June 3 Digest: AI Ransomware, Netlogon RCE, Miasma Supply Chain

This Week in Cybersecurity

Issue 22 opens on a week that has put every tier of the defensive stack under simultaneous pressure — active exploitation of a Windows domain controller flaw, a third escalation in the npm supply chain worm campaign, a confirmed AI-generated ransomware toolkit, and one of the largest botnet seizures of 2026.

The most operationally urgent story is the critical Windows Netlogon RCE now confirmed exploited in the wild. Belgium's Centre for Cybersecurity (CCB) issued a national-level warning on June 1: threat actors are actively targeting unpatched domain controllers via unauthenticated remote code execution. The Netlogon protocol underpins every Windows domain authentication handshake, and a compromised domain controller hands attackers SYSTEM privileges across the entire Active Directory forest. A patch is available through Windows Update. There is no justification for remaining unpatched on this one.

Simultaneously, the Mini Shai-Hulud supply chain worm campaign entered its third major iteration with Miasma, this time targeting Red Hat's @redhat-cloud-services npm namespace. The progression is telling: April hit SAP, May hit TanStack and the broader React ecosystem, and now June has landed on enterprise cloud infrastructure toolchains used in OpenShift and Hybrid Cloud Console pipelines. Each wave broadens the blast radius. Any developer who ran npm install against affected packages during the attack window should treat their developer machine and CI/CD secrets as compromised.

The week's most alarming trend story is the disclosure of an AI-generated ransomware toolkit that automates both Active Directory discovery and EDR evasion. The code structure — clean, modular, contextually commented, with consistent naming conventions across modules — bears hallmarks consistent with AI generation rather than hand-written malware. The implication is structural: the skill floor for building functional, evasion-capable ransomware tooling has collapsed. Behavioral detection and privileged account protection are the defensive investments that remain relevant against AI-generated attack tooling.

On the enforcement side, Dutch police dismantled a 17-million-device botnet used to power a residential proxy network. The seized C&C infrastructure likely contains valuable forensic material for follow-on criminal investigations targeting the cybercriminals who paid for proxy access.

Top Stories

AI-Built Ransomware Toolkit Automates EDR Evasion and AD Discovery

Security researchers have documented the first confirmed ransomware attack toolkit substantially generated by artificial intelligence. The toolkit performs two functions that previously required expert-level Windows internals knowledge: automated Active Directory enumeration (domain controller discovery, privileged account mapping, backup server identification) and EDR evasion (detecting the installed security stack and applying vendor-targeted obfuscation and process injection techniques).

The AI-generated origin is evident in the code: clean modular structure, consistent variable naming, contextual in-line comments explaining each function's purpose, and version markers consistent with prompt-based refinement cycles. Traditional hand-written malware reads differently — this reads like AI output.

The operational impact is significant. Development timelines for this class of attack tool compress from weeks or months to hours. The skill threshold drops from expert Windows/kernel programmer to someone who can engineer effective prompts. When a detection signature blocks one variant, the threat actor can re-prompt to generate a new binary with non-repeating byte patterns — compressing the defender's response window.

Defensive posture must shift toward behavioral detection: AD enumeration patterns, process injection anomalies, and lateral movement telemetry are the signals that survive AI-generated variant churn where static signatures do not. Tiered administration, just-in-time privileged access, and honeypot AD accounts remain the highest-value structural controls.

Full story →

Critical Windows Netlogon RCE Flaw Now Exploited in Attacks

Belgium's Centre for Cybersecurity (CCB) issued an urgent national warning on June 1: a critical unauthenticated remote code execution vulnerability in the Windows Netlogon Remote Protocol (MS-NRPC) is being actively exploited against domain controllers. The flaw requires no credentials — a network-adjacent attacker sends specially crafted Netlogon requests and obtains SYSTEM-level code execution on the target DC.

The historical parallel is significant. The Zerologon vulnerability (CVE-2020-1472) targeted the same Netlogon protocol and enabled mass domain compromise before patches were widely applied. This flaw follows the same attack surface with equally severe consequences: a compromised domain controller provides administrative access to every user, computer, and service in the Active Directory domain.

A patch is available and has been for some time. Every unpatched domain controller is an active organizational risk. Immediate actions: apply the Windows Update patch to all DCs within 24 hours, restrict Netlogon RPC port access to trusted subnets as an interim control, and audit DC event logs for anomalous authentication events (Event IDs 4776, 4624) and unexpected service installations. Perimeter firewalls should block port 445/TCP from untrusted network segments to DCs where not already enforced.

Full story →

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

The Miasma campaign — the third named instance of the Mini Shai-Hulud supply chain worm methodology in 2026 — has compromised packages in Red Hat's @redhat-cloud-services npm namespace. The worm targets developer machines and CI/CD pipelines via a malicious postinstall hook that silently exfiltrates AWS credentials, GitHub tokens, Kubernetes service account tokens, and .env file contents to attacker-controlled infrastructure.

The campaign's self-propagating mechanic extends the blast radius beyond direct Red Hat package consumers: stolen maintainer tokens are used to inject the worm into additional packages across the npm registry, creating downstream exposure for developers who have no direct relationship with Red Hat tooling.

The Mini Shai-Hulud progression — SAP in April, TanStack/React in May, Red Hat cloud infrastructure in June — demonstrates deliberate escalation toward higher-value enterprise supply chain targets. The May release of the original worm's source code has further democratized the attack methodology.

If your team uses @redhat-cloud-services packages: audit package-lock.json for affected versions, check npm install logs for suspicious postinstall scripts, and rotate all secrets accessible from any machine that ran npm install during the attack window. Treat any exposed CI/CD pipeline credential as compromised until confirmed clean.

Full story →

Android June 2026 Update Patches Exploited Zero-Day and 123 Other Vulnerabilities

Google's June 2026 Android Security Bulletin addresses 124 vulnerabilities, including CVE-2025-48595 — confirmed exploited in limited, targeted attacks in the wild. Google's language ("limited, targeted attacks") is consistent with mercenary spyware or nation-state tooling targeting specific individuals, not broad opportunistic exploitation.

The remaining 123 vulnerabilities span the Android framework, system components, Bluetooth and Wi-Fi stacks, the Linux kernel, and vendor-specific drivers from Qualcomm, MediaTek, and ARM. Multiple critical and high-severity remote code execution flaws are included across these categories.

High-value target users — journalists, activists, government personnel, corporate executives — should treat this update as urgent. Exploitation of CVE-2025-48595 details have been withheld to limit mass exploitation before patch adoption. Enterprise Android fleet administrators should verify the June 2026 patch level (2026-06-01 or 2026-06-05) across managed devices via MDM/EMM and push mandatory updates with a 24–48 hour compliance window for high-risk users. Enable automatic security updates on all Android devices where supported.

Full story →

Dutch Police Dismantle Massive 17-Million-Device Botnet

Dutch law enforcement seized command-and-control servers for a botnet comprising approximately 17 million infected devices — computers, smartphones, and tablets — used to operate a residential proxy network. The network funneled criminal traffic through legitimate-appearing consumer IP addresses, making IP reputation-based blocking ineffective against clients who paid for proxy access.

The criminal use cases for residential proxy infrastructure at this scale include credential stuffing, ad fraud, scalping, web scraping, phishing delivery, and ransomware payload staging — all bypassing IP blocklists by routing through ISP-assigned residential addresses.

With C&C infrastructure seized, the botnet's 17 million devices can no longer receive commands or route traffic — but the underlying malware may persist on affected devices. The seized servers likely contain logs of criminal clients, payment records, and technical intelligence supporting follow-on investigations. Device owners who suspect infection should run updated antivirus scans, audit installed applications (especially on Android), review browser extensions, and monitor for unexpected outbound network connections.

Full story →

Security Corner

10 CVEs are newly published to the Security Advisories section this week. Key advisories to prioritize:

CVE-2026-8206 — Kirki WordPress Plugin Critical Privilege Escalation via Account Takeover (CVSS 9.8) The Kirki – Freeform Page Builder plugin (versions 6.0.0–6.0.6) accepts an attacker-supplied email address during password reset without validating it matches the target account. An unauthenticated attacker supplies a valid username (e.g., admin) and their own email address, receives the reset token, and gains full administrator access. No credentials are required beyond knowledge of a valid username — admin enumeration is trivial on most WordPress installations. Disable or update Kirki immediately; audit all administrator accounts and rotate credentials. Full advisory →

CVE-2026-8293 — Really Simple Security WordPress Plugin 2FA Bypass (CVSS 7.5) The Really Simple Security plugin (versions prior to 9.5.10.1) fails to enforce the second-factor OTP challenge on two REST API authentication endpoints. An attacker with a valid username and password — obtained via phishing, credential stuffing, or leaked databases — can authenticate directly through the unguarded REST API and obtain a full WordPress session without triggering or completing the 2FA email OTP challenge. Sites deploying 2FA via this plugin as a primary defense against credential theft are silently unprotected. Update to 9.5.10.1 immediately and verify the OTP challenge is enforced post-update. Full advisory →

Also published this week:

• CVE-2018-25427 → Advisory →
• CVE-2026-10263 → Advisory →
• CVE-2026-27788 → Advisory →
• CVE-2026-10236 → Advisory →
• CVE-2026-48188 → Advisory →
• CVE-2024-21182 — Oracle WebLogic Server → Advisory →
• CVE-2026-49489 → Advisory →
• CVE-2026-10185 → Advisory →

Quick Takes

• Dashlane Brute-Force Attack: Fewer Than 20 Encrypted Vaults Downloaded: Dashlane disclosed a brute-force attack that resulted in the download of encrypted vaults belonging to fewer than 20 users. Dashlane's architecture uses strong per-user encryption derived from the master password, so downloaded vaults are not immediately accessible to attackers — but offline cracking against weak master passwords is a real risk. Affected users should change their master password and enable 2FA immediately. Read more →

• SideCopy Targets Afghanistan Finance Ministry with Xeno RAT: Pakistan-linked threat actor SideCopy has directed targeted intrusion campaigns at Afghanistan's Finance Ministry, deploying the Xeno RAT remote access trojan. SideCopy consistently targets South Asian government and military entities using themed lures aligned with regional events. The Xeno RAT payload provides full remote access including keylogging, screen capture, and file exfiltration. Government entities in the region should review perimeter exposure and email filtering for SideCopy TTPs. Read more →

• China-Aligned Dragon Weave Hits Czech Republic and Taiwan: A China-aligned threat cluster tracked as Dragon Weave has executed fresh intrusion campaigns targeting government and critical infrastructure entities in the Czech Republic and Taiwan. The campaign follows the established PRC-nexus pattern of targeting geopolitically significant nations alongside standard espionage objectives. Affected organizations in targeted sectors should review threat intelligence for Dragon Weave TTPs and audit internet-facing infrastructure for indicators of compromise. Read more →

• Microsoft Reverses Course on Zero-Day Legal Threats: Following significant backlash from the security research community, Microsoft announced it will not pursue legal action against security researchers for responsible disclosure of zero-day vulnerabilities. The reversal came after Microsoft's initial zero-day legal threat language generated broad criticism. The research community's access to Microsoft platforms is essential for vulnerability discovery; formal policy clarification is expected to follow. Read more →

• Hackers Used Meta's AI Support Bot to Seize Instagram Accounts: Threat actors exploited Meta's AI-powered customer support chatbot to conduct social engineering attacks that resulted in Instagram account takeovers. The attack leveraged the chatbot's account recovery flows to redirect authentication to attacker-controlled email addresses — a pattern similar to the Kirki WordPress flaw disclosed this week. AI-mediated customer support creates new social engineering surfaces that require the same abuse-resistance testing as human support workflows. Read more →

• OpenAI Codex Authentication Tokens Stolen in Supply Chain Attack: Authentication tokens for OpenAI Codex were stolen via a supply chain compromise affecting the codexui npm package and an Android app. The campaign follows the Mini Shai-Hulud methodology — compromising developer tooling to harvest credentials at the source. Developers using Codex integrations should audit their node_modules for the affected package versions and rotate any Codex API tokens accessible from development environments. Read more →

• Critical HP VoIP Phone RCE Enables Enterprise Network Pivoting: A critical stack-based buffer overflow in HP OfficeConnect VoIP phones allows unauthenticated remote code execution via crafted SIP or HTTP management requests. Compromised phones can serve as pivot points into enterprise network segments, particularly in flat or poorly segmented networks. VoIP infrastructure is frequently excluded from standard patch management cycles — enterprise security teams should apply HP firmware updates, disable unused web management interfaces, and enforce VLAN segmentation that restricts voice devices from accessing workstation and server segments. Read more →

Upcoming

• Netlogon Exploitation Escalation Watch: Active exploitation of the Windows Netlogon RCE has been confirmed as of June 1. The pattern with critical DC-targeting flaws is consistent: initial targeted exploitation by sophisticated actors is followed by opportunistic adoption as proof-of-concept code circulates. CISA's Known Exploited Vulnerabilities catalog inclusion is the next indicator to watch. Organizations that have not applied the patch should treat any unpatched DC as an active incident risk and move immediately, not on their next maintenance cycle.

• Miasma / Mini Shai-Hulud Fourth Wave: The Mini Shai-Hulud campaign has demonstrated a consistent monthly cadence in 2026: April (SAP), May (TanStack/React), June (Red Hat). The source code release in May means new actors can adapt the methodology independently. The July window should be assumed to bring a fourth campaign. DevSecOps teams should establish dependency pinning, postinstall script auditing, and CI/CD secret rotation as standing practices before the next wave rather than reactive measures after it.

• Android Enterprise Patch Compliance Window: With CVE-2025-48595 confirmed exploited, enterprise MDM administrators have a 24–48 hour window to enforce patch compliance before broader exploitation becomes feasible. Organizations using Intune, Jamf, VMware Workspace ONE, or SOTI should confirm June 2026 patch level compliance dashboards are live and non-compliant devices are being tracked for escalation.

• Microsoft Zero-Day Researcher Policy — Formal Update: Microsoft's reversal on zero-day legal threats was a public statement, not a documented policy change. The security research community is awaiting formal policy language governing disclosure safe harbors, coordinated disclosure timelines, and researcher protections. Watch Microsoft's Security Response Center blog for the formal policy publication — it will shape how researchers approach future Microsoft vulnerability disclosure.

• Dashlane Incident — Offline Cracking Risk Timeline: The window for offline brute-force attacks against downloaded Dashlane vaults is open. Password manager vault encryption is designed to be computationally expensive to crack, but weak master passwords remain viable targets for dedicated hardware. Affected Dashlane users who have not yet rotated their master password and enabled 2FA are in a diminishing time window.

By the Numbers

CosmicBytez Labs — IT & Cybersecurity Intelligence Hub

Unsubscribe · Privacy Policy · View in browser