Beyond the 0-days, "hitlist" activities aimed at extortion were at an all-time high, with attackers systematically listing companies that rely on third-party SaaS platforms. 1. The CDK Global BlackSuit Attack

Given the aggressive exploitation of these 0-days, a passive security posture is dangerous. Here is how organizations should respond to the threats of Week 49:

Mira traced the Mirror’s digital signature. It was elegant. It exploited a flaw in the speculative execution of the phone’s AI co-processor. To find it, someone had already been inside the factory for months.

Zero Day Initiative — The June 2024 Security Update Review

0-day And Hitlist Week -06-12-2024- ((link)) -

Beyond the 0-days, "hitlist" activities aimed at extortion were at an all-time high, with attackers systematically listing companies that rely on third-party SaaS platforms. 1. The CDK Global BlackSuit Attack

Given the aggressive exploitation of these 0-days, a passive security posture is dangerous. Here is how organizations should respond to the threats of Week 49:

Mira traced the Mirror’s digital signature. It was elegant. It exploited a flaw in the speculative execution of the phone’s AI co-processor. To find it, someone had already been inside the factory for months.

Zero Day Initiative — The June 2024 Security Update Review