after-free in the Windows kernel affecting x64 and ARM64 devices, a stack-based buffer overflow in Active Directory domain controllers, and a deserialization flaw in healthcare dictation tools like PowerScribe 360. Security teams are advised to prioritize patching internet-facing servers and identity infrastructure first.
Autonomous AI-driven worm can reason its way through corporate networks
Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have published a proof-of-concept AI-driven worm that reasons its way through networks rather than operating from a fixed exploit list, using a small open-weight LLM running entirely on hardware it has already compromised. Across 15 independent runs on an isolated 33-host test network spanning Linux, Windows, and IoT devices, the worm correctly identified an average of 31.3 vulnerabilities, achieved elevated access on 23.1 hosts, and propagated to 20.4 hosts — and even exploited vulnerabilities disclosed after the model’s training cutoff by reading public security advisories at runtime. Critically, it runs without any commercial AI platform, hijacks GPU-equipped hosts to power its reasoning, and bypasses safety guardrails on open-weight models by fully controlling the local execution environment. The researchers withheld the model name and agent architecture from the public paper and disclosed findings to Canadian security and defense authorities before release.
Silent Ransom Group hits US law firms in escalating extortion attacks
Google’s Mandiant division has attributed an escalating wave of data-theft extortion attacks against US legal, financial, and professional services firms to UNC3753, the threat cluster behind the Silent Ransom Group. Between January and May 2026, the group used invoice-themed phishing emails as pretexts for follow-up vishing calls in which attackers impersonate IT support, coax targets into screen-sharing sessions, and install remote management tools — sometimes compressing the entire timeline from initial contact to data exfiltration and ransom demand to under an hour. In some cases, operatives escalated by physically visiting victim offices posing as IT staff and inserting USB devices to steal data directly from endpoints. Law firms are particularly targeted for their stores of sensitive client information, and Mandiant observed the group threatening to notify employees, partners, customers, and journalists unless a ransom is paid within three days.
