![Cybersecurity News | Daily Recap [06 Jun 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [06 Jun 2026]")
Daily Recap, Actively exploited flaws were updated across major products, with CISA adding the SolarWinds Serv-U DoS issue to KEV despite no patch for CVE-2026-20245 and also flagging issues in Cisco Catalyst SD-WAN Manager. Malware and ecosystem threats continued alongside browser- and web-based activity, including Chinese APT persistence tooling, Android spyware Asin targeting Arabic users, and supply-chain abuse via IronWorm and Miasma on npm. #SolarWinds #Serv-U #CVE-2026-20245 #Cisco #CatalystSD-WAN #KEV #FFmpeg #Asin #IronWorm #Miasma #npm #OP-512 #MicrosoftIIS #Toshiba #Muji #Max
Exploited Vulnerabilities
- SolarWinds Serv-U and Cisco Catalyst SD-WAN Manager flaws are being actively exploited, with CISA adding the Serv-U DoS bug to KEV and reporting no patch yet for CVE-2026-20245 β Serv-U Flaw, Serv-U Exploit, Cisco Flaw
- An AI agent found 21 zero-days in FFmpeg, while Chrome shipped patches for a record 429 bugs in a major browser security update β FFmpeg Zero-Days
- 900+ exposed U.S. gas-station tank gauge systems and fuel tank gauges are under attack, highlighting continued exposure in industrial and retail infrastructure β Tank Gauges, Fuel Gauges
Malware & Persistence
- A Chinese APT is deploying new malware to maintain access to compromised networks, showing continued post-compromise persistence tactics β APT Malware
- Android spyware Asin is targeting Arabic users through fake news, PDF, and war-map apps, expanding mobile espionage campaigns β Asin Spyware
- New supply-chain malware IronWorm and a Miasma worm variant hit npm, underscoring ongoing package ecosystem abuse β npm Worms
- OP-512 is targeting Microsoft IIS servers with a custom web-shell framework for stealthy access and control β IIS Web Shells
Browser & Web Attacks
- Free apps are turning smart TVs into web-scraping proxies for AI, while the 2026 DBIR says attacks are increasingly βliving in the browserβ β TV Proxies, Browser Attacks
- Suspicious polyfill login prompts appeared on Toshiba and Muji websites, indicating possible web supply-chain or credential-harvesting activity β Polyfill Prompts
Policy, Privacy & Security Industry
- The EU unveiled a tech-sovereignty package to reduce dependence on U.S. and Chinese suppliers, while Apple removed Russiaβs state-backed messaging app Max from its store β EU Sovereignty, Max Removed
- Opal Security raised $23 million for AI-native identity governance, and an OWASP incubator project aims to help developers find and fix vulnerable dependencies in seconds β Opal Funding, OWASP Project
- The Nightmare Eclipse incident highlights how researcher-vendor disclosure disputes can still derail coordinated vulnerability handling β Nightmare Eclipse
- A Nemesis Market vendor received 26 years for selling drugs on the dark web, marking another major cybercrime sentencing β Nemesis Sentencing