
NetNut gets cracked.
The FBI disrupts a major residential proxy service. Attackers exploit Fortinet firewalls to target UK officials. European lawmakers call for a spyware investigation. A new macOS infostealer masquerades as a clipboard manager. Prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning. Researchers trick Claude into remote code execution. AI’s strain on the power grid is complicated. Monday business briefing. Our guest is Gabi Reish, VP Product, Threat Intelligence & Exposure Management at Bitsight, sharing insights on how cybercriminal activity is shifting. Anime and AI meet adolescent antics.
Today is Monday July 6th 2026. I’m Dave Bittner. And this is your CyberWire Intel Briefing.
The FBI disrupts a major residential proxy service.
The FBI and IRS Criminal Investigation, with support from Google, Lumen’s Black Lotus Labs, and the Shadowserver Foundation, seized domains linked to NetNut, disrupting a major residential proxy service. NetNut, owned by Israel-based Alarum Technologies, provided residential proxies that routed internet traffic through consumer devices, a service used for legitimate business purposes but also exploited by cybercriminals. Google said the network relied on at least two million devices, many of them Android smart TVs and streaming boxes, some of which were enrolled through preinstalled software or hidden software development kits. Researchers observed hundreds of threat clusters using NetNut infrastructure for password spraying, unauthorized access attempts, and other malicious activity. Google disabled NetNut-related infrastructure, shared threat intelligence, and updated Play Protect to detect affected applications. Alarum said it would cooperate with investigators and warned investors that the disruption could significantly affect its business. Researchers have also linked NetNut infrastructure to several botnet operations.
Attackers exploit Fortinet firewalls to target UK officials.
A large-scale cyber campaign targeting Fortinet firewalls has exposed login credentials belonging to UK government officials, overseas Foreign Office staff, local authorities, and organizations supporting critical infrastructure. Researchers say attackers used previously leaked credentials to bypass security controls and gain access to sensitive networks, with stolen accounts now reportedly being sold on dark web forums. The UK’s National Cyber Security Centre (NCSC) confirmed an ongoing brute force campaign against Fortinet devices and urged organizations to audit systems, isolate compromised devices, and change reused passwords. While the attack has been linked to Russian-speaking hackers based on technical evidence, officials say there is no evidence of direct Russian state involvement. Security experts warn the stolen credentials could enable ransomware attacks against healthcare, government, and other essential services if organizations fail to secure affected systems.
European lawmakers call for a spyware investigation.
European lawmakers are calling for a new spyware investigation after researchers found that former European Parliament member Stelios Kouloglou was infected with NSO Group’s Pegasus spyware while serving on the Parliament’s PEGA Committee, which was investigating spyware abuses. According to Citizen Lab, Kouloglou’s iPhone was compromised in October 2022 and again in early 2023 using the PWNYOURHOME zero-click exploit, with the attacks occurring during key stages of the committee’s work. Researchers urged the European Parliament to launch an immediate investigation and expand spyware screening for members’ devices. Political groups across Parliament echoed those calls, arguing that recommendations issued by the PEGA Committee in 2023, including stronger oversight and tighter controls on commercial spyware, have not been fully implemented.
A new macOS infostealer masquerades as a clipboard manager.
Jamf Threat Labs has identified a new macOS infostealer, dubbed PamStealer, disguised as the legitimate Maccy clipboard manager. Distributed as a compiled AppleScript inside a disk image, the malware downloads a Rust-based second-stage payload that steals credentials, browser data, clipboard contents, and cryptocurrency wallet information while establishing persistence. Its standout feature is locally validating a victim’s macOS password through the Pluggable Authentication Modules (PAM) framework before harvesting it, reducing detectable activity. PamStealer also masquerades as Finder, encrypts communications with its command-and-control server, and uses social engineering to prompt victims for Full Disk Access. Researchers say the malware employs environment checks, regional exclusions, anti-analysis techniques, and native macOS APIs to evade detection, highlighting the continued evolution of stealthier macOS-focused credential stealers.
Prompt injection campaigns targeting AI agents through malicious websites and SEO poisoning.
Researchers at Zscaler identified two prompt injection campaigns targeting AI agents through malicious websites and search engine optimization (SEO) poisoning. One campaign tricks AI agents into making cryptocurrency payments by embedding hidden instructions within fake API documentation, while another uses a typosquatted website to impersonate the DeBank cryptocurrency platform. Testing showed several leading large language models followed the malicious payment instructions or misidentified the fake site as legitimate. Zscaler warns that as AI agents become more capable of browsing and completing tasks, web content itself is emerging as a significant new attack surface.
Researchers trick Claude into remote code execution.
Researchers at Pentera Labs demonstrated how compromising a developer’s email account could allow attackers to hijack Anthropic’s Claude Desktop and achieve remote code execution. By modifying the victim’s synchronized Claude preferences with a hidden prompt, the researchers caused the AI assistant to silently check for command-execution tools and run attacker-controlled commands. If those tools were unavailable, Claude instead displayed convincing fake error messages that tricked users into installing software that enabled code execution. Once compromised, the AI assistant effectively became a persistent command-and-control channel capable of executing commands and exfiltrating data. Anthropic said the attack requires an already-compromised Claude account and reflects intended functionality rather than a software vulnerability, while researchers urged organizations to treat AI desktop applications as privileged software and closely monitor their configurations.
AI’s strain on the power grid is complicated.
A new report from the IEEE Spectrum says the rapid growth of AI infrastructure is creating new challenges for electrical grids that extend beyond rising energy consumption. While attention has focused on the amount of electricity required by hyperscale data centers, researchers argue that AI workloads introduce highly dynamic and unpredictable demand patterns that differ from traditional industrial loads. AI training and inference can cause abrupt changes in power consumption, placing additional strain on grid balancing, frequency control, transmission systems, and local infrastructure. These effects are amplified in regions with dense concentrations of data centers, where synchronized compute and cooling demands can create localized reliability and power quality issues. Utilities and grid operators are exploring demand response programs, battery storage, and updated planning models, but electrical infrastructure expands far more slowly than AI computing capacity. The article concludes that future grid planning must account not only for total energy use, but also for demand volatility, workload synchronization, and geographic concentration as AI infrastructure continues to scale.
Monday business briefing.
Cybersecurity and AI companies announced several major funding rounds and acquisitions. Quantifind raised $200 million in growth funding, bringing its total funding to $320 million, to expand its AI-powered risk intelligence platform internationally. Agentic AI security startup Straiker secured $64 million to accelerate product development, threat research, and global expansion, while AI governance platform Runlayer raised $30 million to grow its engineering and go-to-market teams. Contextual security company Nebulock closed a $25 million Series A, and security architecture automation startup Dawnguard added $3.3 million to support product development and international growth. On the acquisition front, F5 acquired AI governance firm SurePath AI to strengthen its enterprise AI security platform, identity verification company Incode acquired Identiq to enhance fraud detection, and Belgian IT firm Cegeka acquired cybersecurity specialist 3Point to expand its capabilities supporting defense, intelligence, and critical infrastructure organizations.
Anime and AI meet adolescent antics.
A 15-year-old student from Japan’s Saitama Prefecture has been arrested for allegedly launching a cyberattack that disrupted Bandai Channel, an anime streaming service operated by Bandai Namco Filmworks. Police say the teenager used a program he developed with assistance from ChatGPT to exploit a vulnerability in the company’s systems, sending false data that led to the unauthorized cancellation of 46,812 subscription accounts. The attack temporarily disrupted operations, with full service not restored until December. Investigators believe the student uncovered the flaw himself and used it to access account information. He reportedly admitted to the incident, explaining that he had been teaching himself computers since elementary school and bore no ill will toward the company.
It’s a reminder that just because you’ve watched every episode of Ghost in the Shell doesn’t mean you’re supposed to recreate the plot. Sometimes the most powerful move is logging off before your origin story turns into a police report.
And that’s the CyberWire.
For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.
We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com
We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.
N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry. Learn how at n2k.com.
N2K’s lead producer is Liz Stokes. We’re mixed by Tré Hester, with original music by and sound design Elliott Peltzman. Our contributing host is Maria Varmazis. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher. And I’m Dave Bittner. Thanks for listening.
