Bharat Threat FeedGlobal threats, decoded for Indian defenders
Nirad Bharat Threat Feed

India-first threat intelligence

Global threats, decoded for Indian defenders — weekly briefs, sector editions, and AI Threat Watch. Every claim source-attributed.

Weekly Latest Weekly Brief 12 June 2026 Open issue →

Weekly Brief — Week of 8–12 June 2026

A patch-heavy week for Indian defenders: an exploited ERP zero-day, several edge and VPN flaws under active attack, and a Pakistan-aligned group still grinding at Indian government desktops. Six things to have acted on.
1

Oracle PeopleSoft zero-day exploited before patch (CVE-2026-35273)

Oracle issued an out-of-band alert on 10 June for a critical PeopleSoft PeopleTools flaw. Google's Mandiant reported exploitation ahead of the patch and tracked the activity to UNC6240 (ShinyHunters); CISA added the CVE to its Known Exploited Vulnerabilities catalogue on 12 June.

India exposurePeopleSoft-class HR, payroll, finance and campus systems across PSU banks, insurers, universities and public-sector-aligned organisations.
ActionPatch immediately, inventory internet-exposed PeopleSoft components, and hunt for suspicious access between late May and patch deployment.
SourceOracle; Google/Mandiant; CISA KEV.
2

Check Point VPN authentication bypass under active exploitation (CVE-2026-50751)

Check Point disclosed an actively exploited authentication bypass affecting Remote Access VPN, Mobile Access and Spark deployments using deprecated IKEv1. CISA added it to KEV on 8 June.

India exposureBFSI, IT services, MSPs and enterprises still running legacy VPN configurations.
ActionApply Check Point's fix, disable deprecated IKEv1 remote-access paths where possible, and audit VPN sessions from May onward for post-authentication activity.
SourceCheck Point; Rapid7; CISA KEV.
3HighCVSS 7.8

Cisco Catalyst SD-WAN Manager zero-day — exploited and unpatched (CVE-2026-20245)

Cisco confirmed in-the-wild exploitation of a privilege-escalation flaw (CVSS 7.8) in Catalyst SD-WAN Manager; an attacker with netadmin rights can inject commands and run as root, and Cisco observed config changes pushed to edge devices. CISA added it to KEV on 9 June; no patch was available during the week.

India exposureTelecom operators, large BFSI networks and government WANs that run Cisco SD-WAN as their backbone.
ActionRemove SD-WAN Manager instances from internet exposure and tightly restrict and audit netadmin accounts until Cisco ships a fix.
SourceCisco Security Advisory; CISA KEV; The Hacker News.
4CriticalCVSS 10.0

Ivanti Sentry critical RCE and admin-account takeover (CVE-2026-10520 / CVE-2026-10523)

Ivanti published fixes on 9 June. CVE-2026-10520 is an unauthenticated remote code execution flaw (CVSS 10.0); CVE-2026-10523 allows unauthenticated admin-account creation.

India exposureOrganisations using Ivanti/MobileIron-style mobile gateways for managed-device access into internal applications.
ActionUpgrade Sentry immediately, restrict management-interface exposure, and review appliance logs for unexpected admin creation or command execution.
SourceIvanti; Rapid7.
5

Microsoft's largest-ever Patch Tuesday and an exploited Chrome V8 zero-day (CVE-2026-11645)

Microsoft's June update addressed around 208 vulnerabilities (38 Critical) — the biggest single release since Patch Tuesday began in 2003 — formally patching an already-exploited Defender elevation-of-privilege flaw (CVE-2026-41091, KEV-listed in May). Separately, Google's 8 June Chrome update fixed an exploited V8 out-of-bounds memory flaw (CVE-2026-11645).

India exposureEffectively every Windows estate and Chrome/Chromium desktop fleet — government, BFSI, healthcare, manufacturing.
ActionConfirm Defender platform updates applied; force-update Chrome/Edge and verify the fixed version through endpoint management, prioritising high-risk users.
SourceMicrosoft Security Update Guide; Google Chrome Releases; Zero Day Initiative; CISA KEV.
6

APT36 / Transparent Tribe keeps targeting Indian government Linux desktops

The Pakistan-aligned group continues its DeskRAT campaign against BOSS Linux, the Indian government's homegrown distribution, using defence-themed phishing that drops a Go-based remote-access trojan. Documented by Sekoia and CYFIRMA; this remains the live India-targeted thread of the week.

India exposureDefence establishments, central and state government bodies, and academic institutions running BOSS Linux.
ActionTreat Linux endpoints as in-scope for EDR and phishing controls; block execution from user-writable paths and inspect outbound traffic from desktop Linux hosts.
SourceSekoia; CYFIRMA; The Hacker News.
AI-watch: A LiteLLM command-injection flaw (CVE-2026-42271) was added to CISA KEV on 8 June — relevant to teams running internal LLM gateways for model routing. Upgrade to fixed versions and restrict exposed endpoints.
The takeaway: This was a perimeter-and-platform week. The route into Indian enterprises ran through VPNs, ERP, mobile gateways and browsers, while APT36 supplied the regional intent to use that access against Indian targets. Patch the edge; watch the desktops.
Nirad Bharat Threat Feed | Bharat-first threat intelligence
Sector Latest Sector Edition June 2026 Open issue →

BFSI Sector Edition — June 2026

Black Kite's 2026 State of Financial Services Report (3 June) frames a two-front year: Q1 2026 direct ransomware attacks on financial institutions rose 76% year-on-year (65 incidents), while roughly half of financial-sector vendor ecosystems carry critical vulnerabilities — and 48 distinct threat groups now target finance, led by Qilin, Akira and Kill Security after the LockBit/ALPHV takedowns. For Indian BFSI, the soft entry point is increasingly the edge appliance and the third party, not the core.

1. Sector snapshot

2. Threats targeting BFSI

1CriticalCVSS 9.3

Check Point VPN authentication-bypass zero-day, exploited and ransomware-linked — CVE-2026-50751 (CVSS 9.3)

A certificate-validation flaw in IKEv1 lets unauthenticated attackers open VPN sessions on Check Point Remote Access VPN, Mobile Access and Spark; CISA added it to KEV on 9 June, and at least one intrusion is tied to a Qilin ransomware affiliate.

ExposureIndian banks, NBFCs and insurers running Check Point gateways with legacy IKEv1 for branch/remote access.
Actionapply the hotfix, force IKEv2-only with machine-certificate auth, and hunt for unauthenticated VPN sessions since 7 May.
SourceRapid7 (8 Jun 2026); CISA KEV (9 Jun 2026).
2

FortiBleed — mass Fortinet credential exposure, India among the worst-affected

A dataset of working credentials for tens of thousands of internet-facing FortiGate / SSL-VPN devices across 194 countries circulated, with India ranked among the most-affected countries and financial services named among exposed sectors.

Exposurebanks, NBFCs and insurers running internet-facing FortiGate / SSL VPN.
Actiontreat Fortinet VPN and admin credentials as compromised — rotate, enforce phishing-resistant MFA, restrict management access, and review for rogue accounts.
SourceCISA (18 Jun 2026); Dark Reading, BleepingComputer (June 2026).
3

Rokarolla Android banking trojan — built for UPI/OTP fraud (217 apps)

Zimperium zLabs detailed (16 June) a device-takeover Android trojan with 137 commands: overlay credential theft, SMS/OTP interception, alert muting and clipboard crypto-address swapping, spread via fake TikTok/Chrome sites and a Play Protect-killing dropper. The capability set maps directly onto India's UPI/OTP-driven payments.

Exposureretail mobile-banking and UPI customers; accessibility-permission abuse defeats SMS-OTP.
Actiondeploy in-app overlay/accessibility-abuse and sideload detection; brief fraud teams on OTP-interception and micro-drain patterns; reinforce "never grant accessibility access to unknown apps."
SourceZimperium zLabs; Infosecurity Magazine, BleepingComputer (16–17 Jun 2026).
4CriticalCVSS 9.8

MOVEit Automation critical authentication bypass — CVE-2026-4670 (CVSS 9.8)

Progress patched an unauthenticated auth-bypass (with a companion privilege-escalation flaw) that grants full admin control of MOVEit Automation and access to stored transfer credentials. No in-the-wild exploitation reported yet, but 1,400+ instances are internet-exposed and MFT is a repeat BFSI breach vector.

Exposureinternet-facing MOVEit / MFT nodes moving statements, KYC, reconciliation and settlement files across banks and their vendors.
Actionupgrade immediately, restrict MFT admin interfaces to allow-listed IPs, and review file-access logs for anomalous bulk retrieval.
SourceProgress; Help Net Security, BleepingComputer (4 May 2026).

3. Sector tech & exposures

- Edge/VPN is the live battleground — beyond Check Point, Palo Alto GlobalProtect (CVE-2026-0257) is under active exploitation (CISA KEV, 29 May); inventory and patch all internet-facing gateways. - Managed file transfer (MOVEit) remains a recurring breach vector — treat any exposed MFT as priority-patch. - Core banking / ERP: CERT-In flagged June Oracle (incl. PeopleSoft, E-Business Suite, MySQL) and SAP (NetWeaver, S/4HANA) critical updates — prioritise where reconciliation/settlement middleware depends on these stacks. - Supply chain: CERT-In's "Mini Shai-Hulud" advisory warns of npm/PyPI compromise and CI/CD secret theft — a fourth-party risk for fintech-dependent BFSI.

4. Regulatory & compliance watch

- RBI — data-protection advisory (April) directing regulated entities to align customer-data protection with the DPDP Act; reporting also indicates RBI is weighing added "frictions" against authorised push-payment fraud. - SEBI — AI vulnerability-detection advisory (5 May) under the CSCRF; the next half-yearly cyber-audit / action-taken cycle is due 30 June 2026. - IRDAI — Information & Cybersecurity Guidelines 2026 remain the live insurance-sector baseline. - CERT-In — AI-assisted-exploitation blueprint (25 May) plus critical Oracle/SAP and supply-chain advisories. - NPCI — BHIM-UPI guidelines updated 4 June (UPI-ID display, safety warnings, transaction-screen controls).

5. Actor in focus

Qilin (alias Agenda) — financially-motivated ransomware-as-a-service. Confidence: HIGH that Qilin is a leading finance-sector ransomware actor (Black Kite); MEDIUM on the specific affiliate link to CVE-2026-50751 (Rapid7). Qilin runs double extortion and is shifting toward edge-appliance initial access over phishing alone. Public victimology this period skews North America / Europe with no confirmed Indian BFSI victim — but the affiliate model and shared technology stacks make any exposed Check Point or MFT estate a credible target. Akira and Kill Security round out the top finance-focused crews.

6. IOC & detection pack

Only public, attributed indicators; no leaked data reproduced.

- Check Point CVE-2026-50751: Rapid7's advisory publishes attacker IPs and post-exploitation file hashes — pull the exact values from the primary source and defang on import (do not rely on second-hand copies). - Rokarolla (Android): distribution domain infocontablidades.it[.]com (Zimperium); detect behaviourally — accessibility-service abuse, overlay creation, SMS-read + alert-mute, clipboard crypto-address rewriting. - MOVEit CVE-2026-4670: alert on unauthenticated admin-API calls and bulk file enumeration on MFT hosts.

7. Recommended actions

Board: treat edge-appliance and vendor-CVE exposure as enterprise risk; confirm DPDP-aligned data protection and that the 30 June SEBI/CSCRF audit cycle is met where applicable.

CISO: emergency-patch CVE-2026-50751, CVE-2026-0257 and CVE-2026-4670; enforce IKEv2-only with machine-certificate auth; rotate all Fortinet and Check Point VPN credentials; run a fourth-party exposure review against the ~50% vendor-CVE baseline.

SOC: hunt unauthenticated VPN sessions and anomalous MFT access since 7 May; deploy behavioural detection for accessibility-abusing mobile trojans with fraud-team coordination on OTP-interception; tabletop a Qilin-style edge-to-ransomware intrusion end to end.

8. Source index

Black Kite, 2026 State of Financial Services (3 Jun) · Rapid7, Check Point CVE-2026-50751 (8 Jun) + CISA KEV (9 Jun) · CISA / Dark Reading, FortiBleed (18 Jun) · Zimperium zLabs / Infosecurity, Rokarolla (16 Jun) · Help Net Security, MOVEit CVE-2026-4670 (4 May) · Unit 42 / CISA, PAN-OS CVE-2026-0257 (KEV 29 May) · CERT-In AI blueprint (25 May) + Oracle/SAP/Mini-Shai-Hulud advisories · SEBI (5 May) · IRDAI Guidelines 2026 · NPCI BHIM-UPI (4 Jun).

Nirad Bharat Threat Feed — BFSI Edition | Bharat-first threat intelligence
AI Watch Latest AI Threat Watch 19 June 2026 Open issue →

AI Threat Watch — 19 June 2026

The AI-security vertical of the Nirad Bharat Threat Feed. Twice weekly, Bharat-first, for CISOs, SOCs and AI builders — as CERT-In's AI-exploitation blueprint puts AI security on the compliance clock.
1CriticalCVSS 9.9

LiteLLM AI-gateway takeover chain — full server compromise (CVE-2026-47101, CVE-2026-47102, CVE-2026-40217; plus exploited CVE-2026-42271)

Obsidian Security disclosed a CVSS 9.9 chain that walks a default low-privilege user up to admin and remote code execution on the LiteLLM proxy, exposing every configured provider key (OpenAI, Anthropic, Gemini, Bedrock, Azure), master/salt keys, the database URL and all prompt/response traffic. A separately exploited LiteLLM flaw (CVE-2026-42271, on CISA's KEV list) reaches RCE on the same product.

Why it matters for IndiaIndian banks, fintechs and GCCs are standardising on LLM gateways to broker multiple model providers — one compromised proxy hands over the keys to the entire AI estate and everything that has passed through it.
Actionupgrade to LiteLLM v1.83.14-stable or later; rotate all provider, master, salt and DB credentials; restrict the proxy to authenticated, segmented networks.
SourceObsidian Security; The Hacker News (11 Jun 2026).
2

I4C / MHA warns of deepfakes built to defeat video-KYC and biometric onboarding

India's Cyber Crime Coordination Centre (I4C), under the Home Ministry, advised that fraudsters harvest facial and voice data via fake video calls, interviews and dating/job lures, then generate deepfakes that bypass liveness detection, video-KYC and account recovery — with low-cost open models driving the surge.

Why it matters for Indiavideo-KYC underpins digital account opening across Indian BFSI and wallets; defeating liveness turns identity itself into the attack surface, enabling fraudulent onboarding and account takeover at scale.
Actionadd deepfake/liveness-spoof detection to onboarding; require multi-signal verification (device, behavioural, out-of-band) for high-risk actions; warn customers never to "blink/turn-head" on unsolicited calls.
SourceI4C / MHA advisory, via ETV Bharat and Business Standard (11 Jun 2026).
3

Supply-chain worms are now hunting AI-developer and cloud secrets

Microsoft detailed the "Miasma" worm in malicious @redhat-cloud-services npm packages harvesting GitHub, npm, AWS, Azure, GCP, Vault and Kubernetes credentials; Socket then found 37 malicious PyPI wheels in the same Shai-Hulud / "Hades" lineage — several targeting AI-assistant configuration files.

Why it matters for IndiaIndia's large developer and GCC base heavily consumes npm/PyPI SDKs inside CI jobs that often hold LLM and cloud keys; one poisoned dependency leaks the credentials guarding production and customer data.
Actionpin and lock dependencies, disable install-time scripts, scan for malicious packages and AI-config tampering, and rotate any secrets exposed during installs.
SourceMicrosoft Threat Intelligence (2 Jun 2026); Socket (7 Jun 2026).
4HighCVSS 8.7

Prompt injection is reaching agentic CI/CD pipelines (CVE-2025-66032)

Researchers showed untrusted GitHub issues and PR comments can steer AI coding agents — the Claude Code GitHub Action (CVE-2025-66032, CVSS 8.7, fixed in 2.1.128), with Gemini CLI and Copilot variants — into leaking workflow secrets or pushing malicious commits; OWASP still rates indirect prompt injection the top cause of agentic-AI failures in production.

Why it matters for IndiaAI code-review and issue-triage bots are entering Indian engineering pipelines faster than their trust boundaries are being designed.
Actionmake agent workflows read-only and secretless by default; pin actions by commit SHA; require human approval before writes; treat all model-ingested content as untrusted.
SourceGMO Flatt Security (1 Jun); Microsoft Security Blog (5 Jun); Help Net Security / OWASP (11 Jun 2026).
AI defender tip: in 2026 the credential, not the model, is the crown jewel. Inventory every place an LLM key lives — gateways, agents, notebooks, CI/CD — and put each on a rotation schedule; and treat every AI agent as a privileged workload (explicit identity, tool allowlist, egress control, human approval before state-changing actions).
Nirad AI Threat Watch | Bharat-first threat intelligence