Latest Intelligence
Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About
Customer account takeovers (CATOs) represent a significant and often overlooked cybersecurity issue, affecting users' access to their accounts and personal data. The problem is exacerbated by the increasing sophistication of attackers and the financial implications for both consumers and companies.
Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks
The article discusses a Russian-speaking cyber espionage group named Nebulous Mantis, which has been utilizing a remote access trojan called RomCom RAT since mid-2022 to target NATO-linked entities. The group's advanced tactics and evolving infrastructure pose significant threats to cybersecurity.
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
RansomHub's online infrastructure unexpectedly went offline on April 1, 2025, leading to concerns among its affiliates who may have migrated to the rival ransomware operation Qilin. This sudden disappearance raises questions about the stability of ransomware-as-a-service operations and the potential for increased activity at alternative platforms.
France Blames Russia for Cyberattacks on Dozen Entities
France has attributed a series of cyberattacks targeting multiple French entities to the Russian state-sponsored group APT28. This incident highlights ongoing cybersecurity threats and the geopolitical implications of state-sponsored cyber activities.
TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks
ESET researchers have identified the use of SLAAC spoofing by the APT group known as TheWizards to conduct adversary-in-the-middle attacks, utilizing a tool called Spellbinder for lateral movement. This technique poses significant security risks as it can compromise network communications and lead to unauthorized access.
AirPlay Vulnerabilities Expose Apple Devices to Zero-Click Takeover
Vulnerabilities in Apple's AirPlay protocol could allow attackers to execute code remotely without any user interaction, posing a significant security risk to Apple devices. This zero-click takeover capability highlights the need for immediate attention to device security.
Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities
Chrome 136 and Firefox 138 have been released with patches addressing multiple high-severity vulnerabilities. These updates are crucial for maintaining browser security and protecting users from potential exploits.
Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code
Meta has launched LlamaFirewall, an open-source framework aimed at securing AI systems from cyber threats like prompt injections and jailbreaks. This initiative highlights the growing need for robust defenses as AI technologies become more prevalent and vulnerable to exploitation.
Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations
The High Court of Karnataka has ordered the blocking of Proton Mail in India due to allegations of its use in facilitating AI deepfake abuse. This ruling highlights ongoing concerns regarding the misuse of encrypted communication platforms for harmful activities.
Many Fuel Tank Monitoring Systems Vulnerable to Disruption
Many automatic tank gauge (ATG) devices are found to be vulnerable due to their accessibility over the Internet, posing a significant security risk as they can be compromised easily. This vulnerability highlights the need for improved security measures in critical infrastructure systems.
From Mission-Centric to People-Centric: Competitive Leadership in Cyber
The article advocates for a shift from mission-centric to people-centric leadership in cybersecurity, emphasizing empathy as a strategic advantage. This approach is crucial for fostering a resilient and engaged workforce in the face of evolving cyber threats.
Hacking in Space: Not as Tough as You Might Think
Barbara Grofe, a space asset security architect, highlights that hacking in space is more feasible than many assume, raising important concerns about the security of space systems. This reality underscores the need for enhanced cybersecurity measures in the aerospace sector.
WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy
WhatsApp has introduced a new technology called Private Processing, which enables users to access AI features while maintaining message privacy. This development is significant as it aligns with WhatsApp's commitment to user privacy while enhancing functionality with AI capabilities.
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Recent reports reveal that various generative AI services are vulnerable to jailbreak attacks, specifically techniques that enable the generation of illicit or harmful content. This highlights significant security risks in AI systems that could lead to the misuse of technology.
How do You Know if You’re Ready for a Red Team Partnership?
The article emphasizes the importance of evaluating your organization's readiness before entering a red team partnership, focusing on the preparedness of programs, personnel, and processes. This assessment is crucial for ensuring effective collaboration and maximizing the benefits of such security exercises.