Last updated: July 6, 2026 at 12:53 AM UTC
All 559 Vulnerability 199 Breach 107 Threat 246 Defense 7

Trapdoor Android ad fraud: 455 apps, 24M downloads, 659M daily bid requests, selective activation via attribution tools

HUMAN Security has detailed Trapdoor, an Android ad-fraud and malvertising operation that pushed 455 apps with more than 24 million combined Play Store downloads and drove an average of 659 million daily ad-bid requests, three-quarters of them from US devices. The operators run their own ad campaigns to recruit victims, then use legitimate install-attribution tools to switch on fraud only for users who came in through those campaigns, suppressing the bad behavior for anyone who installed organically - which kept Google's reviewers and most security researchers in the dark. Google has now removed all identified apps from the Play Store.

Check
Use MDM to inventory any Trapdoor app from HUMAN's published list on managed Android devices. Look for outbound traffic to HTML5 cashout domains in your DNS logs.
Affected
Android users who downloaded Trapdoor apps after clicking attribution-tagged ads. The campaign is invisible to users who installed the same apps organically.
Fix
MDM-uninstall the named apps and block their package IDs. Restrict Android sideloading on managed devices. Review attribution-provider settings to limit click campaigns' ability to flag malicious behavior.

INTERPOL Operation Ramz disrupts MENA cybercrime: 201 arrests, 53 servers seized, 3,867 victims identified

INTERPOL says a coordinated operation called Ramz, run across 13 Middle East and North Africa countries, has produced 201 arrests, seized 53 servers, and identified 3,867 victims. Algerian authorities took down a phishing-as-a-service operation; Moroccan officials seized hard drives loaded with banking data and phishing kits; and Jordanian police uncovered 15 people running a fraudulent trading platform who turned out to be trafficking victims forced into the work. Group-IB and Team Cymru contributed intelligence on over 5,000 compromised accounts, including some tied to government systems. Participating countries included Algeria, Bahrain, Egypt, Iraq, Jordan, Lebanon, Libya, Morocco, Oman, Palestine, Qatar, Tunisia, and the UAE.

Check
Review phishing and credential-theft alerts for matches against the IP ranges in INTERPOL's advisory, especially for users with MENA business or travel ties.
Affected
Organizations with users, customers, or business operations in the 13 named MENA countries. Roughly 5,000 compromised accounts (including some tied to government infrastructure) were identified.
Fix
Force credential rotation for users matching the IoCs Group-IB shared. Coordinate with your local CSIRT for country-specific victim lists. Reinforce phishing-awareness training in MENA-facing teams.

Leaked Shai-Hulud worm source code reused in four malicious npm packages, one adds Phantom Bot DDoS

After TeamPCP dumped the Shai-Hulud worm's source code on GitHub last week with the note 'Here We Go Again - Let the Carnage Continue,' a new actor under the npm name deadcode09284814 has published four malicious packages typosquatting Axios and friends. One package, chalk-tempalte, contains an almost-unmodified copy of the leaked worm, exfiltrating GitHub tokens, cloud configs, and crypto wallet data to a remote C2 and creating a public GitHub repo titled 'A Mini Sha1-Hulud has Appeared.' Another package, axois-utils, adds a Go-based DDoS bot called Phantom Bot that floods HTTP, TCP, and UDP. OXsecurity, which discovered the campaign, counted about 2,678 combined downloads.

Check
Search package lock files and CI/CD logs for installs of chalk-tempalte, @deadcode09284814/axios-util, axois-utils, or color-style-utils. Check your GitHub accounts for any repo named 'A Mini Sha1-Hulud has Appeared.'
Affected
Any organization whose developers install Node.js packages by name from npm without lockfile pinning or pre-publish vetting, especially those typosquatting the popular axios library.
Fix
Uninstall the four packages and rotate all developer GitHub tokens, npm tokens, and cloud credentials on affected machines. Block the C2 hosts 87e0bbc636999b.lhr.life and 80.200.28.28:2222 at egress.

SHub Reaper macOS infostealer spoofs Apple, Google, and Microsoft in one chain - backdoor, wallet hijack, document theft

SentinelOne has documented a new variant of the SHub macOS infostealer family called Reaper. Victims are lured through fake WeChat and Miro installers hosted on typo-squatted Microsoft domains, then prompted to run what looks like an Apple security update. Reaper avoids macOS Tahoe's new Terminal protections by routing its commands through the applescript:// URL scheme. Once running, it steals browser credentials, crypto wallets, dev configs, iCloud data, and Telegram sessions, replaces legitimate Exodus, Ledger, and Trezor wallet apps with backdoored copies, and installs a persistent fake Google Software Update LaunchAgent that gives the attacker an ongoing remote shell. Files larger than 85MB are uploaded in 70MB chunks.

Check
Hunt macOS endpoints for LaunchAgents named com.google.keystone.agent.plist that point at unsigned scripts in ~/Library/Application Support/Google/GoogleUpdate.app/, and search proxy logs for traffic to hebsbsbzjsjshduxbs.xyz.
Affected
macOS users who can be social-engineered into running an installer or AppleScript prompt outside the App Store. Heavily targets developer, finance, and crypto-holding personas.
Fix
Remove the malicious LaunchAgent and persistence script. Rotate all credentials in the browser keychain, crypto wallets, iCloud, Telegram, and any tokens in shell history or .gitconfig. Enforce MDM blocking unsigned LaunchAgents.

Iran-linked hackers breached US gas station fuel-tank gauges - online ATG systems with no password protection

US officials believe Iranian-affiliated actors broke into internet-exposed automatic tank gauge (ATG) systems at gas stations across multiple states, then changed the displayed fuel levels without altering the actual amounts. The intrusions caused no shortages, but falsified ATG readings could theoretically hide a real fuel leak. ATGs have been a known soft target for over a decade. The activity tracks with a broader Iranian push during the war that began in late February: disruptions at US oil, gas, and water sites, shipping delays at Stryker, and the leak of FBI Director Kash Patel's emails. Attribution is preliminary because intruders left almost no forensic evidence.

Check
Inventory ATG and fuel-management endpoints. Search Shodan for your /27s on port 10001 (Veeder-Root) and similar ATG signatures. Pull access logs from internet-reachable OT controllers for unexpected reads or display changes.
Affected
US fuel retailers and distributors operating ATG systems (Veeder-Root, Franklin Electric INCON, Gilbarco) exposed to the internet with weak credentials. Same pattern applies to water utilities and other internet-facing ICS endpoints.
Fix
Remove ATG and OT management interfaces from the public internet. Put them behind VPN with MFA, segment OT from IT networks, and document manual gauging procedures for outages.

Tycoon2FA pivots to OAuth device-code phishing - lures Microsoft 365 users to legitimate microsoft.com/devicelogin

The Tycoon 2FA phishing-as-a-service kit, which Microsoft, Europol, Cloudflare and others tried to dismantle in March 2026, is back and has switched tactics. Instead of relaying credentials and MFA codes through a fake login page, operators now send victims to Microsoft's legitimate device-login page at microsoft.com/devicelogin and ask them to enter a code from the lure email. That single consent grants the attacker OAuth tokens for the victim's Exchange Online, OneDrive, and SharePoint through Microsoft's own Authentication Broker app, so it looks normal in Entra logs. eSentire spotted the late-April campaign and published IoCs, including AS45102 (Alibaba Cloud) operator infrastructure.

Check
Search Entra sign-in logs for Microsoft Authentication Broker consents (AppId 29d9ed98-a469-4536-ade2-f981bc1d605e) from unfamiliar IPs, especially AS45102 (Alibaba Cloud) with node/undici user agents.
Affected
Microsoft 365 tenants without Conditional Access policies restricting the OAuth Device Authorization Grant flow. The initial lure abuses legitimate Trustifi click-tracking URLs.
Fix
Block the Device Code Flow in Conditional Access for users who do not need it (most knowledge workers do not). Review eSentire IoCs and revoke matching sessions and refresh tokens.

openDCIM RCE chain weaponized in the wild - Chinese attacker uses AI vuln scanner Vulnhuntr to drop PHP web shells

VulnCheck says attackers are chaining three critical bugs (CVE-2026-28515, CVE-2026-28517, CVE-2026-28516) in openDCIM, an open-source data center management web app, to drop PHP web shells on exposed installs. All three rate CVSS 9.3 and cover missing authorization, OS command injection, and SQL injection. They can be combined over five HTTP requests to land a reverse shell. The activity comes from a single Chinese IP using what VulnCheck describes as a customized version of Vulnhuntr, a public AI-driven vulnerability discovery tool. The campaign is one of the first publicly documented cases of an open-source AI vuln scanner being repurposed for real-world exploitation.

Check
Identify openDCIM installs in your environment (check internal asset inventory and external attack surface). Review web server logs for /report_network_map.php access patterns since February 2026.
Affected
openDCIM versions before the February 2026 fix that addressed CVE-2026-28515, CVE-2026-28517, and CVE-2026-28516. Internet-exposed instances are at highest risk.
Fix
Upgrade openDCIM to the patched release. Remove internet exposure and put the app behind an authenticated reverse-proxy or VPN. Block the Chinese IP cluster VulnCheck has flagged.

Pwn2Own Berlin Day 3: DEVCORE wins Master of Pwn ($505K), SharePoint falls in 2-bug chain, $1.298M total

The Pwn2Own Berlin 2026 contest wrapped up Saturday at OffensiveCon, paying out $1,298,250 for 47 unique zero-days across three days. Taiwan's DEVCORE took the Master of Pwn title with 50.5 points and $505,000 in winnings. The headline Day 3 result came from DEVCORE researcher splitline, who chained two bugs into a successful exploit of Microsoft SharePoint, earning $100,000 and 10 points. SharePoint had survived a failed Rapid7 attempt on Day 2, making this a notable late-contest catch. Day 3 also saw attempts against VMware ESXi, Windows 11, Red Hat Enterprise Linux, and OpenAI Codex. All disclosed bugs now enter ZDI's 90-day disclosure window.

Check
Subscribe to the ZDI advisory feed at zerodayinitiative.com/advisories. Identify SharePoint, VMware ESXi, Windows 11, RHEL, and Codex deployments that may need urgent patches over the next 90 days.
Affected
Microsoft SharePoint, VMware ESXi, Windows 11, Red Hat Enterprise Linux, and OpenAI Codex - all targeted at Pwn2Own Berlin 2026 (47 unique zero-days disclosed May 14-16).
Fix
Apply vendor patches the moment ZDI advisories ship and fixes land. Prioritize internet-facing SharePoint and ESXi instances. Until then, restrict access to management interfaces.

Russian FSB actor Turla rebuilds Kazuar backdoor as a modular peer-to-peer botnet

Microsoft Threat Intelligence detailed how Turla, the Russian state actor attributed by CISA to the FSB's Center 16, has transformed its .NET Kazuar backdoor from a monolithic implant into a modular peer-to-peer botnet ecosystem. The new architecture splits responsibilities across three component types - Kernel, Bridge, and Worker - and uses a leader-election mechanism so only one infected host actually talks to the external C2 server, dramatically reducing observable network noise. Turla (also tracked as Secret Blizzard, Snake, Venomous Bear, Uroburos, WRAITH) has been targeting government, diplomatic, and defense organizations across Europe, Central Asia, and Ukraine since 2017; recent operations also leverage Gamaredon for initial access before deploying Kazuar v3.

Check
Hunt for .NET assemblies sideloaded as COM objects with small loader stubs, look for Kazuar Worker behaviors (Outlook data, USB metadata, network shares enumeration), and review east-west traffic for low-volume peering between internal hosts.
Affected
Government, diplomatic, defense, and defense-adjacent organizations in Europe, Central Asia, and Ukraine. Historic FSB target patterns include foreign ministries, embassies, and defense contractors; Gamaredon initial-access activity widens the candidate set across Eastern European industry.
Fix
Block known Kazuar v3 hashes and infrastructure from Microsoft's report, deploy detections for the Kernel-Bridge-Worker P2P pattern (single external talker per cluster), and tighten Outlook PST and USB-history access with EDR rules.

node-ipc npm package (822K weekly downloads) compromised via expired-domain takeover, three malicious versions published

Socket and StepSecurity confirmed three malicious node-ipc releases (9.1.6, 9.2.3, 12.0.1, with 12.0.1 tagged as 'latest') uploaded to npm on May 14, 2026 by co-maintainer account 'atiertant.' Each version carries a byte-identical 80KB obfuscated payload appended as an IIFE to node-ipc.cjs, so it fires on every require('node-ipc') without using install scripts. The malware fingerprints the host, sweeps for 100+ credential and config targets, archives them, and exfiltrates via DNS rather than HTTP. Permiso's Ian Ahl traced the likely attack chain: the maintainer's recovery domain atlantis-software[.]net expired in Jan 2025, was re-registered by an attacker on May 7, 2026, then used to reset the npm password.

Check
Scan package-lock.json and yarn.lock for node-ipc versions 9.1.6, 9.2.3, or 12.0.1 published on or after May 14, 2026; check developer machines and CI runners for outbound DNS to non-corporate resolvers since that date.
Affected
Any Node.js project or CI pipeline that ran `npm install node-ipc` on or after May 14, 2026 without a pinned safe version (9.1.5 or 12.0.0). Developer workstations and CI runners with broad credential scope face highest risk.
Fix
Pin node-ipc to 9.1.5 or 12.0.0, purge npm and yarn caches, then rotate cloud access keys, GitHub PATs, SSH keys, and any secrets that touched affected machines. Block egress to attacker DNS resolvers from build infrastructure.