June 2026 has been a demanding month for cyber security teams. Across the five articles in this edition, our analysts begin with Anthropic's first year of AI threat intelligence - which reveal that malicious actors are systematically using AI to raise the technical ceiling of their attacks - before turning to a zero-day vulnerability actively exploited in Android devices, a critical authentication bypass in widely deployed Check Point VPN gateways, the continued - and escalating - threat posed by the Silent Ransom Group to law firms and professional services organisations, and a high-priority remote code execution vulnerability in Windows Netlogon.
A consistent theme runs through all five articles: the attack surface continues to expand across every layer of the stack - now encompassing the AI tooling organisations are only beginning to deploy, as well as the mobile operating system, the network perimeter, human trust, and enterprise identity infrastructure. Organisations that rely on reactive or manual patch processes, or that have not yet updated their threat models to account for AI-enabled adversaries, are disproportionately exposed.