Along with summer, our June monthly news digest from the cybersecurity world has arrived! Check:
1. IT Admins urged to prepare for Windows 11 26H2 update
Microsoft has encouraged IT administrators to prepare for the Windows 11 version 26H2 update, available for testing via the Windows Insider Program. This update follows the new servicing model that simplifies deployment and maintenance by allowing new features through a small enablement package rather than a full OS replacement. It behaves like a monthly cumulative update for organisations running supported builds and ensures multiple Windows versions share the same codebase for updates and compatibility.
Upgrading to 26H2 resets support timelines: Home, Pro, and Pro for Workstations editions receive 24 months of support, while Enterprise, Education, and IoT Enterprise editions receive 36 months.
IT teams should test compatibility with this update using devices in the Windows Insider Program, especially in the Experimental channel, with broader validation when it reaches the Release Preview stage.
2. Claude AI Global Outage
On June 22, 2026, Anthropic’s Claude AI platform experienced a significant service disruption lasting nearly 90 minutes, affecting multiple models (Opus 4.8, 4.7, 4.6, Sonnet 4.6, and Haiku 4.5). The issue began at 00:37 UTC due to elevated error rates, impacting various services, including chat interfaces and the API. This incident marked the third service disruption in June, following prior outages on June 2 and June 5. Despite these incidents, Anthropic’s 90-day uptime remains above 98%, indicating isolated issues rather than systemic failures, though the frequency raises concerns about capacity planning amid growing demand.
3. Anthropic's Mythos AI model managed to infiltrate NSA classified systems in just hours
Anthropic's Mythos AI model infiltrated NSA classified systems during a red-team evaluation on June 11. This may be the real reason prompting a U.S. government directive the following day that barred all foreign nationals, including non-citizen employees of Anthropic, from accessing Fable 5 and Mythos 5 models. This led to the suspension of both models for all customers and marked a precedent in applying export controls directly to an AI model. Anthropic argues that the issue stemmed from a narrow jailbreak and claims the response was an overreaction.
4. Popular Chrome AI extensions put millions of users at risk. Act now!
Critical security flaws have been found in popular Chrome extensions SiderAI and MaxAI, putting millions of users at risk. The vulnerabilities, known as “Spyder” and “MaXSS,” could allow attackers to compromise browser sessions and access sensitive data, including emails and local files. These extensions are installed on over 10 million devices, with SiderAI being one of the top 25 on the Chrome Web Store. Despite notifying the vendors, no response was received, leading to a public disclosure of the issues. Users are urged to check for these extensions and uninstall them immediately.
5. Over 70 000 Fortinet firewalls hit by a massive cyber espionage campaign
A cyber espionage campaign known as “FortiBleed” has compromised over 73,932 unique Fortinet firewall URLs across 194 countries, with attackers executing 1.16 billion credential-based attempts against more than 320,000 FortiGate targets and an additional 2.1 billion brute-force attempts against over 160,000 MSSQL servers, leading to 21,632 unique compromised domains. Affected organisations span various sectors globally, including a Turkish NATO defence contractor from which classified documents were exfiltrated. Major enterprises impacted include Foxconn, Samsung, Siemens, Lenovo, Oracle, PwC, and Accenture.
Organisations using Fortinet devices should respond immediately by:
- Resetting all VPN and admin interface passwords.
- Implementing Multi-Factor Authentication (MFA) across external gateways.
- Auditing gateway logs for suspicious activities.
- Restricting management interface access to trusted IPs only.
6. ShinyHunters hit Kodak. 2.2 million records breached
Eastman Kodak has confirmed a cybersecurity incident linked to the well-known ShinyHunters extortion group, which claims to have stolen over 2.2 million records of customer personally identifiable information (PII) and corporate data. Kodak acknowledged that an unauthorised third party accessed a limited amount of company data, but has not verified the full extent of the claims. The breach was first noted on June 15, 2026, when ShinyHunters listed Kodak on its dark web site. No proof samples have been provided by ShinyHunters to confirm the scale of the breach. Kodak has not disclosed specific categories of PII accessed or any potential breach notification obligations. No disruptions or operational impacts have been reported.
ShinyHunters is known for its data-theft campaign targeting Salesforce cloud customers that led to data breaches at Google, Cisco, Adidas, Allianz Life, Pandora, Chanel, Dior, Louis Vuitton, Tiffany & Co., and more.
7. Anthropic Fable 5 and Mythos 5 blocked to all due to a government directive
The USA Bureau of Industry and Security (BIS) issued an “Is Informed” letter to Anthropic’s CEO, Dario Amodei, requiring the company to secure a validated export licence before sharing its AI models, Claude Mythos 5 and Fable 5, with foreign nationals. This directive, received on June 12, 2026, prompted an immediate global shutdown of access to these models due to a reported jailbreak vulnerability in Fable 5 that posed potential cybersecurity risks. Anthropic argues that the identified security bypass only reveals “minor” flaws, similar to those found in other publicly available frontier models. However, because Anthropic cannot effectively implement nationality-based access controls, this restriction has been applied to its entire global customer base, while access to alternative models remains unaffected.
8. Microsoft June 2026 Patch Tuesday
Microsoft's June 2026 Patch Tuesday addresses a robust number of 198 vulnerabilities, including three zero-day vulnerabilities that are actively exploited or publicly disclosed. The security update covers a wide range of software products in the Microsoft ecosystem. Users are urged to update their software immediately, especially given the significant number of flaws addressed.
We hope your systems remain safe and compliant with NIS2 through 2026. If you need assistance, please contact us for expert advice!