cKure

AI is finding zero-days faster than security teams can respond. NIST can't keep pace with CVEs. Exploitation windows are now measured in hours. Most vulnerability management programs weren't built for this environment. In the latest Resilient Cyber episode, Chris Hughes sits down with Ivan Dwyer of Axonius to discuss what comes next — asset visibility, board conversations, AI vs. AI, and the metrics that actually matter when the volume explodes. The Vulnpocalypse Playbook >> https://thn.news/vulnpocalypse-guide

■■■□□ Driving into the Unknown: Investigating and Addressing Security Breaches in Vehicle Infotainment Systems.

The website is geo locked and done regions are not allowed.

https://www.mdpi.com/1424-8220/26/1/77

📻🇮🇷 Active.

The Pentagon’s Defense Intelligence Agency (DIA) in recent weeks issued a new counterintelligence threat assessment, viewed by a current U.S. official, that raises the level of suspected espionage threat from Israel to “critical” targeting the United States. According to officials, the designation stems from concerns by the Pentagon that Israel is making a particular effort to surveil top officials to get information on the Trump administration’s internal deliberations on the Iran War in the Middle East.

📡🅰️🅰️🅰️❎❎🅰️🅰️🅰️🅰️

PimEyes.Com

— 🇺🇸/🇮🇱 NEW: American soldiers deployed to defend Israel had their phones bugged and wiretapped by Mossad – New York Times @Middle_East_Spectator

■□□□□ OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. https://thehackernews.com/2026/06/new-chatgpt-lockdown-mode-limits-tools.html

■■■■□ Russia: GRU University, Where Moscow Turns Students into Spies and Hackers. https://vsquare.org/welcome-to-the-gru-university-where-moscow-turns-students-into-spies-and-hackers-bauman-stupakov/

⚡🇺🇸 Here is the full video of the unknown aircraft recently spotted near Area 51. Three cameras were used: natural, night vision and infrared. The two first shows that the aircraft had its headlights on for some reason. The infrared view is the most interesting. From this footage we can say that the aircraft is quite large, seems to have two engine, has a delta + canard wing configuration, seems to lack any vertical surfaces and is almost certainly stealthy. The wing tips may be mobile like the Chinese J-36 although it's hard to tell for sure. No contrails or exhaust heat is visible. This could be due to advance and unknown stealth technology or just camera settings and local air conditions. The aircraft could be a NGAD demonstrator, a F-47 prototype, a F/A-XX demonstrator or something else. Full video on YouTube @wfwitness

🇺🇸⚡️ — Anthropic is working with the National Security Agency to deploy its restricted Mythos AI model for cyberattacks, with about six company engineers embedded inside the agency to customize the system for specific missions, FT reports. ➡️ Mythos is considered powerful enough to autonomously identify and exploit software vulnerabilities and could be used in operations targeting foreign networks, including those linked to China and Iran. ➡️ The cooperation comes despite Anthropic's ongoing legal dispute with the Pentagon over restrictions on military use of its AI systems. Anthropic previously sought to limit government use of its models for mass surveillance and autonomous weapons, prompting the Pentagon to designate the company a supply-chain risk. ➡️ Mythos was not broadly released because of concerns over its offensive cyber capabilities, although Anthropic has since expanded access to selected organizations internationally.

👩‍💻 Performing RCE in Internet Explorer via clickjacking!

Credits: Igor Sak-Sakovsky's (𝕏 | Psych0tr1a)

https://swarm.ptsecurity.com/the-click-that-shouldnt-have-worked-rce-via-clickjacking-in-internet-explorer/

📡🛰 For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer https://github.com/sjmurdoch/gps-special-messages https://x.com/i/status/2061829547289387209

■■■□□ Lookalike Ghidra, dnSpy, and other download sites turned trusted clicks into TDS redirects. CPR found click hijacking, gated routing, and multiple malware families downstream — including an evasive, previously undocumented framework we call SessionGate. https://research.checkpoint.com/2026/impersonation-click-hijacking-and-tds-inside-a-malware-distribution-ecosystem/

■■□□□ CYBER INTELLIGENCE ALERT: ZERO-DAY VULNERABILITY EXPLOITATION — SERVERS IN CHINA 🇨🇳 [

STATUS: UNCONFIRMED / ACTIVE EXPLOITATION / THREAT ASSESSMENT] An active exploitation campaign targeting web servers and applications in .cn domains has been detected, using zero-day vulnerabilities to gain root access. Affected Entities: Multiple web servers and applications hosted under the .cn domain. Threat Actor: codeb0ss 👤 Date Recorded: June 3, 2026 📅 Reported Scope: The actor is using an automated exploit to compromise servers, gaining full access to shells, files, and configurations, with a severity classified as "Critical". Status of Evidence and Assessment 📊 Evidence: The activity has been documented, detailing the execution of an "Auto/Mass Exploit" against various hosts, confirming successful root access. Methodology: The actor uses an automated script to scan for and exploit vulnerabilities in Apache/Linux servers, also offering the source code and private exploits through a VIP/Premium scheme. Status of Compromise: The activity log shows several hosts marked as "Exploited," with successful acquisition of root user privileges and file system access. Mitigation Recommendations 🛡️ Server Audit: System administrators in .cn domains are advised to perform an immediate audit of their Apache/Linux environments to detect potential malicious shells or unauthorized access. Critical Update: Apply security patches as a priority to web applications, especially those managing Apache/Tomcat configurations, due to the use of this new type of private vulnerability. Access Monitoring: Implement enhanced security measures to prevent privilege escalation to the root level and monitor for mass scanning patterns originating from this actor's tools.

Source: 𝕏 | Vercel

■■■□□ AI video China built a secret cyber weapons lab — and someone INSIDE just leaked the entire thing. 🧨 Over 12,000 classified files. Hacking tools for every operating system. A weaponized power bank that steals your data when you plug it in. But here's what's terrifying — the files revealed: 🇮🇳 95 GB of India's immigration records — stolen 🇰🇷 3 TB of South Korean call logs — stolen 🇹🇼 459 GB of Taiwan's road data — stolen 20+ countries on the surveillance hit list. 80 organizations already compromised. Their response? "We're unaware." But they never denied it. Source: Aseem Jakhar | Instagram

■■■■□ CVE-2026-48778 & CVE-2026-48800 | Notepad++ | CVSS 7.8 HIGH 🐛 Config file injection - fake Run menu entries execute attacker code and survive reboots ✅ Fixed: Notepad++ 8.9.6.1 (May 27)

https://notepad-plus-plus.org/news/v8961-released/

■■■□□ Claude-Red: Offensive security skills for Claude — drop-in SKILL.md files that turn Claude into a context-aware red team operator. https://github.com/SnailSploit/Claude-Red

■■■■■ Bypassing Windows Defender and AMSI: A Practical Defense Evasion Guide for Red Team Operators. https://core-jmp.org/2026/06/bypassing-windows-defender-amsi-defense-evasion-red-team-guide/

■■■□□ Air-Gap Bridge via QR codes. A side channel attack to bypass DLP mechanisms. https://ckure.org/rx/QR-Beam 🔥Developer mentioned that he shall add Giber-Link in future that will allow audio based data transfer.

🔗🆒🆒🔤🆒🆒🆒🆒

Transfer data between devices using just QR codes!

QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.

Beta: https://ckure.org/rx/QR-Beam