Cyber Risk Brief: 2–8 June 2026

Disclaimer:This brief is governance commentary for leadership and risk teams, not incident notification, public attribution, legal advice, or quantitative risk analysis. Threat prioritization, framework mappings, attribution, and risk-zone groupings are informational only. Validate all technical claims against vendor advisories and internal telemetry before operational response.

Threat Intelligence Summary

Five of this week's seven threats are CISA Known Exploited Vulnerabilities already under active attack — unauthenticated RCE in Magento's Mirasvit cache extension (T1), a denial-of-service flaw in SolarWinds Serv-U (T2), a credential-less authentication bypass on Palo Alto GlobalProtect VPNs (T3), a targeted Android Framework zero-day used by spyware vendors (T4), and a two-year-old Oracle WebLogic flaw still being exploited in 2026 (T5). Alongside them sit a self-replicating npm and GitHub supply chain worm that has gotten 73 Microsoft repositories disabled (T6, Miasma) and an FSB-linked espionage campaign turning a routine WinRAR archive into a self-propagating malware chain (T7, Gamaredon). What connects them: attackers are exploiting the gap between what organizations assume is patched, signed, or trusted — and what they can actually verify.

Critical

9.3

CVE-2026-45247 · CVSS 4.0 9.3 / CVSS 3.1 9.8 base, both VulnCheck CNA via NVD · The Hacker News cites 9.8 · CISA KEV

Mirasvit Magento Cache Warmer flaw added to CISA KEV — unauthenticated RCE on Magento and Adobe Commerce storefronts.

CVE-2026-45247 · Magento 2 · Adobe Commerce · Mirasvit · CISA KEV · unauthenticated RCE

The Hacker News ↗Follow T1

High

11 DAYS

Left on CISA's 19 June 2026 federal remediation deadline · CVE-2026-28318, CVSS 3.1 7.5 base (High), SolarWinds CNA via NVD · CISA KEV

SolarWinds Serv-U unauthenticated DoS added to CISA KEV — file-transfer services can be crashed by a single crafted request.

CVE-2026-28318 · SolarWinds Serv-U · Denial of Service · CISA KEV · unauthenticated

The Hacker News ↗Follow T2

Critical

47.9%

EPSS — highest 30-day exploitation probability in this week's register · CVE-2026-0257, CVSS 4.0 7.8 base (High), Palo Alto Networks CNA via NVD · CISA KEV

PAN-OS GlobalProtect authentication bypass added to CISA KEV — attackers forge VPN sessions without credentials.

CVE-2026-0257 · PAN-OS · GlobalProtect · Prisma Access · Authentication Bypass · CISA KEV · unauthenticated

Unit 42 (Palo Alto Networks) ↗Follow T3

High

0-DAY

Exploited before Google's June 2026 patch shipped — CVE-2025-48595, CVSS 3.1 8.4 (High), CISA-ADP via NVD, used by commercial spyware vendors

Android Framework integer overflow zero-day under active exploitation — Google ships fix in same week, CISA KEV June 2026

CVE-2025-48595, Android Framework, integer overflow, CWE-190, local privilege escalation, CISA KEV, zero-day, June 2026 patch

The Hacker News ↗Follow T4

High

2 YRS

Patch available since July 2024 — still under active exploitation and added to CISA KEV in June 2026 · CVE-2024-21182, CVSS 3.1 7.5 (High), Oracle CNA via NVD

CVE-2024-21182 — Oracle WebLogic Server unauthenticated data access actively exploited, CISA KEV June 2026

CVE-2024-21182, Oracle WebLogic Server, T3/IIOP, CISA KEV, unauthenticated access, data exfiltration, July 2024 patch

BleepingComputer ↗Follow T5

Critical

73 REPOS

No CVE/CVSS assigned · 73 Microsoft GitHub repositories disabled by GitHub after confirmed Miasma worm compromise, June 6, 2026

Miasma self-replicating supply chain worm hits npm and 73 Microsoft GitHub repositories — credential theft, CI/CD pipeline compromise, week of June 1–6, 2026.

Miasma · npm · GitHub Actions · supply chain · Red Hat · Microsoft Azure · credential theft · Mini Shai-Hulud · TeamPCP · CI/CD

The Hacker News ↗Follow T6

High

9 MO

Confirmed exploitation window — zero-day since July 2025, KEV-listed August 2025, active Gamaredon operations confirmed January 2026 · CVE-2025-8088, CVSS 4.0 8.4 (High)

Gamaredon exploits KEV-listed WinRAR path traversal flaw to deliver self-propagating GammaWorm and GammaSteel infostealer — active campaign confirmed January 2026.

CVE-2025-8088 · WinRAR · RARLAB · Gamaredon · GammaWorm · GammaSteel · GammaLoad · GammaPhish · FSB · CISA KEV · path traversal · Ukraine · espionage

The Hacker News ↗Follow T7

Strategic context: trust is the attack surface — and verification is the gap attackers are exploiting

The pattern across this week's register isn't which vulnerability is worst — it's how consistently attackers exploit the gap between what an organization assumes is true and what it can prove:

Five KEV-listed flaws (T1–T5) under active exploitation, federal deadlines already passed — several in software that rarely reaches a board's risk register: a Magento cache extension, a file-transfer server, a VPN gateway.
Miasma (T6): even cryptographically signed software can carry a payload once the publishing account behind the signature is compromised.
Gamaredon's WinRAR campaign (T7): a nation-state turned a routine file format into a nine-month espionage foothold.
The test for leadership: state, with evidence rather than assumption, what's running, at what version, and who has actually verified it — not patched on paper, but verified in practice.

Regulatory & Governance Intelligence

EU Unveils Tech Sovereignty Package — Chips Act 2.0, CADA, Open Source Strategy

Four-part package — Chips Act 2.0, Cloud and AI Development Act (CADA), Open Source Strategy, Energy Digitalization Roadmap — aimed at cutting reliance on foreign tech suppliers; Commission says the EU sources 80%+ of key digital products, services, infrastructure, and IP from abroad.
CADA is the piece to watch: defines four cloud sovereignty assurance levels for public bodies, Level 1 (EU-based data storage) to Level 4 (full supply-chain control) — likely to shape vendor and data-residency rules well beyond the public sector.
AI gigafactory funding calls expected July 2026.

The Record — EU Unveils Tech Sovereignty Package ↗

One GitHub Issue, One Repo Takeover — What Claude Code's Patched Flaw Says About Agentic-Tooling Governance

RyotaK (GMO Flatt Security) chained three flaws in Anthropic's Claude Code GitHub Action into a full repo takeover: a bot-trigger check that waved through any actor named "...[bot]", a crafted GitHub issue that prompt-injected Claude into running attacker commands, and a trick that had Claude read /proc/self/environ and post the action's OIDC credentials back into the issue — tradeable for installation tokens with write access to a repo's code, issues, and workflows.
Anthropic rated it 7.8 (CVSS 4.0), shipped a fix in v1.0.94 within four days, and paid a bug bounty. No CVE or advisory published yet — hence a governance note here, not a scored Threat Register entry.
The pattern: wiring AI coding agents into CI/CD means inheriting that agent's permission model as part of the software supply chain — "the bot is named correctly" is not a trust boundary. Exactly the agentic-tool risk an ISO 42001 AI management system is built to surface before a researcher, or an attacker, finds it first.

The Hacker News — Claude Code GitHub Action Flaw Let One Issue Hijack a Repo ↗

Canada Launches "AI for All" — National AI Strategy Bets on Sovereignty, Trust, and Adoption

Prime Minister Carney launched "AI for All" on 4 June 2026 — six pillars spanning trust/safety, literacy, adoption, sovereign compute, scale-up capital, and global alliances; the government targets roughly $200B in added GDP and 250,000 new AI-related jobs by 2031.
Trust pillar stands up a Canadian AI Safety Institute ($50M) and a "Canada Trusted AI Certification" programme, alongside modernized privacy and online-safety legislation — the compliance hooks businesses operating in Canada should track first.
Sovereignty pillar runs on a "Build-Partner-Buy" framework: a public supercomputer, sovereign compute scaling to 850 MW by 2030 (2.3 GW longer-term), and a new Sovereign Technology Alliance with Germany and allies — the same assurance-level logic the EU's CADA is codifying above.
For risk teams: government procurement will favour "trusted AI" meeting Canadian standards, and transparency / human-in-the-loop requirements are coming for government AI systems — exactly the certification and provenance bar an ISO 42001 AI management system is built to satisfy.

Prime Minister of Canada — Carney Launches AI for All ↗ISED — Canada's National Artificial Intelligence Strategy: AI for All ↗

Threat Register: 08/06/2026

	Threat
T1	Magento and Adobe Commerce Stores Open to Remote Takeover — Mirasvit Cache Warmer Flaw Under Active Attack (CVE-2026-45247) Organizations running Magento 2 or Adobe Commerce storefronts with the Mirasvit Full Page Cache Warmer extension are exposed to unauthenticated remote code execution from the open internet — full web-server compromise is plausible wherever the extension stays unpatched. CISA added CVE-2026-45247 to its Known Exploited Vulnerabilities catalog after Imperva observed live attacks delivering base64-encoded serialized PHP payloads through the CacheWarmer cookie, and ordered US federal civilian agencies to remediate by 6 June 2026. The Hacker News ↗NVD ↗FIRST ↗MITRE ATT&CK ↗	9.3	6.15%	Critical	Immediate
T2	SolarWinds Serv-U Unauthenticated Denial of Service (CVE-2026-28318) Organizations running SolarWinds Serv-U as an internet-facing file transfer server can have the service crashed remotely by unauthenticated attackers — disrupting managed file transfers and the business workflows that depend on them, without any credential compromise. The flaw, tracked as CVE-2026-28318, lets a specially crafted HTTP POST request carrying a Content-Encoding: deflate header exhaust Serv-U's resources and crash the process — a high-impact availability issue with no confidentiality or integrity exposure. SolarWinds has fixed the issue in Serv-U 15.5.4 HF1, and CISA and the Canadian Centre for Cyber Security are urging administrators to upgrade from all earlier versions and block content-encoding requests as a stopgap. The Hacker News ↗NVD ↗Canadian Centre for Cyber Security ↗FIRST ↗MITRE ATT&CK ↗	7.5	5.32%	High	Immediate
T3	Palo Alto Networks GlobalProtect VPNs Hijacked Without Credentials — Authentication Bypass Under Active Exploitation (CVE-2026-0257) Organizations running Palo Alto Networks firewalls or Prisma Access with internet-facing GlobalProtect portals are exposed to attackers establishing fully unauthorized VPN sessions that are indistinguishable from legitimate remote access — no credentials, no multi-factor prompt, the same network reach as a real user. The flaw, tracked as CVE-2026-0257, lets an unauthenticated attacker forge an authentication override cookie and bypass GlobalProtect's security checks wherever override cookies and certificate reuse are configured (CWE-565). CISA added it to its Known Exploited Vulnerabilities catalog on 29 May 2026 with a three-day remediation window, and Palo Alto Networks' Unit 42 and the Canadian Centre for Cyber Security both confirm active exploitation against PAN-OS 10.2/11.1/11.2/12.1 and Prisma Access 10.2/11.2 deployments. Unit 42 (Palo Alto Networks) ↗NVD ↗Canadian Centre for Cyber Security ↗FIRST ↗MITRE ATT&CK ↗	7.8	47.85%	Critical	Immediate
T4	Android Framework Integer Overflow Zero-Day Under Active Exploitation (CVE-2025-48595) Any organization with Android 14, 15, or 16 devices in its fleet — corporate-owned or BYOD — that have not yet installed the June 2026 security patch is carrying a device that can be silently escalated from app-level access to full system control, with no user interaction and no additional starting privileges required. CVE-2025-48595 is an integer overflow (CWE-190) in the Android Framework that Google confirms is under 'limited, targeted exploitation' — the same exploitation pattern The Hacker News notes has historically been used by commercial spyware vendors to compromise high-profile targets. CISA added it to its Known Exploited Vulnerabilities catalog on 2 June 2026, and Google shipped the fix in the same week, in the 2026-06-01 and 2026-06-05 Android Security Bulletin patch levels — one of 124 flaws patched that month, including 18 critical-severity issues and one remote-code-execution CVE (CVE-2026-0059). The Hacker News ↗SecurityWeek ↗Canadian Centre for Cyber Security ↗NVD ↗FIRST ↗MITRE ATT&CK ↗	8.4	< 1%	High	Immediate
T5	Oracle WebLogic Server Unauthorized Data Access (CVE-2024-21182) Any organization still running Oracle WebLogic Server versions 12.2.1.4.0 or 14.1.1.0.0 exposed to the network faces an immediate risk of unauthenticated attackers extracting all data accessible to the WebLogic server — a flaw Oracle patched in July 2024 that CISA has now confirmed is actively exploited in the wild as of June 2026. CVE-2024-21182 is exploitable over T3 and IIOP, the standard networking protocols WebLogic uses, with no credentials and no user interaction required; attackers who succeed gain partial or complete access to all data the server can reach. Per BleepingComputer, over 1,592 Oracle WebLogic servers remain exposed and vulnerable online as of early June 2026, with 961 running version 12.2.1.4.0 and 631 running version 14.1.1.0.0. The Hacker News ↗BleepingComputer ↗NVD ↗FIRST ↗MITRE ATT&CK ↗	7.5	89.65%	High	Immediate
T6	Miasma Self-Replicating npm and GitHub Supply Chain Worm Any organisation whose CI/CD pipelines or developer workstations consume npm packages from the affected namespaces — including @redhat-cloud-services — or whose developers work with the compromised Microsoft Azure and MicrosoftDocs GitHub repositories faces an immediate risk of credential theft across AWS, Azure, GCP, Kubernetes, npm, and GitHub tokens, with the stolen credentials used to propagate the worm into any repository the victim can write to. The Miasma campaign is a self-replicating variant of the Mini Shai-Hulud worm, assessed by The Hacker News as originating with the threat group TeamPCP, and has escalated from 32 infected packages across 96 versions in the @redhat-cloud-services namespace on June 1 to a June 6 incursion affecting 73 Microsoft repositories across four GitHub organisations — Azure, Azure-Samples, Microsoft, and MicrosoftDocs — with GitHub disabling access to all affected repositories. The worm operates entirely within legitimate channels — signed packages published with valid OIDC tokens by compromised maintainer accounts — making it indistinguishable from a routine package update; a further variant bypasses the npm registry entirely and plants a 4.3 MB payload runner directly into source repositories, wired to auto-execute through Claude Code, Gemini CLI, Cursor, VS Code, and the npm test script. The Hacker News ↗The Hacker News ↗The Hacker News ↗BleepingComputer ↗	—	—	Critical	Immediate
T7	Gamaredon Exploits WinRAR Path Traversal to Deliver GammaWorm and GammaSteel (CVE-2025-8088) Any organisation whose employees use WinRAR on Windows and have not upgraded to version 7.13 (patched July 30, 2025) remains exposed to arbitrary code execution triggered simply by opening a crafted RAR archive — an action requiring no elevated privileges and commonly arriving as a routine email attachment. Russia's FSB-linked Gamaredon exploited CVE-2025-8088 in January 2026 to deliver a multi-stage chain: a booby-trapped RAR archive drops an HTA payload (GammaPhish), which retrieves a VBScript downloader (GammaLoad), which deploys either the self-propagating GammaWorm — spreading via network shares and USB drives — or the GammaSteel infostealer, which exfiltrates documents to an AWS S3 bucket. The CISA-mandated remediation deadline passed on September 2, 2025; WinRAR has no auto-update feature, so every affected endpoint requires a manual fix. The Hacker News ↗NVD ↗BleepingComputer ↗MITRE ATT&CK ↗	8.4	—	High	Immediate
Select a row for narrative, affected systems, remediation, and sources.

Threat Actor Profiling

Five of this week's seven threats (T1–T5) carry no named or attributed actor — CISA, vendors, and researchers confirm active exploitation but no source has named who's behind it. The remaining two are named with different confidence levels: Miasma (T6) is attributed to TeamPCP on an "assessed" basis, and Gamaredon (T7) is officially linked by The Hacker News, citing Sekoia, to Russia's FSB. MITRE technique codes are shown as hover-to-define abbreviations — hover any code below for its full technique name.

Threats	Actor	Sectors	MITRE tradecraft	Kill chain
T1	Unattributed Magento exploitation threat actor	Web/Commerce, Retail, Any organisation running Magento or Adobe Commerce	T1190T1059	Crafted base64-encoded serialized-PHP payload sent in CacheWarmer cookie to public Magento storefront (T1190) → unserialize() gadget chain triggers PHP RCE, observed system() calls (T1059) → full server control; The Hacker News reports no confirmed follow-on objective beyond establishing code execution
T2	Unattributed Serv-U exploitation threat actor	Managed File Transfer, Any organisation running internet-facing SolarWinds Serv-U	T1190T1499.004	Crafted HTTP POST request carrying a Content-Encoding: deflate header sent to an internet-exposed Serv-U HTTP endpoint (T1190) → uncontrolled resource consumption during decompression crashes the Serv-U process (T1499.004) → file-transfer service denied to legitimate users; The Hacker News reports active exploitation but no attribution to a specific actor or campaign objective beyond disruption
T3	Unattributed GlobalProtect exploitation threat actor	Remote-access / VPN infrastructure, Any organisation running internet-facing PAN-OS GlobalProtect or Prisma Access	T1190T1133T1078	Crafted request forges an authentication override cookie against an internet-exposed GlobalProtect portal or gateway (T1190) → forged cookie bypasses PAN-OS security checks and establishes an unauthorized VPN session indistinguishable from legitimate remote access (T1133) → attacker holds the same network reach as a valid remote-access account, with no post-access lateral movement observed yet (T1078); Unit 42 and the Canadian Centre for Cyber Security report active exploitation but no attribution to a named actor or campaign objective beyond establishing unauthorized access.
T4	Unattributed Android Framework exploitation threat actor	Mobile / Endpoint, Any organisation with Android 14–16 devices in its fleet (corporate-owned or BYOD)	T1404	Attacker first achieves limited code execution on an Android 14–16 device — CVE-2025-48595's own description names no delivery mechanism, and no source confirms whether it was a malicious app, a chained remote exploit, or physical access (gap stated, not filled) → triggers the integer overflow in the Android Framework (CWE-190), which needs no user interaction and no additional starting privileges, escalating from app-level access to full system control (T1404) → attacker holds complete confidentiality, integrity, and availability impact on the device (CVSS C:H/I:H/A:H); Google states there are 'indications' of limited, targeted exploitation, and The Hacker News notes this exploitation pattern matches how commercial spyware vendors have historically weaponized similar Android Framework flaws to target high-profile individuals — but no source attributes this specific campaign to a named actor or confirms a post-escalation objective.
T5	Unattributed WebLogic exploitation threat actor	Enterprise Java application middleware, Any organisation running internet-facing Oracle WebLogic Server	T1190T1005	Attacker identifies an Oracle WebLogic Server instance (versions 12.2.1.4.0 or 14.1.1.0.0) with T3/IIOP ports reachable from the network — per BleepingComputer, over 1,592 such servers were internet-exposed as of early June 2026 (T1190) → sends a crafted, unauthenticated request over T3 or IIOP exploiting CVE-2024-21182 and gains access to critical or complete WebLogic-accessible data (T1005); Oracle describes the exploitation mechanism as 'unspecified,' and no source confirms further steps such as RCE or lateral movement, nor attributes the activity to a named actor or campaign — The Hacker News states there are currently no public reports on how the vulnerability is being exploited in the wild.
T6	TeamPCP — assessed Miasma supply chain worm operator	Software Development / DevOps, Open-source npm ecosystem, Any organisation whose CI/CD pipelines or developer workstations consume npm packages from the affected namespaces or clone the compromised Microsoft GitHub repositories	T1195.001T1552.001T1078T1565.001T1059	Compromised maintainer accounts publish malicious package versions through legitimate npm and GitHub Actions OIDC trusted-publishing channels with valid provenance signatures (T1195.001) → on install, a preinstall hook executes and harvests AWS, Azure, GCP, Kubernetes, npm, and GitHub credentials from local files and environment variables (T1552.001) → the harvested valid account tokens (T1078) are used to republish the worm into every repository the victim can write to, propagating the campaign from 32 infected @redhat-cloud-services packages on June 1 to 73 disabled Microsoft repositories by June 6; a parallel variant bypasses the npm registry entirely and plants a 4.3 MB payload runner directly into source repositories (T1565.001), wired to auto-execute through Claude Code, Gemini CLI, Cursor, VS Code, and the npm test script (T1059); per The Hacker News, attribution to TeamPCP is assessed — not forensically confirmed — and no objective beyond credential theft and self-propagation is confirmed in sources.
T7	Gamaredon	Government / Military / Critical Infrastructure, Ukrainian and Ukraine-aligned organisations, Any organisation running unpatched WinRAR (pre-7.13) on Windows endpoints	T1566.001T1204.002T1203T1053.005T1102.001T1567.002	A booby-trapped RAR archive arrives as a routine email attachment (T1566.001) → the victim opens it, and CVE-2025-8088's path traversal drops an HTA payload, GammaPhish, outside the expected extraction directory (T1203, T1204.002) → GammaPhish retrieves a VBScript downloader, GammaLoad, which establishes persistence via scheduled tasks (T1053.005) and deploys either the self-propagating GammaWorm — spreading across network shares and USB drives by replacing legitimate directory listings with malicious shortcut files — or the GammaSteel infostealer → GammaWorm resolves command-and-control through legitimate Telegram channels acting as dead drop resolvers, blending with permitted traffic (T1102.001), while GammaSteel exfiltrates file-type-filtered documents over HTTPS to an attacker-controlled AWS S3 bucket (T1567.002); per The Hacker News quoting Sekoia, Gamaredon is officially linked to Russia's FSB, with objectives to fingerprint hosts, maintain persistent access, and exfiltrate documents — espionage, not financial gain.

▶Table methodology & sourcing notes

MITRE ATT&CK codes follow the T<technique>.<sub-technique> format (e.g., T1566.001 = Phishing: Spearphishing Attachment); hover any code for its full technique name, or look it up directly at attack.mitre.org.
Attribution language is carried verbatim from cited sources: "assessed" (Miasma / TeamPCP) means a publication has proposed but not forensically confirmed the link; "officially linked" (Gamaredon / Russia's FSB) means a named source has formally stated the attribution.
"Unattributed" entries (T1–T5) reflect the cited sources as of publication — CISA, vendors, and researchers confirmed active exploitation but had not named a responsible actor. This is a snapshot of public attribution at time of writing, not a claim that no one is responsible.

Control Deficiency & Framework Mapping

Threat	Control gaps	ISO 27001	NIST CSF 2.0	CIS Controls	Privacy Act / PIPEDA	ITSG-33	OSFI B-13	ISO 42001
T1Magento and Adobe Commerce Stores Open to Remote Takeover — Mirasvit Cache Warmer Flaw Under Active Attack (CVE-2026-45247)	Lack of accurate inventory of third-party Magento/Mirasvit extensions on internet-facing e-commerce systems Patch and change-management processes that don't treat KEV-listed extension vulnerabilities as emergency changes with accelerated SLAs Insufficient secure configuration and hardening of public-facing Magento infrastructure, leaving a high-impact deserialization path reachable from any storefront request Vulnerability monitoring that fails to integrate CISA KEV data and vendor advisories for third-party storefront extensions Inadequate web-traffic monitoring and WAF coverage to detect anomalous CacheWarmer cookie patterns indicating exploitation	A.5.19, A.5.20, A.8.8, A.8.9, A.8.16, A.8.20	ID.AM-02, ID.RA-01, PR.PS-01, PR.PS-02, DE.CM-01, DE.CM-09	CIS 4, CIS 7, CIS 12, CIS 13, CIS 16	—	SI-2, RA-5, CM-7, SC-7, AU-6	B-13 Governance, B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Third-Party Risk	—
T2SolarWinds Serv-U Unauthenticated Denial of Service (CVE-2026-28318)	Lack of a complete inventory of Serv-U deployments across DMZs, subsidiaries, and disaster-recovery environments — limiting how fast exposure to CVE-2026-28318 can be identified Patch and change-management processes that don't treat KEV-listed availability vulnerabilities as emergency changes, delaying rollout of Serv-U 15.5.4 HF1 against CISA's mandated deadline Network architecture and access controls that leave Serv-U HTTP interfaces broadly exposed to the internet instead of restricted to trusted networks or VPNs Insufficient monitoring of Serv-U service health, preventing early detection of repeated crash cycles that signal active exploitation No tested business-continuity or failover plan for critical file-transfer services, so a Serv-U crash forces manual workarounds with no rehearsed recovery path	A.5.19, A.5.30, A.8.8, A.8.9, A.8.16, A.8.20	ID.AM-01, ID.RA-01, PR.PS-01, PR.PS-02, DE.CM-01, RC.RP-01	CIS 2, CIS 4, CIS 7, CIS 8, CIS 11, CIS 12	—	SI-2, RA-5, SC-7, AU-6, CP-10	B-13 Governance, B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Third-Party Risk	—
T3Palo Alto Networks GlobalProtect VPNs Hijacked Without Credentials — Authentication Bypass Under Active Exploitation (CVE-2026-0257)	Incomplete inventory of GlobalProtect-enabled PAN-OS firewalls and Prisma Access tenants — exposure couldn't be scoped quickly when the KEV notice landed Patch and change-management processes that don't treat a KEV-listed VPN authentication bypass with a three-day federal remediation window as an emergency change Authentication override cookie and certificate configuration left to default convenience rather than governed by policy — the exact misconfiguration (shared certificates) that makes cookie forgery possible Insufficient VPN session monitoring and indicator-of-compromise hunting, so a forged-cookie connection looks identical to a legitimate one in the logs Remote-access governance that doesn't extend KEV-driven urgency to cloud-delivered VPN services like Prisma Access	A.5.15, A.5.19, A.8.8, A.8.9, A.8.16, A.8.20	ID.AM-01, ID.RA-01, PR.AA-01, PR.PS-02, DE.CM-01	CIS 2, CIS 4, CIS 5, CIS 6, CIS 7, CIS 8	—	SI-2, RA-5, AC-17, IA-2, SI-4	B-13 Governance, B-13 Access Control, B-13 Vulnerability Management, B-13 Third-Party Risk	—
T4Android Framework Integer Overflow Zero-Day Under Active Exploitation (CVE-2025-48595)	MDM/UEM doesn't enforce a minimum Android security patch level as a compliance gate — devices sitting on pre-June-2026 patch levels keep normal access indefinitely with no automatic flag BYOD policy doesn't require personally owned devices to report OS version and patch level before connecting to corporate resources, leaving an entire device class outside exposure visibility KEV-monitoring processes are scoped to servers and network infrastructure, not the mobile fleet — a CISA KEV addition for an Android flaw doesn't trigger the same emergency-patch workflow a server CVE would Asset inventory doesn't capture exact Android OS version and security patch level per device, so exposure to CVE-2025-48595 (Android 14/15/16) can't be scoped on demand — only after manual device-by-device review No conditional-access policy ties device compliance state (patch level) to what that device can reach — a device two patch cycles behind retains identical access to one that's fully current	A.5.10, A.8.1, A.8.8, A.8.9, A.8.16	ID.AM-01, ID.RA-01, PR.PS-02, PR.AA-05, DE.CM-09	CIS 1, CIS 4, CIS 6, CIS 7	—	SI-2, RA-5, AC-19, CM-7	B-13 Technology Asset Mgmt, B-13 Patch Mgmt, B-13 Vulnerability Management	—
T5Oracle WebLogic Server Unauthorized Data Access (CVE-2024-21182)	Oracle WebLogic Server instances on affected versions (12.2.1.4.0 and 14.1.1.0.0) went unpatched for roughly two years since Oracle's July 2024 CPU — a failed or bypassed patch-management SLA for enterprise middleware Over 1,592 vulnerable WebLogic instances remain internet-exposed per BleepingComputer's Shodan data — asset inventory and network exposure management failed to catch T3/IIOP ports left directly internet-accessible without business justification No compensating controls (WAF filtering on T3/IIOP, network segmentation restricting WebLogic access to trusted hosts) to reduce exposure while the patch sat unapplied Vulnerability management tooling never flagged the July 2024 Oracle CPU as a priority patch for internet-facing middleware in the nearly two years since release CISA KEV data isn't integrated into patch prioritization — a KEV addition should trigger immediate escalation and remediation, and continuous external-exposure scanning should have caught these instances against the known-vulnerable version list	A.8.8, A.8.9, A.8.16, A.8.20, A.8.22	ID.AM-01, ID.RA-01, PR.PS-01, PR.PS-02, DE.CM-01, DE.CM-09	CIS 2, CIS 4, CIS 7, CIS 12, CIS 8	—	SI-2, RA-5, CM-7, SC-7	B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Governance	—
T6Miasma Self-Replicating npm and GitHub Supply Chain Worm	No enforced policy requiring `--ignore-scripts` or equivalent controls blocking automatic preinstall hook execution in CI/CD pipelines and developer workstations, meaning Miasma's payload executes without any security gate Absent or insufficient inventory and monitoring of third-party npm dependencies — organisations cannot rapidly identify which build systems installed affected @redhat-cloud-services or mantine packages since June 1 without lockfile-level visibility Overly broad CI/CD secret scoping: GitHub Actions runners hold cloud provider credentials (AWS, Azure, GCP), Kubernetes tokens, and npm publish tokens in the same context as npm install operations, enabling Miasma to harvest all of them with a single preinstall hook execution Incomplete incident response following the TeamPCP/durabletask May 2026 compromise — the re-compromise of durabletask in June indicates credentials were never fully rotated after the May incident, a failed IR credential-rotation control No second-factor or environment-scoped restriction on GitHub Actions OIDC trusted-publishing tokens: the mechanism binds trust to repository and workflow filename only, not branch or environment, letting a compromised account mint valid npm-publishing tokens from any branch Lack of dependency integrity verification and automated lockfile pinning enforcement in pipelines, allowing unvetted package version updates to resolve and execute without human review or approval	A.5.19, A.5.20, A.8.8, A.8.9, A.8.16, A.5.29	GV.SC-01, GV.SC-05, ID.AM-01, PR.DS-02, DE.CM-01, RS.CO-02	CIS 2, CIS 4, CIS 6, CIS 7, CIS 8, CIS 16	—	SA-12, SR-3, SR-6, AU-6, AC-4	B-13 Third-Party Risk, B-13 Governance	Applicable (ATLAS gate YES) — Miasma specifically targets AI coding agents (Claude Code, Gemini CLI, Cursor, VS Code) as payload auto-execution vectors, and the concurrent IronWorm campaign uses AI-identity masquerading (claude@users.noreply.github.com); organisations using AI coding agents in development pipelines must assess whether those tools' auto-execution and trusted-repository behaviours are governed under their AI governance frameworks
T7Gamaredon Exploits WinRAR Path Traversal to Deliver GammaWorm and GammaSteel (CVE-2025-8088)	WinRAR is commonly absent from formal software asset inventories as a user-managed utility, preventing organisations from quantifying their exposure to CVE-2025-8088 or verifying patch coverage WinRAR has no auto-update mechanism (confirmed by BleepingComputer), meaning patch deployment requires explicit orchestration — organisations relying on self-service or passive patching have a structural gap for this class of client-side archive tool Absence of application execution controls (AppLocker/WDAC) restricting HTA (mshta.exe) and VBScript (wscript.exe) execution launched as child processes of archive utilities from user-writable paths — the path by which GammaPhish and GammaLoad execute post-extraction No CISA KEV compliance coverage for end-user utilities — KEV patching programmes that focus on servers and network devices systematically miss client-side KEV vulnerabilities like CVE-2025-8088, overdue for more than eight months Insufficient egress monitoring to detect GammaSteel's HTTPS exfiltration of documents to AWS S3, designed to blend with legitimate cloud traffic and evade standard reputation-based blocking controls Inadequate logging and detection tuning for GammaWorm's C2 resolution pattern — curl/Bitsadmin outbound GET requests to Telegram public channels from non-browser processes — allowing sustained C2 to operate undetected within permitted Telegram egress	A.8.8, A.8.9, A.8.16, A.8.12, A.8.20	ID.AM-01, DE.CM-09, PR.PS-01, DE.AE-02, DE.CM-01	CIS 2, CIS 4, CIS 7, CIS 8, CIS 13	—	SI-2, RA-5, CM-7, AU-6, SC-7	B-13 Patch Mgmt, B-13 Vulnerability Management, B-13 Governance	—

Privacy Act / PIPEDA & OSFI:All seven threats show "—" under Privacy Act / PIPEDA — these are vulnerability disclosures and exploitation campaigns, not confirmed personal-data breaches involving Canadian residents, and none of the cited sources establish the confirmed personal-information access plus "real risk of significant harm" that triggers a PIPEDA notification obligation. Every threat does map to at least one OSFI B-13 control domain — patch management, vulnerability management, third-party risk, access control, technology asset management, or governance — reflecting how directly this week's register tests the technology- and third-party-risk expectations OSFI sets for federally regulated financial institutions. Assess both columns against your own data map and regulatory footprint before treating either as closed.

Risk Triage

Threats are assigned to primary zones based on their dominant organizational risk characteristic. A threat may appear in a secondary zone when it presents a materially distinct compounding risk dimension.

Exposure Velocity

Active exploitation or weaponized capability with immediate organizational exposure if unaddressed.

T1Mirasvit Cache Warmer RCE — CVSS 9.3, unauthenticated, deadline passed
Imperva confirms live attacks delivering serialized PHP payloads through the CacheWarmer cookie; CISA's 6 June 2026 federal deadline has already passed — patch to 1.11.12 or disable the extension now.
T2SolarWinds Serv-U DoS — KEV-listed 5 June, due 19 June
CISA added CVE-2026-28318 to KEV citing active exploitation just two weeks before its remediation deadline — a narrow window between patch release, weaponization, and mandate.
T3PAN-OS GlobalProtect auth bypass — credential-less VPN takeover
Unit 42 and CCCS confirm active exploitation of a forgeable authentication-override cookie on internet-facing gateways; CISA's three-day remediation window (29 May → 1 June 2026) has already elapsed.
T5Oracle WebLogic unauthorized data access — patched 2024, exploited 2026
CISA confirms active exploitation of a flaw Oracle patched in July 2024; BleepingComputer counts over 1,592 vulnerable instances still internet-exposed, and the 4 June 2026 federal deadline has passed.
T7Gamaredon / WinRAR — confirmed live exploitation since July 2025 (secondary)
CVE-2025-8088's KEV deadline passed 2 September 2025; BleepingComputer confirms exploitation has run continuously from its July 2025 zero-day debut through Gamaredon's January 2026 campaign.

Incident Pressure

Confirmed campaign or large-scale exposure with direct impact on organizations or their data.

T6Miasma supply chain worm — confirmed credential theft, incomplete prior rotation (secondary)
Confirmed theft of GitHub, npm, AWS, Azure, GCP, Kubernetes, and CI/CD credentials from any environment that resolved an affected package since 1 June 2026; the re-compromise of Microsoft's durabletask repo shows an earlier incident's credentials were never fully rotated — a persistent breach-level access condition.

Governance & Control Gaps

Structural control deficiencies revealed by the day's threats, independent of any single exploit.

T6Miasma supply chain worm — npm/OIDC trust model exploited, not a code flaw
Trusted-publishing and GitHub Actions OIDC bind trust to repository and workflow name rather than branch/environment/principal, letting one compromised maintainer account publish signed, valid-provenance malicious packages — and most pipelines have no control blocking `preinstall` hook execution at all.
T4Android Framework zero-day — can the fleet absorb a patch as fast as Google ships it?
Google moved from confirming active exploitation to a shipped, KEV-aligned fix within the same week — the governance question is whether an organisation's MDM can get every corporate and BYOD device to the June 2026 patch level on that timeline, and gate out the devices that don't.
T2SolarWinds Serv-U DoS — availability flaws under-governed (secondary)
CCCS advisory AV26-549 shows Serv-U versions before 15.5.4 HF1 were already under advisory for other flaws — exposing gaps in maintaining consistent patch levels and in treating availability-only issues with breach-level urgency.
T3PAN-OS GlobalProtect auth bypass — convenience features outside policy (secondary)
CCCS notes deployments remained vulnerable despite a 13 May advisory predating the KEV listing, with authentication-override cookies and certificate reuse — both attacker preconditions — left ungoverned by any configuration standard.
T5Oracle WebLogic unauthorized data access — patched 2024, ignored until KEV (secondary)
Oracle shipped the fix in its July 2024 Critical Patch Update — nearly two years before CISA's KEV listing forced action — exposing gaps in CPU patch uptake and the absence of urgency triggers for legacy Java application-server flaws sitting outside tier-1 attention.

Strategic Posture

Cross-cutting pattern requiring board-level awareness and programme-level response.

T7Gamaredon / WinRAR — confirmed FSB-linked espionage campaign, not commodity crime
An active, officially-attributed nation-state operation (Russia's FSB, per The Hacker News citing Sekoia) running a modular, self-propagating toolchain with confirmed document exfiltration against Ukrainian government, military, and critical-infrastructure targets — the kind of geopolitically-driven threat that warrants board-level visibility, not just a patch-ticket.

Remediation Actions

Consolidated actions across all seven threats, organized by time horizon. T-badges indicate which threat each action addresses.

0 – 24 hours

Immediate response

T1Upgrade Mirasvit Cache Warmer to 1.11.12, or disable the extension if the patch can't land same-day — CISA's 6 June 2026 federal deadline has already passed.
T3Disable Authentication Override on the GlobalProtect portal and gateway, and hunt Unit 42's published indicators of compromise against connection logs — CISA's 1 June 2026 deadline has elapsed.
T6Rotate every credential reachable from any environment that ran npm install against an affected package since 1 June — GitHub, npm, AWS/Azure/GCP, Kubernetes, SSH, and CI/CD secrets alike.
T7Block mshta.exe, wscript.exe, and cscript.exe as child processes of WinRAR via AppLocker/WDAC, and block LNK execution from %TEMP%, %LOCALAPPDATA%, and Startup — WinRAR has no auto-update and its KEV deadline passed in September 2025.

7 days

Short-term hardening

T2Block HTTP requests carrying a Content-Encoding header at the WAF or reverse proxy, and restrict Serv-U access to known IP ranges, ahead of the 19 June 2026 CISA deadline.
T4Push the OEM/carrier OTA update to every managed and BYOD Android device, and confirm via MDM that the fleet reports the June 2026 patch level — not merely that "an update is available."
T5Restrict WebLogic T3/IIOP access to authenticated, trusted hosts as a compensating control while Oracle's July 2024 CPU patch is applied on an emergency change basis.
T7Deploy WinRAR 7.13 across every endpoint via endpoint management — manual, since the application has no auto-update — and triage any endpoint that opened an untrusted RAR archive before patching as potentially compromised.

14 – 30 days

Programme remediation

T1Add WAF/reverse-proxy rules blocking CacheWarmer cookies carrying base64-encoded serialized-object markers (Tz, Qz, YT prefixes), and review logs back through the disclosure window for the same pattern.
T2Upgrade every SolarWinds Serv-U instance to 15.5.4 Hotfix 1 — the release SolarWinds confirms addresses CVE-2026-28318 — across MFT, FTP, FTPS, SFTP, and HTTP/HTTPS deployments.
T3Upgrade to the fixed PAN-OS / Prisma Access releases (12.1.4-h6 / 12.1.7 and the matching 11.2 / 11.1 / 10.2 builds, or Prisma Access 11.2.7-h13 / 10.2.10-h36) once Authentication Override is safely disabled.
T6Rebuild affected environments with `npm install --ignore-scripts`, pin dependencies to known-good lockfile versions, and audit GitHub organisations for "Miasma" / "Hades" repository descriptions and unexpected `id-token: write` workflow grants.

Ongoing

Structural controls

T4Gate any Android device that isn't reporting the current patch level out of corporate resource access by policy — not by hope — whether it's corporate-owned or BYOD.
T5Prove asset-inventory completeness for Oracle WebLogic: a flaw Oracle patched nearly two years before its KEV listing should never need a federal mandate to surface.
T6Enforce a standing policy blocking automatic `preinstall` hook execution in CI/CD pipelines and on developer workstations, and verify — don't assume — that credentials from the May 2026 durabletask incident were actually rotated.
T7Bring user-managed utilities like WinRAR into the formal software asset inventory, so "how many endpoints, what version" has an evidenced answer rather than a guess.

Provenance

Cadence

Published each week. Use Subscribe to join the distribution list and get each issue by email as soon as it's out, or Share to copy a direct link straight to a colleague or your security team.

Contact Sovereign GRC for risk advisory or a threat profile tailored to your environment

Get Your AI Governance Roadmap →

Threat Intelligence Summary

Regulatory & Governance Intelligence

Threat Register: 08/06/2026

Threat Actor Profiling

Control Deficiency & Framework Mapping

Risk Triage

Remediation Actions

Provenance

Intelligence Sources

Cadence