June 2026 security update: AI-powered attacks, overlooked vulnerabilities, and the breach hitting schools worldwide

Today’s threat landscape 

From experiment to operation: AI is now a standard weapon

Google’s Threat Intelligence Group published its most detailed accounting yet of how cybercriminals are incorporating AI into their operations - and the picture marks a genuine turning point. Throughout April and May this year, AI was documented in production-scale use at every stage of attacks: identifying vulnerabilities, writing exploit code, crafting deceptive messages, and building infrastructure that’s difficult to trace or shut down.

The most significant finding is the first confirmed AI-generated zero-day exploit used in a real attack. Cybercriminals developed a script targeting a Python-based administration tool to bypass two-factor authentication using stolen credentials - identifiable as AI-generated by its detailed explanatory comments and a fabricated CVSS score. State-sponsored groups linked to China and North Korea have gone further, using AI trained on historical vulnerability cases to scan codebases, validate exploitability, and generate working attack code at a scale that previously required teams of skilled researchers.

AI is also making malware harder to detect. Newly documented malware families rewrite their own code in real time to evade recognition by security tools. An Android backdoor called PROMPTSPY used an embedded AI model to autonomously intercept messages and relay them to cybercriminals, with no human operator required (link above).

Moreover, academic research published this month shows how AI lowers the barrier to large-scale targeted phishing dramatically. By feeding social media data into AI models, cybercriminals can generate highly personalized messages at a scale no human team could match - rated more convincing than real examples by study participants in every dimension measured. Defenders who aren’t using AI themselves are operating at a growing disadvantage. Any AI system an organization relies on should be treated as a security-sensitive asset, with the same attention to data sources, access controls, and monitoring needed as any other critical system.

Top 3 vulnerabilities 

When the gatekeeper falls: critical PAN-OS flaw hands attackers root access at the perimeter

Devices that many organizations place at the boundary of their networks to inspect and control incoming and outgoing traffic faced a critical buffer overflow vulnerability last month. A high-value target, the User-ID Authentication Portal component of Palo Alto Networks PAN-OS was compromised by critical remote code execution vulnerability CVE-2026-0300 (CVSS 9.8); the firewall gives cybercriminals a foothold from which they can observe or manipulate everything passing through it.

An unauthenticated cybercriminal - one with no account or prior access - can execute arbitrary code with root privileges simply by sending specially crafted network packets to the Authentication Portal. This means reaching the portal over the network allows complete control of the firewall without any interaction with a legitimate user. CISA added CVE-2026-0300 to its KEV catalog, and limited active exploitation has been confirmed.

Palo Alto Networks has released fixed versions across all affected PAN-OS branches. Organizations that can’t patch immediately should restrict access to the Authentication Portal to trusted network ranges, or disable Response Pages on untrusted interfaces as an interim measure.

Your security tool as the attack path: two Defender flaws combine to blind and own endpoints

Microsoft disclosed two actively exploited vulnerabilities in its Defender security products on May 19, both of which were added to CISA’s KEV catalog.

CVE-2026-41091 (CVSS 7.8) affects the Microsoft Malware Protection Engine - the core scanning component shared by Defender, Security Essentials, and System Center Endpoint Protection. The vulnerability stems from the way the engine resolves file links during a scan: because the scan runs with elevated system privileges, a cybercriminal who already has a low-privilege foothold on the machine can manipulate the engine into writing into protected areas of the operating system and escalate to the highest privilege level Windows grants.

Running in parallel, CVE-2026-45498 (CVSS 4.0) allows attackers to force Defender into a non-functioning state - effectively disabling the organization’s primary on-device protection - without triggering any visible alert. The two vulnerabilities are particularly dangerous in combination. A cybercriminal who has compromised an endpoint can use CVE-2026-45498 to blind the security tool, then use CVE-2026-41091 to take full control of the system.

Both issues are resolved by updating the Malware Protection Engine to version 1.1.26040.8. In most environments this update is delivered automatically, but administrators should verify that automatic updates are functioning and confirm the installed version.

A vulnerability hiding in plain sight: five Linux kernel bugs give any local user full system control

The last two months brought an unusual cluster of related Linux kernel vulnerabilities. Each was discovered by different research teams, but all share the same underlying class of weakness: a subtle memory-management error that allows an unprivileged local user to corrupt protected kernel memory and gain full administrative (root) control of the system. The group includes CVE-2026-31431 (Copy Fail), CVE-2026-43284 and CVE-2026-43500 (Dirty Frag), CVE-2026-46300 (Fragnesia, CVSS 7.8), CVE-2026-31635 (DirtyDecrypt, CVSS 7.5), and CVE-2026-46333 (SSH-keysign-pwn, CVSS 5.5).

Working demonstrations for several of these have already been published publicly. Affected distributions include Ubuntu, Red Hat Enterprise Linux, Debian, Fedora, openSUSE, Amazon Linux, and most other mainstream Linux systems. Any user who can log in to the system - even without administrative rights - can exploit these vulnerabilities to take full control, read sensitive files such as password databases and private cryptographic keys, or run commands as the system administrator.

All affected distributions have released kernel patches. Organizations running Linux systems should apply available updates as a priority, and those using containers should ensure that the underlying host kernel is also patched. Where immediate patching isn’t possible, temporarily raising the kernel’s process-tracing restriction setting to its highest level reduces the risk from several of these vulnerabilities.

Industry news 

Breaches, fines, and a hidden outage: Europe's institutions count the cost of delayed action

The most significant cyber incident affecting European education this month was the breach of Canvas, used by thousands of institutions worldwide. The extortion group ShinyHunters exploited cross-site scripting vulnerabilities in the platform run by Instructure, stealing course data, enrollment records, and internal messages from over 30 million users across more than 8,000 institutions - 3.6TB of data in total. The Swedish Defense University reported the incident to Sweden’s Data Protection Authority under GDPR. ShinyHunters threatened to publish all data by May 12, but Instructure reached an agreement with the group before that deadline; the threat actors removed the data from their leak site, a pattern that typically indicates a ransom payment was made.

The UK’s Information Commissioner’s Office (ICO) fined South Staffordshire Water £963,900 for a 2022 cyberattack exposing data on 663,887 customers and employees. The ICO found malware had been present for 20 months undetected, monitoring covered only 5% of the IT environment, and the organization had been running end-of-life software for nearly two decades. Meanwhile, POST Luxembourg revealed a previously unknown vulnerability in Huawei router software was behind the July 2025 nationwide outage that disrupted landline, 4G, 5G, and emergency services for over three hours. As of May 2026, no CVE has been assigned and no public patch exists. That said, while the Swedish Bankers’ Association’s 2026 threat assessment noted a broader cyber security threat picture driven by AI, fraud losses from telephone-based scams fell around 60% compared to 2023 – indicating everyday citizens are becoming more aware of such criminal acts and how to handle them.