Cyber Security News

Hacking Editorial Brief — June 6, 2026

Active Exploitation of Cisco and SolarWinds Infrastructure

CISA warns that threat actors are actively exploiting CVE-2026-28318, a denial-of-service vulnerability in SolarWinds Serv-U file transfer software, to crash servers. Separately, Cisco disclosed that CVE-2026-20245, a high-severity flaw (CVSS 7.8) affecting Catalyst SD-WAN Manager across multiple deployment types, is under active exploitation with no patch currently available. The campaign targeting Cisco infrastructure represents ongoing risk to enterprise network management platforms. In the supply chain space, attackers launched multiple campaigns against the npm ecosystem using both malicious and poisoned packages, with over 50 compromised libraries deployed as part of IronWorm and a new Miasma worm variant targeting JavaScript development environments.

Hardware and AI-Enabled Attack Surface Expansion

Researchers demonstrated that the Sound Blaster Katana V2X speaker can be compromised over-the-air to infect connected PCs without physical interaction, with the manufacturer declining to treat the behavior as a vulnerability. The research highlights expanding attack surfaces in USB-connected consumer hardware. In the cryptocurrency sector, an AI model uncovered a four-year-old critical flaw in Zcash's cryptographic implementation, with security researchers warning that similar AI-enabled vulnerability discovery could expose previously undetected bugs across financial and cryptographic systems. Meanwhile, Swiss defense contractor RUAG confirmed paying ransom to the Akira ransomware group following a network compromise, and hotel reservation systems at over 350 properties worldwide were breached for use in targeted phishing campaigns leveraging legitimate booking data.

Sources: SC Media · WIU Cybersecurity Center · The Hacker News · Ars Technica · CoinDesk · SWI swissinfo