Weekly Threat Digest: JUNE 15 to JUNE 21 2026

Threat Digest
Download Now

HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week, seven major attacks were detected, five critical vulnerabilities were actively exploited, and three threat actors were closely monitored, reflecting an alarming escalation in malicious activities.

CVE-2026-10520 Ivanti Sentry Critical pre-authentication command injection flaw allowing remote attackers to execute arbitrary commands as root through a single crafted request, with public proof-of-concept code rapidly driving mass exploitation of exposed appliances. Sinobi Ransomware closed vetted-affiliate ransomware-as-a-service operation assessed as a successor to Lynx, gaining entry through compromised SonicWall SSL VPN credentials, stripping EDR and exfiltrating data before deploying a Curve25519 locker that deletes shadow copies and enforces double extortion.

Meanwhile, SPECTRALVIPER, the signature backdoor of Vietnam-aligned actor OceanLotus, planted through a compromised stock-trading update server and a targeted infrastructure intrusion to sustain covert espionage access for up to fifteen months. Insomnia Data-theft-only extortion group operating without an encryptor, entering through info stealer-harvested credentials and authentication bypass and publishing stolen US healthcare records on a Tor leak site to coerce victims. These rising threats pose significant and immediate dangers to users worldwide.