Last week in cybersecurity (1.6 - 7.6): The escalation of AI threats and Zero-day exploits

This cybersecurity news roundup for June 2026 highlights record-breaking threat levels targeting global digital infrastructure. In Vietnam, enterprise systems are struggling to fend off over 11.4 million RDP attacks. Simultaneously, AI-related risks exploded with 21 zero-days uncovered in the FFmpeg platform, the OpenClaw vulnerability, and a series of security crises stemming from Microsoft.

Domestic cybersecurity news roundup: What risks are vietnamese organizations facing?

Organizations in Vietnam are currently prime targets for spyware and remote attack techniques due to loose operational habits. This reality demands an urgent shift toward a proactive defense mindset and robust data protection strategies.

• Surge in RDP Attacks and Cyber Espionage: Vietnam currently leads Southeast Asia with 11,420,252 attacks targeting the Remote Desktop Protocol (RDP). Simultaneously, internal network systems suffered 322,821 spyware infections, turning enterprise data into a silent target for intelligence gathering.

• The Hidden Dangers of Pirated Software: The common habit of using cracked software (typically pirated WinRAR) inadvertently disables antivirus barriers. Cybercriminals exploit this loophole to implant Infostealers, aiming to remotely seize control of internal systems.

• The Parental Security Paradox: A recent study by Kaspersky reveals that parents in Vietnam and Asia who frequently share their children's photos on social media are paradoxically more likely to neglect implementing essential privacy protection measures.

Global cybersecurity: How are AI and Zero-days breaking defenses?

The sudden surge in zero-day vulnerabilities across core network infrastructures and the risks associated with AI tools have driven the confidence levels of US state Chief Information Security Officers (CISOs) plummeting from 48% to just 22%.

• Crises from the Microsoft and Cisco Ecosystems: Network infrastructures are under immense pressure as the OpenClaw platform (utilized by Microsoft for its AI Scout tasks) was found to contain five zero-day flaws allowing hackers to hijack AI agents. Within the Android ecosystem, a configuration oversight led to the "FlagLeft" vulnerability in the Microsoft 365 SDK, paving the way for malicious software to steal login tokens from billions of users. Furthermore, Microsoft had to issue an urgent patch for the CVE-2026-45659 RCE flaw on SharePoint and faced backlash when multiple zero-days affecting Defender and BitLocker were publicly disclosed by an expert on GitHub. Cisco’s network is equally threatened by a root privilege escalation flaw (CVE-2026-20245) impacting the Catalyst SD-WAN Manager.

• The Dark Side of Artificial Intelligence (AI) Tools: AI is playing a dual role in the cybersecurity landscape. On one hand, an autonomous AI agent successfully discovered 21 hidden zero-days in the FFmpeg media library. On the other hand, the State of AI Usage 2026 Report warns that enterprise data leakage risks are highly concentrated among 5% of "power users," with the highest sensitive data exposure rates belonging to DeepSeek (12.63%) and ChatGPT (8.38%). More alarmingly, Meta's AI chatbot system was easily manipulated by hackers to change recovery emails and seize control of numerous high-value Instagram accounts.

• Massive Scams, Leaks, and Malware Distribution:

  • FIFA World Cup 2026: An FBI report identified over 4,300 fake domains (e.g., fiffa.com) created to sell counterfeit tickets and distribute banking malware (Massiv, Perseus) through live football streaming applications.

  • C2 Channels via Steam: Nearly 1,900 WordPress websites were infected with malware after hackers used invisible Unicode characters in Steam gaming profiles to act as a covert command-and-control (C2) server, effectively bypassing standard firewalls.

  • Cyber Espionage on LinkedIn: Western intelligence agencies warned that Chinese hackers are establishing fake profiles on LinkedIn to approach and extract information from personnel with access to sensitive data.

Cybercriminals are gradually shifting their tactics toward exploiting AI vulnerabilities, utilizing sleeper spyware, and abusing zero-day flaws. Continuously tracking the cybersecurity news roundup combined with proactive investments in deep-monitoring systems acts as an iron shield, empowering organizations to eliminate risks in their infancy.