Cybersecurity

ShinyHunters Wage Broad Corporate Extortion Spree 

ShinyHunters Wage Broad Corporate Extortion Spree 

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility for a recent breach involving Discord user data, and for stealing terabytes of sensitive files from thousands of customers of the enterprise software maker Red Hat.

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers 

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers 

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot.
“The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs

Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them 

Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them 

Google’s DeepMind division on Monday announced an artificial intelligence (AI)-powered agent called CodeMender that automatically detects, patches, and rewrites vulnerable code to prevent future exploits.
The efforts add to the company’s ongoing efforts to improve AI-powered vulnerability discovery, such as Big Sleep and OSS-Fuzz.
DeepMind said the AI agent is designed to be both reactive and

The AI Fix #71: Hacked robots and power-hungry AI 

The AI Fix #71: Hacked robots and power-hungry AI 

In episode 71 of The AI Fix, a giant robot spider goes backpacking for a year before starting its job in lunar construction, DoorDash builds a delivery Minion, and a TikToker punishes an AI by making it talk to condiments. GPT-5 crushes the humans at the ICPC World Finals, Claude Sonnet 4.5 codes for 30 hours straight, and someone builds a 5-million-parameter transformer entirely inside Minecraft.

Plus: Graham investigates how a simple security flaw left fleets of Unitree robots wide open to hackers, and Mark learns that we’re going to need five nuclear power plants to train just one frontier model by 2028.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise 

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise 

For years, security leaders have treated artificial intelligence as an “emerging” technology, something to keep an eye on but not yet mission-critical. A new Enterprise AI and SaaS Data Security Report by AI & Browser Security company LayerX proves just how outdated that mindset has become. Far from a future concern, AI is already the single largest uncontrolled channel for corporate data

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities 

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities 

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts.
“XWorm’s modular design is built around a core client and an array of specialized components known as plugins,” Trellix researchers Niranjan Hegde and Sijo Jacob said in an analysis published last week. “These plugins are

13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely 

13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely 

Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances.
The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0.
“An authenticated user may use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free,

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware 

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware 

Microsoft on Monday attributed a threat actor it tracks as Storm-1175 to the exploitation of a critical security flaw in Fortra GoAnywhere software to facilitate the deployment of Medusa ransomware.
The vulnerability is CVE-2025-10035 (CVSS score: 10.0), a critical deserialization bug that could result in command injection without authentication. It was addressed in version 7.8.4, or the Sustain

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks 

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks 

CrowdStrike on Monday said it’s attributing the exploitation of a recently disclosed security flaw in Oracle E-Business Suite with moderate confidence to a threat actor it tracks as Graceful Spider (aka Cl0p), and that the first known exploitation occurred on August 9, 2025.
The exploitation involves the exploitation of CVE-2025-61882 (CVSS score: 9.8), a critical vulnerability that facilitates

New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations 

New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations 

A Chinese company named the Beijing Institute of Electronics Technology and Application (BIETA) has been assessed to be likely led by the Ministry of State Security (MSS).
The assessment comes from evidence that at least four BIETA personnel have clear or possible links to MSS officers and their relationship with the University of International Relations, which is known to share links with the

NEW CUSTOMERS CALL TODAY: 720.221.6804  |  EXISTING CUSTOMERS REQUIRING SUPPORT: 303.617.6442

X