chore: update feed state [2026-06-20]

Author: github-actions[bot]

logs/urls.txt

@@ -681,3 +681,7 @@
 [2026-06-19] https://www.sonarsource.com/blog/ai-is-writing-more-of-your-terraform/
 [2026-06-19] https://www.sonarsource.com/blog/what-nist-should-know-when-updating-the-ssdf-for-ai/
 [2026-06-19] https://www.sonarsource.com/blog/your-ai-bill-is-a-code-quality-problem/
+[2026-06-20] https://outpost24.com/blog/annual-penetration-testing-modern-application-risk/
+[2026-06-20] https://unit42.paloaltonetworks.com/large-scale-credential-attacks/
+[2026-06-20] https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-25-7/
+[2026-06-20] https://portswigger.net/blog/burp-extensibility-2026-awards-talks-and-highlights

site/_posts/2026-06-19-the-good-the-bad-and-the-ugly-in-cybersecurity-week-25.md

@@ -0,0 +1,12 @@
+---
+layout: post
+title: "The Good, the Bad and the Ugly in Cybersecurity – Week 25"
+date: 2026-06-19 13:00:54 +0300
+categories: [RSS]
+tags: [c2, malware, infra-abuse, ransomware, threat-intel]
+toc: true
+---
+
+A security news roundup covering three major incidents: FBI dismantles a Chinese PhaaS operation (Outsider Enterprise) and law enforcement removes SocGholish malware from 15,000 WordPress sites. DragonForce ransomware gang debuts Backdoor.Turn, a Go-based malware that conceals C2 communications inside Microsoft Teams TURN relay infrastructure—the first documented in-the-wild abuse of this technique—while using BYOVD tactics and DLL side-loading for privilege escalation and persistence. China-linked UNC6508 breaches REDCap medical research servers via legacy vulnerabilities, deploys custom InfiniteRed malware with credential harvesting and HTTP cookie-based backdoor commands for SQL execution and data exfiltration from a North American medical institution.
+
+[Read original article](https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-25-7/){: .btn .btn-primary }

site/_posts/2026-06-20-threat-brief-mitigating-large-scale-credential-attacks.md

@@ -0,0 +1,12 @@
+---
+layout: post
+title: "Threat Brief: Mitigating Large-Scale Credential Attacks"
+date: 2026-06-20 02:05:33 +0300
+categories: [RSS]
+tags: [credential-attack, password-spraying, privilege-escalation, threat-intel, persistence]
+toc: true
+---
+
+Unit 42 reports a large-scale credential attack campaign targeting internet-exposed Fortinet, Sophos, and MSSQL services. The attackers employ a multi-stage methodology: initial password spraying using credentials sourced from prior breaches and vulnerability exploitation, followed by privilege escalation and extraction of device configurations (including stored credentials), offline cracking to expand the password list, and persistent administrative access. Initial access brokers on Russian cybercrime forums are selling harvested credentials, indicating commoditized access to compromised edge infrastructure. The attack demonstrates systematic reconnaissance and credential lifecycle harvesting to achieve persistent, high-privilege compromise.
+
+[Read original article](https://unit42.paloaltonetworks.com/large-scale-credential-attacks/){: .btn .btn-primary }

state/processed_urls.json

@@ -1914,7 +1914,12 @@
     "http://blog.quarkslab.com/black-box-probing-a-security-analysis-of-xiaomis-mja1-secure-chip.html": "2026-06-19",
     "https://www.sonarsource.com/blog/ai-is-writing-more-of-your-terraform/": "2026-06-19",
     "https://www.sonarsource.com/blog/what-nist-should-know-when-updating-the-ssdf-for-ai/": "2026-06-19",
-    "https://www.sonarsource.com/blog/your-ai-bill-is-a-code-quality-problem/": "2026-06-19"
+    "https://www.sonarsource.com/blog/your-ai-bill-is-a-code-quality-problem/": "2026-06-19",
+    "https://doublepulsar.com/an-update-on-fortibleed-whats-happening-with-victim-orgs-c0671a50e7f4?source=rss----8343faddf0ec---4": "2026-06-20",
+    "https://outpost24.com/blog/annual-penetration-testing-modern-application-risk/": "2026-06-20",
+    "https://unit42.paloaltonetworks.com/large-scale-credential-attacks/": "2026-06-20",
+    "https://www.sentinelone.com/blog/the-good-the-bad-and-the-ugly-in-cybersecurity-week-25-7/": "2026-06-20",
+    "https://portswigger.net/blog/burp-extensibility-2026-awards-talks-and-highlights": "2026-06-20"
   },
-  "last_updated": "2026-06-19T03:17:49.339524+00:00"
+  "last_updated": "2026-06-20T03:15:40.528710+00:00"
 }