![Cybersecurity News | Daily Recap [23 Jun 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [23 Jun 2026]")
Daily Recap, LastPass confirmed its breach was tied to the Klue supply-chain compromise, while ShapedPlugin WordPress Pro plugins were backdoored in a separate supply-chain attack; London Hydro and Xsolis also disclosed large-scale data exposures. Across other headlines, the FortiBleed campaign used a custom FortiGate sniffer to steal firewall credentials, Squidbleed was shown to leak cleartext HTTP requests via Squid Proxy, and WhatsApp campaigns delivered ManageEngine RMM alongside OXLOADER and CastleStealer. #LastPass #Klue #ShapedPlugin #LondonHydro #Xsolis #FortiBleed #FortiGate #FortiGateSniffer #Russian #Squidbleed #SquidProxy #SamsungKNOX #Galaxy #WhatsApp #ManageEngineRMM #VBScript #OXLOADER #CastleStealer #JaredFromSubway #SearchYourTarget #DifyTap #Dify #AutoGenStudio #FFmpeg #PixelSmash #SAVE #postquantum #Windows1126H2 #DeepInstinct
Supply Chain & Enterprise Breaches
- LastPass confirmed a breach tied to a Klue supply-chain compromise, while ShapedPlugin WordPress Pro plugins were backdoored in a separate supply-chain attack β LastPass Breach, Plugin Backdoor
- London Hydro disclosed a data breach and Xsolis reported exposure affecting 1.4 million individuals β Hydro Breach, Xsolis Breach
- A suspected cyberattack caused false emergency alerts across parts of Brazil, highlighting the impact of attacks on public warning systems β False Alerts
Firewall & Proxy Exploits
- The ongoing FortiBleed campaign is using a custom FortiGate sniffer to steal credentials from firewalls, with investigators linking it to a Russian initial access broker β FortiBleed, Access Broker, FortiGate Sniffer
- Security researchers detailed the decades-old Squidbleed flaw in Squid Proxy, which can leak cleartext HTTP requests and user data β Squidbleed, Proxy Bug
- Samsung KNOX was found to contain an 8-year-old flaw that exposed millions of Galaxy devices to kernel-level attacks β KNOX Flaw
Phishing, Malware & Credential Theft
- A WhatsApp phishing campaign used fake business documents and VBScript to install ManageEngine RMM on PCs, while another campaign used malicious Google Ads to push OXLOADER and CastleStealer β WhatsApp Malware, Fake Docs, OXLOADER
- JaredFromSubway MEV bot was hacked in a $15 million crypto theft, and another crypto heist was fueled by a fake reputation-boosting campaign β MEV Theft, Crypto Heist
- A report on the βSearch Your Targetβ market showed how stolen credentials are being bought and used for targeted intrusion operations β Stolen Creds
Vulnerabilities & Patch Releases
- Microsoft fixed an AutoGen Studio flaw that enabled code execution, while FFmpeg patched the PixelSmash decoder bug in a widely used video component β AutoGen Fix, FFmpeg Fix
- Researchers warned that DifyTap flaws in Dify could expose AI chats across tenants, underscoring continued risks in multi-tenant AI platforms β DifyTap
- OpenAI shifted cybersecurity efforts toward fixing flaws faster, expanding Daybreak with GPT-5.5-Cyber to help defenders patch vulnerabilities β OpenAI Shift, GPT-5.5-Cyber
- The long-standing βexploit doesnβt existβ issue highlighted how defenders can still validate impact even without a public exploit β Exploit Proof
Policy, Governance & Strategic Moves
- A court ruled the SAVE database illegal and ordered it dismantled, while the Trump administration pushed agencies to accelerate post-quantum migration and support industry readiness β SAVE Ruling, PQ Order
- Microsoft said Windows 11 26H2 is coming soon and explained the upgrade process, signaling the next major OS rollout β Windows 26H2
- Industry coverage also spotlighted leadership strategy in a CISO conversation with Carl Froggett about combining CISO and CIO roles at Deep Instinct β CISO Talk