![Cybersecurity News | Daily Recap [19 Jun 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [19 Jun 2026]")
Daily Recap, Security teams are being urged to treat every AI agent as a distinct identity and to keep pace with fast-moving threat patterns, including AI-generated deepfakes scrutiny and related harassment charges involving AI-made nude images. On the vulnerability and incident front, CISA warned of an actively exploited Splunk Enterprise flaw, enforcement disrupted the SocGholish botnet by cleaning nearly 15,000 WordPress sites tied to Evil Corp, and Fortinet users were advised to secure devices after the FortiBleed leak.
#AI #AI agent #No FAKES Act #Deepfakes #Splunk Enterprise #CISA #NGINX #REDCap #Recycle Bin #SocGholish #Evil Corp #WordPress #Gentlemen #CryptoBandits #NastyC2 #Claude #NIM #FortiBleed #Fortinet #WideField Security #Splunk #Nintendo #WebMD #Microsoft 365 #MFA #M365 Backup
#AI #AI agent #No FAKES Act #Deepfakes #Splunk Enterprise #CISA #NGINX #REDCap #Recycle Bin #SocGholish #Evil Corp #WordPress #Gentlemen #CryptoBandits #NastyC2 #Claude #NIM #FortiBleed #Fortinet #WideField Security #Splunk #Nintendo #WebMD #Microsoft 365 #MFA #M365 Backup
AI & Identity
- Security teams are being urged to treat every AI agent as a distinct identity to reduce hidden access risks and misuse in enterprise environments – AI Identity, Orphaned AI
- Lawmakers are pushing the No FAKES Act to curb AI-generated deepfakes, while a New York man was charged after allegedly harassing a student with AI-made nude images – No FAKES, AI Nudes
- Researchers highlighted security and trust issues around fast-moving software development and emerging AI-assisted attack patterns in a broader roundup of current threats – TeamPCP, ThreatsDay
Vulnerabilities & Patching
- CISA warned that a Splunk Enterprise flaw is being actively exploited and urged organizations to patch by Sunday – Splunk Flaw
- F5 patched two critical NGINX Open Source vulnerabilities that could enable remote code execution – NGINX RCE
- Most internet-facing REDCap servers were found to be outdated, increasing exposure to known security risks – REDCap Risk
- Microsoft confirmed a Windows update bug affecting Recycle Bin prompts across supported releases – Windows Bug
- A broad threat bulletin also covered Claude chat abuse, NastyC2 npm packages, and device-code phishing campaigns – ThreatsDay
Malware, Botnets & Ransomware
- Authorities disrupted the SocGholish botnet tied to Evil Corp, cleaning nearly 15,000 infected WordPress sites – SocGholish, Evil Corp, Site Cleanup
- The Gentlemen ransomware gang is using multiple EDR killers to disable endpoint defenses before encryption – Gentlemen
- CryptoBandits malware was found doubling as a backdoor while abusing Tor for stealth and control – CryptoBandits
- A USB worm is spreading crypto-stealing malware through Windows shortcut files – USB Worm
Fortinet & Supply Chain
- CISA told Fortinet users to secure devices after the FortiBleed leak, as researchers tracked the broader disclosure response – FortiBleed, Response
- Cisco announced plans to acquire WideField Security to strengthen Splunk‘s agentic SOC capabilities – Cisco Deal
- Accenture is making a major $4.18B industrial cybersecurity push with investments in Dragos, runZero, and NetRise – Accenture Push, OT Cyber
Data Breaches & Enterprise Security
- Nintendo confirmed data theft in a cyberattack affecting a WebMD subsidiary, underscoring ongoing third-party breach risk – Nintendo Breach
- Organizations were reminded that Microsoft 365 backup alone is not enough for business data protection and recovery planning – M365 Backup
- Cyber teams also reviewed how to bypass MFA and how defenders can respond in a webinar focused on practical identity protection – MFA Webinar
- An overview piece argued that some attacks require no exploits, reinforcing the need to defend identities, configurations, and access paths – No Exploits