Cybersecurity Headlines

Chris Ray, Field CTO at GigaOm, a researcher who decodes complex threats, and Bill Harmer, CISO at Supabase, a cloud security and incident readiness expert. They dig into hidden instructions in web content, stolen OAuth tokens from SaaS apps, critical SharePoint flaws, Mirai-based IoT botnets and takedown efforts, and abuse of legitimate services like Azure Monitor for phishing.

A multinational takedown of IoT-based DDoS botnets built from millions of devices. Ransomware disruptions hitting a California city and Los Angeles transit administrative systems. Attackers abusing legitimate Azure Monitor alerts to carry out callback phishing via real emails. Alerts about credential-phishing targeting Signal users and critical patches for widely used enterprise appliances and software.

A patched SharePoint deserialization flaw is now being actively exploited. A new endpoint platform promises real-time prevention by enforcing runtime OS protections. CISA urges securing Microsoft Intune after an admin compromise caused device wipes and data theft. Other briefings include an account takeover flaw in Ubiquiti, a Zimbra-targeted campaign, and fresh Android banking malware reports.

A newly revealed iOS exploit kit is said to steal credentials and crypto wallets. A malicious crypto browser extension was dismantled after researchers traced its data-harvesting. Reports claim a massive network of fake IT workers is generating huge illicit revenue. AI tools are outpacing humans in hacking contests and raising fresh concerns about automated attacks.

Discussion of the Energy Department’s new grid-focused cyber strategy and public-private defensive AI plans. Tech companies forming an accord to share fraud tools and improve user reporting. A font-rendering trick that hides malicious commands from LLMs using custom fonts and CSS. Coverage of new malware loaders, state-linked intrusions, sanctions, and monitoring center expansion.

Reports on hospital tools remaining safe despite system outages. Coverage of face model use to lend credibility to AI-powered deepfake scams. Big jump in cybercrime since the Iran conflict, with banks and fintech heavily targeted. Alerts about exploited server vulnerabilities and live-chat phishing stealing payment data.

Chris Ray, Field CTO at GigaOm, offers technical and strategic takes on cyber threats. Jonathan Waldrop, CISO at Acoustic, brings enterprise security and incident-response perspective. They debate AI-driven vulnerability scanning, Meta scam alerts, telecom breach apathy, SEO poisoning that delivers fake VPNs, wiper attacks and availability risks, and the new U.S. national cybersecurity strategy.

A ransomware group claims a major hospital data theft and sets a leak deadline. A Canadian retailer confirms customer contact details were exposed. New York will impose cyber rules on water utilities starting in 2027. A telco division reports a massive multi-month data theft. Phishing and fake sites compromised employee accounts at a national coffee chain.

Coverage of state-linked cybercriminal collaboration and how nations are outsourcing operations. A deep dive into a new Rust-based malware campaign hitting dozens of Brazilian banks. Reporting on a claimed ransomware data theft tied to a national sports body. Stories about SEO-poisoned fake VPNs, AI-assisted malware development, and an international takedown of a proxy network.

New scam alerts arrive across major messaging and social apps to flag suspicious links and requests. A huge cloud security acquisition closes, with the acquired company keeping its multi-cloud focus. China restricts a state-run agentic AI tool over security worries. Several serious vulnerabilities and a destructive wiper attack make for a tense week in cyber news.