Qilin Exploits Check Point Zero-Day; AI Worm PoC Emerges

Summary

The day's most consequential signal is structural: AI models are now converting N-day advisories into working exploits in hours, and a proof-of-concept autonomous AI worm from the University of Toronto shows self-directed network compromise is no longer theoretical. Against that backdrop, Qilin ransomware exploiting a Check Point VPN authentication bypass zero-day and a seventh unpatched Cisco SD-WAN actively exploited flaw describe a threat environment where patch windows are compressing from all directions. Financial services and government endpoints are the primary targets in today's breach claim volume.

Today's developments

The Shai-Hulud supply chain campaign added two new variants on June 9. Security researchers confirmed Miasma and Hades compromised over 100 packages across NPM and PyPI and injected malicious code into 73 Microsoft open-source GitHub repositories; Microsoft confirmed it temporarily removed some repos while its investigation continued. The Hades variant specifically poisoned 37 malicious wheel artifacts across 19 PyPI packages, auto-running credential stealers via the Bun runtime.

Zero-day exposure remained high across multiple products. Google released Chrome 149.0.7827.103 patching CVE-2026-11645, a high-severity V8 engine flaw actively exploited in the wild -- the fifth Chrome zero-day in 2026. Cisco customers encountered their seventh actively exploited SD-WAN zero-day of the year, again with no patch available from the vendor. The US CISA added CVE-2026-42271, an unauthenticated RCE flaw in BerriAI LiteLLM, to its KEV catalog. SAP patched critical NetWeaver and Commerce vulnerabilities covering memory corruption and sensitive information disclosure. OpenSSL released fixes for 18 flaws, including one discovered with AI-assisted code analysis.

Qilin ransomware is exploiting an authentication bypass in Check Point VPN to establish sessions without valid credentials, then moving laterally before deploying ransomware -- five Qilin operations appear in today's data. Russia-aligned threat actors continued exploiting a known WinRAR vulnerability against Ukrainian organisations, deploying stealers against individuals connected to Russian armed forces in border regions. On the AI exploitation front, security researchers report that the Anthropic Mythos model can convert N-day advisories into working exploits in hours; a separate University of Toronto team published a proof-of-concept AI worm that runs entirely on locally hosted open-weight models, reasoning through network topology and generating tailored attack payloads without cloud connectivity.

Alleged breach and data exposure claims targeted finance, government, and military:

• Actor cyberclon2 claims a breach of the National Security Agency (United States).
• Actor mosad alleges separate breaches of the South African Army and the Ministry of Defense of Saudi Arabia.
• Actors CrackedSH and 0xulnar allege breaches of Coinbase and Robinhood (both US, Financial Services).
• Actor DBHunter claims a breach of Banc Certified Merchant Services (US, Financial Services); actor giorggios claims Wise (Spain, Financial Services).
• Actor 2019 claims breaches of Ochre Health (Australia, Healthcare -- allegedly 25,000-plus patients), Napoleon Perdis Cosmetics (Australia), and Zeemart (Singapore, software).
• Actor ChimeraZ claims a breach of Proprietes Privees (France, Real Estate), citing approximately 3.2 million records; actor govfault claims Rennes Metropole (France, Government Administration).
• Actor gang claims a breach of AlphaSMS (Ukraine, Telecommunications); actor shell claims Banco Central do Brasil (Brazil).
• Pro-Russia NoName057(16) conducted six DDoS operations against UK targets including Pembrokeshire County Council, Energy UK, GKN PLC, and Capita PLC. Actor "Odessa: Still Loading" ran nine DDoS operations against Ukrainian transport and logistics targets including grain shipping operators, cargo aviation, and gas supply companies.

Threat landscape signals

The US and Thailand tied at 17 events each, but with distinct profiles. US activity concentrated in financial services breach claims (Coinbase, Robinhood, Banc Certified Merchant Services, Wise, plus the grcuaiw telecom data leak), suggesting a directed campaign against payment and trading infrastructure. Thailand's exposure reflects mass-compromise activity by NXBB.SEC and NIKK BOSS targeting manufacturing, education, and hospitality -- lower-sophistication, high-volume. Actor "2019" is the most concentrated named actor outside the DDoS operators, with five Asia-Pacific events.

The AI exploitation acceleration is the structural signal: Mythos-speed N-day weaponization combined with the autonomous AI worm proof-of-concept means the detection-response window is compressing from both the discovery and the delivery sides. Organisations with externally exposed services running recently-patched software -- particularly Check Point VPN and Cisco SD-WAN -- should treat patch cycle time as a first-order control and not assume a multi-week window between advisory and exploitation.