"Xsolis data breach impacts 1.4 million people."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 23 June 2026, 1611 UTC.

Content and Source:  "Security Affairs" via email subscription from https://feedly.com.

https://feedly.com/i/subscription/content/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check subscription link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

80K followers30 articles per week

#security#tech

9

Today

Xsolis Data Breach Impacts 1.4 Million People

3 TTPs

•

by Pierluigi Paganini / 5h

•

Xsolis vendor data breach

Xsolis disclosed a breach affecting 1.4M people after a phishing attack exposed personal and health data from its hospital clients’ systems. Healthcare tech company Xsolis, Inc. has disclosed a data breach impacting nearly 1.4 million individuals. The Tennessee-based firm provides utilization management and revenue cycle solutions for healthcare providers. The company became aware of an unauthori

Yesterday

ShapedPlugin Supply Chain Attack Backdoors Pro Plugin Updates

14 TTPs

•

by Pierluigi Paganini / 7h

•

ShapedPlugin supply chain compromise

Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. If you installed a ShapedPlugin Pro plugin between April and June 2026 and kept it updated, your site may be compromised. Not because you did something wrong, but because the vendor’s own build and distribution pipeline was breached. Cybersecurity firm Wordfence conf

Squidbleed: 29-Year-Old Squid Bug Leaks User Credentials

3 TTPs

•

by Pierluigi Paganini / 8h

Squidbleed is a 29-year-old Squid Proxy flaw that can leak credentials, tokens, and other users’ HTTP data through a memory overread. Researchers at Calif.io have disclosed CVE-2026-47729, a memory leak vulnerability in Squid Proxy that was introduced in 1997 and has remained undetected through nearly three decades of releases, audits, and rewrites. They named it Squidbleed because it works like

WhatsApp Malware Campaign Hijacks Trust, Installs Legitimate Admin Tools

IoC > 1 IP

•

by Pierluigi Paganini / 19h

•

11 TTPs

•

WhatsApp VBScript RMM campaign

WhatsApp accounts were hijacked to spread fake debt notices that install remote access software, giving attackers control of victims’ PCs. Kaspersky published a technical analysis this week of an active malware campaign that spreads through WhatsApp messages and ends with a remote management tool silently installed on the victim’s machine. The campaign is still running as of June 22, 2026, and ha

Texas Parks & Wildlife (TPWD) Data Breach impacts 3 Million People

2 TTPs

•

by Pierluigi Paganini / 21h

•

Millions of US IDs exposed

Texas Parks and Wildlife Department (TPWD) breach exposed data of 3M people via a third-party license vendor, including sensitive personal information. The Texas Parks and Wildlife Department (TPWD) disclosed a data breach affecting around 3 million individuals after a third-party vendor used for hunting and fishing license sales was compromised. The Texas Parks and Wildlife Department (TPWD) is

Anthropic’s Mythos AI broke into almost all NSA classified systems in hours

Anthropic Mythos breaches NSA systems

•

by Pierluigi Paganini / 1d

Senate testimony claims Anthropic’s Mythos AI breached NSA and Cyber Command systems in hours, prompting a U.S.-ordered shutdown. On June 12, the Trump administration directed Anthropic to restrict access to Fable 5 and Mythos 5, its two most capable models, exclusively to US citizens. Because verifying every user’s nationality in real time isn’t practically possible, Anthropic’s only option was

FortiBleed: The Most Detailed Breakdown Yet of an Active Russian Credential-Harvesting Operation

FortiBleed steals firewall credentials

•

by Pierluigi Paganini / 1d

FortiBleed targeted 430,000+ FortiGate devices, harvesting 110M credentials and enabling breaches through large-scale credential theft. A new threat intelligence report from SOCRadar’s Threat Research Unit (STRU), the team that first identified and named the FortiBleed campaign, goes deeper than anything published so far on what is shaping up to be one of the most significant credential-theft ope

Jun 21, 2026

4,300+ Outdated Routers Hijacked in Stealthy Spy Infrastructure by AryStinger malware

IoC > 3 domains and 1 IP

•

by Pierluigi Paganini / 1d

•

16 TTPs

AryStinger hijacks outdated routers via old flaws, turning 4,300+ devices into a stealth network for reconnaissance and intrusion support. On March 12, 2026, QiAnXin’s XLab threat detection system flagged a single IP address, 107.150.106.14, spreading a Linux binary through two vulnerabilities that were disclosed in 2013 and 2016 respectively. The binary had zero detections on VirusTotal. The dev

usbliter8 Brings Unpatchable BootROM Exploit to Apple A12 and A13 Devices

Execution (Enterprise TA0002)

•

by Pierluigi Paganini / 1d

usbliter8 is an unpatchable BootROM exploit affecting A12/A13 devices, enabling code execution and extending checkm8-like risks to newer iPhones. Security researchers at Paradigm Shift published a working exploit on June 18, 2026, called usbliter8, that achieves arbitrary code execution inside the SecureROM of Apple’s A12 and A13 chips. SecureROM is the first code that runs when an Apple device b

End of feed