Insights

Another AI Threat – Slopsquatting

Slopsquatting is another form of AI hallucinations. This time tied to code development that can infect the output of the AI system. The AI systems hallucinated over 20% of the repository dependencies. Very dangerous.

 

More AI hallucinations=more risks


Crypto Developers Targeted by Python Malware Disguised as Coding Challenges

Another attack on software developers uses job ads. When someone replies, they are sent an infected assignment. Opening it compromises and infects their systems!

 

Developers beware


ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading

A new RAT, Remote Access Trojan, has been found allowing attackers to penetrate and take control of systems. Phishing emails are how it arrives. Healthcare and pharmaceuticals are current targets.

 

New RAT discovered


MITRE Hackers’ Backdoor Has Targeted Windows for Years

The same technique that was used to compromise MITRE has been found to have been used against Windows systems for a few years. It is a complex sophisticated attack.   

 

Windows backdoor attack going on for years


Man Helped Chinese Nationals Get Jobs Involving Sensitive US Government Projects

Much was written about North Koreans being unknowingly hired by many US companies. Now Chinese nationals are getting into US companies through someone who lied and scammed the companies. Vetting new hires is getting more difficult but is more important than ever. 

 

Chinese nationals infiltrate American companies


Insider Threats – Growing More Dangerous

Insiders are always under attack through phishing, smishing, vishing and more. Why? Because attackers know insiders are users that already have access to the desired data. Learn more about this in this Insight.  

 

Insiders can be the worst threats


Threat Actors Use 'Spam Bombing' Technique to Hide Malicious Motives

Spam after spam after spam after spam after spam after spam, etc. That is a new technique attackers are using as a lead in to social engineering attacks. 

 

Spam to social enginnering attacks


Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

Another big month for Microsoft patches. Be sure to determine which of your systems and applications are affected, the risk for each, then begin installing. Do not delay. 

 

Big month for Microsoft patches


Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities

Actively exploited vulnerabilities are those that cyberattackers are using now to get into systems. Be sure to install the update sooner rather than later.  

 

Actively exploited vulns in Android


10 Bugs Found in Perplexity AI's Chatbot Android App

AI Chatbots come with many vulnerabilities and issues. Now the Android AI Perplexity chatbot was found to have 10 bugs. This makes it less secure than chatbots from ChatGPT and DeepSeek. 

 

Bugs in AI Chatbot

 


What Is Credential Stuffing?

Credential stuffing is a tool of cyber attackers that tries compromised passwords on many different sites. If, despite warning, you used the same password for more than one site or service they will probably find it and get in. This Insight explores the technique and what you can do to protect against it.  

 

Credential stuffing enhanced with AI


FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites

Compromised SharePoint sites are being used to takeover Windows systems and install backdoors allowing full control of the Windows system. 

 

Share Point used to compromise Windows sites


Infostealer Strikes Samsung — 270,000 Records Stolen

Samsung has been hit with an infostealer that stole support ticket records with significant amounts of personal information; names, emails, home addresses, model number of the Samsung device they called about, payment details, and more.  

 

Infostealer gets much PII


Qakbot Resurfaces in Fresh Wave of ClickFix Attacks

Attackers use LinkedIn to post fake websites. These sites then show a Captcha for the user to prove they are a person. But the Captchas are fake and spread malware. 

 

Fake Captchas spread malware


Google Quick Share Bug Bypasses Allow Zero-Click File Transfer

Google’s Quick Share is a service allowing the sharing of files of almost any type between users with about 5 feet of each other. Attackers found ways to use it to spread malware. Google issued patches and then attackers found ways around the patches. Be sure to install the updated patches.

 

Quick Share patch needs a patch