Intelligence · Updated daily
AI-analysed threats, vulnerabilities and campaigns. Not just what happened — what it means, who's affected, and what to do about it.
KDDI Corporation's compromised email system, shared infrastructure with five other Japanese ISPs, exposed up to 14.2 million email login credentials. The supply-chain nature of the breach amplifies risk across multiple telecommunications providers simultaneously.
Educational institutions are experiencing recurring breaches via compromised third-party vendors, exposing student data to ransomware and other attacks. The sector lacks mature vendor risk management practices, creating a persistent attack surface that threat actors actively exploit.
Threat actors are repurposing DCloud's legitimate Uni-App cross-platform development toolkit to rapidly generate and deploy investment scam sites, with an estimated 200,000 instances already in operation. This represents a significant shift towards abusing benign developer tools for financial crime at scale.
Russian intelligence services conducted a sustained phishing campaign using fabricated support messages to compromise messaging accounts of Ukrainian government officials, military personnel, politicians, and activists across Europe and the US. The operation highlights a persistent state-level threat to high-value targets using social engineering rather than zero-days.
Attackers can craft innocent-looking GitHub repositories that execute malicious payloads when cloned and set up by AI coding agents, evading detection by security scanners, AI analysis, and human review. This exploits the implicit trust placed in repository setup workflows.
mcp-pinot shipped with OAuth disabled by default and bound to 0.0.0.0, allowing unauthenticated network attackers to invoke MCP tools and execute queries against downstream Pinot clusters using server credentials. This is a critical authentication bypass with CVSS 10.0.
YARA-X released versions 1.18.0 and 1.19.0 with three improvements and two bug fixes. This is standard maintenance on the widely-used open-source malware detection and classification tool.
OpenAI released three variants of GPT-5.6 (Sol, Terra, Luna) in limited preview to select companies under U.S. government coordination, signalling a controlled rollout approach for advanced AI models rather than broad public access.
Nezha v1.14.13–v1.14.14 and v2.0.0–v2.0.9 fail to validate stream ownership on WebSocket endpoints, allowing any authenticated user to hijack terminal and file-manager sessions by guessing or obtaining a valid stream UUID, resulting in cross-tenant remote code execution.
ESET highlights that small and medium-sized businesses face expansive attack surfaces despite their size, arguing that cyber readiness and resilience planning are foundational defensive requirements for this segment.
Amazon Q contained a flaw allowing attackers to steal AWS credentials by poisoning code repositories that the AI assistant indexes and processes. The vulnerability has been patched, but highlights risks in AI-assisted development workflows where models ingest untrusted code.
A previously undocumented loader malware called SharkLoader has been observed in a campaign tracked as StrikeShark, delivering Cobalt Strike Beacon to diplomatic organisations in Indonesia and government networks in Taiwan. The campaign represents a targeted operation against sensitive government infrastructure using commodity post-exploitation tools.
Apple removed VKontakte and related VK services from the App Store, likely in response to sanctions or content policy violations related to the Ukraine conflict. This exemplifies how platform providers enforce geopolitical positioning through app distribution controls.
Russian state-sponsored actors have evolved their Signal phishing campaign to exfiltrate Backup Recovery Keys, granting persistent access to message history and account takeover. The persistent validity of these keys creates an indefinite attack window.
The golang.org/x/crypto SSH known_hosts library fails to validate revocation status of Certificate Authority signature keys, allowing attackers to authenticate using revoked CA credentials. Defenders must patch immediately as this bypasses a critical authentication control.
A regression in golang.org/x/crypto/ssh allows attackers to bypass source-address validation by invoking non-public-key callbacks, circumventing the CVE-2024-45337 fix. This enables unauthorized SSH access in misconfigured servers.
Cisco Talos explores how AI can transform threat intelligence operations by converting unstructured intelligence reports into easily queryable datasets, potentially improving detection speed and analyst efficiency.
Uber has appointed Philip Martin, a security leader with experience at Coinbase, Palantir, Amazon, and the U.S. Army, as Chief Information Security Officer. This leadership change signals Uber's commitment to strengthening its cybersecurity posture amid ongoing industry pressures.
Adblock for YouTube, a Chrome extension with 10M+ installs and featured status on the Chrome Web Store, contains dormant arbitrary JavaScript execution capability. The presence of this injection mechanism raises questions about extension vetting processes and potential for malicious activation.
The Department of Homeland Security has indicated the White House is progressing toward nominating a new CISA director, with plans to hire 600 additional staff once leadership is in place. This reflects organisational capacity constraints in federal cybersecurity operations.
Anthropic is testing mobile support for Claude Cowork, enabling users to manage long-running AI tasks from smartphones. This represents a shift in how conversational AI assistants are deployed across device ecosystems.
OpenAM's WebAuthn module deserializes untrusted Java objects from user-writable storage attributes, enabling pre-auth RCE if the storage backend becomes attacker-controllable. Defenders must audit attribute permissions and enforce server-managed storage isolation.
OpenAM versions ≤16.0.6 allow unauthenticated attackers to write arbitrary data to the Liberty Discovery store with admin privileges, bypassing identity ACLs. This enables persistent user profile tampering and potential service routing manipulation in deployments consuming Liberty metadata.
ESET participated in a coordinated international operation that successfully disrupted the Amadey botnet and Stealc infostealer malware families. The operation demonstrates the effectiveness of multi-agency collaboration in dismantling active malware infrastructure at scale.
Attackers are exploiting autonomous AI agents by injecting malicious content into trusted data sources, using techniques ranging from hidden code injection to cognitive state manipulation. This represents a new attack surface where data integrity failures can compromise AI decision-making at scale.