This threat intelligence report from Check Point Research details a range of cyber threats and vulnerabilities identified in early June 2026. It covers a significant data breach at DentaQuest involving exposure of personal and health insurance data, a targeted brute-force attack on Dashlane's two-factor authentication system, and unauthorized access to the UN World Food Programme's Gaza self-registration application. The report also describes spyware operations against Russian officials, a supply chain attack on Hola's Windows browser distributing cryptomining malware, and novel AI-driven attack techniques including prompt injection and automated malware evasion. Several critical vulnerabilities were disclosed with patches available from Google (Android), Cisco (Unified Communications Manager), SolarWinds (Serv-U), and Microsoft (Windows Netlogon). Some vulnerabilities are actively exploited, and protective measures such as Check Point IPS signatures are available. The report additionally covers espionage campaigns and large-scale impersonation attacks leveraging fake open-source software sites.

The impact includes exposure of millions of personal and sensitive records (DentaQuest breach), unauthorized access to encrypted password vaults (Dashlane), and compromise of registration data for hundreds of thousands of Palestinian households (UN WFP). The Hola supply chain compromise resulted in cryptomining malware installation on a small fraction of users. Critical vulnerabilities in widely used software and services pose risks of remote code execution, privilege escalation, and service disruption, with some already exploited in active attacks. Espionage campaigns and impersonation schemes enable credential theft, remote access, and data exfiltration, potentially affecting global organizations and infrastructure.

Several vulnerabilities mentioned have official patches available: Google’s June Android security update addresses 124 flaws including an actively exploited high-severity issue; Cisco released fixes for a critical Unified Communications Manager flaw; SolarWinds patched Serv-U in version 15.5.4 HF1; Microsoft addressed a critical Windows Netlogon vulnerability with protections available via Check Point IPS. Organizations should apply these vendor patches promptly. For incidents like the Dashlane brute-force attack and UN WFP breach, affected services have contained or suspended operations. The Hola supply chain compromise affected a very small user subset, and users should ensure updated software versions. AI-related risks highlight the need for cautious permission management in AI agents. No generic or unrelated mitigations are recommended beyond applying official fixes and following vendor guidance.