Cybercrime Is Now 30% of All Crime. AI Is Why.

Top AI and Cybersecurity news you should check out today

Author

Rodrigo Fernandez
June 22, 2026

Welcome Back to The AI Trust Letter

Once a week, we distill the most critical AI & cybersecurity stories for builders, strategists, and researchers. Let’s dive in!

🔑 FortiBleed: Credentials for 74,000 Fortinet Firewalls Leaked Online

The Story:

A data set containing VPN credentials for nearly 74,000 FortiGate firewall URLs surfaced publicly this week. The leak, dubbed "FortiBleed," exposes admin passwords from organizations across critical infrastructure, enterprise, and government networks.

The details:

  • The credentials appear to have been collected over an extended period from exposed Fortinet management interfaces, and were published without any ransom demand or prior warning.

  • Fortinet confirmed the data is real but says the credentials are largely outdated; security researchers note that password reuse and unchanged default credentials make that reassurance unreliable.

  • CISA separately added CVE-2026-20253, a critical unauthenticated RCE in Splunk Enterprise, to its Known Exploited Vulnerabilities catalog the same week, with a 72-hour remediation deadline for federal agencies.

Why it matters:

Credential leaks on this scale give attackers a ready-made target list. Even if passwords have changed, the data reveals which organizations run Fortinet infrastructure and which versions, which is enough for reconnaissance before a follow-on attack.

🌏 INTERPOL: Cybercrime Now Accounts for 30% of All Crime Across Asia-Pacific

The Story:

INTERPOL's 2025/2026 Asia and South Pacific Cyberthreat Assessment found that in more than half of the 18 surveyed countries, cybercrime has crossed the threshold of 30% of all recorded crime nationally. The report puts numbers to what many already suspected: AI tools have industrialized fraud at scale.

The details:

  • Over 135,000 ransomware attacks were recorded in the region in 2024, with ransomware present in 51% of data breach cases; one attack on Indonesia's National Data Centre disrupted 280 public services including airports and immigration.

  • Phishing clicks in the region run at 5.5 per 1,000 people monthly, roughly twice the global average; 33% of surveyed countries reported over 10,000 phishing cases each.

  • Discussions about deepfakes on Southeast Asian criminal forums and Telegram channels grew 600% in the first half of 2024; a finance employee at a Hong Kong multinational was tricked into a $25M payment after fraudsters deepfaked a Zoom call with company executives.

  • Regional scam operations, many running from compounds in Cambodia, Lao PDR, Myanmar, and the Philippines, generate an estimated $40 billion annually.

Why it matters:

The Asia-Pacific numbers are a leading indicator. The same infrastructure, tools, and AI-assisted tactics are moving into Africa, Europe, and Latin America. The threat model that applies in Manila or Jakarta today will apply in Madrid or Berlin tomorrow.

📡 AryStinger: A New Botnet Is Quietly Turning End-of-Life Routers Into Spy Proxies

The Story:

Researchers at Qianxin's XLab disclosed a previously unknown botnet called AryStinger that has compromised over 4,000 outdated D-Link routers and converted them into distributed reconnaissance nodes. The attacker's identity remains unknown.

The details:

  • AryStinger exploits three CVEs, two from 2013 and 2016 and one from 2025, targeting D-Link DIR-850L and DIR-818LW models that are both end-of-life and still widely deployed. The same models were targeted by the AVrecon botnet dismantled in 2023.

  • Infected routers become "executors" that can scan, tunnel, proxy traffic, execute commands, and tamper with DNS settings to silently redirect or monitor all network traffic passing through them.

  • A second Go-based variant targets NAS devices and includes internal network reconnaissance capabilities using embedded open-source penetration testing tools.

  • Nearly half of infections (48.5%) are in South Korea, followed by China (31.8%); researchers have not attributed the botnet to any known threat actor.

Why it matters:

Using residential and small-business routers as proxies makes malicious traffic appear to originate from clean, trusted IP addresses. That defeats a large share of IP-based detection and blocking. Organizations with any D-Link EoL hardware in their environment or their supply chain should treat it as a compromised asset until replaced.

💸 Kali365: An AI-Powered Phishing Platform That Bypasses MFA at Scale

The Story:

A phishing-as-a-service platform called Kali365, first identified by Huntress in May 2026, has surfaced as one of the more complete criminal toolkits targeting Microsoft accounts. It does not steal passwords. It steals sessions after users have already authenticated.

The details:

  • Kali365 offers more than 33 Microsoft-branded phishing templates and over 100 API endpoints, allowing buyers to run campaigns with minimal technical knowledge.

  • The platform captures session cookies and OAuth tokens after MFA is completed, so traditional two-factor authentication provides no protection; the FBI has flagged it and warns that the platform also uses AI to parse stolen email threads for higher-value follow-on targeting.

  • The same week, a separate data set dubbed FortiBleed exposed credentials for 73,000+ Fortinet devices, and a 24-billion-record credential database surfaced online, continuing a pattern of the attack surface widening faster than most organizations patch or rotate credentials.

Why it matters:

MFA bypass is no longer a technique reserved for nation-state actors. Kali365 packages it as a subscription. Any organization that treats MFA as a complete solution to phishing without session monitoring or conditional access controls has a gap that platforms like this are built to exploit.

🕳️ Half of Organizations Are Blind to What Their AI Agents Are Doing

The Story:

Salt Security's 1H 2026 State of AI and API Security Report, based on a survey of over 300 security leaders, finds that AI agents have become the primary consumers of enterprise APIs, and that most security infrastructure was not built to see what they do.

The details:

  • 48.9% of organizations report they have no visibility into machine-to-machine traffic and cannot monitor their AI agents' actions in real time

  • Autonomous agents are creating undocumented endpoints and connecting to MCP servers outside the security team's view, a pattern the report calls "Shadow AI" at the infrastructure layer.

  • 47% of organizations have delayed a production release due to concerns about API exposure to autonomous systems; 78.6% of security leaders say executive scrutiny of AI security risk has increased.

  • Legacy WAFs and API gateways are architecturally incapable of parsing the logic-based actions AI agents generate; they rely on static signatures and rate limits built for predictable human traffic.

Why it matters: An AI agent with broad tool access and no monitoring is a high-privilege identity operating without audit trail. The security gap here is not a model problem but a deployment and governance problem. Enterprises that have moved fast on agentic AI without revisiting their API security posture are carrying a risk they likely cannot measure yet.

🏛️ AI Transformation Is a Governance Problem, Not a Technology Problem

The Story:

Most AI initiatives do not fail because the models underperform. They fail because the organizational structures around them, who owns decisions, who monitors outcomes, who is accountable when something goes wrong, were never built. NeuralTrust published a diagnosis of this pattern this week and what it takes to fix it.

The details:

  • The article identifies what it calls a "great decoupling": AI models perform well in isolation, but enterprise-wide transformation stalls because governance has not kept pace. The question has shifted from "Can we build it?" to "Who is responsible when it acts?"

  • Agentic systems deepen the problem. When an AI ranks job candidates, adjusts pricing, or flags fraud, it is executing decisions that used to belong to human managers. Reporting lines and accountability structures were not designed for that.

  • Shadow AI compounds the exposure. Employees adopt tools independently, share sensitive data externally, and bypass formal review, not out of malice but because internal processes are too slow. The result is authority without accountability.

  • The EU AI Act's high-risk obligations become enforceable August 2, 2026. Organizations without documented risk assessments, audit trails, and monitoring in place for covered systems will be non-compliant in weeks.

Why it matters:

Governance is not a compliance checkbox that follows deployment. It is the condition under which agentic AI can be trusted to operate at scale. A model with broad tool access and no clear ownership structure is a liability, not an asset. The blast radius of a flawed agentic system is not one bad decision but millions, running at machine speed before anyone notices.

What´s next?

Thanks for reading! If this brought you value, share it with a colleague or post it to your feed. For more curated insight into the world of AI and security, stay connected.

NeuralTrust | The leading security platform for generative AI

Our platform uncovers vulnerabilities, blocks attacks, monitors performance, and ensures regulatory compliance — everything enterprises need to scale AI

neuraltrust.ai