![Cybersecurity News | Daily Recap [16 Jun 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [16 Jun 2026]")
Daily Recap, US regulators reported record $3.5 billion in 2025 losses from imposter scams as the FTC warned about rising victim costs, while the UK plans to ban social media access for children under 16 and other governments moved to strengthen fraud and reporting controls. CISA and vendors also warned about active exploitation of cPanel, Cisco SD-WAN/vManage, and Fortinet FortiSandbox flaws, alongside major intrusion and espionage updates including DragonForce using Microsoft Teams relays and NarwhalRAT delivery via fake Microsoft alerts. #ImposterScams #FTC #UK #cPanel #CiscoSDWAN #CiscoVmanage #FortinetFortiSandbox #DragonForce #BackdoorTurn #MicrosoftTeams #Astral #iRhythm #ShinyHunters #CalWater #Google #NarwhalRAT #LiteLLM #Copilot #SprySOCKS #OptinMonster #TrustCloud #NewCore
Scams & Policy
- US regulators said imposter scams drove a record $3.5 billion in losses in 2025 as governments also moved on child-safety and fraud controls, with the FTC warning of rising victim costs and the UK planning to ban social media access for children under 16 β FTC Scams, UK Social Ban, Maine Portal, DOJ Seizure
Exploits & Patches
- CISA and vendors warned that attackers are actively exploiting flaws in cPanel, Cisco SD-WAN/vManage, and Fortinet FortiSandbox, with new fixes issued after zero-day use in the wild β cPanel Flaw, SD-WAN Zero-Day, vManage Fix, FortiSandbox Flaws
- Researchers also flagged a SimpleHelp bug that lets attackers create rogue remote support accounts, exposing managed-service environments to takeover β SimpleHelp Bug
Ransomware & Intrusions
- The DragonForce ransomware crew hid command-and-control traffic inside Microsoft Teams relays using Backdoor.Turn, while other ransomware incidents shut down mills at Australiaβs second-largest sugar producer and disrupted business services at Russian tech firm Astral β Teams Relay Abuse, Sugar Producer Attack, Astral Disruption
- iRhythm disclosed a data breach that exposed patient information, while the Council of Europe is investigating ShinyHuntersβ breach claims and Cal Water is reviewing alleged activity by Iranian hackers β iRhythm Breach, Council Probe, Cal Water Claims, Novo Nordisk Hack
State-Backed Espionage
- Google exposed a China espionage group that had stayed hidden in networks since 2023, while another Chinese campaign abused Google Workspace rules to steal research and defense emails across North America β China Spy Group, Workspace Abuse, Research Targeting
- North Korean attackers used fake Microsoft alerts and developer tools to deliver NarwhalRAT and other malware, broadening their delivery chains β NarwhalRAT, Dev Tools Abuse
Cloud & AI Security
- New flaws in LiteLLM could let low-privilege users take over AI gateway servers, and a separate Microsoft 365 Copilot issue could have exposed emails, files, and MFA codes with a single click β LiteLLM Chain, Copilot Flaw
- Security coverage also noted that experts do not see Anthropicβs Fable 5 as a uniquely new threat, even as AI risk debates continue β Fable 5 Risk
Supply Chain & Malware
- OptinMonster was hit in a CDN supply-chain attack, and a Windows variant of SprySOCKS was used against government organizations β OptinMonster Attack, SprySOCKS Variant
Cybersecurity Business
- TrustCloud pitched a way to replace vendor questionnaires, and NewCore emerged from stealth with $66 million in funding to expand its security platform β TrustCloud, NewCore Funding