Major Threats & Vulnerabilities
Zero-Day Exploits and Active Attacks
The week saw multiple critical vulnerabilities being actively exploited across enterprise systems. A LiteSpeed cPanel plugin flaw is under active attack, granting root access to compromised servers. Exploits bypass CloudLinux CageFS protections, and administrators are urged to patch immediately and review logs for unusual activity related to the generateEcCert and packageUserSize functions.
Oracle’s PeopleSoft zero-day vulnerability is also being exploited in the wild, allowing unauthenticated remote code execution. Universities have been particularly targeted. Oracle has issued guidance, and organizations should apply patches and monitor for suspicious authentication attempts.
Meanwhile, a researcher released proof-of-concept exploit code for a BitLocker bypass, reigniting debate over disclosure practices. The exploit targets systems previously scanned by Microsoft Defender Offline. Security teams should audit recovery partitions and strengthen endpoint hardening controls.
The LiteLLM AI gateway was also flagged by CISA for a command injection flaw that can be chained with an authentication bypass to achieve remote code execution. The advisory underscores the growing risks of poor AI service account governance.
Malicious Software and Supply Chain Risks
Researchers identified 15 malicious JetBrains Marketplace plugins stealing AI API keys from services like OpenAI and DeepSeek. Installed nearly 70,000 times, these plugins highlight the security challenges of third-party developer ecosystems. Users should audit installed extensions and rotate any exposed credentials.
Industry News
Major Data Breaches and Extortion Campaigns
Kodak confirmed a data breach after the ShinyHunters group claimed to have stolen over 2.2 million records. While the company reported limited impact, the incident underscores the need for proactive dark web monitoring and incident response readiness.
The Council of Europe is investigating claims that ShinyHunters stole 297GB of sensitive data, including HR and medical records. Experts recommend tightening data retention policies and encrypting sensitive files to mitigate such risks.
A breach at Infinite Campus exposed data from 137,000 school staff accounts after attackers compromised its Salesforce environment. The incident highlights the dangers of SaaS supply chain breaches and reinforces the importance of phishing-resistant MFA.
Hackers also claimed to have stolen Nintendo data, demanding a $2 million ransom. While Nintendo has not confirmed the breach, some leaked data appears authentic. Organizations should monitor for unusual data exports and review third-party access controls.
French authorities are investigating a breach of the Tchap government messaging app that may have exposed 650,000 messages and 73,000 accounts. Although encrypted private chats remain secure, public room data may have leaked.
Regulatory and Legal Developments
In South Korea, Coupang was fined $409 million for privacy violations after a former developer’s credentials exposed 37.5 million accounts. Regulators cited weak security controls and unlawful tracking practices.
OpenAI is under investigation by 42 states over its handling of ChatGPT user data, focusing on privacy, safety, and bias concerns. The probe underscores increasing scrutiny of AI governance and transparency.
Google filed a lawsuit against a China-based group accused of using AI to generate phishing content and operate fraudulent websites. The operation allegedly resulted in billions in losses and millions of stolen payment cards.
Authorities successfully dismantled the AudiA6 crypto laundering network, which processed $380 million in ransomware proceeds. The operation led to arrests, domain seizures, and cryptocurrency freezes, marking a major blow to cybercrime infrastructure.
AI and Technology Governance
Anthropic disabled two AI models following a U.S. export-control order, emphasizing how government directives can affect AI availability and vendor reliability. Organizations should factor regulatory risk into their AI continuity planning.
As AI agents become more autonomous, stronger governance frameworks are needed. Nearly 90% of companies cannot clearly explain their AI governance processes, underscoring the need for clear accountability and ownership structures.
User interactions online—including searches and purchases—are increasingly used to train AI systems, raising privacy concerns. Experts recommend auditing device permissions and disabling unnecessary tracking.
Meanwhile, Google has updated its spam policies to combat AI-generated search manipulation and fabricated content, aiming to preserve trust and information integrity.
Security Tips & Best Practices
Defend Against Deepfake-Based Fraud
- Verify high-risk requests through separate communication channels and use phishing-resistant authentication such as passkeys or security keys.
- Limit public voice and video content and establish verification passphrases for sensitive interactions.
- Deploy deepfake detection tools and train employees to recognize AI-driven impersonation tactics.
How Well Are You Managing AI Risk?
- Establish AI governance with clear usage policies and visibility into approved and unapproved AI tools.
- Protect sensitive data with DLP controls and evaluate how AI vendors handle submitted information.
- Continuously train and monitor to reduce risks from AI-driven threats, policy violations, and data exposure.
How Strong Are Your Phishing Defenses?
- Deploy email security controls to filter malicious messages and block known phishing indicators.
- Train users to verify unexpected requests and report suspicious messages promptly.
- Adopt a Zero Trust approach with MFA, least-privilege access, and continuous verification to minimize damage from compromised accounts.
Is Your Browser a Weak Link?
- Enable automatic browser updates and enhanced safe browsing features to block malicious sites.
- Remove unnecessary extensions, use a password manager, and apply Zero Trust access controls.
- Separate work and personal browsing and regularly clear cookies and sessions to reduce exposure.
Tools & Resources
Simplify compliance — get ready-to-use security policies to help protect your business without the cost or complexity of an enterprise, all for under $100.
Organizations are encouraged to strengthen their AI and cybersecurity posture by leveraging detection tools, governance frameworks, and continuous monitoring solutions. As AI-driven attacks accelerate, defenders must match machine-speed threats with AI-powered defenses, automation, and visibility across hybrid environments.
In an era where deepfakes and AI-generated content blur the line between truth and deception, layered authentication, employee awareness, and proactive governance remain strong defenses.
If you want to see more from our Newsletter Archive please click here.