The report covers a range of cybersecurity threats and incidents discovered during the week of 22nd June 2026. It includes a large-scale data breach impacting over 3 million hunting and fishing license customers of the Texas Parks and Wildlife Department through a third-party vendor, exposing personal identification information but not Social Security numbers or payment data. A supply chain attack compromised updates for WordPress plugins from ShapedPlugin, enabling credential theft and website compromise. iRhythm Technologies suffered a social engineering attack leading to theft of protected health and proprietary data from third-party hosted applications. Klue experienced a breach via compromised legacy credentials, resulting in OAuth token theft and subsequent data exfiltration from multiple customers. Several critical vulnerabilities in Fortinet FortiSandbox (including CVE-2026-39813 and CVE-2026-39808), Microsoft Defender (CVE-2026-50656), Cisco Catalyst SD-WAN Manager (CVE-2026-20262), and Splunk Enterprise (CVE-2026-20253) are either actively exploited or under active attack, with some patches available or forthcoming. AI-related threats include prompt injection and remote code execution vectors in AI agents and Microsoft 365 Copilot. The report also notes ongoing cybercrime campaigns leveraging travel and e-commerce themes for credential and payment fraud. Protection via Check Point IPS and other vendor mitigations is noted for some vulnerabilities. No explicit patch status is provided for all issues in this summary.

The data breach involving Texas Parks and Wildlife Department exposed sensitive personal information of over 3 million customers, potentially enabling identity theft or targeted phishing. The WordPress plugin supply chain attack risks website compromise and credential theft for affected sites. The iRhythm and Klue breaches resulted in theft of protected health information, proprietary data, and customer sales data, impacting confidentiality and potentially business operations. Vulnerabilities in Fortinet FortiSandbox, Microsoft Defender, Cisco Catalyst SD-WAN Manager, and Splunk Enterprise allow attackers to execute commands, escalate privileges, overwrite files, or achieve remote code execution, threatening system integrity and security. AI-related vulnerabilities expose risks of data leakage, code execution, and unauthorized access via prompt injection and exploitation of AI agent workflows. The ongoing cybercrime campaigns pose risks of credential theft and payment fraud targeting travelers and e-commerce customers. Overall, these incidents and vulnerabilities represent significant risks to confidentiality, integrity, and availability across multiple sectors.

Patch status is not yet confirmed for all vulnerabilities mentioned; check the respective vendor advisories for current remediation guidance. Microsoft has released a patch for CVE-2026-42824 related to Microsoft 365 Copilot Search prompt injection. Cisco has released patches for CVE-2026-20262 in Catalyst SD-WAN Manager. Splunk has issued security updates for CVE-2026-20253. Microsoft is preparing a security update for Defender zero-day CVE-2026-50656. Check Point IPS provides protection against Fortinet FortiSandbox vulnerabilities CVE-2026-39813 and CVE-2026-39808 and Splunk Enterprise CVE-2026-20253. Organizations affected by third-party breaches should follow vendor guidance and monitor for further updates. For AI-related threats, review and apply vendor patches and consider restricting AI agent workflows that trust external messages. No generic or unrelated mitigations are recommended beyond these specific actions.