---
title: "Aflac Japan Breach, HSIN Cyberattack Confirmed, Foxconn Ransomware Claimed – Cybersecurity News [June 29, 2026] | DuoCircle"
description: "Stay updated on this week"
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/cybersecurity-news-update-week-27-of-2026/"
---

Quick Answer

This week's cybersecurity news highlights major data breaches, ransomware attacks, exploited software vulnerabilities, AI-powered cyber threats, and a massive credential leak. It also reinforces the importance of strong email security, timely patching, and phishing protection to reduce cyber risk.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcybersecurity-news-update-week-27-of-2026%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Aflac%20Japan%20Breach%2C%20HSIN%20Cyberattack%20Confirmed%2C%20Foxconn%20Ransomware%20Claimed%20%E2%80%93%20Cybersecurity%20News%20%5BJune%2029%2C%202026%5D&url=undefined%2Fblog%2Fcybersecurity-news-update-week-27-of-2026%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcybersecurity-news-update-week-27-of-2026%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcybersecurity-news-update-week-27-of-2026%2F&title=Aflac%20Japan%20Breach%2C%20HSIN%20Cyberattack%20Confirmed%2C%20Foxconn%20Ransomware%20Claimed%20%E2%80%93%20Cybersecurity%20News%20%5BJune%2029%2C%202026%5D "Share on Reddit") [ ](mailto:?subject=Aflac%20Japan%20Breach%2C%20HSIN%20Cyberattack%20Confirmed%2C%20Foxconn%20Ransomware%20Claimed%20%E2%80%93%20Cybersecurity%20News%20%5BJune%2029%2C%202026%5D&body=Check out this article: undefined%2Fblog%2Fcybersecurity-news-update-week-27-of-2026%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/duocircle/spf-validator-6711-1783333694691.jpg) 

## Aflac discloses Japan subsidiary breach affecting 4.38 million customers

_Insurance giant Aflac disclosed a data breach after attackers accessed its Japan subsidiary’s systems and stole personal and bank account information belonging to millions of customers_. The company told the SEC that Aflac Japan discovered the unauthorized access on June 25, with the intrusion window running from **June 15 to June 25, 2026**. The attack has been linked to the Scattered Spider group, which was also behind recent breaches at Erie Insurance and Philadelphia [Insurance Companies](https://www.bleepingcomputer.com/news/security/insurance-giant-aflac-discloses-data-breach-after-subsidiary-hack/).

## DHS confirms hackers breached the Homeland Security Information Network (HSIN)

The [Department of Homeland Security](https://en.wikipedia.org/wiki/United%5FStates%5FDepartment%5Fof%5FHomeland%5FSecurity) is investigating a cyberattack that compromised HSIN, a sensitive information-sharing platform used by federal, state, local, and private-sector partners, in an intrusion believed to have occurred between late May and early June. Attackers reportedly targeted HSIN servers as well as a **SharePoint collaboration system**, and DHS has not yet attributed the attack to a specific actor.

## Foxconn cyberattack claimed by Nitrogen ransomware gang

Electronics manufacturing giant Foxconn confirmed a cyberattack that has been claimed by the Nitrogen ransomware operation, continuing a [wave of ransomware activity](https://www.infosecurity-magazine.com/news/industrialized-cyberattacks/) against large manufacturers this year.

## Charter Communications breach hits 4.9 million accounts

BleepingComputer reports that Charter Communications suffered a data breach affecting roughly [4.9 million customer accounts](https://www.bleepingcomputer.com/news/security/charter-communications-data-breach-affects-49-million-accounts/), adding another major telecom name to this **year’s growing breach list**.

![Email Smtp Service 9235](https://media.mailhop.org/duocircle/email-smtp-service-9235-1783333850443.jpg)

## Alleged Scattered Spider hacker extradited to the US

A dual United States and Estonian citizen has been extradited to the U.S. to face charges alleging he was a member of the Scattered Spider hacking collective, one of the most prolific extortion and [social-engineering groups](https://www.cybersecuritydive.com/news/north-korea-web3-execs-social-engineering-hacker/818639/) behind recent insurance and retail breaches.

## Kubota North America discloses month-long network intrusion

Kubota North America Corporation disclosed that hackers had access to some of its **network systems** for more than a month earlier this year, raising fresh concerns about dwell time in industrial and agricultural equipment companies.

## Medtronic notifies customers of third-party data breach

Healthcare device firm Medtronic is notifying affected [customers about a data breach](https://securityaffairs.com/194788/cyber-crime/medtronic-notifies-3-8-million-after-shinyhunters-data-breach.html) that exposed their personal data to an unauthorized third party, adding to a steady drumbeat of medical-device-sector incidents this year.

![SMTP Email Server 9567](https://media.mailhop.org/duocircle/smtp-email-server-9567-1783334080556.jpg)

## FortiBleed credential theft campaign linked to INC and Lynx ransomware

The massive [FortiBleed credential](https://www.darkreading.com/cyberattacks-data-breaches/sweeping-credential-harvesting-heist-compromises-30k-fortinet-devices) theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet credentials were intended to fuel future network intrusions. **Dark Reading separately** reported that FortiBleed actors appear to be collaborating directly with the Inc and Lynx ransomware gangs.

## CISA warns of active exploitation of Microsoft SharePoint RCE flaw

CISA warned this week that attackers have begun exploiting a high-severity **Microsoft SharePoint remote code execution** vulnerability that was patched back in May, putting organizations still running unpatched SharePoint servers at immediate risk.

## Cisco confirms exploitation of Unified Communications Manager flaw

Cisco confirmed that attackers are exploiting a vulnerability in its **Unified Communications Manager (Unified CM)**, which was patched in early June, a reminder of how quickly enterprise VoIP infrastructure becomes a target once a patch reveals the underlying flaw.

## KDDI discloses email system breach affecting multiple Japanese ISPs

KDDI said attackers exploited a vulnerability in third-party software used in its email system, and Japan’s communications ministry ordered KDDI to submit a report under the **Telecommunications Business Act by July 6**. The breach reportedly affected systems shared with several other [Japanese internet service providers](https://www.infosecurity-magazine.com/news/kddi-breach-japanese-telcos/).

![Spf Permerror 5665](https://media.mailhop.org/duocircle/spf-permerror-5665-1783506923047.jpg)

## 24 billion records exposed in colossal credential leak

Cybernews reported on a massive data leak exposing 24 billion records, including usernames and passwords, one of the largest aggregated credential dumps disclosed this year, raising fresh warnings about credential-stuffing risk for **consumers and businesses alike**.

## Apple AirDrop and Android Quick Share found vulnerable to nearby attackers

_Researchers disclosed six security flaws affecting Apple’s AirDrop and Android’s Quick Share, leaving roughly five billion iPhones and Android phones exposed to nearby attackers who could crash devices, tamper with active file transfers, or potentially run code_.

## New ChocoPoC RAT hidden inside fake GitHub proof-of-concept exploits

Multiple weaponized proof-of-concept exploits uploaded to GitHub were found delivering a Python-based remote access [trojan named ChocoPoC](https://linuxsecurity.com/news/security-trends/github-malware-fake-poc-repositories), capable of executing commands and stealing sensitive data, in what appears to be a campaign aimed squarely at [cybersecurity](https://www.duocircle.com/) researchers who download and test public exploit code.

## Researchers identify JadePuffer, the first ransomware campaign run by an AI agent

Researchers identified what they believe is the first documented case of a ransomware operation, called JadePuffer, conducted entirely by a **large language model agent**” a milestone likely to fuel debate about [autonomous AI-driven cybercrime](https://www.cybersecuritydive.com/news/cybercrime-ai-ransomware-mcp-malwarebytes/811360/).

![Email Sending Services 9424](https://media.mailhop.org/duocircle/email-sending-services-9424-1783333920894.jpg)

## Google-led operation disrupts NetNut residential proxy network

A **joint operation involvin**g Google disrupted NetNut, a [residential proxy network](https://thehackernews.com/2026/07/google-disrupts-netnut-residential.html) that had given access to millions of compromised Android devices, striking at infrastructure widely used to mask malicious traffic and enable credential-stuffing and fraud campaigns.

## CISA flags Windows “BlueHammer” flaw as now exploited by ransomware gangs

CISA updated its [Known Exploited Vulnerabilities catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) to flag the Windows Defender privilege-escalation flaw dubbed BlueHammer (CVE-2026-33825) as now being exploited in ransomware campaigns, months after the flaw was **first leaked publicly** by a researcher protesting Microsoft’s disclosure process.

Strong [email security](https://www.duocircle.com/content/email-security-services/) is essential for defending against phishing, credential theft, and [ransomware attacks](https://www.duocircle.com/blog/phishing-protection/ransomware-attacks-your-organizations-ability-to-function/) highlighted in this **week’s cybersecurity news**.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  news  Cisco SD-WAN Flaw, Critical NGINX Exploit, Foxconn Ransomware Attack – Cybersecurity News \[May 11, 2026\]  May 18, 2026 ](/blog/cybersecurity-news-update-week-20-of-2026/)[  news  GitHub Code Leak, 7-Eleven Breached, NYC Patient Exposure – Cybersecurity News \[May 18, 2026\]  May 25, 2026 ](/blog/cybersecurity-news-update-week-21-of-2026/)[  news  FBI Warns Firms, Carnival Data Breach, GlobalProtect Exploits Active – Cybersecurity News \[May 25, 2026\]  Jun 1, 2026 ](/blog/cybersecurity-news-update-week-22-of-2026/)[  news  DentaQuest Data Leak, Cisco Patch Pending, Instagram Security Bug – Cybersecurity News \[June 01, 2026\]  Jun 8, 2026 ](/blog/cybersecurity-news-update-week-23-of-2026/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Aflac Japan Breach, HSIN Cyberattack Confirmed, Foxconn Ransomware Claimed – Cybersecurity News [June 29, 2026]","description":"Stay updated on this week's top cybersecurity news, including major data breaches, ransomware attacks, exploited flaws, AI threats, and email security risks.","url":"https://www.duocircle.com/blog/cybersecurity-news-update-week-27-of-2026/","datePublished":"2026-07-06T00:00:00.000Z","dateModified":"2026-07-06T00:00:00.000Z","dateCreated":"2026-07-06T00:00:00.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity-news-update-week-27-of-2026/"},"articleSection":"news","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/spf-validator-6711-1783333694691.jpg","caption":"cybersecurity news"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"news"},{"@type":"ListItem","position":3,"name":"Aflac Japan Breach, HSIN Cyberattack Confirmed, Foxconn Ransomware Claimed – Cybersecurity News [June 29, 2026]","item":"https://www.duocircle.com/blog/cybersecurity-news-update-week-27-of-2026/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"news","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Aflac Japan Breach, HSIN Cyberattack Confirmed, Foxconn Ransomware Claimed – Cybersecurity News [June 29, 2026]","item":"https://www.duocircle.com/blog/cybersecurity-news-update-week-27-of-2026/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Aflac Japan Breach, HSIN Cyberattack Confirmed, Foxconn Ransomware Claimed – Cybersecurity News [June 29, 2026]","description":"Stay updated on this week's top cybersecurity news, including major data breaches, ransomware attacks, exploited flaws, AI threats, and email security risks.","url":"https://www.duocircle.com/blog/cybersecurity-news-update-week-27-of-2026/","datePublished":"2026-07-06T00:00:00.000Z","dateModified":"2026-07-06T00:00:00.000Z","dateCreated":"2026-07-06T00:00:00.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/cybersecurity-news-update-week-27-of-2026/"},"articleSection":"news","keywords":"","image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/spf-validator-6711-1783333694691.jpg","caption":"cybersecurity news"},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```
