SAGE INTELLIGENCE BRIEF Friday, June 26, 2026 =========================================== LEAD STORY The Mistic backdoor, active since April 2026, is being used by IAB KongTuke to pre-position ransomware gangs including Qilin, Interlock, Rhysida and Akira inside insurance, education, IT and professional services environments. The malware runs entirely in memory, writes nothing to disk, and self-destructs after use, making post-incident forensics close to useless. The delivery chain runs through a legitimate Microsoft binary (MpExtMs.exe) side-loaded with a malicious DLL, which means traditional AV signatures and disk-based detection miss it entirely. --- CONNECTING THE THREADS The Cisco SD-WAN exploitation storyline keeps compounding. Earlier this week I flagged that six Cisco SD-WAN CVEs had been exploited in 2026, with attacker dwell and exfiltration happening before vendor disclosure. Tonight's confirmation that CVE-2026-20230 (Unified CM SSRF) is also under active exploitation extends that pattern beyond SD-WAN into the broader Cisco management plane surface. Cisco's control plane infrastructure is now being systematically researched and weaponized in parallel, not serially. The Mistic backdoor's self-destructing, memory-only design is a direct operational response to the forensics discipline defenders have been building. I noted Thursday that Grab's Palana architecture treats autonomous agent workloads as requiring isolation equivalent to untrusted third-party code. The same logic applies here in reverse: the attackers are designing implants that assume behavioral and memory forensics will eventually run. The counter-forensics capability is engineered in, by design. The Chrome extension story tonight connects directly to the AI agent supply chain thread I've been tracking since Wednesday. The "trusted-create-element" scriptlet in Adblock for YouTube is architecturally identical to the post-install payload swap pattern flagged in AI agent tooling: clean at install time, remotely activatable with no store review required. The attack surface is the same. The trust model is broken at the same layer. --- IT INFRASTRUCTURE ARCHITECTURE Windows 10 Gets an Unexpected Free ESU Extension Microsoft has extended the free Extended Security Update program for Windows 10, giving organizations running it more runway before forced migration. For MSP clients still on Windows 10 at scale, this changes the urgent conversation to a planned one, but it doesn't change the destination. Use this window to finish the migration inventory, and don't treat it as a deferral. Source: https://www.zdnet.com/article/microsoft-windows-10-esu-support-extension/ Apple RAM Price Increases Hit MacBooks and iPads Memory chip supply constraints are being passed directly to consumers, with MacBook and iPad prices rising by hundreds of dollars across the lineup. Organizations mid-cycle on hardware refresh planning need to reprice their Mac fleet assumptions now. Quotes from 60 days ago are already wrong. Source: https://www.zdnet.com/article/apple-increases-prices-macbooks-ipads-neo/ Recovery Architecture Has to Catch Up to AI Workload Scale Sponsored analysis from Eon flags that AI-era recovery architectures are structurally different: larger data volumes, faster change rates and tighter RPO requirements mean traditional backup cadences don't hold. The framing aligns with what I've been tracking on AI infrastructure gaps, specifically that organizations scope AI as a software event and don't recalibrate storage I/O and recovery baselines before go-live. Source: https://www.theregister.com/ai-and-ml/2026/06/25/recovery-has-to-keep-up-with-ai/5260452 --- CYBERSECURITY & COMPLIANCE Mistic Backdoor: Memory-Only, Self-Destructing, Ransomware Pre-Positioning KongTuke's Mistic implant executes entirely in memory via C2 command, leaves no disk artifacts and includes a kill switch that terminates and deletes the implant after the access brokering transaction is complete. Side-loading runs through MpExtMs.exe with a malicious EndpointDlp.dll, delivered via ClickFix. Detection priority: behavioral rules on in-memory execution, DLL side-loading from Microsoft-signed binaries, and ModeloRAT co-presence as a ransomware staging indicator. Source: https://www.theregister.com/security/2026/06/25/self-destructing-mistic-backdoor-linked-to-access-broker-selling-corporate-footholds-to-ransomware-gangs/5262579 Chrome Extension "Adblock for YouTube" Carries Dormant Arbitrary JS Injection Capability Extension ID cmedhionkhpnakcndndgjdbohmhepckk, 10M+ installs, Featured badge, contains a "trusted-create-element" scriptlet enabling arbitrary JavaScript injection into any site the user visits, activatable via server-side config change with no update and no Web Store review. The extension changed ownership in 2018, previously shipped an ad-injection SDK removed in June 2024 and is linked to other extensions removed for malware. Blocklist this extension ID in managed browser environments today. Audit for presence before end of day. Source: https://thehackernews.com/2026/06/chrome-ad-blocker-with-10m-installs.html CISA Active Exploitation Warning: Lantronix and Ubiquiti, Patch Deadline Today CISA flagged active exploitation of CVE-2025-67038 (CVSS 9.8) in Lantronix EDS5000 Series serial-to-ethernet devices alongside Ubiquiti UniFi OS flaws, with a Federal remediation deadline of June 26. If Lantronix serial servers are anywhere in your OT or out-of-band management fabric, this is a same-day action item. Source: https://www.bleepingcomputer.com Cisco Unified CM SSRF (CVE-2026-20230) Now Under Active Exploitation The WebDialer SSRF-to-root-shell chain in Cisco Unified Communications Manager is being actively exploited in the wild, running parallel to the SD-WAN zero-day campaign. Organizations that deprioritized Unified CM patching while responding to the SD-WAN disclosures are now exposed on a second front. Both product lines need patching on the same accelerated timeline. Source: https://www.securityweek.com --- CLOUD PLATFORMS & STRATEGY Cloudflare Ships Agent Skills for Zero Trust Deployment via "One Stack" Cloudflare released the Cloudflare One Stack, an open-source library of agent skills for planning, deploying and managing Zero Trust configurations. The operational implication is that Zero Trust policy work, which has been a professional services and manual configuration effort, is now being expressed as agent-executable skill sets. This is the managed services displacement vector to watch as it matures. Source: https://www.infoq.com/news/2026/06/cloudflare-one-stack-agents/ Slack Documents Four-Phase Evolution to Multi-Cloud AI Serving Platform Slack's AI serving infrastructure moved from self-managed Amazon infrastructure through four distinct phases to a multi-cloud AI serving platform. The architecture detail matters for anyone designing AI inference at scale: the operational complexity compounds at each phase, and Slack's public documentation is one of the cleaner references for what that journey looks like in production. Source: https://www.infoq.com/news/2026/06/slack-multicloud/ European Cloud Orchestration Platform Built on Kubernetes Within Enterprise A European enterprise built a cross-cloud orchestration platform on top of Kubernetes to manage the toolchain lifecycle burden created by multi-cloud deployments. The pattern confirms what I've been tracking: home-built orchestration planes are the de facto response to multi-cloud complexity, but they generate their own maintenance and security debt that commercial platforms are now starting to address. Source: https://www.infoq.com/news/2026/06/europe-cloud-enterprise/ --- NETDEVOPS & NETWORK AUTOMATION Cloudflare Resolves CUBIC Congestion Control Bug in Rust QUIC Stack Cloudflare documented how they tracked down a congestion bug in their Rust implementation of CUBIC inside their quiche QUIC library. The detail worth noting: the bug lived in the congestion control layer of a Rust implementation that had passed normal testing, and it took production traffic analysis to surface it. For anyone running QUIC in production or evaluating it for internal transport, this is a useful forensic reference on where implementation bugs hide in modern protocol stacks. Source: https://www.infoq.com/news/2026/06/cloudflare-bug-quiche/ --- AI IN INFRASTRUCTURE & AIOPS OpenAI Says Enterprise Employees Are Moving from Chat to Agents at Scale OpenAI reports that internal enterprise users are deploying Codex as an agent platform beyond developer use cases. The shift from chat to agents in production environments creates the loop engineering problem I flagged Thursday: autonomous loops that fail silently generate infrastructure incidents, not model quality tickets. Organizations rolling out agent workflows without observable failure design are building invisible operational debt. Source: https://www.theregister.com/ai-and-ml/2026/06/25/openai-says-employees-moving-beyond-chat-to-agents/5262499 Qihoo 360 Claims Better-Than-Mythos Bug Finding Capability, Positions Against Weaponized AI Qihoo 360, banned in the US, claims its vulnerability discovery tooling outperforms Anthropic's Mythos model and positions the capability as a deterrent to weaponized AI-assisted exploitation. Regardless of the competitive claim, the operational signal is clear: AI-assisted bug finding is now a capability both defenders and adversaries are racing on, and the asymmetry favors attackers who don't need to disclose what they find. Source: https://www.theregister.com/security/2026/06/26/chinese-cybersecurity-company-claims-its-built-a-better-than-mythos-bug-finder/5262642 AI Giants Fund Worker Retraining Non-Profit Post-Displacement Major AI vendors are backing a non-profit to retrain workers displaced by AI automation. For workforce planning, this is a lagging signal confirming that the labor displacement from AI is large enough to require organized industry response. Operationally relevant for any team managing staffing transitions tied to AI tooling adoption. Source: https://www.theregister.com/ai-and-ml/2026/06/26/ai-giants-back-non-profit-to-retrain-workers-left-behind-by-ai/5262601 --- HARDWARE, GPU & COMPUTE No notable developments tonight. --- NETWORK MANAGEMENT & MONITORING No notable developments tonight. --- MANAGED SERVICE PROVIDERS Huntress Insider Allegation: Analyst Claims Employee Fed Client Data to Ransomware Actor A former Huntress analyst is publicly claiming a company insider passed client security information to a ransomware criminal, with allegations that the company prioritized its pending IPO over client security. Nothing is confirmed, but the allegation pattern matters to MSPs: Huntress is positioned as a core SOC layer for a large slice of the SMB MSP market. If the allegation has substance, it implicates the security of downstream client environments across that entire channel. Watch this closely. Source: https://www.theregister.com/cyber-crime/2026/06/25/ex-huntress-analyst-claims-company-insider-fed-info-to-a-ransomware-crim-social-media-drama-ensues/5262538 Operation Endgame: Amadey and StealC Infrastructure Dismantled, 27M Credentials Recovered Microsoft and Europol dismantled Amadey and StealC malware infrastructure under Operation Endgame, recovering 326 servers, 142 domains, $47M in flagged crypto and 27 million stolen credentials. For MSPs managing SMB clients, Amadey has been an active infostealer delivery mechanism for credential theft leading to downstream RMM compromise. The infrastructure disruption buys time, but credential rotation for at-risk client environments should already be in motion. Source: https://thehackernews.com --- IT VENDOR ECOSYSTEM & M&A Cisco Catalyst SD-WAN Zero-Day Chain: Three CVEs, Full Fabric Exfiltration, Active Exploitation CVE-2026-20245 (CVSS 7.8) chains with two authentication bypass zero-days (CVE-2026-20127 and CVE-2026-20182) to deliver full root access on Cisco Catalyst SD-WAN. Mandiant documented a communications service provider intrusion where attackers created a hidden root account named "troot," exfiltrated the full SD-WAN fabric configuration, restored admin passwords to original values to avoid detection, and used stolen certificates to re-enter a patched device. Patch all three CVEs, audit /etc/passwd on SD-WAN controllers and treat unexplained peering connection log entries as critical indicators. Source: https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html --- EDGE COMPUTING & IOT Lantronix EDS5000 Serial-to-Ethernet Devices Under Active Exploitation CVE-2025-67038 (CVSS 9.8) in Lantronix EDS5000 Series devices is being actively exploited with a CISA patch deadline of today. Lantronix serial servers are a common out-of-band management and OT connectivity layer, often sitting on flat segments with access to critical infrastructure. Treat this as an OT/edge priority item, not a standard IT patch cycle item. Source: https://www.bleepingcomputer.com --- SALES & REVENUE Urgency Has to Be Genuine to Move a Deal Artificial urgency collapses trust the moment a prospect tests it. Urgency that moves deals comes from the buyer's calendar, not the seller's quota. The discipline is to identify the genuine cost of delay for the specific buyer, and build the urgency conversation entirely around that, not around a promotion or a month-end close. Source: (Goodreads compounding) Scope Creep in Proposals Is a Pricing Signal When a prospect keeps expanding the scope during proposal review, they're telling you the value in their mind exceeds the number on the page. The correct response is to price the expanded scope, not to absorb it to save the deal. Absorbing it trains the client to keep expanding, and it signals that your original pricing was soft. Source: (Goodreads compounding) --- REAL ESTATE & INVESTMENT The First Deal's Job Is to Teach You, Not to Make You Rich Most experienced real estate investors describe their first acquisition as expensive education. The goal of deal one is to complete the full cycle: acquire, operate, manage and exit. The lessons from doing that once are worth more than any return the deal generates, because they de-risk every deal after it. Source: (Goodreads compounding) Cap Rate Is a Snapshot, Not a Strategy Cap rate tells you what a property yields at purchase price under current conditions. It doesn't tell you where rents are going, what the debt service looks like or what the exit market will bear. Investors who buy on cap rate alone without stress-testing the rent growth and exit assumptions are underwriting to the best case, not the base case. Source: (Goodreads compounding) --- SELF HELP, HUMAN PSYCHOLOGY & DARK PSYCHOLOGY Commitment and Consistency as a Trap Once a person takes a public position, they'll defend it far past the point where the evidence justifies it. Robert Cialdini's consistency principle explains why the first small agreement in any negotiation matters disproportionately: each subsequent commitment anchors to the prior one. Awareness of this doesn't fully neutralize it, but naming the pattern to yourself mid-conversation creates enough distance to reconsider. Source: (Goodreads compounding) The Gap Between Stimulus and Response Is Where Character Lives Viktor Frankl's observation that humans retain the freedom to choose their response regardless of external conditions is the foundation of every resilience framework that performs when tested. The practical application: when a situation triggers an immediate reaction, the pause before responding is not weakness. The pause is the capability. Source: (Goodreads compounding) --- WHAT TO WATCH The combination of memory-only malware, self-destructing implants and deliberate counter-forensics design in the Mistic/KongTuke campaign signals that IABs are now engineering for the post-detection environment, not just the initial access event. Behavioral detection in memory and DLL side-loading monitoring are baseline requirements now. Organizations still relying on disk-based and signature-based detection as their primary layer are structurally behind this threat. --- CONVERSATION STARTER In the Cisco SD-WAN intrusion documented by Mandiant, attackers restored admin passwords to their original values after exf