Jun 8's Top Cyber News NOW! - Ep 1148
At a glance
Six actively exploited vulnerabilities across Microsoft, WordPress, and SolarWinds demand immediate patching attention. Supply chain attacks on GitHub repos and social engineering campaigns hitting financial services show threat actors are escalating both technical and physical access vectors. Policy shifts in Europe, AI offensive capabilities, and new security controls from OpenAI reshape the threat landscape.
Stories covered
Is the Palantir executive bid for CISA director a security concern?
What happened: Shyam Sankar, CTO at Palantir Technologies, has emerged as a lead contender for the long-vacant CISA director role, according to anonymous sources cited by The Record. The White House disputed the announcement, noting no personnel decisions have been made. CISA has lacked a Senate-confirmed director since Jen Easterly's departure in January 2025.
Why it matters: CISA oversees critical infrastructure protection, threat intelligence, election security, and federal SOC operations. Placing a 20-year surveillance and data collection company executive in charge raises concerns about mission alignment, especially given prior budget cuts and erosion of CISA's election security mandate.
What to do: Monitor leadership changes at CISA and their impact on federal threat briefings, vulnerability disclosures, and critical infrastructure guidance your organization depends on.
---
Why is the EU building its own tech stack independent of US and Chinese suppliers?
What happened: The European Commission proposed sweeping legislation—a Chips Act 2.0 and Cloud and AI Development Act—to reduce EU reliance on foreign technology providers. The EU currently depends on foreign countries for over 80% of key digital products, services, and infrastructure.
Why it matters: Supply chain decoupling is a multi-year, high-cost initiative requiring new semiconductor manufacturing, software stacks, and vendor ecosystems. Geopolitical fragmentation and tariff risk are driving this, but execution timelines are measured in years, not quarters.
What to do: Organizations with European operations should expect long transition periods and potential compatibility challenges as new EU-native alternatives mature. Plan procurement strategies around dual-sourcing where feasible.
---
Should you patch the SolarWinds Servu file transfer flaw immediately?
What happened: CISA warned Friday that attackers are actively exploiting CVE-numbered high-severity vulnerability in SolarWinds Servu 15.5.4 (and earlier) to crash servers. The flaw allows unauthenticated remote attackers to trigger denial-of-service conditions with low complexity. SolarWinds released hotfix 1 on Thursday.
Why it matters: SolarWinds was the vector for one of the top-three all-time supply chain compromises in 2020. However, this flaw's EPSS score is 7%—low exploitation probability in the next 30 days—and the impact is denial-of-service only, not code execution. Prioritize based on business dependency: if file transfer is non-critical or infrequent, patch in your next maintenance window.
What to do: Test hotfix 1 in a staging environment, confirm no breakage, schedule a patch window, communicate to users, and deploy. Do not yolo-patch into production. Assess whether your business can tolerate brief Servu downtime and sequence accordingly.
---
Why is Everest Forms Pro a critical WordPress vulnerability?
What happened: CVE-numbered unauthenticated remote code execution flaw in Everest Forms Pro (versions 1.9.12 and earlier) allows attackers to create rogue administrator accounts. WordFence telemetry shows active wild exploitation. The plugin is used for contact, registration, payment, and custom forms.
Why it matters: Unauthenticated RCE is worst-case severity; attackers gain full site control without credentials. However, EPSS score is 0.33%—extremely low exploitation probability—and requires no active scanning indicates the vulnerability is discovered but not yet weaponized at scale.
What to do: If you run Everest Forms Pro, patch immediately via WordPress admin or manual deployment. Test in staging first. Non-WordPress users can disregard.
---
How are malicious actors reinfecting Microsoft GitHub repositories across four organizations?
What happened: The Miasma worm—a self-replicating supply chain attack—compromised repositories across Azure, Azure Samples, Microsoft, and Microsoft Docs organizations by reinfecting the durable-task NPM package previously compromised by Team PCP. GitHub disabled access to affected repos. The malware detonates when developers clone repos and open them in AI coding agents, stealing secrets and tokens.
Why it matters: Supply chain attacks targeting open-source packages and developer workflows are increasingly AI-assisted. Stolen API keys, tokens, and credentials enable lateral movement and cloud credential abuse (burning AI/cloud spend or accessing sensitive systems). This is not code vulnerability exploitation—it's malware delivering normally via standard git clone workflows.
What to do: Scan your code dependencies and build pipelines for suspicious packages. Use AI-assisted code scanning tools (e.g., Cisco Talos Defense Claw) before merging. Enforce secret scanning in CI/CD. Implement token rotation and spend guardrails on cloud and AI platforms.
---
Why are six Anthropic engineers embedded with the NSA on Claude capabilities?
What happened: The New York Times reported that Anthropic has deployed six forward-deployed engineers inside the NSA to assist the agency in using Claude (specifically Mythos, Claude with guardrails removed) for offensive cyber operations against targets like China and Iran. The extent of operational involvement is unclear; engineers may be customizing the model or providing live tactical support.
Why it matters: This signals deep integration of frontier AI capabilities into US cyber operations infrastructure. Mythos—an unguarded version of Claude—significantly accelerates exploit development, code analysis, and social engineering at scale. The presence of Anthropic engineers suggests rapid iteration and model optimization for TAO (Tactical Access Operations) workflows. This reflects the arms-race reality: adversaries will use AI; defenders must too.
What to do: Assume state-sponsored threat actors have or will soon gain access to advanced LLM capabilities. Implement AI-assisted code scanning and red-team your infrastructure using the same tools attackers will. Invest in behavioral detection and anomalous code/traffic patterns rather than signature-based defenses alone.
---
What does OpenAI's new lockdown mode actually protect against?
What happened: OpenAI released "Lockdown Mode" for ChatGPT (free, Plus, Pro, and business plans) to reduce data exfiltration risk from prompt injection attacks. The mode limits outbound network requests and restricts AI agent capabilities—reducing usability in exchange for isolation.
Why it matters: Data exfiltration via prompt injection (hidden instructions in documents, emails, or web content that trick AI agents into dumping secrets to external URLs) is real and growing. However, this control trades off usability; users will disable it if it breaks legitimate workflows like email reading or web scraping on behalf of agents.
What to do: Enable lockdown mode if your use case involves highly sensitive data and agent autonomy is not required. Assess business workflows first; this is a security-vs.-usability slider. Organizations handling PII or trade secrets should pilot and test before rollout.
---
How are threat actors bypassing defenses by showing up in person as fake IT technicians?
What happened: Google Mandiant warned that UNC3753, a data theft and extortion gang, has targeted dozens of US banks, law firms, and professional services firms since January by posing as IT help desk via phone social engineering and, when remote methods fail, appearing in person at office locations. Once onsite, they attempt to steal sensitive files using USB thumb drives and exfiltrate data for extortion.
Why it matters: Physical access to endpoints or server closets is game-over for most defenses. Social engineering with in-person presence exploits human reluctance to challenge unfamiliar faces, especially if the threat actor exhibits confidence and dresses the part. This is standard ransomware pre-attack reconnaissance.
What to do: Implement and enforce badge visibility policies. Conduct monthly physical security tests where staff spot-check unfamiliar personnel and reward the first person who questions them. Normalize "see something, say something" culture via leadership endorsement. Train front-of-house and facilities staff on social engineering red flags. Require IT personnel to verify credentials via internal ticketing systems before remote access grants. Restrict USB device usage via application whitelisting or endpoint controls.
---
Key takeaways
- Patch SolarWinds Servu and Everest Forms but triage by business impact: Both are actively exploited, but EPSS and business dependency determine urgency. Denial-of-service vs. RCE, criticality vs. offline windows. Make the call based on your risk posture, not panic.
- Supply chain attacks are becoming AI-assisted and AI-operated: Miasma worm detonates via AI coding agents; Anthropic engineers are optimizing Claude for NSA offensive operations. Assume attackers have LLM access. Scan code, rotate secrets, monitor anomalies.
- Physical security awareness is now mandatory: Threat actors are walking into banks and law offices. Enforce visible ID, normalize questioning strangers, and run monthly test "pentesters" to keep staff vigilant.
- Europe is decoupling from US and Chinese tech infrastructure: Tech sovereignty will take years to implement and create compatibility friction. Plan dual-sourcing and long timelines for EU-native alternatives.
- Understand your business before you patch or defend: Know what's critical, when downtime hurts, and where data exfiltration causes real damage. This drives prioritization and prevents costly mistakes (see: fired engineer who patched VPN on tax day).
---
Topics covered
solarwinds, cve, everest forms, wordpress, miasma worm, supply chain attacks, github, anthropic, claude, mythos, nsa, openai, chatgpt, lockdown mode, ransomware, physical security, social engineering, cisa, palantir, european union, tech sovereignty, epss scoring, cloud credential abuse, prompt injection, data exfiltration
Want the live experience? The Daily Cyber Threat Brief airs live every weekday at 5am PT / 8am ET on YouTube. 400+ practitioners join the chat in real time.