![Cybersecurity News | Daily Recap [25 Jun 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [25 Jun 2026]")
Daily Recap, CISA said the critical Lantronix EDS5000 flaw is actively exploited, while another Lantronix serial-to-IP converter issue is already being used after OT threat warnings; Cal Water also found no evidence of OT activity despite claims of disrupting the water supply. This recap also covered Chrome 149 patching 18 severe flaws, Cisco SD-WAN zero-day attacks granting root access via an exploit chain, Operation Endgame disrupting Amadey and StealC, and a malicious Edge extension abusing Native Messaging to bridge to malware.
#Lantronix #LantronixEDS5000 #CISA #OT #CalWater #Chrome149 #CiscoSDWAN #Mandiant #OperationEndgame #Amadey #StealC #DraftKings #Snoopy #Edge #NativeMessaging
#Lantronix #LantronixEDS5000 #CISA #OT #CalWater #Chrome149 #CiscoSDWAN #Mandiant #OperationEndgame #Amadey #StealC #DraftKings #Snoopy #Edge #NativeMessaging
Industrial Threats
- CISA says the critical Lantronix EDS5000 flaw is being actively exploited, while a separate Lantronix serial-to-IP converter bug is already being used in attacks after an OT threat warning. – Lantronix Flaw, Serial Exploit
- Cal Water found no evidence of OT activity after hackers claimed they could disrupt the water supply, underscoring the gap between threat claims and confirmed operational impact. – Water Supply
- NIST opened updated IoT security guidance for public review as organizations continue tightening defenses for connected devices. – IoT Guidance
Vulnerabilities & Patching
- Chrome 149 fixes 18 severe vulnerabilities, adding to a busy patch day for widely used software. – Chrome Patch
- curl patched a 25-year-old vulnerability, while commentary stressed that patch directives alone are not enough to stop modern attacks. – Curl Fix, Patch Limits
- Cisco SD-WAN zero-day attacks gave intruders root access at a communications service provider, with Mandiant detailing how the exploit chain worked. – Cisco Zero-Day, Root Access
- Ubiquiti flaws with max severity are being exploited in attacks, adding another urgent remediation target for defenders. – Ubiquiti Flaws
Malware Takedowns
- Operation Endgame disrupted Amadey and StealC operations, and investigators recovered 27M stolen credentials tied to the malware ecosystem. – Credential Recovery, Endgame Action, Shared Infrastructure
Identity & Fraud
- Fraud prevention guidance highlighted four key defenses as organizations keep battling account takeovers and social engineering at the service desk. – Fraud Defense, Account Takeovers, Service Desk
- DraftKings hacker Snoopy was sentenced to 18 months in prison, marking a notable cybercrime punishment. – Snoopy Sentenced
Browser & Extension Threats
- A malicious Edge extension abused Native Messaging as a bridge to malware, showing how browser add-ons can become launchpads for deeper compromise. – Edge Abuse
- AI agents face new attack surface risks as attackers manipulate information inputs to trigger harmful behavior. – AI Traps
Funding & Research
- Runlayer raised $30 million in Series A funding, reflecting continued investor interest in security startups. – Runlayer Funding
- AIVEX introduced a new triage model aimed at reducing supply chain threat and risk. – AIVEX Model