Threat Intelligence Brief - Saturday, June 20, 2026

Executive Signal

• The Gentlemen RaaS is actively distributing GentleKiller to affiliates — a framework targeting ~400 Windows security processes to blind EDR before ransomware executes. Validate tamper protection enforcement today.
• Icarus extortion group stole OAuth tokens from Klue, compromising downstream Salesforce environments. Any organization using Klue or sharing OAuth integrations with third-party SaaS vendors should treat this as a live exposure until confirmed otherwise.
• An unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin (100,000+ installs) is under active exploitation. Patch immediately.
• A vendor breach at Texas Parks and Wildlife Department exposed PII — including driver’s license data — for over 3 million individuals. Third-party risk and regulatory notification obligations are in scope.
• Microsoft researchers disclosed AutoJack, an attack chain that weaponizes AI browsing agents for host-level code execution. No confirmed in-the-wild exploitation, but organizations deploying AI agents with local service access should review permission scopes this week.

Immediate Action Required

1. Validate EDR Tamper Protection — The Gentlemen / GentleKiller Confirm tamper protection is enforced — not just enabled — across all Windows endpoints. GentleKiller targets ~400 security processes; if tamper protection is not enforced at the platform level, EDR can be silently disabled before ransomware executes. Restrict execution of unknown or unsigned binaries where feasible.

2. Rotate OAuth Tokens — Klue / Icarus / Salesforce If your organization uses Klue or has OAuth-connected integrations with Salesforce via third-party vendors, rotate affected tokens immediately and audit connected application permissions. Do not wait for vendor notification — the victim list is growing.

3. Patch Gravity SMTP WordPress Plugin — Active Exploitation Identify all WordPress instances running the Gravity SMTP plugin and update to the latest version. Exploitation is unauthenticated and active at scale. Treat this as a same-day action.

High-Impact Developments

The Gentlemen RaaS Deploys GentleKiller to Blind EDR Before Encryption

• What happened: The Gentlemen ransomware-as-a-service operation is distributing GentleKiller to affiliates — a mature EDR-killing framework that targets approximately 400 Windows security processes, disabling endpoint defenses before ransomware deploys.
• Why it matters: Productizing EDR-kill capability for affiliate distribution raises the operational scale of this threat. Ransomware that neutralizes EDR before encryption collapses the detection and response window.
• Who should care: CISOs, SOC leaders, endpoint security owners, and IR teams. Any organization running Windows endpoints without enforced EDR tamper protection is at elevated risk.
• Recommended action: Verify tamper protection is enforced on all Windows endpoints. Audit EDR health dashboards for gaps. Restrict unknown binary execution via application control where feasible.
• Confidence: High — confirmed active exploitation.

• Search metadata: T1070, T1562

  Threat actor: The Gentlemen

  Malware: Gentlemen ransomware

  Tool: GentleKiller

  Platform: Windows

Icarus Extortion Group Steals OAuth Tokens from Klue, Compromises Salesforce Environments

• What happened: Market intelligence platform Klue confirmed that threat actors stole OAuth tokens used to connect to customer Salesforce environments. The Icarus extortion group has claimed responsibility, and the victim list is expanding.
• Why it matters: A single compromised OAuth integration provides persistent, authenticated access to downstream SaaS environments without triggering password-based controls. This is a third-party supply chain identity risk — not a Klue-specific problem.
• Who should care: CISOs, IAM teams, SaaS security owners, and any organization using Klue or running broad OAuth integrations into Salesforce.
• Recommended action: Rotate OAuth tokens connected to Klue immediately. Audit third-party OAuth integrations for excessive Salesforce permissions. Review connected app access logs for anomalous activity.
• Confidence: High — vendor-confirmed incident, active extortion group.

• Search metadata: T1539

  Threat actor: Icarus

  Vendor: Klue

  Affected product: Salesforce

Active Exploitation of Gravity SMTP WordPress Plugin (100,000+ Sites)

• What happened: Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, installed on over 100,000 websites.
• Why it matters: Unauthenticated exploitation at this install base means automated scanning and mass exploitation are already underway. Exposed data enables follow-on credential attacks and site compromise.
• Who should care: Web teams, IT operations, vulnerability management leads, and any team responsible for WordPress-hosted properties.
• Recommended action: Update the Gravity SMTP plugin to the latest version immediately. Audit WordPress plugin inventories for this and other unpatched plugins.
• Confidence: High — confirmed active exploitation.

• Search metadata: T1190

  Affected product: Gravity SMTP WordPress plugin

  Platform: WordPress

Texas Parks and Wildlife Department Vendor Breach — 3M+ Driver’s Licenses Exposed

• What happened: A vendor supporting the Texas Parks and Wildlife Department suffered a breach exposing personal information — including driver’s license data — for more than three million individuals.
• Why it matters: Government-issued identity data at this scale creates durable fraud and identity theft risk. The breach originated at a vendor, not the agency — a direct third-party risk failure. Legal, privacy, and regulatory notification obligations are in play.
• Who should care: Security leadership, legal, privacy, and compliance teams — particularly those in government, public sector, or organizations with vendor-managed licensing systems handling PII.
• Recommended action: Use this as a prompt to review vendor data handling agreements and confirm that third-party PII processors have adequate breach notification and data minimization controls in place.
• Confidence: High — publicly disclosed by the agency.

• Search metadata: Threat category: data breach, personally identifiable information

  Affected org: Texas Parks and Wildlife Department (TPWD)

  Affected org types: government, individual

Monitor Only

• AutoJack (AI Agent Hijacking — Microsoft Research): A demonstrated exploit chain allows a malicious web page to hijack an AI browsing agent and achieve host-level code execution via a privileged local service. No confirmed in-the-wild exploitation. Organizations deploying AI agents with local system access should review permission scoping and isolation this week.

  T1059

  Tool: AutoJack

  Platform: AI agents

  Vendor: Microsoft

• usbliter8 — Unpatchable Apple A12/A13 SecureROM Exploit: Researchers published a working exploit achieving arbitrary code execution in the SecureROM of Apple A12 and A13 chips. The vulnerability is burned into silicon and cannot be remediated via software update. Exploitation requires physical USB access. No active exploitation confirmed. Organizations with high-sensitivity mobile device fleets on affected hardware should assess exposure and factor device refresh timelines accordingly.

  T1547.006

  Tool: usbliter8

  Affected products: Apple A12, Apple A13

  Platforms: iOS, iPadOS, macOS

Analyst Observation

Today’s brief reinforces a pattern worth internalizing: the attack surface is increasingly defined by third-party integrations and SaaS trust chains, not network edges. The Klue/Icarus incident is not primarily a Klue story — it’s a story about OAuth tokens handed to a vendor becoming your exposure. The TPWD breach follows the same logic: the agency held the liability, but the vendor held the data. GentleKiller is a different kind of reminder — EDR is a detection control, not a prevention guarantee, and affiliates are now being handed industrialized tooling to blind it before the payload runs. AutoJack deserves attention from anyone deploying AI agents with local privileges; the attack surface of agentic AI is not yet well-understood operationally, and researchers are moving faster than most security governance frameworks.

Source Links

• The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes — https://thehackernews.com/2026/06/the-gentlemen-raas-uses-gentlekiller.html
• Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin — https://www.bleepingcomputer.com/news/security/hackers-exploit-info-disclosure-bug-in-gravity-smtp-wordpress-plugin/
• Klue OAuth breach victim list grows as Icarus hackers claim attack — https://www.bleepingcomputer.com/news/security/klue-oauth-breach-victim-list-grows-as-icarus-hackers-claim-attack/
• Texas govt data breach exposes over 3 million driver’s licenses — https://www.bleepingcomputer.com/news/security/texas-govt-data-breach-exposes-over-3-million-drivers-licenses/
• AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution — https://thehackernews.com/2026/06/autojack-attack-lets-one-web-page.html
• Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain — https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html

Generated by DevSecOpsDadAttack cyber threat intelligence.