kyber.today

kyber.todayDaily recaps of the top cybersecurity and AI news.https://kyber.today/ShinyHunters Burns a PeopleSoft Zero-Day Through Higher Ed as Copilot "SearchLeak" Shows AI Is the New Exfil Channelhttps://kyber.today/issues/2026-06-18-shinyhunters-burns-a-peoplesoft-zero-day-through-higher-ed-a/https://kyber.today/issues/2026-06-18-shinyhunters-burns-a-peoplesoft-zero-day-through-higher-ed-a/A critical vulnerability blitz dominates this digest: Oracle PeopleSoft CVE-2026-35273, Splunk CVE-2026-20253, and an unpatched Microsoft Defender RoguePlanet zero-day are actively exploited, with ShinyHunters and other threat actors targeting higher education and enterprise networks. The AI/security layer has emerged as a major attack surface, exemplified by Microsoft 365 Copilot SearchLeak (one-click data exfiltration), Google Vertex AI cross-tenant RCE, and the Novo Nordisk breach that exposed proprietary AI model checkpoints and training infrastructure as ransomware extortion payload—underscoring that AI IP is now a strategic target.Thu, 18 Jun 2026 07:39:57 GMTzero-dayrceremote-code-executionprivilege-escalationauthentication-bypassprompt-injectionai-securityllm-securitysupply-chain-attackdata-breachransomwaremalware-analysiscredential-harvestingai-exfiltrationMicrosoft 365 Copilot 'SearchLeak' Enables One-Click Data Theft as Novo Nordisk Loses Internal AI Models to Extortionistshttps://kyber.today/issues/2026-06-17-microsoft-365-copilot-searchleak-enables-one-click-data-thef/https://kyber.today/issues/2026-06-17-microsoft-365-copilot-searchleak-enables-one-click-data-thef/A critical day for AI and enterprise security: Microsoft 365 Copilot was patched for the "SearchLeak" one-click exfiltration vulnerability (CVE-2026-42824), while Novo Nordisk confirmed a breach exposing trained AI models and proprietary training data to extortionists. Multiple actively-exploited flaws emerged in Fortinet FortiSandbox, Joomla JCE, Cisco Catalyst SD-WAN Manager, LiteSpeed cPanel, and Palo Alto GlobalProtect, alongside supply-chain compromises affecting Arch Linux AUR, JetBrains Marketplace, and npm packages. Major APTs including UNC6508, SprySOCKS (FishMonger), ScarCruft, and SideCopy expanded targeting of medical research, defense, and developer communities.Wed, 17 Jun 2026 11:23:10 GMTzero-dayprompt-injectiondata-breachsupply-chain-attackllm-securityransomwareprivilege-escalationlateral-movementai-model-theftmalware-distributionextortion