{"data":{"id":"9892223a-6452-4ef6-a939-26cfe39e804b","title":"ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories","summary":"This security bulletin covers multiple threats: Cisco released patches for a high-severity SSRF vulnerability (server-side request forgery, where attackers trick a server into making unwanted requests) in Unified Communications Manager that could let unauthenticated attackers write files and gain root access; Russia's FSB reported foreign intelligence services deployed spyware on officials' mobile devices to steal data and conduct surveillance; threat actors are using social engineering to distribute VIP Keylogger through JavaScript, batch, and VBS loaders disguised as business communications; and the U.S. Treasury sanctioned Iran's largest cryptocurrency exchange for facilitating payments linked to terrorist activities and ransomware actors.","solution":"Cisco has addressed the SSRF vulnerability in Unified CM and Unified CM SME Release versions 14SU6 and 15SU5.","labels":["security"],"sourceUrl":"https://thehackernews.com/2026/06/threatsday-bulletin-ai-agents-gone.html","publishedAt":"2026-06-04T14:00:49.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-04T14:00:49.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":null,"aiComponentTargeted":null,"llmSpecific":false,"classifierConfidence":0.65,"researchCategory":null,"atlasIds":null}}