Cleartext logocleartext_
week in review

Cleartext Week in Review – June 13, 2026

Saturday, June 13, 2026·12:10

Cleartext Week in Review – June 13, 2026
12:10·7.5 MB
download mp3

Enjoy the show? Subscribe to never miss an episode.

SpotifyApple Podcasts

show notes

Cleartext – June 13, 2026

Daily cybersecurity briefing for CISOs and security leaders.

🎧 Listen to this episode

Episode Summary

Today's episode covers 17 stories across 4 topic areas, including: FBI takes down massive China-based cybercrime network that caused $1.9B in losses; U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals; Russian national charged in connection with Void Blizzard espionage campaign.

Stories Covered

🌍 Geopolitical

FBI takes down massive China-based cybercrime network that caused $1.9B in losses

CyberScoop · Jun 12 · Relevance: █████████░ 9/10

Why it matters to CISOs: The Outsider Enterprise takedown reveals how Chinese cybercrime operations now weaponize enterprise AI tools (Gemini) at industrial scale against U.S. targets — a model that will be replicated; CISOs should brief boards on AI-enabled fraud as a systemic, not marginal, risk.

  • FBI and Google jointly dismantled 'Outsider Enterprise,' a China-based phishing-as-a-service network responsible for $1.9B in victim losses
  • The operation used Google's Gemini AI to generate convincing phishing content and manage over 9,000 fake websites and 1 million fraudulent URLs
  • Google filed a civil lawsuit alongside the FBI action; the group sent 2.5 million smishing texts in a two-week window targeting Americans

📖 Read full article

U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals

The Hacker News · Jun 13 · Relevance: █████████░ 9/10

Why it matters to CISOs: An emergency government order forcing Anthropic to disable its most advanced AI models for all foreign nationals — issued with less than an hour's notice — signals that AI model access controls are now a live national-security instrument; CISOs deploying frontier AI must model regulatory interruption as an operational risk.

  • U.S. government ordered Anthropic at 5:21 p.m. ET on June 13 to immediately suspend access to Claude Fable 5 and Mythos 5 for all foreign nationals, whether inside or outside the U.S.
  • Anthropic said it will 'abruptly disable' the models with no advance notice to users, representing an unprecedented government intervention in commercial AI availability
  • The order follows Anthropic's dual-model release strategy this week: Fable 5 for the public and Mythos 5 with cyber safeguards removed for vetted organizations

📖 Read full article

Russian national charged in connection with Void Blizzard espionage campaign

CyberScoop · Jun 11 · Relevance: ████████░░ 8/10

Why it matters to CISOs: The Void Blizzard indictment confirms Kremlin-directed espionage compromised at least 11 U.S. companies, reinforcing that Russian state actors continue broad corporate IP theft campaigns beyond Ukraine-focused operations.

  • Denis Obrezko charged with orchestrating Void Blizzard cyberattacks that compromised at least 11 U.S. companies
  • Void Blizzard is a Kremlin-linked group conducting sprawling cyber espionage; the indictment is the first public attribution to a named individual
  • The week also saw a U.S. House Republican confirmed hacked by Russia, per reporting in the Risky Bulletin

📖 Read full article

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

The Hacker News · Jun 12 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Velvet Ant's PAM/OpenSSH backdoor — surviving multiple incident-response cycles over nearly a decade — is a masterclass in persistence that should force CISOs to add integrity monitoring of authentication subsystems to their threat model, not just endpoint and network layers.

  • China-nexus group Velvet Ant (Sygnia) backdoored PAM and OpenSSH components on a targeted network, hiding inside the login subsystem for close to a decade
  • The technique survives standard remediation because cleanup efforts focus on applications and files rather than authentication infrastructure
  • The targeted network had no internet connectivity, demonstrating the group's ability to operate in air-gapped or restricted environments

📖 Read full article

Authorities dismantle crypto laundering service that moved €336 million for cybercriminals

Help Net Security · Jun 12 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: The AudiA6 takedown removes a key financial rail used by multiple ransomware groups, temporarily disrupting their monetization pipeline — CISOs should monitor for retaliatory or displacement attacks as groups scramble to rebuild laundering capacity.

  • Europol, FBI, and partner agencies seized AudiA6, a dark web cryptocurrency laundering service that processed over €336 million (~$389M) for ransomware groups between 2022 and 2025
  • The same suspects also administered 'Dark2Web,' a dark web cybercrime forum, indicating a vertically integrated criminal operation
  • Arrests were made across multiple jurisdictions; the operation ran parallel to FBI's takedown of the Outsider Enterprise smishing network the same week

📖 Read full article

Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order

The Hacker News · Jun 08 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: NSO Group violating a federal court injunction to launch new WhatsApp spearphishing campaigns confirms that commercial spyware vendors remain an active threat even under legal restraint — executives and board members using consumer messaging apps remain credible targets.

  • Meta detected and blocked new NSO Group-linked spearphishing attempts against WhatsApp users, violating a permanent court injunction
  • Meta filed a federal contempt order against NSO Group for the violations; NSO had previously been banned from targeting WhatsApp
  • The attack attempted to trick users into clicking malicious links redirecting to external websites, suggesting a credential-harvesting or device-compromise objective

📖 Read full article

🔓 Data Breach

Over 73,000 French govt employees affected in Tchap messenger breach

BleepingComputer · Jun 12 · Relevance: ████████░░ 8/10

Why it matters to CISOs: A breach of France's sovereign encrypted messaging platform — built specifically to protect government communications — underscores that bespoke, government-controlled secure comms tools carry their own unique attack surface and cannot be assumed safe by default.

  • 73,000+ French public-sector employee accounts were compromised in a breach of Tchap, France's government-built encrypted messaging platform
  • Tchap was designed as a secure alternative to commercial messaging apps for French government use, making the breach particularly significant from a national security perspective
  • The incident follows a pattern of secure government communication tools being targeted, raising questions about sovereign tech security assurance

📖 Read full article

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

The Hacker News · Jun 09 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Attackers compromising 73 Microsoft open-source GitHub repositories to inject infostealers targeting AI developers represents a direct supply chain threat to any enterprise consuming Azure or Microsoft AI tooling via those repos — a trust model that demands immediate third-party code provenance review.

  • 73 Microsoft open-source GitHub repositories for Azure and AI coding tools were compromised in the 'Miasma' incident to inject credential-stealing malware targeting developers
  • Microsoft temporarily took repositories offline; some remain down as the investigation continues
  • Attack specifically targeted AI developer credentials, consistent with adversary interest in AI pipeline access and model theft

📖 Read full article

Pharma giant Novo Nordisk discloses breach of clinical trials data

BleepingComputer · Jun 12 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: A breach of clinical trials data at the world's largest insulin producer raises immediate concerns about proprietary pharmaceutical research theft and patient privacy obligations under HIPAA and GDPR — a dual regulatory exposure that life sciences CISOs must model explicitly.

  • Novo Nordisk, the world's largest insulin producer, disclosed unauthorized access to patient data from clinical trials
  • Clinical trial data breach carries dual risk: patient privacy regulatory exposure and potential theft of proprietary pharmaceutical R&D
  • Disclosure comes amid a broader surge in healthcare-sector targeting by ransomware and espionage actors

📖 Read full article

⚖️ Governance & Policy

CISA directive orders agencies to prioritize vulnerability patching in a new way

CyberScoop · Jun 10 · Relevance: █████████░ 9/10

Why it matters to CISOs: BOD 26-04 collapses the federal patching window to as little as three days for highest-risk vulnerabilities, establishing a precedent that will reshape enterprise patch-management benchmarks and likely influence regulatory expectations across sectors.

  • CISA's Binding Operational Directive 26-04 introduces a risk-tiered remediation timeline replacing the previous blanket 14-day window
  • Vulnerabilities meeting all four risk criteria (active exploitation, internet-facing, critical asset, high CVSS) must be patched within three days
  • CISA cited AI-enabled exploitation speed as the primary driver: 'Defenders cannot afford to take weeks to patch'

📖 Read full article

Anthropic’s new model is Mythos on a leash

CyberScoop · Jun 09 · Relevance: ████████░░ 8/10

Why it matters to CISOs: Anthropic's decision to ship two versions of the same frontier model — one with cyber-offense safeguards stripped for vetted security teams — establishes a new industry template for dual-use AI access control that CISOs must understand for both procurement and risk assessment purposes.

  • Claude Fable 5 is the public release with safety classifiers; Claude Mythos 5 is the identical underlying model with cyber safeguards lifted, available only to vetted organizations
  • Cybersecurity researchers complained Fable 5's guardrails are too restrictive for legitimate offensive security work, highlighting the tension between safety and operational utility
  • Anthropic claims no universal jailbreaks were found in testing, but real-world durability of those guardrails remains unproven

📖 Read full article

South Korea hits Coupang with record $409 million fine over data breach

The Record (Recorded Future) · Jun 12 · Relevance: ████████░░ 8/10

Why it matters to CISOs: South Korea's record $409M fine for Coupang's breach of 30 million customers — surpassing its own record set against SK Telecom this year — signals that Asia-Pacific regulators are now competing with GDPR in enforcement severity; multinationals must calibrate their risk exposure accordingly.

  • $409 million fine issued by South Korea's Personal Information Protection Commission, the largest data breach penalty in the country's history
  • The fine surpasses the previous record of $88.8M levied against SK Telecom earlier in 2026, showing rapid escalation in Korean regulatory enforcement
  • The breach affected over 30 million Coupang customers, making it one of the largest consumer data exposures in South Korean history

📖 Read full article

Massachusetts votes to pass new privacy rights bill that bans sale of precise location data

TechCrunch Security · Jun 08 · Relevance: ██████░░░░ 6/10

Why it matters to CISOs: Massachusetts joining the growing roster of state-level comprehensive privacy laws — with a specific ban on precise location data sales — adds another compliance jurisdiction for enterprises with U.S. operations, accelerating pressure for a federal standard.

  • Massachusetts legislature passed a comprehensive privacy rights bill including a blanket ban on selling consumers' precise location data
  • The law adds Massachusetts to a growing list of U.S. states with comprehensive privacy legislation, increasing the patchwork compliance burden for enterprises
  • The location data ban specifically targets data brokers and ad-tech ecosystems that monetize GPS-level tracking

📖 Read full article

🚨 Critical Vulnerability

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

The Hacker News · Jun 11 · Relevance: ██████████ 10/10

Why it matters to CISOs: An unpatched, actively exploited RCE zero-day in Oracle PeopleSoft has compromised 100+ organizations — predominantly universities — with ShinyHunters demanding ransoms; any enterprise running PeopleSoft must treat this as an emergency patch and incident-response priority.

  • CVE-2026-35273 allows unauthenticated remote code execution in Oracle PeopleSoft; Oracle did not publish its advisory until June 10, after active exploitation began on May 27
  • Mandiant (UNC6240) confirmed ShinyHunters hit more than 100 organizations, roughly two-thirds in higher education, stealing gigabytes of data
  • Group is actively extorting victims; organizations should assume data exfiltration occurred before patch availability

📖 Read full article

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

The Hacker News · Jun 10 · Relevance: █████████░ 9/10

Why it matters to CISOs: The largest Patch Tuesday on record — driven in part by AI-accelerated vulnerability discovery — signals that enterprise patch management workflows built for a monthly cadence are now structurally inadequate; CISOs must re-evaluate SLAs and automation capacity immediately.

  • 206 CVEs patched, surpassing all prior Patch Tuesday records; 39 rated Critical, 56 are RCE flaws
  • Three zero-days were publicly disclosed at time of release, including Microsoft Defender flaws dropped by the anonymous researcher 'Nightmare-Eclipse'
  • Security analysts attribute the volume surge directly to AI-assisted vulnerability research tools accelerating discovery on both sides

📖 Read full article

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)

Help Net Security · Jun 12 · Relevance: █████████░ 9/10

Why it matters to CISOs: Public PoC release for an auth-bypass in Check Point Remote Access VPN — already exploited by a Qilin ransomware affiliate since early May — dramatically widens the attacker pool; any organization with unpatched Check Point VPN deployments faces imminent mass exploitation.

  • CVE-2026-50751 (CVSS 9.3) is an authentication bypass in Check Point Remote Access VPN and Mobile Access using deprecated IKEv1; patched June 8
  • WatchTowr published full technical analysis and a Detection Artefact Generator on June 12, making opportunistic exploitation trivial
  • CISA issued an emergency directive giving federal agencies three days to patch; Qilin ransomware affiliate confirmed in at least one breach

📖 Read full article

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

The Hacker News · Jun 12 · Relevance: ███████░░░ 7/10

Why it matters to CISOs: Mass compromise of 400+ AUR packages delivering a Rust-based credential stealer and eBPF rootkit demonstrates that developer-facing package repositories remain a high-leverage, low-detection supply chain attack vector — enterprises using Arch Linux in developer environments should treat this as an active incident.

  • Attackers hijacked 400+ Arch User Repository (AUR) packages, rewriting build scripts to install a Rust-based infostealer targeting developer credentials and access tokens
  • When executed with root privileges, the malware loads an eBPF rootkit to hide itself from standard detection tools
  • AUR packages are community-maintained and not subject to the same vetting as official Arch Linux repositories, making the supply chain risk inherent to the ecosystem

📖 Read full article

Further Reading

Full Transcript

Click to expand full episode transcript

Jordan: If I had to pick one word for this week, it's "acceleration." Everything got faster — AI-generated phishing at industrial scale, a record-breaking Patch Tuesday driven by AI vulnerability discovery, a government order to kill frontier AI access with less than an hour's notice, and a new federal patching directive that gives you three days to fix the worst bugs. The clock is compressing on every axis, and if your security program was built for a monthly cadence, this was the week that model broke.

Alex: Welcome to Cleartext, the Saturday Week in Review. I'm Alex Chen, alongside Jordan Reeves. If you couldn't keep up this week, here's what mattered and what it means. We've got four big themes to work through. First, the AI acceleration loop — how artificial intelligence is simultaneously supercharging attackers, defenders, vulnerability discovery, and government intervention, all at once. Second, the geopolitical enforcement wave — a remarkable cluster of takedowns, indictments, and disruptions from the FBI, Europol, and DOJ. Third, a vulnerability landscape that is actively on fire, with zero-days being exploited in PeopleSoft, Check Point VPN, and supply chains. And fourth, the governance and regulatory ratchet — from CISA's new patching directive to record fines in South Korea to new state privacy laws. Let's get into it.

Jordan: So let's start with AI, because it was genuinely the throughline of the entire week. The Outsider Enterprise takedown was the headline — FBI and Google jointly dismantling a China-based phishing-as-a-service network that caused $1.9 billion in losses. But the detail that matters is how they did it. They used Google's Gemini to generate phishing content at industrial scale. Two and a half million smishing texts in a two-week window. Over 9,000 fake websites. A million fraudulent URLs. This is not artisanal social engineering. This is a factory.

Alex: And that's the part I want CISOs to really internalize. We've been talking about AI-enabled phishing as a future risk for two years. This week, the FBI quantified it at $1.9 billion in actual losses. That's the number you bring to your board. AI-powered fraud is not a theoretical risk. It is a systemic, proven, billion-dollar attack model. And it's going to be replicated, because the playbook is now public.

Jordan: And the AI story didn't stop at the attacker side. Anthropic had a wild week. They released Claude Fable 5 for the public and Mythos 5 — the same model with cyber-offense guardrails stripped — for vetted security organizations. Legitimate security researchers had been complaining that Fable 5's safety classifiers were too restrictive for offensive work, which is a real operational problem. So Anthropic created this dual-track access model. And then on Friday evening, the U.S. government dropped an emergency order forcing Anthropic to disable both models for all foreign nationals with less than an hour's notice.

Alex: This is unprecedented. A commercial AI company receiving a government order at 5:21 p.m. on a Friday to immediately cut off access to its most advanced models. No advance warning to users. Anthropic said it would "abruptly disable" them. If you are a CISO who has deployed frontier AI models in production workflows, this week just handed you a new risk category: regulatory interruption of AI model availability. You need to model that. You need contingency plans for the scenario where a model you depend on goes dark with zero notice.

Jordan: And the dual-model approach itself is worth watching. Anthropic essentially said, "Here's the safe version, and here's the version without the safety rails for people we trust." That's a template other AI companies will follow. It also means CISOs need to understand the procurement implications — which version are you getting, what access controls govern the more capable version, and what happens when your red team needs Mythos-level capability but your compliance team needs Fable-level guardrails.

Alex: The third AI angle this week was on the vulnerability discovery side. Microsoft's Patch Tuesday hit 206 CVEs — an all-time record. Thirty-nine critical, fifty-six remote code execution flaws. Security analysts directly attributed the volume surge to AI-assisted vulnerability research accelerating discovery on both sides. AI is finding bugs faster, which means both Microsoft and attackers are operating on compressed timelines. CISA explicitly cited AI-enabled exploitation speed as the primary driver behind their new Binding Operational Directive 26-04, which collapses patching windows to three days for the highest-risk vulnerabilities. The entire tempo of the game just shifted.

Jordan: Let's pivot to the geopolitical enforcement wave, because this was a remarkably active week for law enforcement. You had the Outsider Enterprise takedown, which we just covered. You had Europol, FBI, and partner agencies seizing AudiA6 — a dark web crypto laundering service that processed over €336 million for ransomware groups between 2022 and 2025. The same operators ran the Dark2Web cybercrime forum, so this was a vertically integrated criminal enterprise that provided both the marketplace and the financial plumbing.

Alex: The AudiA6 takedown is operationally significant because it disrupts monetization infrastructure. Every time you remove a trusted laundering rail, ransomware groups have to scramble to rebuild those relationships. There's a window of disruption. But I'd also flag the displacement risk — when you squeeze the monetization pipeline, some groups get more aggressive, not less. CISOs should be watching for upticks in extortion pressure over the next few weeks.

Jordan: We also got the Void Blizzard indictment — Denis Obrezko charged with orchestrating Kremlin-linked cyber espionage that compromised at least eleven U.S. companies. This is the first public individual attribution for Void Blizzard, and it's a reminder that Russian state cyber operations targeting corporate IP haven't slowed down just because the geopolitical spotlight is on Ukraine. These are broad corporate espionage campaigns, and they're ongoing.

Alex: And rounding out the geopolitical picture, Meta filed a federal contempt order against NSO Group for launching new WhatsApp spearphishing campaigns in violation of a permanent court injunction. NSO Group is literally under a court ban and they're still going. If you have executives or board members using consumer messaging apps, they remain credible targets for commercial spyware. That risk hasn't diminished.

Jordan: The Velvet Ant story deserves a beat too. Sygnia disclosed that a China-nexus group backdoored PAM and OpenSSH components — the Linux login subsystem itself — and persisted on a network with no internet connectivity for close to a decade. They survived multiple incident response cycles because cleanup focused on applications and files, not authentication infrastructure. Nearly ten years. On an air-gapped network.

Alex: That story should be genuinely unsettling for anyone who assumes their remediation efforts were thorough. If your IR playbook doesn't include integrity verification of authentication subsystems — PAM modules, SSH binaries, the things that decide who's allowed to log in — you have a blind spot that a nation-state adversary has already exploited for a decade.

Jordan: Now let's talk about the vulnerability landscape, which was exceptionally hot this week. The biggest fire is CVE-2026-35273 — an unauthenticated remote code execution zero-day in Oracle PeopleSoft. ShinyHunters, tracked by Mandiant as UNC6240, exploited this starting May 27th. Oracle didn't publish its advisory until June 10th. In that two-week gap, ShinyHunters hit over 100 organizations, about two-thirds of them universities, stole gigabytes of data, and are actively extorting victims.

Alex: If you run PeopleSoft, this is an emergency. Assume data exfiltration occurred before the patch was available. This is not a patch-and-move-on situation. This is a patch, investigate, and prepare-for-extortion situation. Higher education was the primary target, but PeopleSoft runs in a lot of enterprises for HR and finance. Check your exposure today if you haven't already.

Jordan: The Check Point VPN flaw, CVE-2026-50751, is the other critical one. Authentication bypass in Remote Access VPN, CVSS 9.3. Check Point patched June 8th, but WatchTowr published the full technical analysis and a detection artifact generator on June 12th. That means the barrier to exploitation just dropped to near zero. A Qilin ransomware affiliate was already confirmed in at least one breach. CISA gave federal agencies three days to patch. If you have Check Point VPN in your environment, you're in a race.

Alex: And the supply chain attacks continued. Microsoft's Miasma incident — 73 of their open-source GitHub repositories for Azure and AI tools were compromised to inject credential-stealing malware targeting developers. Some repos are still offline. Then separately, over 400 Arch Linux AUR packages were hijacked to deploy a Rust-based infostealer and eBPF rootkit targeting developer credentials. Two different supply chain attacks in the same week, both targeting developer environments, both going after credentials and access tokens. The developer workstation is the new high-value target.

Jordan: And on breaches — France's Tchap messenger, which was built specifically as a sovereign secure communications platform for government employees, was breached. Seventy-three thousand accounts compromised. The irony is thick. You build a bespoke encrypted platform to avoid the risks of commercial messaging apps, and then that platform itself becomes the attack surface. Sovereign tech is not inherently more secure. It's differently vulnerable.

Alex: Novo Nordisk also disclosed a breach of clinical trials data. The world's largest insulin producer, dealing with unauthorized access to patient information from clinical trials. That's a dual-risk scenario — patient privacy obligations under both HIPAA and GDPR, plus potential theft of proprietary pharmaceutical R&D. Life sciences CISOs need to model that explicitly.

Jordan: Let's wrap with the governance and regulatory segment. CISA's BOD 26-04 is the one that reshapes the operational landscape. Risk-tiered remediation timelines replacing the old blanket fourteen-day window. If a vulnerability hits all four criteria — active exploitation, internet-facing, critical asset, high CVSS — you have three days. CISA was explicit: AI-enabled exploitation speed means defenders cannot take weeks to patch.

Alex: This is a federal directive, but the ripple effects will reach every sector. Insurance carriers, auditors, and regulators will calibrate their expectations against this benchmark. If CISA says three days for the worst vulnerabilities, your board is going to ask why your SLA is fourteen. And honestly, they should.

Jordan: South Korea fined Coupang $409 million for a breach affecting 30 million customers. That's the largest data breach penalty in Korean history, and it dwarfs the $88.8 million they hit SK Telecom with earlier this year. APAC regulators are now competing with GDPR on enforcement severity. And Massachusetts passed a comprehensive privacy law banning the sale of precise location data, adding another jurisdiction to the U.S. patchwork.

Alex: So stepping back — what defined this week? Jordan, you said it at the top. Acceleration. AI is compressing timelines everywhere simultaneously. Attackers are generating phishing at machine scale. Vulnerability researchers — both good and bad — are finding bugs faster than organizations can patch them. Governments are issuing emergency orders with less than an hour's notice. Regulators are collapsing patching windows from weeks to days. And the response capacity of most security programs was designed for a slower world.

Jordan: The uncomfortable truth is that a lot of enterprise security is still operating on monthly patch cycles, quarterly risk reviews, annual threat model updates. And every single story this week — from the PeopleSoft zero-day to the Anthropic shutdown to the 206-CVE Patch Tuesday — is telling you that cadence is no longer sufficient. The adversary operates continuously. The regulators are moving toward continuous. Your program has to get there too.

Alex: For next week, keep your eye on three things. One, the fallout from the Anthropic model suspension — what does the government do next, and does this set a precedent for other AI providers? Two, mass exploitation of the Check Point VPN flaw now that the PoC is public. And three, watch for displacement attacks from ransomware groups whose laundering infrastructure just got seized. When you squeeze one part of the pipeline, pressure shows up somewhere else.

Jordan: That's the week. The daily show is back Monday. Show notes and links to every story we covered are at cleartext.fm.

Alex: Thanks for listening to Cleartext. Have a good weekend, and patch your Check Point boxes before Monday.

Cleartext is an automated daily podcast for CISOs and security leaders. Generated 2026-06-13.

Sources are pulled from: CyberScoop, The Record, SecurityWeek, Krebs on Security, Dark Reading, Cybersecurity Dive, BleepingComputer, Wired, Ars Technica, TechCrunch, Help Net Security, VentureBeat, Risky Business News, The Hacker News, CISA, and BankInfoSecurity.