This week brought several major incidents, and all of them point in the same direction. The scale of credential compromise keeps breaking records. FortiBleed: 86,000 devices across 194 countries. The Elasticsearch leak: 24 billion records from dozens of sources. HIBP added 124 million passwords stolen by infostealers at the moment of use. This data is already in circulation.
- Two attack methods received concrete confirmation this week. Attackers are increasingly bypassing passwords altogether: the Klue breach started with a forgotten service account and ended with stolen OAuth tokens — no password entered at any point.
- AI agents have become an independent attack vector: a poisoned coding test repository allowed an attacker to exfiltrate AWS credentials from a developer's workstation in 111 seconds, with no endpoint alerts generated.
- Regulatory pressure is moving on two fronts. In Europe, the Council of Europe and French government platform Tchap were breached, the Italian Garante fined a firm for storing passwords in cleartext, and new EDPB and NIS2 incident reporting templates dropped — all within a single week.
- In the U.S., President Trump signed two executive orders setting hard federal deadlines for post-quantum cryptography migration, signaling that the window for preparation is shorter than most organizations have assumed.
This digest covers the 14 most significant events from 15 to 22 June 2026.
U.S. sets federal deadlines for post-quantum cryptography (PQC) migration
On 22 June 2026, President Trump signed two executive orders on quantum technology. EO "Securing the Nation Against Advanced Cryptographic Attacks" requires federal agencies to designate a PQC migration lead, transition high-value assets to post-quantum cryptography by 2030, and complete full migration by 2031.
A second order directs development of a fault-tolerant quantum computer by 2028. Both orders cite "harvest now, decrypt later" attacks as the primary threat driver — adversaries collecting encrypted data today for future decryption. Barron's reports that some analysts put viable quantum decryption capability as early as 2029.
Why it matters: The 2030–2031 federal deadlines will not stay inside the government. Procurement contracts and sector-specific regulation tend to follow federal precedent, so any organization that touches government infrastructure or operates in a regulated industry should treat this as an early signal. The practical starting point is knowing what you have: which systems depend on RSA or ECC, where cryptographic keys and certificates actually live, and who controls them.
Source: Reuters / White House — 22 Jun 2026
FortiBleed: 86,000+ fortinet device credentials compromised across 194 countries
A large-scale credential theft campaign has compiled a verified database of over 86,644 working credentials for internet-facing Fortinet FortiGate firewalls and SSL VPN appliances — roughly 50% of all such devices exposed to the internet. The campaign involved SSL VPN authentication interception, hash-cracking on a 45-GPU cluster, and Active Directory pivoting.
Attackers executed approximately 1.16 billion credential attempts against 320,000+ FortiGate targets. CISA issued an urgent advisory on 18 June 2026, requiring organizations to terminate active sessions, reset all credentials, enable phishing-resistant MFA, and apply PBKDF2 password hashing for admin accounts. Huntress confirmed 845 partner organizations were directly impacted.
Why it matters: Organizations that patched Fortinet vulnerabilities but never rotated credentials remain fully exposed. This is the defining credential security event of the week. Any organization with internet-facing Fortinet infrastructure should treat this as an active incident requiring immediate credential rotation — not a scheduled maintenance task.
Source: SecurityWeek — 19 Jun 2026
24 billion stolen credentials exposed in colossal Elasticsearch leak
Cybernews researchers discovered a publicly accessible Elasticsearch cluster containing 24 billion stolen credential records across 8.3 terabytes of data, drawn from 36 distinct sources including infostealer malware logs, Telegram cybercrime channels, and breach compilations. More than 1.7 billion records originated from Telegram channels.
Critically, the cluster also contained approximately 9,500 CVE records linked to active GitHub repositories — evidence the operator was building an attack-prioritization pipeline to cross-reference exploitable vulnerabilities with available stolen credentials. The database has been taken offline, but the credentials remain in active circulation.
Why it matters: The CVE-enriched attack pipeline changes the risk calculation: rotating credentials after a breach may be too late if an attacker already knows which unpatched services they unlock. Fresh infostealer logs also contain active session cookies that bypass MFA entirely. Unique credentials per service remain the primary structural defense.
Source: Cybernews — 17 Jun 2026
124 million unique infostealer passwords added to Have I Been Pwned
On 15 June 2026, Have I Been Pwned (HIBP) ingested 56.3 million unique email addresses and 124 million unique passwords sourced from infostealer malware logs. Unlike traditional breach data, these credentials were stolen directly from victims' devices at the time of use — meaning they are current and unrotated. The dataset is now searchable via the Pwned Passwords API, which is integrated into numerous enterprise password managers and identity platforms.
Why it matters: Organizations using password managers with HIBP integration will now surface alerts for a substantially larger pool of at-risk credentials. The danger here is freshness: employees who have not changed passwords since their device was infected remain fully exposed. This is a direct prompt to run a compromised credential audit across your organization.
Source: Have I Been Pwned — 15 Jun 2026
Klue SaaS supply chain attack: OAuth tokens stolen, CRM data exfiltrated from multiple security vendors
A new extortion group called Icarus (active since April 2026) gained initial access to market intelligence platform Klue via a compromised legacy credential associated with an abandoned integration service account. Attackers then stole OAuth tokens used by Klue's customers to connect to Salesforce and Gong, and ran automated scripts against the Salesforce REST API for up to 24 hours of bulk CRM data extraction.
Confirmed victims include Huntress, Recorded Future, Tanium, Gong, Sprout Social, Jamf, and Insurity. Salesforce disabled the Klue integration.
Why it matters: A forgotten legacy service account credential was the initial access vector. Once inside, the attacker needed no passwords and no MFA codes — the stolen OAuth token was the identity from Salesforce's perspective. The attack ran undetected for 24 hours. Service account credentials and third-party OAuth integrations warrant the same monitoring discipline as employee accounts.
Source: The Hacker News — 19 Jun 2026
1,230+ hardcoded API keys and JWT tokens found in AI agent instruction files across 7,000+ public repos
Mitiga Labs scanned 50,000+ AI instruction files (Cursor rules, CLAUDE.md, MCP configs, agent brain files) across 7,000+ public GitHub repositories and found over 1,230 hardcoded API keys and JWT tokens across services including Anthropic Claude, OpenAI GPT-5, Google Gemini, Databricks, Supabase, Vercel, and Google Cloud Storage.
Separately, GitGuardian reported that 28.65 million secrets were leaked on public GitHub in 2025 (a 34% year-on-year increase) with AI service leaks up 81%.
Why it matters: AI agent configuration files are becoming a primary vector for hardcoded credential exposure. These files are frequently created by non-security-aware users — product managers, researchers, founders — who do not apply standard secrets hygiene. Most organizations' secrets scanning policies do not yet cover instruction files, MCP configs, and agent context files. They should.
Source: Mitiga Labs — 15 Jun 2026
Poisoned coding test causes AI agent to steal AWS credentials in under 2 minutes
Mitiga documented a real-world attack in which a fake take-home coding assessment repository contained hidden instructions in .cursor/rules, README.md, and CLAUDE.md files. When a developer opened the repository in Cursor with auto-run enabled, the AI coding agent autonomously executed cat ~/.aws/credentials, aws sts get-caller-identity, cat ~/.kube/config, terraform state list, and a grep for secrets — then exfiltrated all collected data to an attacker-controlled endpoint via a poisoned MCP tool call. The entire chain completed in 1 minute 51 seconds. No malware was dropped; no endpoint alerts were generated.
Why it matters: Long-lived cloud credentials stored on developer workstations are now a primary target for AI-agent-mediated attacks. Every action was performed by a legitimate tool using legitimate commands — no endpoint controls triggered. The primary mitigation is replacing long-lived credentials with short-lived OIDC tokens and federated authentication.
Source: Mitiga Labs — 19 Jun 2026
ShinyHunters claims Council of Europe breach: 297 GB of HR, payroll, and medical records exposed
The hacker collective ShinyHunters claimed responsibility for a breach of the Council of Europe, alleging theft of 297 GB of data comprising over 429,000 files — including 409,000 payslips covering 10,000+ staff over 15 years, 14,000 CVs, 3,700 personnel files, and sensitive records including home addresses, salaries, bank details, tax information, and medical records. As of 21 June 2026, ShinyHunters published the data permanently after the Council of Europe did not respond to ransom demands.
Why it matters: The exposed records create effective spear-phishing vectors against a sensitive institution. ShinyHunters has now claimed the European Commission (March 2026), the Council of Europe (June 2026), and Dutch telecom Odido (February 2026) within a single year. European security teams should treat this as a sustained targeting campaign, not isolated incidents.
Source: Cybernews — 15 Jun 2026
France's Tchap government messaging platform breached: 73,467 officials' accounts compromised
France's sovereign government messaging platform Tchap (used by over 825,000 government employees) was breached on 7 June 2026 by a threat actor calling itself "misere." DINUM confirmed 73,467 government accounts were affected, with exposed data including names, email addresses, and affiliated government entities.
The threat actor additionally claims to have stolen 13.5 GB of files including over 643,000 messages. The attack vector is believed to involve account hijacking, possibly via infostealer-sourced credentials.
Why it matters: The breach illustrates how credential compromise (potentially via stealer logs) can be weaponized against sovereign government communication infrastructure at scale. Security experts noted the attack may not have required zero-days: API-based data extraction using legitimate credentials is sufficient for this scale of exfiltration. Under NIS2, government digital services are classified as essential entities, triggering mandatory incident reporting to ANSSI.
Source: SecurityWeek — 15 Jun 2026
Velvet Ant (China-Nexus) backdoors Linux PAM modules and OpenSSH for decade-long credential theft
Sygnia's incident response team uncovered Operation Highland, a near-decade-long espionage campaign by the China-linked Velvet Ant threat actor. Active since at least 2016–2017, the group modified Linux Pluggable Authentication Modules (PAM) — specifically pam_unix.so — to accept a hardcoded backdoor password, harvest credentials from legitimate authentication attempts, and suppress all logging of attacker activity. Nine instances of the backdoored PAM module were found across compromised hosts. The group also backdoored OpenSSH binaries to maintain persistent access.
Why it matters: This attack did not steal passwords — it subverted the authentication layer itself. By modifying PAM modules, Velvet Ant could authenticate as any user and harvest every password entered on compromised hosts. Strong passwords offer no protection when the authentication stack is compromised. Critical infrastructure operators in energy, manufacturing, and defense face directly analogous risks.
Source: CyberSecurityNews / Sygnia — 15 Jun 2026
Italian Garante fines consulting firm €85,000 for storing passwords in cleartext after 61,000-user breach
Italy's data protection authority, the Garante, imposed an €85,000 fine on a consulting firm following a data breach exposing personal data of more than 61,000 users. The Garante found that certain passwords were stored in cleartext or protected with outdated cryptographic algorithms, and that credentials for unused systems had been retained beyond their necessary period. Affected individuals were notified approximately two months after discovery — and only after a corrective order was issued.
Why it matters: The Garante explicitly cited cleartext password storage and obsolete cryptography as the primary GDPR infringements. This establishes a clear enforcement precedent: Article 32 requires modern password hashing, and retaining credentials for decommissioned systems violates the storage limitation principle. EU organizations should audit their password storage implementations against this decision.
Source: Gibson Dunn Europe Data Protection — 15 Jun 2026
EDPB adopts harmonized EU-wide data breach notification template under GDPR
The European Data Protection Board (EDPB) has adopted a standardized template for personal data breach notifications under GDPR Article 33, open for public consultation until 5 August 2026. The template provides organizations across the EU with a single structured form for reporting personal data breaches to supervisory authorities, replacing the currently fragmented national formats.
Why it matters: The harmonized template directly affects how organizations report credential exposure incidents under GDPR Article 33, requiring structured disclosure of compromised data types, affected individuals, and likely consequences. Compliance and legal teams should review the draft before the 5 August consultation deadline.
Source: LexisNexis UK/EU Risk & Compliance — 18 Jun 2026
ANSSI will stop certifying security products without quantum-resistant encryption from 2027
France's national cybersecurity agency ANSSI announced it will cease certifying security products (including password managers, VPNs, and authentication solutions) that do not incorporate quantum-resistant (post-quantum) cryptography starting from 2027.
The announcement accompanies France's broader national cyber strategy, which includes a €200 million government investment in cybersecurity infrastructure and post-quantum cryptography tooling.
Why it matters: Password managers and credential vaults rely on cryptographic primitives theoretically vulnerable to quantum computing attacks. ANSSI's certification requirement mandates post-quantum algorithms for French government approval, making France the first EU member state to set a hard deadline. ANSSI's framework is widely referenced across Europe and is expected to influence ENISA's European Cybersecurity Certification Scheme.
Source: Reuters — 16 Jun 2026
Gartner identifies three shifts in secrets management security teams cannot ignore
Gartner identifies three strategic shifts in secrets management:
- Workload Access Management — moving from static secrets to dynamic, just-in-time credential issuance for workloads.
- Secretless Architecture — eliminating long-lived secrets entirely in favor of identity-based access using SPIFFE/SPIRE.
- Multi-Vault Governance — managing secrets consistently across multiple vault platforms as organizations accumulate disparate secrets stores across HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, and others.
Why it matters: These three shifts map directly to the failure modes exposed this week. FortiBleed demonstrates the risk of static credentials never rotated (Shift 1). The Klue OAuth breach demonstrates the risk of long-lived legacy credentials (Shift 2). Credential drift across multi-cloud environments is the problem Shift 3 addresses. This framework gives security and IT leadership a structured way to assess their current secrets management maturity against the week's incidents.
Source: Akeyless Blog (citing Gartner research) — 17 Jun 2026
This week's recap
The pattern across this week's incidents is consistent enough to name: static credentials, forgotten service accounts, and long-lived tokens are the entry points attackers are actively exploiting.
Regulatory enforcement is catching up. The Italian Garante's €85,000 fine for cleartext password storage, the U.S. federal PQC deadlines, and ANSSI's 2027 certification cutoff add a forward-looking dimension: the cryptographic foundations of credential storage are themselves under a hard timeline.
Three actions follow directly from this week's events:
- First, audit service accounts and third-party OAuth integrations — the Klue attack started with a forgotten one.
- Second, run a compromised credential check against the HIBP dataset now expanded by 124 million infostealer-sourced passwords.
- Third, review how secrets live on developer workstations. Long-lived cloud credentials are now an explicit AI-agent target.
Credentials outside any managed system are the common root — hardcoded API keys, unrotated VPN credentials, cleartext passwords in decommissioned services. Passwork gives IT and security teams centralized visibility over corporate passwords and technical secrets, with access logs, rotation tracking, and compromised credential alerts built in. Start with what you can control
Alex Muntyan
Alex Muntyan
Alex Muntyan
Table of contents
- U.S. sets federal deadlines for post-quantum cryptography (PQC) migration
- FortiBleed: 86,000+ fortinet device credentials compromised across 194 countries
- 24 billion stolen credentials exposed in colossal Elasticsearch leak
- 124 million unique infostealer passwords added to Have I Been Pwned
- Klue SaaS supply chain attack: OAuth tokens stolen, CRM data exfiltrated from multiple security vendors
- 1,230+ hardcoded API keys and JWT tokens found in AI agent instruction files across 7,000+ public repos
- Poisoned coding test causes AI agent to steal AWS credentials in under 2 minutes
- ShinyHunters claims Council of Europe breach: 297 GB of HR, payroll, and medical records exposed
- France's Tchap government messaging platform breached: 73,467 officials' accounts compromised
- Velvet Ant (China-Nexus) backdoors Linux PAM modules and OpenSSH for decade-long credential theft
- Italian Garante fines consulting firm €85,000 for storing passwords in cleartext after 61,000-user breach
- EDPB adopts harmonized EU-wide data breach notification template under GDPR
- ANSSI will stop certifying security products without quantum-resistant encryption from 2027
- Gartner identifies three shifts in secrets management security teams cannot ignore
- This week's recap
Table of contents
- U.S. sets federal deadlines for post-quantum cryptography (PQC) migration
- FortiBleed: 86,000+ fortinet device credentials compromised across 194 countries
- 24 billion stolen credentials exposed in colossal Elasticsearch leak
- 124 million unique infostealer passwords added to Have I Been Pwned
- Klue SaaS supply chain attack: OAuth tokens stolen, CRM data exfiltrated from multiple security vendors
- 1,230+ hardcoded API keys and JWT tokens found in AI agent instruction files across 7,000+ public repos
- Poisoned coding test causes AI agent to steal AWS credentials in under 2 minutes
- ShinyHunters claims Council of Europe breach: 297 GB of HR, payroll, and medical records exposed
- France's Tchap government messaging platform breached: 73,467 officials' accounts compromised
- Velvet Ant (China-Nexus) backdoors Linux PAM modules and OpenSSH for decade-long credential theft
- Italian Garante fines consulting firm €85,000 for storing passwords in cleartext after 61,000-user breach
- EDPB adopts harmonized EU-wide data breach notification template under GDPR
- ANSSI will stop certifying security products without quantum-resistant encryption from 2027
- Gartner identifies three shifts in secrets management security teams cannot ignore
- This week's recap
Self-hosted password manager for business
Passwork provides an advantage of effective teamwork with corporate passwords in a totally safe environment. Double encryption and zero-knowledge architecture ensure your passwords never leave your infrastructure.
Learn more