Risky Bulletin Newsletter
June 19, 2026
Risky Bulletin: Canada’s spy agency allowed to remove a botnet from Canadian devices
Written by
News Editor
This newsletter is brought to you by Ent AI. You can subscribe to an audio version of this newsletter as a podcast by searching for "Risky Business" in your podcatcher or subscribing via this RSS feed. You can also add the Risky Business newsletter as a Preferred Source to your Google search results by going here.
Canada's main intelligence service obtained a court warrant this week to proactively remove a mysterious botnet's malware from Canadian systems such as servers, home routers, and smart devices.
The devices were allegedly part of an unnamed proxy botnet. These types of botnets are very common these days and allow hackers to disguise the origin of their attacks and their identities, making their malicious traffic appear as coming from a local residential network.
According to a copy of the court order obtained by The Canadian Press, the botnet was allegedly being used by a threat actor to "advance their financial, political, ideological and economic interests."
Unfortunately, no other details are available about the identity of this mysterious group as the threat actor's name was redacted from the judge's ruling.
In its warrant request, the Canadian Security Intelligence Service (CSIS) said it would conduct the disinfection "as soon as possible" and it's unclear if it already happened.
It's unclear if the order is related to another phase of Europol's Operation Endgame, which also took place this week. The new phase targeted the SocGolish botnet of infected websites. Authorities from Europol, Canada, the US, Germany, and the Netherlands seized servers and domains used to manage the botnet.
The interesting part of this new phase is that Dutch Police also carried out a "disinfection" of WordPress sites infected by the botnet in the Netherlands, a process that seems to have involved accessing the sites through their leaked credentials and removing the SocGolish backdoor, a first of its kind operation for Dutch Police.
But honestly, the wording of the article in Canadian media seems to suggest the CSIS might have targeted one of the several Chinese proxy botnets that have been the target of similar operations in the US, usually to hide Chinese APT attacks.
I love speculating! See you on Monday!
Risky Business Podcasts
The main Risky Business podcast is now on YouTube with video versions of our recent episodes. Below is our latest weekly show with Pat, Adam, and James at the helm!
Breaches, hacks, and security incidents
Kodak hit by ShinyHunters: American photography giant Kodak is investigating a security breach after the ShinyHunters hacking group listed its name on its dark web leak portal this week. The group claims to have stolen the details of almost 2.2 million customers. Kodak confirmed unauthorized access to its network but not anything else. [BleepingComputer]
Aztec Connect hacked twice in a week: Cryptocurrency platform Aztec Connect was hacked twice in the span of a week. Unknown attackers stole $2.1 million last week and another $2 million this Thursday. In both incidents the attackers exploited legacy smart contracts in deprecated components that were not decommissioned. Similar hacks targeting legacy smart contracts have also targeted the Raydium and DxSale platform this month in what appears to be a coordinated campaign. [Aztec Connect first hack /// Aztec Connect second hack // Cryptopolitan]
South Korean startup data leaks: The data on more than 5,000 startups who participated in a government competition has leaked online. Data such as names, email addresses, business ideas, and evaluation comments leaked via the competition's website. The leak was discovered after an AI company spammed the participants this week with business proposals related to their competition entries. The South Korean Ministry of SMEs and Startups is investigating the leak. [The Chosun Daily]
Texas Parks and Wildlife has a breach: Hackers have stolen the personal details of more than three million people who registered for hunting and phishing licenses on the Texas Parks and Wildlife website. The stolen data includes highly sensitive details such as government IDs, driver's licenses, and home addresses. The agency didn't say when the breach happened. [TPWD // TechCrunch]
General tech and privacy
Mastodon admins can now force 2FA: The Mastodon project has added the ability to force two-factor authentication on all user accounts. The feature rolled out this week with version 4.6.0. It is optional and will have to be enabled on each Mastodon instance by admins. [Mastodon on GitHub]
Apple sabotages its own Hide My Email feature: Apple will switch all emails created through the Hide My Email service to its own separate domain. The move was announced this week. All randomized email addresses will be moved from the main icloud.com domain to the private.icloud.com subdomain. Privacy experts claim this change will allow online services to easily block users who try to hide their real iCloud email. They are absolutely right. [Apple // TechCrunch]
reCAPTCHA adds hand gesture verification: The Google reCAPTCHA service has added a new feature that will allow website and app owners to verify their users via hand gestures. The new verification process will require users to turn on and wave their hand at the camera. Google says the videos don't record audio and are deleted after a successful verification. [Google]
AMD disables TSME for consumer CPUs: AMD has disabled a security feature that encrypts a CPU's memory for consumer chipsets. The Transparent Secure Memory Encryption (TSME) feature will only be available for the Pro versions of AMD CPUs going forward. The feature was designed to protect a CPU's memory in the case of cold boot attacks. [ArsTechnica]
AWS Continuum: Several days after it told on poor little innocent Anthropic and got Mythos and Fable on the export control list, Amazon launched AWS Continuum, a new AI-based security service that continuously discovers, validates, and remediates vulnerabilities. [AWS]
SpaceX to buy Cursor: In a stupidly overpriced deal, SpaceX is buying the Cursor AI-based IDE for a whopping $60 billion. [CNBC]
Firefox 152: Mozilla has released Firefox 152. New features and security fixes are included. The biggest feature in this release is the new redesigned Settings page.
Government, politics, and policy
Canada launches bug bounty program: Canada has launched a vulnerability disclosure program for the government's IT networks. The program launched in March on the HackerOne program and has already received 160 reports. It is managed by Canada's Treasury Board Secretariat, the agency responsible for all government IT networks. [Canadian Cyber in Context // Government of Canada // HackerOne]
Britain's APT problem: Hostile states are behind three-quarters of attacks on the UK critical infrastructure. The UK's cybersecurity agency has investigated more than 200 incidents this year alone, and is handling around four nationally significant cyber incidents every week. NCSC CEO Richard Horne warns that information gathered through these breaches will likely be used for kinetic strikes in the event of a real conflict. [The Record // NCSC]
NCSC with the "duh" advice: The UK's cybersecurity has asked organizations not to vibe-code the parts of their apps that handle sensitive data. [NCSC]
Bulgaria approved surveillance tech to oppressive regimes: The Bulgarian government has licensed the sale of surveillance software to countries with known human rights violations. According to Human Rights Watch, surveillance company Circles has sold telecommunication interception systems to at least 15 countries. This included law enforcement agencies, intelligence services, and even private companies. Circles was initially founded in Cyprus and later moved to Bulgaria. One of its two founders is Intellexa founder Tal Dillian. Human Rights Watch says this is the latest case of the EU's export controls not being enforced by member states. [Human Rights Watch]
"The documents describe licenses for exports of Circles’ surveillance technology to Azerbaijan, Bahrain, Brazil, Dominican Republic, El Salvador, Ghana, Guatemala, Israel, Jordan, Malaysia, Mexico, Morocco, Panama, Serbia, and the United Arab Emirates (UAE)."
Second wave of GlobalSign revocations in Russia: Last week, GlobalSign mass-revoked TLS certificates for Russian companies. According to a new report, the company is conducting a second revocation wave this week. [RBC]
Sponsor section
In this Risky Business sponsor interview, Catalin Cimpanu talks with Brandon Dixon, co-founder and CTO of Ent AI, on the company's innovative use of local LLMs to track user behavior on the endpoint, and add context to suspicious events to detect or prevent malicious activity.
Arrests, cybercrime, and threat intel
Authorities disrupt SocGolish: Law enforcement agencies from several countries have disrupted the SocGolish malware operation. Authorities seized 106 servers and domains that were used to control the group's malware. In addition, Dutch police have also removed the SocGolish backdoor from almost 15,000 WordPress sites and notified their respective owners. The SocGolish malware has been active for almost a decade and has been used to hijack traffic from hacked websites and redirect users to malicious sites, such as scams, phishing pages, and malware download pages. [Dutch Police // Proofpoint]
Mastra supply chain attack: More than 140 npm packages were compromised in a supply chain attack at the Mastra AI framework. An unknown attacker hijacked the organization's npm account and added a credentials harvester to all npm packages. The infostealer is unique to this attack and has no connections to any of the previous npm worms. Mastra is a very popular framework for building AI-powered applications and agents using TypeScript. [Aikido Security // Endor Labs // jFrog // Microsoft // OpenSourceMalware // SafeDep // Snyk // Socket Security // Step Security]
WordPress plugin supply chain attack: And speaking of supply chain attacks, there was also one impacting the WordPress ecosystem. An attacker compromised the build pipeline of the ShapedPlugin team and added a backdoor to its commercial paid plugins. The free versions distributed through WordPress.org were not affected, even if the attacker had access to compromise them. [Wordfence]
A bunch of Fortinet creds leak online: Credentials for almost half of all internet-connected Fortinet devices have leaked online from an attacker's server. The list includes credentials for almost 74,000 devices. Credentials are included for large companies such as AT&T, Samsung, Chevron, Toyota, Mercedes, and more. The attack allegedly dumped configuration files from the devices, extracted VPN authentication hashes, and then cracked them offline to recover the passwords. [Bob Diachenko // DoublePulsar // HudsonRock // GayInt, list of victim domains]
Popa botnet linked to Israeli firm: A malware botnet that infected millions of Android devices appears to be the backend of a residential proxy service named NetNut. Known as Popa, the malware botnet has been linked to brute-force attacks, ad fraud, and large-scale web scraping operations. Business records show the NetNut proxy service is operated by Alarum Technologies, an Israeli company listed on NASDAQ. [Synthient // Nokia // Qurium // KrebsOnSecurity]
TeamPCP traced to South Africa: A single individual operating out of South Africa might be behind the TeamPCP hacking group that has carried out several supply chain attacks over the past nine months. A Google investigation has traced TeamPCP's activity to IP addresses in the country. Palo Alto Networks believes the suspect goes online using the hacker pseudonym of "ResoluteXBF" and sometimes receives help from two other accomplices. [CybersecurityDive]
Taraksan work cluster: Researchers look at a cluster of North Korean remote IT workers operating out of the Taraksan region of North Korea. This is a cluster doing pure IT work, with no cyber shenanigans involved. [NISOS]
MexicanMafia (PanchoVilla) profile: A mysterious threat actor has been targeting Mexican government agencies and private sector companies for PII data theft for years. A recent server leak exposed some of their recent operations, including their adoption of AI tools. [CloudSEK]
"The 2025–2026 AI-assisted breach of Mexican government agencies (Gambit Security report) was not attributed to Mexican Mafia, but based on the overlaps, it can be ascertained with high confidence that the threat actor we analyzed is following the same footsteps."
GitBait profile: A new threat actor is abusing GitHub Pages to host phishing kits targeting Mexican banks and financial institutions. [Group-IB]
Most cyber activity coming out of Asia is scams: Almost 40% of the detected cybercrime activity coming out of Asia is online scam-related. Phishing is coming close behind due to the rise of the Chinese Phishing-as-a-Service ecosystem. According to Interpol, there's also a very noticeable trend of AI use for cyber operations across the region. [Interpol]
Telegram's cybercrime crackdown barely makes a dent: Cybercrime content continues to flood Telegram despite the platform's increased moderation efforts over the past two years. Daily activity levels for cybercrime-related terms has remained at the same levels as before Pavel Durov's arrest in 2024. New research has found that cybercrime groups have often moved activity inside politically and cryptocurrency-related channel names to avoid security scans. Some of the channels used to hide cybercrime activity include names such as PatriotPartyOregon, FreeWestVirginia, or ThePatriotPartyofOH. [OpenMeasures]
More AI tools in the cyber underground: Sophos has taken another look at the type of AI tools advertised on underground hacking forums and also spotted a rising number of discussions from low-level tool vendors who are now afraid that the new AI tools might soon "replace them." Get on the strugglebus guys! Welcome aboard! [Sophos]
ShinyHunters profile: Cato Networks has published a profile on ShinyHunters, the threat actor who survived three forum seizures and the arrests of five administrators. [Cato Networks]
DarkForums leaks its XMPP IP: Underground hacking forum DarkForums is leaking the IP address of its private "anonymous" XMPP instant messaging service. [CovSec]
BreachForums evolution: None of the BreachForums clones currently active have any connection to the original forum anymore. The clones have been disavowed by the original BreachForums administrators and have evolved into their own cybercrime platforms with unique clientele. According to security firm KELA, the current clones have divergent business models that range from ransomware recruiting to the sale of compromised credentials to data leaking and extortion, and the brokering of supply-chain attacks. The BreachForums clones often attack each other, dox admins, and try to steal the most active users. [KELA]
"The BreachForums brand is now decoupled from legitimacy and from infrastructure. No 2026 forum holds uncontested succession rights. The original owners have disavowed all claimants, meaning continuity of the name does not equal continuity of capability or operators."
Malware technical reports
AryStinger botnet: More than 4,300 routers across the world have been infected with a new malware strain that turns them into a proxy botnet. The AryStinger malware specifically targets routers running the Realtek RTL819x chipset. This includes devices from D-Link and Linksys. According to Chinese security firm QiAnXin, the botnet is mainly used to scan the internet and to proxy malicious traffic. [QiAnXin]
macOS ClickFix campaign: Netskope researchers look at a ClickFix campaign targeting macOS users with some novel malware, an AppleScript-based stealer and a persistent RAT. [Netskope]
Rust-based crypto-hijacker (clipper): Check Point has discovered a pretty complex operation designed to distribute a Rust-based clipper. Compared to most similar clipper campaigns, this one has put a lot of effort into the operation, using boobytrapped GitHub and SourceForge repos, fake promotional YouTube videos, articles placed on hacked news sites, fake social media comments, promo campaigns on crypto forums, and more, all to lure users to the payload, thinking it's a legit website. [Check Point]
USB worm clipper: Microsoft has discovered the most over-engineered cryptocurrency clipper of all time. This one is distributed via USB worms and uses Tor as a C2 channel. Besides replacing crypto wallet addresses in the clipboard, this one also steals any copy-pasted seed phrases and private keys. [Microsoft]
OXLOADER: There's a new malware loader used in the wild. Named OXLOADER, it is currently distributed via malicious ads and used to deploy the CastleStealer infostealer. [Elastic]
AdaptixC2: With adoption going strong in recent months, Censys breaks down how to track the AdaptixC2 open-source C2 framework, currently installed on more than 230 hosts across the internet. [Censys]
Deno-based proxy RAT: Researchers have spotted a new proxy and RAT toolkit developed on top of the Deno JS runtime. [InfoGuard]
MetaStealer: Walmart's security team looks at the C2 communications of the MetaStealer infostealer. [Walmart]
GentleKiller: The Gentlemen ransomware group has developed its own in-house EDR killer framework, which researchers are now calling GentleKiller. It is one of several they are using, together with other EDR killers like HexKiller, ThrottleBlood, and HavocKiller. [ESET]
GentleKiller is Gentlemen’s most prevalent EDR killer. We found eight distinct variants of the tool, each impersonating a different legitimate product. Across all builds, GentleKiller targets more than 400 processes, which we mapped with the help of AI to 48 products. 4/6
— ESET Research (@esetresearch.bsky.social) June 18, 2026 at 12:40 PM
INC ransomware: The Acronis team has published a profile on the INC ransomware operation, which has slowly grown into one of the largest RaaS gangs on the market these days. [Acronis]
Prinz Eugen ransomware: Malwarebytes researchers look at Prinz Eugen, a new Go-based ransomware strain that has been used in very select attacks since April. The group also operates a leak site on the dark web, which currently only lists three victims. [Malwarebytes]
Sponsor section
In this edition of the Snake Oilers podcast, Ent AI co-founder Brandon Dixon introduces the company's intent-aware, AI-powered endpoint security control.
APTs, cyber-espionage, and info-ops
APT-C-48: Qihoo's security team has published a report on resume-themed spear-phishing campaigns carried out by APT-C-48, also known as CNC. [Qihoo 360]
Dropping Elephant: The Dropping Elephant APT, aka Patchwork, has a new fancy in-memory RAT they are using in recent intrusions. [Rapid7]
Vulnerabilities, security research, and bug bounty
Security updates: Adobe, Apple Beats, Atlassian, Chrome, Cisco, F5, Firefox, JCE for Joomla, Splunk.
Joomla plugin zero-day: Hackers are exploiting a zero-day in a popular plugin for the Joomla CMS. Attacks have been recorded against JCE, a text and content editor used for the backend and frontend of Joomla sites. The zero-day allows unauthenticated attackers to create editor profiles on the editor. The profiles were abused to upload webshells on vulnerable sites. Attacks have been going on since the start of the month. A patch has been available since June 6. [JCE for Joomla // mySitesGuru // CVE-2026-48907]
Splunk bug exploited in the wild: Hackers are exploiting a recently patched bug to take over Cisco Splunk SIEM platforms. Only Splunk instances using a PostgreSQL database are impacted. The bug allows attackers to bypass authentication and access and tamper with the database, leading to code execution scenarios. [CISA // WatchTowr Labs // CVE-2026-20253]
F5 releases out-of-band NGINX security updates: American tech company F5 has released an out-of-band security update to patch six vulnerabilities in the NGINX web server. The vulnerabilities can allow attackers to flood and crash NGINX servers via specially crafted HTTP/2 or HTTP/3 packets. In some scenarios, the bugs can also be used for code execution. [F5]
RoguePlanet gets a CVE, but no patch: Microsoft has assigned a CVE for the RoguePlanet Windows Defender EoP but has not released a patch just yet. [CVE-2026-50656]
Cline code-exec: Manifold Security has found a way to abuse the Cline VS Code AI Assistant to run malicious commands on a developer's system. The patches have been classified as "product hardening" and will ship later. [Manifold Security]
Firefox AI abused to steal emails: There's one rule in life and that's that any AI chatbot or assistant these days is a mess that will get you hacked. The latest to join that list is the AI assistant that Mozilla added to Firefox last year. ERNW researchers have found that malicious pages could use hidden HTML code to trick the assistant into taking a user's emails and sending them to the attackers' inbox. Noice! [ERNW]
Infosec industry
Threat/trend reports: CSC, GIS, Interpol, Positive Technologies, Recorded Future, and Ultraviolet have recently published reports and summaries covering various threats and infosec industry trends.
Acquisition news: Analytics company Databricks will acquire security startup Pantera Labs for its AI SOC capabilities. [DataBricks]
Accenture goes shopping: Risk management and consulting giant Accenture has acquired a majority stake in Dragos and all of security firms RunZero and NetRise. The two will be folded into Dragos, which will continue to operate as a separate business. The transaction will cost Accenture $4.125 billion. [Accenture // Dragos // runZero]
New tool—VSMEx: A team of academics has released VSMEx, a dataset of malicious VS Code extensions collected from Microsoft's flagged extension lists.
New tool—Malsnitch: Security researcher Kelvin Winborne has released Malsnitch, a secrets scanner that extracts attacker credentials from malware.
Risky Business podcasts
In this edition of Seriously Risky Business, Tom Uren and James Wilson talk about Anthropic rolling out its latest models only to have them effectively banned by the US government within days. Although the administration's process for assessing new models is, ahem, amorphous, Anthropic is doing itself no favours by dismissing its concerns.