Daily Briefing

CyberGeoDigest

Geopolitical cyber intelligence in 5 minutes
Sunday, June 21, 2026 · 3 stories
Share this digest:

North Korea's Sapphire Sleet Poisons npm, Hits 140+ Mastra AI Packages (1 minute read)

Microsoft attributes a supply chain attack compromising 140+ npm packages to North Korea's Sapphire Sleet (BlueNoroff), targeting the Mastra AI ecosystem. The operation extends Lazarus-cluster tradecraft into AI developer tooling, expanding Pyongyang's software supply chain attack surface.

BleepingComputer · 18h ago · Read full article →

๐Ÿ‡ฐ๐Ÿ‡ต Lazarus ยท North Korea

Prinz Eugen Ransomware Targets Recent Files, Skips Ransom Note (1 minute read)

A new ransomware strain dubbed Prinz Eugen encrypts recently modified files first and deploys no ransom note, departing from standard extortion playbooks.

BleepingComputer · 17h ago · Read full article →

CVE-2026-4020 Exploited to Steal API Keys from 100,000 WordPress Sites (1 minute read)

Unidentified threat actors are actively exploiting CVE-2026-4020, a patched information-disclosure flaw in the Gravity SMTP WordPress plugin, extracting API keys, OAuth tokens, and secrets from up to 100,000 sites.

The Hacker News · 22h ago · Read full article →

Get this in your inbox

Free daily briefing. No spam. Unsubscribe anytime.

Subscribe Now