Today’s roundup
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
Maine disables data breach notification portal after fake disclosures
phpBB forum fixes auth bypass bug lurking for a decade
Ukrainian national pleads guilty to role in Conti ransomware operation
Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14
Summary
The U.S. government has ordered Anthropic to suspend access to its advanced AI models, Fable 5 and Mythos 5, for all foreign nationals, citing national security concerns. Anthropic has complied, leading to the abrupt disabling of both models worldwide. The company, however, disputes the broad basis for the order, characterizing the cited jailbreak as narrow and the capability as widely available.
The State of Maine has taken its public data breach reporting portal offline following the publication of fraudulent breach disclosures on the state's website. This action prompts a review of procedures to prevent future abuse of the system.
A critical authentication bypass vulnerability, present for 10 years in the phpBB forum software, has been patched. This flaw allowed unauthenticated attackers to log in as any user, including administrators, posing a significant risk to affected forums.
A Ukrainian national, previously extradited from Ireland to the United States, has pleaded guilty to conspiracy charges related to his involvement in the Conti ransomware operation. This represents a continued effort by law enforcement to pursue individuals associated with major cybercrime syndicates.
Attackers compromised over 400 packages within the Arch User Repository (AUR), rewriting their build scripts to deploy a credential stealer and an eBPF rootkit on systems building these packages. The Rust-based malware targets developer secrets and, with root access, employs an eBPF rootkit for stealth.
Google has initiated legal action against a Chinese cybercrime network, alleging it used the Gemini artificial intelligence agent to generate and send phishing text messages targeting individuals in the United States. The network is also accused of developing and managing a phishing-as-a-service (PhaaS) kit known as Outsider.
A China-nexus threat group, tracked as Velvet Ant by Sygnia, successfully backdoored critical Linux login components, including PAM and OpenSSH, remaining hidden for nearly a decade. This allowed them persistent access by manipulating authentication systems to bypass detection.
The U.S. CISA has added CVE-2026-35273, a critical remote code execution zero-day vulnerability (CVSS 9.8) in Oracle PeopleSoft Enterprise PeopleTools, to its Known Exploited Vulnerabilities catalog. The ShinyHunters group actively exploited this flaw from May 27 to June 9, 2026, primarily targeting universities and colleges in the United States, leading to significant data theft. Federal agencies are mandated to patch by June 15, 2026.
A joint operation by the FBI, Europol, and other international agencies has successfully seized the domain of AudiA6, a dark web platform used for ransomware payment cryptocurrency laundering, and arrested multiple suspects. This action disrupts a key financial conduit for cybercriminal operations.
CISA has added CVE-2026-10520, a maximum-severity (CVSS 10.0) OS command injection vulnerability in Ivanti Sentry, to its Known Exploited Vulnerabilities catalog. This flaw, allowing unauthenticated remote code execution with root privileges, has been actively exploited shortly after security updates were released, prompting a CISA mandate for federal agencies to patch by June 14, 2026.
Want to dig deeper?
Vulnerabilities
Cyber Groups