Today’s episode felt like the cybersecurity equivalent of getting hit by a freight train moving at AI speed.

Patch Tuesday dropped like a bomb across the industry. At the same time, ShinyHunters forced Instructor into paying ransom during finals week chaos, Foxconn got hit by the Nitrogen ransomware gang, the Shai-Hulud supply chain worm bypassed modern provenance protections, and multiple major companies openly admitted AI is replacing jobs in cybersecurity and engineering.

Double espresso in hand, let’s dive in.

🧭 Executive Summary

Today’s threat landscape highlights the convergence of accelerated exploitation, supply chain compromise, operational disruption, and workforce transformation driven by AI. Organizations are no longer facing isolated cyber incidents, they are confronting simultaneous attacks across infrastructure, software supply chains, identity systems, manufacturing operations, and governance frameworks.

At the same time, the industry itself is being reshaped by AI adoption, with companies reducing workforce headcount while relying more heavily on automation and AI-driven tooling. The result is a cybersecurity environment where the pace of threats is increasing while the operational models defending against them are fundamentally changing in real time.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🎓 Instructor Pays ShinyHunters – Congress Launches Investigation

Instructor, the company behind Canvas LMS, reportedly paid an undisclosed ransom to ShinyHunters after the group breached the platform twice within a two-week span.

The first breach involved the theft of data tied to approximately 9,000 institutions. The second attack escalated into mass portal defacements during finals week, disrupting access for millions of students and placing enormous operational pressure on universities already struggling to recover.

The situation has now moved beyond cybersecurity and into regulatory territory. House Homeland Security Committee Chairman Andrew Garbarino formally demanded a briefing from Instructor, citing serious concerns over the company’s remediation efforts and overall incident response posture.

The broader issue here is that paying ransom does not restore trust. Instructor claims the stolen data was returned and deleted, but neither Congress nor the cybersecurity community views attacker promises as a valid control mechanism. The fallout here will likely shape future regulatory expectations around SaaS breach handling and higher education cyber resilience.

🏭 Foxconn Hit by Nitrogen Ransomware – OT and Supply Chain Collide

Foxconn confirmed a ransomware attack impacting portions of its North American factory network, with the Nitrogen ransomware group claiming responsibility and alleging theft of eight terabytes of sensitive data.

According to reports, systems inside Foxconn facilities failed, Wi-Fi services collapsed, and employees were forced to continue operations manually using pen and paper while production disruptions unfolded.

The potential implications here are enormous. Foxconn is not just another manufacturer, it is one of the world’s most critical electronics supply chain hubs, supporting companies like Apple, Microsoft, Google, and Cisco.

This is a textbook example of OT and IT convergence risk. Modern manufacturing environments depend heavily on interconnected systems, meaning ransomware no longer just impacts data, it impacts production continuity, operational safety, intellectual property, and downstream customer ecosystems simultaneously.

🧬 Shai-Hulud Supply Chain Worm Evolves – Provenance Protections Bypassed

The Shai-Hulud supply chain campaign escalated dramatically this week, spreading malicious packages across npm and PyPI ecosystems through over 170 compromised packages and more than 400 malicious versions.

What makes this attack particularly significant is that the malicious packages shipped with valid provenance attestations and legitimate Sigstore signatures, bypassing modern supply chain integrity protections many organizations have spent years implementing.

"The Shai-Hulud supply chain worm shipped with valid SLSA Build Level 3 attestations and legitimate Sigstore signatures—defeating the supply chain integrity controls the community has been investing in for over two years. If any developer ran npm install against @tanstack or Mistral AI packages on May 11, treat that CI/CD environment as fully compromised. Rotate every secret immediately." James Azar

Attackers exploited weaknesses in GitHub Actions workflows, cache poisoning vulnerabilities, and OIDC token extraction from runner memory to distribute the malware rapidly across ecosystems connected to TanStack, Mistral AI, UiPath, and others.

This marks a major turning point in supply chain security. The industry’s trust assumptions around signed packages and provenance validation have now been challenged directly. Organizations can no longer assume that cryptographic trust alone guarantees software integrity.

🩹 Patch Tuesday – The Industry’s Monthly Stress Test

This month’s Patch Tuesday was enormous, spanning Microsoft, Apple, Adobe, SAP, Fortinet, and Ivanti. And while Microsoft finally broke its 22-month streak of actively exploited zero-days, the operational burden remains staggering.

🪟 Microsoft – 137 CVEs Patched

Microsoft released fixes for 137 vulnerabilities, including 17 critical flaws. The highest-priority issues involve:

• Windows DNS Client Remote Code Execution

• Netlogon RCE impacting authentication infrastructure

• Explorer Preview Pane RCE requiring no double-click interaction

CVE-2026-41096 - Windows DNS Client RCE

CVE-2026-41089 - NetLogon RCE (unauthenticated/low-priv → auth stack)

The risk here centers around authentication infrastructure and name resolution services, core systems attackers routinely target for rapid lateral movement. Domain controllers and DNS services should remain top patching priorities across enterprise environments.

🍎 Apple – Over 60 iOS & 80 macOS Vulnerabilities

Apple patched more than 60 vulnerabilities in iOS and over 80 in macOS Tahoe, including:

• WebKit flaws

• Sandbox escapes

• Privilege escalation vulnerabilities

• Gatekeeper bypasses

WebKit continues to represent a major attack surface because nearly every application leveraging embedded browser functionality inherits the risk. This reinforces how browsers and mobile ecosystems remain foundational exposure points in modern enterprise environments.

iOS/iPadOS 26.5 | 60+ CVEs including 20 WebKit flaws macOS Tahoe 26.5 | ~80 vulnerabilities including root privilege escalation, sandbox escape, Gatekeeper bypass Legacy: Sequoia 15.7.7 and Sonoma 14.8.7 also updated

🎨 Adobe – 52 Vulnerabilities Across Critical Products

Adobe addressed 52 vulnerabilities across ten products, including highly severe flaws in Adobe Connect and Adobe Commerce.

• CVE-2026-34659: Adobe Connect RCE (CVSS 9.6)

• CVE-2026-34660: Adobe Connect privilege escalation (CVSS 9.3)

The concern here is speed. Adobe vulnerabilities tend to be weaponized quickly once public disclosures occur, particularly within collaboration and commerce platforms that frequently sit internet-facing inside enterprise environments.

🏢 SAP – Authentication Bypass and ERP Exposure

SAP patched two critical vulnerabilities affecting SAP Commerce Cloud and S/4HANA environments, including an authentication bypass capable of leading directly to server-side code execution.

• CVE-2026-34260: SQL injection in S/4HANA (missing input validation, exfiltrate financial/procurement data)

• CVE-2026-34263: Authentication bypass in SAP Commerce Cloud (improper Spring security config, no credentials required, arbitrary server-side code execution)

ERP environments continue to attract ransomware groups because they provide direct access to financial systems, procurement workflows, and sensitive operational data. Organizations with internet-exposed SAP infrastructure should already be treating these patches as emergency-level priorities.

🛡️ Fortinet – Public PoC Already Circulating

Fortinet disclosed critical unauthenticated RCE vulnerabilities affecting FortiSandbox and FortiAuthenticator, with proof-of-concept exploit code already publicly circulating.

• CVE-2026-39808, CVE-2026-39813: Unauthenticated RCE in FortiSandbox

• CVE-2026-44277: FortiAuthenticator vulnerability

URGENCY ESCALATOR: Public PoC for CVE-2026-39808 is already circulating.

This matters because compromising a malware analysis platform or MFA infrastructure directly undermines trust in downstream defensive operations. Once again, attackers are targeting the systems defenders rely on most.

🔥 Ivanti – Still the Gift That Keeps Giving

Ivanti released seven new CVEs affecting Endpoint Manager and other products, including SQL injection vulnerabilities capable of enabling remote code execution.

Flag immediately: CVE-2026-42212 — SQL injection to RCE in EPM

At this point, Ivanti vulnerabilities have become almost synonymous with persistent exploitation campaigns. What stood out, however, was Ivanti acknowledging that AI-assisted red team tooling identified vulnerabilities traditional security scanning methods missed entirely.

That’s a signal the rest of the industry should pay attention to carefully.

🏨 BWH Hotels Breach – Six Months of Guest Reservation Access

BWH Hotels, parent company of Best Western, disclosed that attackers maintained persistent access to a reservation application for approximately six months.

The exposed information included:

• Names

• Email addresses

• Home addresses

• Reservation details

• Travel dates

• Special accommodation requests

While payment data was reportedly unaffected, this type of information creates extremely rich social engineering datasets. Attackers can now craft phishing and fraud campaigns referencing real travel patterns and personal requests, dramatically increasing credibility and targeting effectiveness.

🏦 Community Bank Self-Reports AI Data Exposure to the SEC

Community Bank disclosed to the SEC that an employee used an unauthorized AI chatbot tool that exposed customer data including names, dates of birth, and Social Security numbers.

This may become one of the first major examples of “shadow AI” evolving into a formal regulatory disclosure event.

The key issue here is governance. Employees are already integrating AI tools into workflows faster than organizations can create policies or controls to manage them. Without strong DLP enforcement and AI governance frameworks, this type of incident will become increasingly common.

🤖 Cloudflare and Arctic Wolf Layoffs – AI Reshapes Cybersecurity Jobs

Cloudflare cut approximately 1,100 employees while Arctic Wolf reduced staffing by 250 positions, both explicitly citing increased AI adoption and operational automation.

This represents a major strategic shift inside the cybersecurity industry itself. AI is no longer just augmenting operations, it’s actively reshaping workforce models.

However, there’s still an important caveat. AI systems today still struggle with drift, hallucinations, context accuracy, and nuanced operational decision-making. Human expertise remains essential, especially in incident response, architecture, governance, and strategic security leadership.

The organizations that succeed in this transition will likely be the ones combining AI acceleration with skilled human oversight, not replacing one with the other entirely.

🎯 Key Takeaway

👉 Cybersecurity is no longer facing isolated incidents, it’s facing simultaneous pressure across infrastructure, software, workforce, and operational trust models.

🛠️ Action Items for Security Leaders

• 🔐 Audit all Canvas-linked identity providers and enforce credential resets

• 🏭 Review OT segmentation and production continuity plans in manufacturing environments

• 🧬 Pin package versions and audit GitHub Actions workflows for supply chain exposure

• 🩹 Prioritize DNS, Netlogon, SAP Commerce, and Fortinet patches immediately

• 🍎 Push Apple MDM updates across all managed endpoints

• 🛡️ Isolate Fortinet and Ivanti management interfaces from internet exposure

• 🏨 Increase monitoring for social engineering tied to hospitality reservation data

• 🏦 Deploy DLP controls specifically targeting AI chatbot interactions

• 🤖 Begin workforce planning around AI orchestration and security oversight skills

• 🔍 Reevaluate assumptions around signed packages and software provenance validation

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is that every layer of the stack got hit simultaneously. Manufacturing operations, education systems, developer ecosystems, identity infrastructure, and even workforce models are all under pressure at the same time. The Foxconn attack shows how ransomware now impacts global production continuity, while the Shai-Hulud campaign demonstrates that even modern supply chain integrity controls are no longer enough on their own.

The second takeaway is that AI is rapidly changing both sides of cybersecurity. Attackers are leveraging automation and AI-assisted tooling to accelerate operations, while defenders and vendors are restructuring teams around AI adoption. But we’re still early in this transition. AI today is powerful, but it still requires strong human oversight to avoid hallucinations, operational drift, and strategic mistakes. The organizations that balance automation with experienced human judgment are going to be the ones best positioned moving forward.

🔥 Stay Cyber Safe.

Today’s show wasn’t just busy, it was one of those episodes where you can actually see the future of cybersecurity unfolding in real time.

We’ve got AI autonomously building a real-world exploit, a new Linux privilege escalation flaw already seeing signs of active exploitation, a backdoored security plugin sitting inside CI/CD pipelines, a compromised official software distribution site, and a UK water utility that let attackers sit inside their network for nearly two years unnoticed.

👉 The theme today is simple and brutal:
The speed of attackers is now exceeding the operational maturity of most defenders.

Double espresso in hand, let’s get into it.

🧭 Executive Summary

Today’s threat landscape reflects a dangerous acceleration in AI-assisted offensive operations, supply chain compromise, and critical infrastructure exposure. We are now seeing AI move from supporting attackers to independently discovering and weaponizing vulnerabilities, collapsing the traditional timelines defenders once relied on.

At the same time, supply chain attacks continue targeting trusted security tooling and software repositories, while operational failures in monitoring and visibility leave critical infrastructure environments dangerously exposed. The result is a cybersecurity environment where trust assumptions, detection gaps, and slow operational response are becoming the attacker’s biggest advantage.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🤖 Google’s Big Sleep AI Creates a Real Zero-Day Exploit

This story is a watershed moment for cybersecurity.

Google’s Project Zero “Big Sleep” AI system independently discovered a memory safety vulnerability and generated a functional exploit capable of real-world use—all without human-written exploit guidance. Google responsibly disclosed the issue before public release, but the implications are massive.

For years, defenders assumed there would always be a gap between vulnerability disclosure and widespread weaponization. That assumption is now gone. AI can compress the timeline from disclosure to exploit development down to near-zero.

This fundamentally changes vulnerability management. Security teams can no longer operate under the assumption that they have days or weeks to patch critical flaws. From this point forward, organizations must behave as if every disclosed CVE already has a working exploit available on day one.

🐧 DirtyFrag – Linux Privilege Escalation Joins the “Dirty” Family

A new Linux kernel privilege escalation vulnerability dubbed “DirtyFrag” has emerged, with signs of active exploitation already underway before broad patch adoption.

Like DirtyPipe and DirtyCow before it, DirtyFrag exploits low-level kernel memory handling flaws, allowing an unprivileged user to escalate directly to root access. This is particularly dangerous because attackers only need a small foothold, a phishing payload, compromised account, or web shell—to leverage the vulnerability and gain full control.

Linux remains the backbone of cloud infrastructure, Kubernetes environments, and critical systems globally. That means exploitation here doesn’t just impact endpoints, it impacts entire production environments.

The biggest lesson is one we keep repeating: local privilege escalation flaws become devastating when combined with even minor initial access.

🔒 Checkmarx Jenkins Plugin Backdoored – Security Tools Become the Attack Path

The irony here is almost painful.

A malicious actor compromised the Checkmarx Jenkins AST plugin, a tool organizations specifically use to detect vulnerabilities inside CI/CD pipelines. The attacker inserted malicious code into the plugin itself, creating a foothold inside build environments trusted to secure production code.

This is one of the highest-leverage attacks possible in modern software development. Compromising a security tool means inheriting the trust organizations automatically extend to that platform.

The risk extends far beyond the plugin. Build secrets, signing keys, source code, and deployment artifacts may all have been exposed. Any organization using the compromised plugin should assume its CI/CD pipeline integrity has been questioned until proven otherwise.

💻 JDownloader Official Site Hacked – Trusted Downloads Become Malware

The official JDownloader website was compromised, with attackers replacing legitimate installers with trojanized versions containing a Python-based remote access Trojan.

Users who downloaded or updated the software during the compromise window unknowingly installed malware capable of:

• Credential harvesting

• Keylogging

• Remote shell access

• Persistent backdoor installation

This attack highlights a growing trend where attackers no longer rely on third-party mirrors or fake sites, they compromise the official distribution source directly.

That creates a dangerous reality: security awareness guidance telling users to “only download from the official source” is no longer sufficient by itself.

🎓 Canvas API Exploit Confirmed – 9,000 School Portals Defaced

Instructor confirmed that attackers exploited a vulnerability in the Canvas LMS portal customization API, allowing them to bypass authentication controls and deface portals across approximately 9,000 schools and universities.

This attack was not just about vandalism. It was a coordinated dual-track operation:

• One track focused on stealing roughly 275 million records

• The second targeted operational disruption through portal defacement and authentication failures

The operational impact was enormous. Universities canceled finals, students lost access to systems, and proctoring platforms went offline during the busiest period of the academic year.

This is a prime example of attackers maximizing leverage by combining data theft with operational chaos.

💧 UK Water Utility Breach – Attackers Sat Undetected for Two Years

South Staffordshire Water, serving 1.6 million people in the UK, was fined after attackers remained undetected inside its environment for nearly two years.

Initial access came through a phishing email in 2020. Attackers later exploited the well-known Zerologon vulnerability, left unpatched on critical domain controllers—to move laterally through the environment.

The most alarming detail? The organization’s SOC was reportedly monitoring only 5% of the environment.

“If your SOC can only see five percent of your environment, attackers already know where to hide.”

This story perfectly captures the danger of incomplete visibility. Organizations often believe they are protected because they have monitoring in place, but partial coverage creates blind spots attackers can exploit indefinitely.

And once again, water infrastructure emerges as a recurring target globally.

🏭 Private Sector Critical Infrastructure Alliance Forms

JP Morgan, AT&T, MasterCard, and Berkshire Hathaway Energy formally launched the Alliance for Critical Infrastructure, designed to fill coordination gaps left by staffing reductions and restructuring within CISA.

The alliance focuses on:

• Cross-sector dependency mapping

• Poly-crisis response planning

• Threat intelligence coordination

• Policy collaboration

This is a significant moment because it reflects the private sector recognizing that critical infrastructure resilience can no longer rely solely on government coordination. Organizations are increasingly being forced to self-organize around shared cyber risk.

🪪 SailPoint GitHub Repository Breach – Identity Platforms Become Targets

SailPoint disclosed a breach affecting one of its GitHub repositories, potentially exposing source code and integration secrets tied to enterprise identity governance deployments.

This matters because identity platforms sit at the center of enterprise trust. Understanding how privilege assignment, API integrations, and role management operate gives attackers a roadmap for targeting downstream customer environments.

This reinforces a broader trend: attackers increasingly target the vendors responsible for trust and security enforcement, because compromising them provides leverage across thousands of organizations simultaneously.

📺 Texas Sues Netflix – Privacy and Data Collection Under Fire

Texas Attorney General Ken Paxton filed suit against Netflix, alleging the company collected and monetized massive amounts of behavioral data without proper user consent.

According to the complaint, Netflix collected up to five petabytes of user behavior data daily while allegedly sharing information with advertisers and data brokers.

What makes this particularly important is the regulatory signal. States are increasingly stepping in where federal privacy legislation has stalled, creating a patchwork enforcement environment organizations must navigate carefully.

Privacy is no longer just a compliance issue, it’s becoming a direct cybersecurity and reputational risk factor.

🎯 Key Takeaway

👉 AI acceleration, supply chain compromise, and visibility gaps are redefining modern cyber risk faster than most organizations can adapt.

🛠️ Action Items for Security Leaders

• 🔐 Treat newly disclosed vulnerabilities as immediately exploitable

• 🐧 Patch Linux systems vulnerable to DirtyFrag and monitor privilege escalation activity

• 🔒 Audit Jenkins plugins and rotate all CI/CD secrets tied to compromised environments

• 💻 Validate software hashes and monitor official distribution channels for tampering

• 🎓 Review Canvas API access logs and confirm emergency patches are applied

• 💧 Expand SOC visibility and logging coverage across critical infrastructure environments

• 🏭 Participate in cross-sector resilience and threat intelligence initiatives

• 🪪 Rotate SailPoint integration tokens and audit API activity

• 📺 Review organizational privacy policies against actual data collection practices

• 🔍 Design detection strategies assuming AI-assisted attackers are already operational

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is that the future we’ve been discussing theoretically is now operational reality. AI isn’t just helping attackers write phishing emails anymore, it’s autonomously discovering and weaponizing vulnerabilities. That fundamentally changes the game because it removes the human bottleneck from exploit development. Security teams that still operate on old vulnerability management timelines are going to struggle badly in this new environment.

The second takeaway is visibility. The UK water utility breach is a perfect example of how incomplete monitoring creates false confidence. A SOC monitoring five percent of the environment is not protection, it’s theater. Organizations need to stop assuming partial visibility is good enough. Because attackers only need one blind spot, and today’s threat actors are patient enough to sit inside those gaps for years.

🔥 Stay Cyber Safe.

Today’s show is one of those episodes where every story connects into a much bigger picture AI-assisted attacks, operational technology under siege, SaaS collapse during finals week, and insider threats proving once again that trust can be weaponized.

And if there’s one message from today’s show, it’s this:
👉 The barriers to executing sophisticated cyber operations are collapsing.

Double espresso in hand, let’s get into it.

🧭 Executive Summary

Today’s threat landscape reflects the convergence of AI-assisted offensive operations, ICS targeting, SaaS operational failures, and relentless supply chain compromise. Attackers are leveraging frontier AI models not just for phishing, but for operational planning, lateral movement, and infrastructure targeting.

Meanwhile, critical infrastructure systems, especially water utilities are seeing increased attention from adversaries, while organizations continue struggling with identity management, vendor trust, and operational resilience. The environment is evolving from isolated attacks into interconnected campaigns where IT, OT, AI, and human behavior all overlap.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🤖 Claude AI Used to Penetrate a Water Utility ICS Environment

This may be one of the most important cybersecurity stories of the year.

A threat actor used Anthropic’s Claude AI as an operational planning assistant to compromise a Mexican water utility’s ICS environment. Claude was reportedly leveraged to map network architecture, craft phishing lures for plant operators, and assist in building lateral movement strategies that ultimately enabled access to SCADA systems controlling water operations.

This changes the AI conversation dramatically. We’ve spent years discussing prompt injection and AI abuse defensively, but now we are seeing frontier AI models becoming force multipliers for attackers, significantly lowering the skill barrier for sophisticated operations.

The real concern isn’t just this incident, it’s what comes next. AI-assisted offensive capability means smaller threat groups can now execute operations previously reserved for highly advanced actors. For defenders, this means OT tabletop exercises and threat models must now assume adversaries are AI-augmented by default.

💧 Poland Water Facilities Breached – ICS Intrusions Escalate

Poland’s ABW National Security Agency disclosed that five water treatment facilities experienced simultaneous ICS intrusions, with attackers gaining direct access to SCADA systems controlling water quality and distribution operations.

No contamination occurred, but the operational access itself is deeply concerning. When paired with the Mexico incident, this highlights a clear and growing pattern: water infrastructure is becoming a high-priority target globally.

The attacks reportedly blended traditional IT compromise techniques with OT targeting methods, further reinforcing that the line between IT and operational environments has effectively disappeared. Organizations running industrial systems should view this as a wake-up call, visibility at the IT/OT boundary is no longer optional.

🔥 Ivanti EPMM Zero-Day – Exploitation Continues

Yes, it’s Ivanti again.

CISA added another Ivanti EPMM vulnerability to the KEV catalog after confirming active exploitation in the wild. The flaw allows attackers to compromise mobile device management infrastructure, potentially granting access to managed devices and creating a direct lateral movement pathway into enterprise environments.

At this point, Ivanti vulnerabilities have become a recurring operational problem for security teams. The risk isn’t just the vulnerability itself, it’s the role EPMM plays in managing identities, devices, certificates, and trust relationships across organizations.

If your EPMM platform is compromised, attackers may effectively inherit enterprise mobility control.

🎓 Canvas Fallout Deepens – Universities Forced to Reschedule Finals

The Canvas breach is evolving from a data exposure incident into a full operational crisis for universities worldwide.

Multiple institutions are now cancelling or rescheduling final exams due to authentication instability, unavailable student portals, broken assignment systems, and offline proctoring services.

This demonstrates a critical reality many organizations underestimate: the operational impact of a SaaS breach often exceeds the original data theft itself.

ShinyHunters appears to understand this perfectly. The timing during finals week dramatically increases institutional pressure, likely improving the attackers’ leverage during extortion negotiations.

🌐 cPanel & WHM Vulnerabilities – Hosting Ecosystems at Risk

Three newly disclosed vulnerabilities in cPanel and WHM include privilege escalation, arbitrary file read, and cross-site scripting issues capable of enabling administrator account compromise.

Because cPanel manages DNS, email, SSL certificates, and websites for millions of hosting environments, exploitation could allow attackers to pivot across entire hosting ecosystems.

This reinforces an ongoing pattern: attackers increasingly target management platforms rather than endpoints, because compromising the control layer gives access to everything downstream.

🧬 Fake OpenAI Repository on Hugging Face Distributes Malware

A malicious repository impersonating OpenAI on Hugging Face silently distributed infostealer malware to AI developers downloading what appeared to be legitimate model files.

The malware harvested:

• API keys

• Browser credentials

• System information

Hugging Face is quickly becoming the AI equivalent of npm or PyPI, a massive open ecosystem increasingly targeted by supply chain attackers.

This is another example of AI infrastructure inheriting the same trust and dependency risks we’ve already seen devastate software supply chains.

🎮 NVIDIA GeForce Breach – Gaming Credentials Become Enterprise Risk

NVIDIA confirmed a GeForce platform breach involving usernames, email addresses, and hashed credentials.

This matters because gaming account credentials are frequently reused across enterprise environments, VPN portals, and SaaS platforms. Threat actors know this and routinely test compromised gaming credentials against corporate services.

The lesson remains painfully consistent: credential reuse turns consumer breaches into enterprise incidents.

🛍️ Zara Owner Inditex Breach – Retail Data Fuels Phishing

Inditex, the parent company of Zara, disclosed a breach impacting approximately 197,000 customers, exposing names, shipping addresses, contact information, and purchase histories.

This type of data is gold for attackers because it enables highly personalized phishing and fraud campaigns referencing real purchases and legitimate order history.

Retail breaches are no longer just about stolen payment cards, they are now about social engineering at scale using behavioral and transactional data.

🌑 Dark Web Marketplace Shut Down – Crime Networks Continue to Adapt

Law enforcement dismantled the “Crime Network” dark web marketplace and arrested its administrator. The platform facilitated credential sales, initial access brokerage, and cybercrime-as-a-service operations.

However, history tells us these takedowns rarely end operations permanently. These groups rebrand, migrate infrastructure, and return quickly.

This highlights how cybercrime has evolved into a resilient underground economy, not isolated criminal activity.

🧑‍💻 Former Contractor Convicted for Wiping Federal Databases

A former government contractor was convicted after deliberately wiping dozens of federal databases in retaliation over a contract dispute.

The contractor retained privileged access after the engagement ended and used that access to systematically destroy records, some permanently.

This is one of the clearest examples of why offboarding and privileged access management matter. The insider threat isn’t hypothetical—it’s operational and extremely damaging when controls fail.

🎯 Key Takeaway

👉 AI-assisted attacks, OT targeting, and trust abuse are converging into a single operational threat model.

🛠️ Action Items for Security Leaders

• 🔐 Review OT and ICS segmentation immediately, especially in water infrastructure

• 🤖 Incorporate AI-assisted adversary scenarios into tabletop exercises

• 🔥 Patch Ivanti EPMM systems and isolate management interfaces from direct internet access

• 🎓 Build out-of-band operational continuity plans for SaaS outages

• 🌐 Patch cPanel/WHM systems and review admin access logs

• 🧬 Verify AI model repositories using cryptographic checksums and signed sources

• 🎮 Reset passwords for users impacted by the NVIDIA GeForce breach

• 🛍️ Increase awareness training around personalized phishing campaigns

• 🌑 Monitor dark web intelligence feeds for organizational exposure

• 🧑‍💻 Audit privileged access lifecycle management and contractor offboarding processes

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how AI has officially crossed the line from experimental risk into operational reality. The Claude-assisted intrusion into a water utility is the moment many of us feared was coming. Not because AI itself is malicious, but because it dramatically accelerates attacker capability. We’re no longer dealing with isolated hackers, we’re dealing with attackers amplified by machine-speed intelligence.

The second takeaway is the fragility of our operational dependencies. Whether it’s Canvas collapsing during finals week or OT systems being probed globally, we are seeing how deeply interconnected everything has become. Security leaders need to think beyond prevention and focus on resilience, continuity, and visibility. Because in today’s environment, disruption is not a possibility, it’s an expectation.

🔥 Stay Cyber Safe.

Double espresso poured. The baby is asleep. And this week’s threat landscape is anything but quiet.

He was right. An AI training library millions depend on became a credential-stealing worm. A security vendor had its source code accessed. A trusted incident responder was the attacker in two documented cases. A nine-year-old Linux root escalation hit the CISA KEV catalog. Forty-four thousand cPanel servers were locked by ransomware. China ran multi-continent espionage. And an AI-powered phishing platform turned MFA into security theater.

By week’s end, the picture had sharpened further. A Palo Alto PAN-OS zero-day with no patch available granted root access to network defenders’ crown jewels. The Canvas platform was drained of 280 million records not through a vulnerability, but through legitimate API abuse. CISA launched a new initiative telling critical infrastructure operators to prepare to run completely isolated from vendors and cloud providers. MuddyWater ran a false flag ransomware operation designed not to encrypt data, but to manipulate the incident responders sent to stop it. And the DOJ sentencing of a ransomware negotiator revealed that Conti, Akira, Royal, and other seemingly independent groups are effectively one coordinated enterprise operating under multiple brands.

This week’s four episodes converge on a single, uncomfortable conclusion: attackers have graduated from exploitation to orchestration. They are not just breaking into systems. They are operating them using legitimate tools, trusted credentials, authorized APIs, and valid code-signing certificates to achieve outcomes that leave defenders looking at clean logs while the damage compounds.

Coffee cup cheers. Let’s get into it.

Subscribe now

🌐 Geopolitical & Nation-State Threats

China’s ShadowPad Campaign: Multi-Continent Espionage Across Government and Defense

A China-aligned threat group conducted a widespread espionage campaign targeting government and defense sectors across Asia and into Europe. The attackers exploited known vulnerabilities in Microsoft Exchange and IIS, deployed web shells for long-term persistence, and used ShadowPad malware as their primary intelligence collection tool. The campaign combined technical infrastructure compromise with targeted phishing of civil society groups building both system access and human intelligence simultaneously. This dual approach is a hallmark of mature nation-state operations: technical access provides the data, human targeting provides the context.

North Korea’s BirdCall Android Backdoor: Mobile Espionage Toolkit

North Korea’s ScarCruft group embedded a new Android variant of BirdCall malware into a compromised gaming platform targeting ethnic Koreans in China. This is not basic spyware it is a full surveillance toolkit collecting contacts, messages, call logs, media files, audio recordings, and screenshots that capture private keys and sensitive data. The targeting specificity reflects a broader shift toward cross-platform espionage, where mobile and desktop compromise are combined to build a complete intelligence profile on high-value individuals connected to sensitive geopolitical regions.

Iran’s MuddyWater: Ransomware as a Deception Operation

Iran-linked MuddyWater conducted a false flag operation using ransomware as a decoy to mask the actual objective: credential theft and data exfiltration. The attack chain began with Microsoft Teams contact impersonating IT support, used screen sharing to capture credentials and manipulate MFA approvals in real time, and deployed ransomware not to encrypt data but to misdirect incident responders. By the time defenders were focused on ransomware recovery, the real operation had already concluded. This is a fundamental evolution in adversary tradecraft attackers are now manipulating defenders, not just systems.

Iranian Psychological Operations Target U.S. Military Personnel

Iran-linked actors sent threatening messages via WhatsApp to U.S. military personnel and published personal data of service members online. No system compromise required. This is information warfare designed to intimidate, destabilize, and consume defensive attention. Cyber conflict has fully expanded to include psychological pressure campaigns against individuals as an explicit operational component.

APT Zero-Click Credential Theft: Windows Credentials Without User Interaction

APT activity is now enabling credential harvesting from Windows systems without any user interaction leveraging system-level weaknesses to extract sensitive data silently. No phishing. No malware execution. No user error. This represents the evolution of identity attacks from deceiving users to bypassing them entirely, with lateral movement following invisibly across the network.

AI Governance: Pre-Release Government Testing for Advanced Models

Google, Microsoft, and XAI agreed to provide government agencies pre-release access to advanced AI models for evaluation of potential risks before public deployment — including assessment of offensive cyber capabilities, disinformation potential, and CBRN applications. AI is now formally treated as a strategic technology with national security implications requiring oversight at the highest government levels. Board-level questions about AI risk posture are no longer emerging, they are arriving now.

💥 Ransomware & Destructive Operations

cPanel Zero-Day: 44,000 Servers Locked in Large-Scale Ransomware Outbreak

A critical cPanel vulnerability actively exploited since February before public disclosure is now fueling industrial-scale ransomware propagation. Attackers deployed the “Sorry” ransomware variant, encrypting systems with ChaCha20 and protecting keys via embedded RSA. More than 44,000 compromised IPs have been identified, with the vulnerability now added to CISA’s KEV catalog. Because cPanel functions as a centralized control layer for hosting environments, a single compromise cascades across websites, databases, and email systems. This is not targeted ransomware it is ransomware propagating through shared infrastructure, with hosting providers and MSPs functioning as force multipliers.

VECT Ransomware: Encryption Designed to Destroy, Not Recover

Checkpoint Research confirmed that VECT ransomware’s encryption process discards critical data by design, making recovery impossible even after payment. This transforms the attack from extortion into destruction. Organizations hit by VECT have no recovery path regardless of compliance. Prevention and offline backup integrity are the only viable defenses and backups must be validated independently, not assumed to be intact.

Everest Ransomware Targets Liberty Mutual and Fiserv

The Everest ransomware group published over 100GB of data allegedly from Liberty Mutual, including customer records, policy data, and financial details. Fiserv a major financial technology provider processing payments for thousands of financial institutions was also claimed as a victim. Both incidents appear linked to third-party vendor access rather than direct enterprise compromise. Financial sector targeting is intensifying, with attackers maximizing leverage by striking at infrastructure that multiple institutions depend on simultaneously.

DOJ Sentencing Reveals Ransomware as One Enterprise

A ransomware negotiator was sentenced to over eight years in prison, with the proceedings revealing that groups operating as Conti, Akira, Royal, and others are effectively one coordinated enterprise with shared leadership, shared resources, and a multi-brand structure designed to evade attribution and continue operations after takedowns. Ransomware is not a collection of independent criminal groups. It is a mature business ecosystem with deliberate organizational design. Threat modeling must account for this consolidation.

Venomous Helper Campaign: RMM Tools as Ransomware Staging

A phishing campaign dubbed “Venomous Helper” compromised over 80 organizations by deploying legitimate RMM tools SimpleHelp and ScreenConnect that are trusted and frequently allowlisted by EDR platforms. This is not the final stage of an attack. It is the setup phase, typically followed by ransomware deployment within 72 hours. Detection requires behavioral monitoring of RMM tool activity, not just signature-based alerting on known malicious binaries.

🔓 Data Breaches & Exposures

Canvas Platform: 280 Million Records Exfiltrated via Legitimate API Abuse

ShinyHunters claimed to have exfiltrated 280 million records from Instructure’s Canvas learning management platform affecting over 40% of North American universities without exploiting any vulnerability. The breach was executed entirely through legitimate API features used in unauthorized ways. Student records, academic communications, mental health disclosures, and institutional data were exposed. This is the second Canvas breach in eight months. API abuse as a primary exfiltration technique requires API behavioral monitoring and anomaly detection vulnerability management alone is insufficient protection.

Cushman & Wakefield: Vishing Attack Opens Salesforce Environment

Cushman & Wakefield confirmed a breach caused by a vishing attack, where an employee was socially engineered into granting access. ShinyHunters claims hundreds of thousands of Salesforce records with a ransom deadline attached. This is part of the broader ShinyHunters Salesforce campaign that has now touched multiple major enterprises. Identity is the perimeter and social engineering remains the most reliable path through it.

Trellix Source Code Breach: Defenders Become Targets

Trellix confirmed unauthorized access to portions of its source code repository. No customer data was impacted directly. But source code exposure allows attackers to analyze detection logic, identify blind spots, and develop evasion techniques tailored specifically to the platform. Security vendors are among the highest-value targets in the ecosystem compromising them provides adversarial intelligence about defensive capabilities at scale.

MediaWorks: 8.5TB Extortion Without Encryption

The WorldLeaks group published 8.5TB of data stolen from a Hungarian media company financial records, contracts, and internal communications using pure data theft and exposure for extortion. No encryption, no decryption keys, no recovery path through payment compliance. Backup strategies are irrelevant in pure exfiltration extortion. Data protection, classification, and access minimization are the only mitigating controls.

NVIDIA Partner Breach: Supply Chain Compromise Continues

NVIDIA confirmed a breach affecting a partner organization, with ShinyHunters claiming involvement. The recurring pattern: attackers target ecosystem vendors to gain indirect access to larger organizations, exploiting the trust relationships that make supply chains functional. Every partner with privileged access to your environment is a potential entry point.

🤖 AI & Developer Supply Chain

Bleeding Llama: 300,000 Ollama AI Servers Exposed to Memory Exfiltration

The “Bleeding Llama” vulnerability in Ollama deployments allows attackers to exfiltrate sensitive data from server memory using just three unauthenticated API calls. A specially crafted model file triggers a buffer overflow, dumping memory contents that can include API keys, authentication tokens, session data, internal conversations, PII, and proprietary code. Approximately 300,000 exposed Ollama servers were identified on the public internet, many operating without authentication or access controls. This is not merely a vulnerability — it is a systemic failure in how AI infrastructure is being deployed. Organizations are standing up AI environments with the same security rigor applied to personal laptops, creating open memory exfiltration surfaces at enterprise scale.

PyTorch Lightning Supply Chain Worm: AI Ecosystem Autonomous Compromise

A compromised version of the PyTorch Lightning library introduced autonomous worm capability that steals credentials, identifies accessible repositories, injects malicious code into additional packages, and republishes infected versions — propagating across both npm and PyPI ecosystems without human intervention. The targeting of AI training libraries is particularly dangerous because these environments hold sensitive data, proprietary models, and infrastructure credentials simultaneously.

Daemon Tools Supply Chain: Trojanized Installer with Valid Code-Signing

The Daemon Tools official installer was trojanized and distributed with valid code-signing certificates, deploying an infostealer and backdoor across multiple sectors globally. Even a signed binary from a trusted vendor cannot be assumed safe when the vendor’s distribution channel is compromised. Any endpoint running the affected installer should be treated as potentially compromised regardless of what endpoint protection tools report.

BlueKit Phishing-as-a-Service: AI-Powered MFA Bypass at Industrial Scale

BlueKit, a new phishing-as-a-service platform, incorporates AI-powered voice cloning, adversary-in-the-middle templates, and automated campaign generation supporting multiple AI models for convincing content creation. Real-time MFA token interception is a core feature. This is the industrialization of advanced phishing — capabilities previously requiring nation-state resources are now accessible to low-skill operators, dramatically expanding the scale and effectiveness of MFA bypass attacks across the entire threat ecosystem.

Facebook Phishing via Google AppSheet: Trusted Infrastructure Abuse

Attackers hijacked over 30,000 Facebook accounts using Google AppSheet infrastructure to send phishing emails that pass spam filtering entirely because they originate from Google’s trusted domain. This continues the pattern of attackers operating inside trusted platforms rather than spoofing them. Domain reputation-based filtering is no longer a reliable detection mechanism when the attacker is sending from legitimate infrastructure.

AWS SES Abuse: Phishing from Inside Amazon’s Infrastructure

Attackers harvesting exposed AWS IAM keys are using Amazon’s Simple Email Service to send phishing emails that pass SPF, DKIM, and DMARC checks because they are genuinely sent from Amazon infrastructure. Phishing pages are hosted on AWS as well, creating an end-to-end attack chain within a single trusted cloud provider. Any exposed IAM key becomes a phishing platform, turning the victim’s own environment into an attack vector against their customers and partners.

🛡️ Vulnerabilities & Critical Infrastructure

“Speed is the attacker’s advantage, trust is their entry point.”

Palo Alto PAN-OS Zero-Day: Root Access with No Patch Available

A critical zero-day in Palo Alto’s PAN-OS allows unauthenticated remote attackers to execute arbitrary code with root privileges through the authentication portal. Over 5,800 exposed devices are confirmed, with active exploitation underway and no patch available. Firewalls are the crown jewel of network defense compromise here means visibility into and control over all traffic, credentials, and segmentation policies. Mitigation requires immediate action: restrict authentication portal access, disable unnecessary services, and implement behavioral monitoring for anomalous activity. Waiting for a patch is not an operational posture.

CISA CI Fortify: Prepare to Operate Without Vendors or Cloud

CISA launched the CI Fortify initiative, explicitly urging critical infrastructure operators to prepare for scenarios requiring completely isolated operation without vendor support, cloud provider availability, or external network connectivity for extended periods. This is a direct response to observed adversary pre-positioning within OT environments and a formal acknowledgment that geopolitical conflict scenarios could eliminate access to vendor support simultaneously with an attack. Organizations must validate manual operations, air-gapped capabilities, and independent recovery processes. Most disaster recovery plans assume vendor availability. CI Fortify says that assumption is no longer safe.

MOVEit Automation CVSS 9.8: Authentication Bypass Returns

A critical authentication bypass in MOVEit Automation allows full administrative control without credentials in the same ecosystem mass-exploited by Cl0p in 2023. The prior MOVEit campaign achieved widespread exploitation within 24 hours of disclosure. This is not a situation for staged deployment timelines. Patch immediately, audit access logs for unauthorized activity, and rotate all credentials associated with the platform.

DigiCert Breach and Microsoft Defender Failure: Both Sides of Trust Break

DigiCert’s support portal was compromised via a weaponized screensaver, leading to fraudulent code-signing certificates used to sign the Zong Stealer malware. DigiCert revoked 60 certificates. Microsoft Defender then mistakenly flagged legitimate DigiCert root certificates as malicious and removed them from systems causing some organizations to face OS reinstalls to restore trust chain functionality. Both the certificate authority and the endpoint protection system failed simultaneously. Code signing and certificate-based trust can no longer be assumed as standalone reliable controls.

Apache HTTP/2 RCE: 30% of the Web at Risk

A critical double-free memory corruption vulnerability in Apache HTTP Server enables remote code execution via crafted HTTP/2 requests. Apache powers approximately 30% of the internet, with HTTP/2 enabled by default. Successful exploitation grants access to application code, credentials, API keys, and TLS private keys. Upgrade Apache HTTP Server to patched versions immediately across all internet-facing deployments.

Linux “Copy Fail” Root Bug: Nine-Year Vulnerability Now Weaponized

A nine-year-old Linux kernel vulnerability has been weaponized following public proof-of-concept release, enabling local privilege escalation to root across Ubuntu, RHEL, SUSE, and Amazon Linux by manipulating page cache behavior. In documented incidents, attackers chained this with Jenkins access to escalate from low-privileged service accounts to root. Old vulnerabilities become critical the moment reliable exploit code becomes publicly accessible dormant risk becomes immediate operational threat.

Pack2TheRoot: PackageKit Privilege Escalation Confirmed Exploitable

A Linux privilege escalation flaw present since 2014 has been confirmed exploitable across major distributions, now added to CISA’s KEV catalog. Any low-privileged malware on a Linux system can immediately escalate to root through PackageKit. Apply kernel updates and verify patched versions are active across all Linux endpoints.

Microsoft Edge Password Storage: Cleartext Credentials in Memory

Microsoft confirmed that Edge loads all saved passwords into memory in cleartext at browser startup and maintains them for the entire session. While labeled “by design,” this behavior allows attackers with elevated access to extract all stored credentials instantly. Deploy enterprise password managers and limit browser-based credential storage across all endpoints.

Oracle: Monthly Patch Cycles Replace Quarterly Model

Oracle announced a shift from quarterly patch releases to monthly updates for critical vulnerabilities, driven by the compression of exploitation timelines from days to minutes. Organizations must adapt patch management processes to handle monthly Oracle updates without operational disruption. This is part of a broader industry shift toward continuous vulnerability management as a required operational function.

Cyber-Enabled Cargo Theft: FBI Warning on Physical Supply Chain Impact

The FBI warned of a surge in cyber-enabled cargo theft exceeding $725 million in 2025, with attackers compromising logistics platforms, altering shipment records, and impersonating legitimate carriers to redirect physical shipments. Cybersecurity is now directly tied to physical supply chain risk. Secure logistics platforms and enforce MFA across all supply chain management systems.

🔐 Insider Threats & Human-Layer Attacks

Security Professionals Sentenced for Ransomware Attacks Against Their Own Clients

Two cybersecurity professionals were sentenced for conducting ransomware attacks against organizations their firms were hired to protect. One operated as an incident responder the professional called in during an organization’s worst crisis while conducting the attacks himself. This is not theoretical insider risk. It is documented operational reality. Zero-trust principles must extend to privileged insiders including security vendors, IR firms, and all third parties with elevated access. Monitoring and segmentation for these relationships is not paranoia it is hygiene.

AiTM Phishing: 35,000 Users Compromised Across 13,000 Organizations

Microsoft disclosed a massive adversary-in-the-middle phishing campaign targeting over 35,000 users across 13,000 organizations. Proxy-based interception captured credentials and session tokens in real time, bypassing MFA entirely. Victims were routed through a convincing fake document review workflow. Once session tokens were captured, attackers accessed accounts without triggering additional authentication. MFA is no longer sufficient protection against AiTM attacks. Phishing-resistant authentication FIDO2 and passkeys is the required migration path.

Vishing and Social Engineering: Multiple Major Breach Pathways

Vishing attacks contributed to the Cushman & Wakefield breach. Social engineering via Microsoft Teams enabled MuddyWater’s false flag operation. The North Korea ScarCruft campaign used long-term relationship building on gaming platforms. Three distinct incidents this week demonstrate that human-layer exploitation remains the most reliable and underdefended pathway into hardened technical environments.

⚖️ Law Enforcement, Policy & Industry

FTC Permanently Bans Kochava: Privacy Enforcement Accelerates

The FTC permanently banned data broker Kochava from selling precise location data without explicit consent. This marks a significant escalation in privacy enforcement and signals increasing regulatory scrutiny of data collection and monetization practices across all industries. Privacy compliance must be treated as a core security function, not a separate legal obligation.

Cyber Insurance: Coalition Becomes Global Market Leader

Allianz transferred its cyber insurance portfolio to Coalition, making it the largest commercial cyber insurer globally. Coalition’s model integrates real-time threat monitoring with underwriting, enabling dynamic risk pricing based on current security posture rather than historical claims data alone. Organizations should expect cybersecurity controls particularly identity hygiene and MFA implementation to increasingly influence insurance costs and coverage availability.

Global Cybercrime Crackdown: 276 Arrests, $700M Seized

An international operation resulted in 276 arrests and seizure of over $700 million tied to cryptocurrency scam networks. Coordinated law enforcement across jurisdictions is demonstrating meaningful disruption capability though the scale of what remains operational underscores that these networks are both highly profitable and highly resilient.

Black Axe Network: Ten Arrests in Organized Cybercrime Operation

European authorities arrested ten members of the Black Axe cybercrime network responsible for large-scale financial fraud, romance scams, and money laundering. These networks operate with structured organizational roles and rebuild quickly after disruption. International coordination is the only operationally effective response to enterprises of this scale.

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Restrict access to Palo Alto PAN-OS authentication portals and implement behavioral monitoring — no patch is available, mitigation is the only current option

• Patch MOVEit Automation immediately — CVSS 9.8, same ecosystem as the 2023 mass exploitation event, 24-hour exploitation window expected

• Patch cPanel and WHM and audit all logs for exploitation activity predating the advisory

• Apply Linux kernel updates to address the nine-year root escalation vulnerability — now in CISA KEV catalog, exploit code is public

• Patch all Ollama deployments and restrict public internet access — 300,000 exposed servers, unauthenticated memory exfiltration with three API calls

• Upgrade Apache HTTP Server to patched versions across all internet-facing deployments

• Validate DigiCert certificate trust stores and confirm Defender signature accuracy following the false-positive incident

• Patch all CISA KEV-listed vulnerabilities including cPanel, Linux PackageKit, and SimpleHelp

Short-Term (This Month)

• Audit all AI infrastructure deployments — authentication requirements, network segmentation, and access logging must be validated as baseline controls

• Rotate all credentials and tokens associated with PyTorch Lightning, npm, and PyPI environments

• Audit all installations of Daemon Tools and hunt for indicators of compromise regardless of EDR clean status

• Implement authentication proxies for all AI infrastructure and restrict unauthenticated API access to any model serving platform

• Audit all RMM tool deployments SimpleHelp, ScreenConnect and investigate any unauthorized installations

• Conduct API behavioral monitoring review for Canvas and other high-volume SaaS platforms abuse of legitimate API features is the active attack pattern

• Rotate all exposed AWS IAM keys and audit SES usage for anomalous sending patterns

• Deploy enterprise password managers and eliminate browser-based credential storage across all endpoints

Strategic (This Quarter)

• Update patch management processes to accommodate monthly Oracle cycles and continuous vulnerability management

• Conduct OT segmentation audits and validate air-gapped operation capability, CISA CI Fortify is a direct warning, not a theoretical exercise

• Update incident response playbooks to include deception tactics, false flag scenarios, and insider threat from IR vendors

• Prepare board-level AI security briefings addressing governance, regulatory trajectory, and enterprise AI risk posture

Share

🎙️ James Azar’s CISO’s Take

When I look across this week’s stories, the shift I keep coming back to is that attackers have stopped exploiting systems and started orchestrating them. The MuddyWater false flag operation didn’t break into anything it manipulated the incident responders sent to stop it. The Canvas breach didn’t exploit a vulnerability it used authorized API functionality. The Daemon Tools attack distributed malware through a valid code-signed installer from the vendor’s own distribution channel. The AWS SES phishing passed every authentication check because it was genuinely sent from Amazon’s infrastructure. When attackers can achieve their objectives using legitimate tools, legitimate credentials, and legitimate workflows, traditional security controls designed to detect the abnormal become functionally blind. That is the environment we are operating in, and it demands a security model built around continuous validation of trust assumptions rather than detection of known-bad patterns.

The second takeaway is that the defensive response must match the adversary’s organizational sophistication. The DOJ sentencing revealed that major ransomware groups are one consolidated enterprise. MuddyWater’s false flag demonstrates nation-state-level operational planning. North Korea’s six-month social engineering campaigns show patience and discipline. AI-powered phishing-as-a-service is industrializing what was previously nation-state capability and selling it to anyone. Against that level of organizational maturity, the organizations that will remain resilient are those that have built security into operations not bolted it on afterward. That means zero-trust for every trusted relationship including your own security vendors, continuous validation of every automated workflow, and incident response playbooks that account for the possibility that the attacker is also reading your response plan.

Stay Cyber Safe. 🔐

Leave a comment

Today’s episode is one of those that forces you to zoom out and realize, this is no longer just cybersecurity, this is national security, operational resilience, and business survival all wrapped into one.

We’ve got a firewall zero-day with no patch, a massive education sector breach impacting hundreds of millions, a nation-state false flag operation, and even AI now being evaluated for offensive cyber capabilities before release.

Double espresso ready, let’s go.

🧭 Executive Summary

Today’s threat landscape highlights a convergence of unpatched critical vulnerabilities, API-driven data exfiltration, supply chain compromise, and nation-state deception tactics. Attackers are no longer just exploiting software flaws—they’re leveraging legitimate system capabilities, abusing trust relationships, and introducing misdirection into incident response.

At the same time, regulators and governments are stepping in, from data privacy enforcement to AI governance, while the cyber insurance market evolves to reflect real-time risk. The environment is shifting from reactive defense to strategic resilience, where organizations must assume disruption and design for continuity.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🔥 Palo Alto PAN-OS Zero-Day – Root Access Without a Patch

A critical zero-day vulnerability in Palo Alto’s PAN-OS allows unauthenticated remote attackers to execute arbitrary code with root privileges via the authentication portal. With over 5,800 exposed devices and active exploitation confirmed, this is a high-severity issue with no immediate patch available.

Firewalls are the crown jewel of network defense. Compromise here means visibility and control over everything behind it—traffic flows, credentials, and segmentation policies. The fact that attackers are actively targeting perimeter devices reinforces a long-standing truth: if you own the edge, you own the network.

Mitigation now requires immediate action, restricting access, disabling unnecessary services, and monitoring for anomalous behavior because waiting for a patch is not an option.

🏭 CISA CI Fortify – Prepare to Operate Without Vendors

CISA launched the CI Fortify initiative, urging critical infrastructure operators to prepare for scenarios where they must operate completely isolated from vendors, cloud providers, and external networks for extended periods.

This is a major shift in thinking. Most disaster recovery plans assume vendor availability, but CISA is explicitly warning that in a geopolitical conflict, those assumptions may fail.

The implication is profound: organizations must validate manual operations, air-gapped capabilities, and independent recovery processes. This is not theoretical, it’s a direct response to observed adversary positioning within OT environments.

🔄 Oracle Moves to Monthly Patching – The End of Quarterly Cycles

Oracle announced a shift from quarterly patch cycles to monthly updates for critical vulnerabilities, driven by the shrinking window between disclosure and exploitation.

With exploit timelines now measured in minutes rather than days, traditional patching models are no longer sufficient. Organizations must adapt their processes to handle more frequent updates without disrupting operations.

This is part of a broader industry trend toward continuous vulnerability management, where patching becomes an ongoing process rather than a scheduled event.

🧬 Daemon Tools Supply Chain Attack – Signed Software, Malicious Payload

The makers of Daemon Tools confirmed a supply chain attack where their official installer was trojanized and distributed with valid code-signing certificates. The malicious version deployed an information stealer and backdoor across multiple sectors globally.

This attack underscores the danger of trusted software distribution channels being compromised. Even signed binaries cannot be assumed safe if the vendor itself is breached.

Organizations must treat any affected installations as compromised and conduct thorough investigations, even if endpoint protection tools show no alerts.

🎓 Canvas Breach – 280 Million Records via Legitimate APIs

ShinyHunters claimed to have exfiltrated 280 million records from Instructure’s Canvas platform, impacting over 40% of North American universities. The attackers did not exploit a vulnerability, instead, they abused legitimate API features to extract data.

This is a critical shift. The breach was executed using authorized functionality, making it harder to detect and prevent.

The exposed data includes student records, communications, and institutional details, creating immediate risk for phishing campaigns and regulatory fallout. This highlights the need for API monitoring and anomaly detection, not just vulnerability management.

⚖️ FTC Bans Data Broker – Privacy Enforcement Accelerates

The FTC permanently banned data broker Kochava from selling precise location data without explicit consent, marking a significant step in privacy enforcement.

This decision reflects growing concern over how sensitive data is collected, shared, and monetized. It also signals increased regulatory scrutiny across industries, particularly those handling consumer data.

Organizations must now consider privacy compliance as a core component of cybersecurity, not just a legal requirement.

🎭 MuddyWater False Flag Campaign – Ransomware as a Distraction

Iran-linked MuddyWater conducted a sophisticated false flag operation, using ransomware as a decoy to mask credential theft and data exfiltration activities.

The attackers initiated contact through Microsoft Teams, posing as IT support, and used screen sharing to capture credentials and manipulate MFA approvals in real time. The ransomware component was never intended to encrypt data, it was used to mislead responders.

This represents a new level of sophistication where attackers manipulate both systems and defenders, delaying response and increasing impact.

🛡️ Cyber Insurance Shift – Coalition Becomes Market Leader

Allianz transferred its cyber insurance portfolio to Coalition, making it the largest commercial cyber insurer globally. Coalition’s model integrates real-time threat monitoring with insurance coverage, enabling dynamic risk pricing.

This reflects a broader shift toward technology-driven underwriting, where insurers actively monitor risk rather than relying solely on historical data.

For organizations, this means cybersecurity posture will increasingly influence insurance costs and coverage availability.

🤖 AI Governance – Government Testing Before Release

Google, Microsoft, and XAI agreed to provide pre-release access to advanced AI models for government testing, allowing evaluation of potential risks before public deployment.

This includes assessing capabilities related to offensive cyber operations, disinformation, and even CBRN threats.

This marks a turning point where AI is being treated as a strategic technology with national security implications, requiring oversight and governance at the highest levels.

🎯 Key Takeaway

🛠️ Action Items for Security Leaders

• 🔥 Restrict access to PAN-OS authentication portals and monitor for exploitation attempts

• 🏭 Conduct OT segmentation audits and validate air-gap capabilities

• 🔄 Update patch management processes for monthly and continuous cycles

• 🧬 Audit all installations of Daemon Tools and hunt for indicators of compromise

• 🎓 Monitor API usage for abnormal data access patterns in SaaS platforms

• ⚖️ Align data handling practices with evolving privacy regulations

• 🎭 Update incident response playbooks to account for deception tactics

• 🛡️ Review cyber insurance policies and align them with current risk posture

• 🤖 Prepare for AI governance requirements and risk assessments

• 🔍 Continuously validate trust across all systems and integrations

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how attackers are no longer limited by technical barriers. The Canvas breach shows they can use legitimate APIs, the MuddyWater campaign shows they can manipulate defenders, and the PAN-OS zero-day shows they can go straight for the heart of our defenses. This is a shift from exploitation to orchestration—attackers are orchestrating outcomes rather than just executing attacks.

The second takeaway is that resilience is becoming the defining factor in cybersecurity. With CISA pushing for isolated operations and Oracle accelerating patch cycles, it’s clear that the environment is changing faster than ever. Organizations that can adapt—operationally, technically, and strategically—will be the ones that survive. Those that can’t will struggle to keep up.

🔥 Stay Cyber Safe.

Today’s episode is one of those that hits every nerve in cybersecurity, AI exposure, identity attacks, ransomware evolution, and nation-state activity all in one show.

And here’s the uncomfortable truth driving today’s conversation:
👉 We are deploying technology faster than we are securing it—and attackers are capitalizing on that gap.

Double espresso, well, decaf this time, let’s get into it.

🧭 Executive Summary

Today’s landscape is defined by three major fault lines:

1. AI infrastructure exposure at scale

2. Identity and MFA bypass becoming trivial

3. Ransomware groups evolving into structured enterprises

Attackers are exploiting memory-level flaws in AI systems, leveraging adversary-in-the-middle (AiTM) phishing to bypass MFA, and operating ransomware operations under multiple brands to evade detection and enforcement. Meanwhile, supply chain compromises and targeted nation-state campaigns continue to expand the attack surface beyond traditional enterprise boundaries.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🤖 Bleeding Llama – 300,000 AI Servers Exposed to Data Theft

The “Bleeding Llama” vulnerability is one of the most significant AI security issues we’ve seen to date. Affecting Ollama deployments, this flaw allows attackers to exfiltrate sensitive data from memory using just three unauthenticated API calls.

Here’s how it works: an attacker uploads a specially crafted model file that triggers a buffer overflow, allowing them to dump memory contents. That memory can include API keys, authentication tokens, prompts, internal conversations, PII, and even proprietary code.

Researchers identified approximately 300,000 exposed Ollama servers on the public internet, many without authentication or proper access controls.

This is not just a vulnerability, it’s a systemic failure in how AI infrastructure is being deployed. Organizations are spinning up AI environments with zero security controls, effectively creating open data leaks waiting to happen.

📱 North Korea’s BirdCall Android Backdoor – Mobile Espionage Expands

North Korea’s ScarCruft group has escalated its operations by embedding a new Android variant of the BirdCall malware into a compromised gaming platform targeting ethnic Koreans in China.

This backdoor is not basic spyware, it’s a full surveillance toolkit capable of collecting contacts, messages, call logs, media files, and even recording audio. It also captures screenshots, including private keys and sensitive data.

What makes this campaign particularly concerning is its targeted nature, focusing on individuals connected to sensitive geopolitical regions. This reflects a broader shift toward cross-platform espionage, where attackers combine mobile and desktop compromise to build a complete intelligence picture.

🏢 Cushman & Wakefield Breach – Vishing Meets SaaS Compromise

Cushman & Wakefield confirmed a breach caused by a vishing attack, where attackers socially engineered an employee into granting access. ShinyHunters claims to have stolen hundreds of thousands of Salesforce records, with a ransom deadline looming.

This attack is part of a broader campaign targeting Salesforce environments through human manipulation rather than technical exploitation. Once attackers gain access, they can export massive datasets, including customer information and internal records.

The lesson here is clear: identity is the new perimeter, and social engineering is the easiest way through it.

💳 Fiserv Targeted by Everest Ransomware – Financial Sector in Focus

Everest ransomware has claimed Fiserv, a major financial technology provider, as its latest victim. While details remain limited, the potential impact is significant given Fiserv’s role in processing payments and supporting thousands of financial institutions.

This follows a pattern of targeted attacks against the financial sector, where attackers aim to maximize leverage and disruption. Even without confirmed data exposure, organizations relying on Fiserv should be actively monitoring for anomalies.

This is not just a breach, it’s part of a broader campaign against financial infrastructure.

🎯 AiTM Phishing Campaign – 35,000 Users Compromised

Microsoft disclosed a massive adversary-in-the-middle phishing campaign targeting over 35,000 users across 13,000 organizations. The attackers used proxy-based interception to capture credentials and session tokens in real time, bypassing MFA entirely.

Victims were lured through a fake document review process, with the attack chain designed to look legitimate at every step. Once credentials were captured, attackers could access accounts without triggering additional authentication challenges.

This is the new normal: MFA is no longer enough on its own, especially against AiTM attacks that exploit session-based authentication.

⚖️ DOJ Sentencing – Ransomware Gangs Are One Organization

In a major legal development, a ransomware negotiator was sentenced to over eight years in prison, revealing that groups like Conti, Akira, Royal, and others are effectively one coordinated enterprise operating under multiple brands.

This structure allows attackers to:

• Avoid attribution

• Continue operations after takedowns

• Maximize revenue through specialization

This confirms what many suspected: ransomware is no longer a collection of independent groups—it’s a business ecosystem with shared leadership and resources.

🪟 APT Credential Theft – Zero-Click Windows Compromise

APT activity is now enabling attackers to steal Windows credentials without any user interaction, leveraging system-level weaknesses to extract sensitive data.

This represents a significant escalation, as it removes the need for phishing or malware execution. Attackers can operate silently, harvesting credentials and moving laterally without detection.

This is the evolution of identity attacks from tricking users to bypassing them entirely.

🎮 NVIDIA Partner Breach – Supply Chain Risk Continues

NVIDIA confirmed a breach affecting one of its partners, with ShinyHunters again claiming involvement. While details are limited, this highlights the ongoing risk of supply chain compromise, where attackers target vendors to gain indirect access to larger organizations.

This is a recurring pattern: attackers don’t always go after the biggest target—they go after the weakest link in the ecosystem.

🎯 Key Takeaway

👉 AI exposure, identity compromise, and ransomware consolidation are converging into a single, complex threat landscape.

🛠️ Action Items for Security Leaders

• 🔐 Patch Ollama immediately and restrict public access to AI deployments

• 🤖 Implement authentication proxies for all AI infrastructure

• 📱 Enforce MDM policies and restrict sideloaded apps on mobile devices

• 🧩 Deploy phishing-resistant MFA (FIDO2) and monitor session tokens

• 🏢 Strengthen identity verification for help desk and admin access

• 💳 Monitor financial integrations and APIs for anomalous activity

• ⚖️ Update threat models to account for multi-brand ransomware groups

• 🪟 Enhance detection for credential theft and lateral movement

• 🎮 Conduct vendor risk assessments across all supply chain partners

• 🔍 Continuously audit exposed services and internet-facing assets

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how quickly AI has become a critical attack surface. We’re deploying these systems everywhere—often without authentication, without monitoring, and without understanding the risks. Bleeding Llama is a perfect example of how a single flaw can expose everything in memory. That’s not a vulnerability—that’s a systemic failure in how we approach new technology.

The second takeaway is the convergence of identity and attacker efficiency. AiTM phishing, zero-click credential theft, and ransomware consolidation all point to one thing—attackers are getting faster, smarter, and more organized. If we don’t evolve our defenses to match that speed and sophistication, we’re going to keep playing catch-up. And in this game, being behind is not an option.

🔥 Stay Cyber Safe.

It’s Cinco de Mayo, May 5th, 2026, and today’s episode is one of those that makes you pause and rethink everything you trust in your environment.

We’re talking about MOVEit again, but this time it’s worse. We’ve got certificate trust breaking down, AWS being weaponized for phishing, Apache RCE, ransomware precursor campaigns, and even Microsoft defending cleartext password behavior.

👉 The theme today is simple: the very systems we rely on for security are now being turned against us.

Double espresso in hand, let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s stories highlight a breakdown in core trust mechanisms authentication systems, certificate authorities, cloud infrastructure, and endpoint security assumptions. Attackers are increasingly abusing legitimate platforms and trusted workflows to bypass controls, while defenders are struggling with the unintended consequences of those same trust models.

We’re also seeing continued evolution in ransomware precursor activity, supply chain exposure, and data extortion campaigns, all happening alongside a surge in cyber-enabled financial crime. The environment is no longer about perimeter defense, it’s about validating trust continuously across every layer of the stack.

📰 Top Stories & Deep Dive Analysis

🔓 MOVEit Automation Auth Bypass – Déjà Vu with Higher Stakes

A critical CVSS 9.8 authentication bypass vulnerability in MOVEit Automation allows attackers to take full administrative control without credentials. This is the same ecosystem that was mass exploited by Cl0p in 2023, and while there’s no confirmed widespread exploitation yet, history tells us exactly what’s coming.

The vulnerability enables attackers to bypass authentication entirely and chain access into sensitive workflows like payroll, financial transfers, and regulated data exchanges. Given how quickly MOVEit was exploited in the past, within 24 hours this is not a “wait and see” situation.

This is a fire drill-level vulnerability. If you’re running MOVEit Automation, you should already be patching, auditing logs, and rotating credentials. Because once exploitation starts, it won’t be gradual, it’ll be immediate and widespread.

🔏 DigiCert Breach & Microsoft Defender Failure – Trust Chain Breakdown

DigiCert’s support portal was breached via a weaponized screensaver file, leading to the issuance of fraudulent code-signing certificates used to sign malware like Zong Stealer. DigiCert revoked 60 certificates, but the situation escalated when Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malicious and removed them from systems.

This created a global trust issue where systems could no longer validate legitimate software, forcing some organizations into drastic recovery actions like OS reinstalls.

This is a rare but critical moment where both sides of the trust model failed:

• The certificate authority was compromised

• The endpoint protection system overcorrected

The takeaway is uncomfortable: code signing and certificate trust can no longer be assumed as reliable controls in isolation.

🏦 Everest Ransomware & Liberty Mutual – Financial Sector Pressure Campaign

The Everest ransomware group published over 100GB of data allegedly tied to Liberty Mutual, including customer information, policy data, and financial details. The breach appears linked to a third-party vendor, reinforcing the ongoing challenge of supply chain exposure.

What’s notable is the timing this comes alongside similar claims targeting financial institutions, suggesting a coordinated campaign focused on the financial sector.

Even without full confirmation of attack vectors, the pattern is clear: attackers are targeting ecosystems, not just organizations, using supply chain access to amplify impact.

☁️ AWS SES Abuse – Phishing from Inside Trusted Infrastructure

Attackers are harvesting exposed AWS IAM keys and using Amazon’s Simple Email Service (SES) to send phishing emails that pass SPF, DKIM, and DMARC checks.

Because the emails originate from Amazon infrastructure, they inherit trusted reputation and bypass traditional email filtering. The phishing pages are also hosted on AWS, creating an end-to-end attack chain within a trusted cloud provider.

This is one of the clearest examples of legitimate infrastructure abuse, where attackers don’t spoof—they operate inside the system.

The real issue here is credential hygiene. Any exposed IAM key becomes a phishing platform, turning your own environment into a threat vector.

🌐 Apache HTTP/2 RCE – Internet-Scale Exposure

A critical double-free memory corruption vulnerability in Apache HTTP Server enables remote code execution via crafted HTTP/2 requests.

With Apache powering roughly 30% of the web and HTTP/2 enabled by default, this vulnerability creates massive exposure across internet-facing systems.

Successful exploitation grants attackers access to application code, credentials, API keys, and even TLS private keys effectively compromising the entire application stack.

This is a reminder that core internet infrastructure vulnerabilities still represent some of the highest-impact risks in cybersecurity.

🧠 Venomous Helper Campaign – Ransomware Precursor in Action

A phishing campaign dubbed “Venomous Helper” has compromised over 80 organizations by deploying legitimate RMM tools like SimpleHelp and ScreenConnect.

Because these tools are trusted by EDR platforms, attackers can establish persistence and operate undetected. This is not the final stage of an attack—it’s the setup phase, often followed by ransomware deployment within 72 hours.

This highlights a critical challenge: security tools themselves can become attack vectors when abused, especially when trust-based exclusions are in place.

🔑 Microsoft Edge Password Storage – “By Design” Risk

Microsoft confirmed that Edge loads all saved passwords into memory in cleartext at browser startup and keeps them there for the duration of the session.

While labeled as “by design,” this behavior creates significant risk, especially in shared or compromised environments where attackers with elevated access can extract all stored credentials instantly.

This is a stark reminder that not all design decisions prioritize security, and organizations must compensate with additional controls like password managers and endpoint protection.

📰 MediaWorks Breach – Data Extortion Without Encryption

The WorldLeaks group published 8.5TB of data stolen from a Hungarian media company, focusing on financial records, contracts, and internal communications.

Unlike traditional ransomware, this group operates without encryption, relying purely on data theft and exposure for extortion.

This model eliminates the need for decryption keys and shifts the focus entirely to data protection and reputational risk, making backups irrelevant in these scenarios.

🚛 Cyber-Enabled Cargo Theft – Digital Meets Physical Crime

The FBI warned of a surge in cyber-enabled cargo theft, with attackers compromising logistics platforms and impersonating legitimate carriers to redirect shipments.

This represents a growing trend where cyber attacks directly impact physical supply chains, enabling theft at scale without traditional interception methods.

The implication is clear: cybersecurity is now directly tied to operational and physical risk.

📱 Facebook Phishing Campaign – Google Infrastructure Abuse

A phishing campaign targeting Facebook users leveraged Google AppSheet infrastructure to send legitimate-looking emails that bypass spam filters.

This reinforces a growing pattern where attackers use trusted platforms like Google, Microsoft, and AWS to deliver malicious content, rendering traditional domain-based filtering ineffective.

Organizations must now focus on content and behavior analysis rather than sender reputation alone.

🏆 Global Cybercrime Crackdown – $700M Seized

In a positive development, an international operation led to the arrest of 276 individuals and the seizure of over $700 million tied to cryptocurrency scam networks.

This operation disrupted large-scale fraud operations and prevented significant financial losses, demonstrating the impact of coordinated law enforcement efforts.

While encouraging, it also highlights the scale of the problem, these operations exist because they are highly profitable and resilient.

🎯 Key Takeaway

👉 Trust is being exploited at every layer, identity, infrastructure, and even security controls themselves.

🛠️ Action Items for Security Leaders

• 🔐 Patch MOVEit Automation immediately and audit for unauthorized access

• 🔏 Validate certificate trust stores and update Defender signatures

• ☁️ Rotate AWS IAM keys and audit SES usage for anomalies

• 🌐 Upgrade Apache HTTP Server to patched versions

• 🧠 Audit RMM tools across endpoints and remove unauthorized installations

• 🔑 Deploy enterprise password managers and limit browser credential storage

• 📰 Strengthen data protection controls to mitigate extortion risk

• 🚛 Secure logistics platforms and enforce MFA across supply chain systems

• 📩 Enhance email security with content-based detection capabilities

• 🏆 Monitor fraud and financial crime indicators across organizational ecosystems

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how attackers are no longer trying to break trust—they’re leveraging it. Whether it’s AWS SES for phishing, DigiCert certificates for malware signing, or RMM tools for persistence, the common thread is that attackers are operating within systems we inherently trust. That fundamentally changes how we defend, because traditional controls are built around detecting the abnormal—not the expected.

The second takeaway is that we need to rethink our security architecture around validation, not assumption. Every system, every integration, every credential needs to be continuously verified. Because in today’s environment, the question isn’t whether something is trusted—it’s whether that trust has already been compromised.

🔥 Stay Cyber Safe.

Today’s episode is absolutely loaded.

We’re talking active ransomware outbreaks, supply chain worms hitting AI libraries, a nine-year-old Linux root flaw now weaponized, security vendor source code stolen, and even insiders turning into attackers.

👉 If there’s one theme today: every layer of trust—code, infrastructure, people—is under active assault.

Double espresso in hand, let’s get into it.

🧭 Executive Summary

Today’s landscape reflects a convergence of exploit velocity, supply chain compromise, insider threat, and AI-powered attack scaling. Attackers are exploiting vulnerabilities before disclosure, weaponizing developer ecosystems, and abusing legitimate platforms to bypass defenses.

We’re also seeing a dangerous shift where legacy vulnerabilities, insider access, and AI-enhanced tools combine, creating compounding risk across enterprise and critical infrastructure environments. The result is a threat environment where speed, scale, and trust exploitation define success for attackers.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🔥 cPanel Zero-Day – Ransomware Outbreak at Internet Scale

A critical cPanel vulnerability, actively exploited since February before disclosure, is now fueling a large-scale ransomware outbreak. Attackers are deploying the “Sorry” ransomware variant, encrypting systems and appending a .sorry extension, with encryption powered by ChaCha20 and protected via embedded RSA keys.

Over 44,000 compromised IPs have already been identified, with the vulnerability now added to CISA’s KEV catalog. Because cPanel serves as a centralized control layer for hosting environments, a single compromise can cascade across websites, databases, and email systems.

This is not just exploitation it’s industrial-scale ransomware propagation through shared infrastructure, where hosting providers and MSPs become force multipliers for attackers.

🐧 Linux “Copy Fail” Root Bug – A 9-Year Vulnerability Goes Live

A nine-year-old Linux kernel vulnerability has now been weaponized following public proof-of-concept release, allowing local privilege escalation to root across major distributions including Ubuntu, RHEL, SUSE, and Amazon Linux.

The exploit works by manipulating page cache behavior, enabling attackers to overwrite controlled memory and escalate privileges. In real-world incidents, attackers chained this flaw with Jenkins access to pivot from low-privileged service accounts directly to root.

“Speed is the attacker’s advantage, trust is their entry point.” James Azar

This is a classic but dangerous pattern: old vulnerabilities become critical the moment exploit code becomes reliable and accessible, turning dormant risk into immediate operational threat.

🧬 PyTorch Lightning Supply Chain Worm – AI Ecosystem Under Attack

A compromised version of the PyTorch Lightning library introduced a worm-like capability that steals credentials and propagates itself across both npm and PyPI ecosystems.

Once installed, the malware:

• Exfiltrates developer credentials and cloud tokens

• Identifies accessible repositories

• Injects malicious code into other packages

• Republishes infected versions automatically

This represents a new level of supply chain attack autonomous propagation across ecosystems, where one compromised environment can rapidly infect thousands of downstream projects.

The fact that this targets AI training libraries makes it even more critical, as these environments often hold sensitive data, models, and infrastructure credentials.

🛡️ Trellix Source Code Breach – Defenders Become Targets

Trellix confirmed unauthorized access to portions of its source code repository. While no customer data was impacted, the exposure of product code introduces significant downstream risk.

Attackers can now analyze detection logic, identify weaknesses, and develop evasion techniques tailored to the platform. This highlights a growing trend: security vendors themselves are high-value targets, as compromising them provides insight into defensive capabilities at scale.

Even without immediate exploitation, the long-term impact can be significant, as attackers refine their techniques based on stolen intelligence.

🌏 China’s ShadowPad Campaign – Multi-Continent Espionage

A China-aligned threat group conducted a widespread espionage campaign targeting government and defense sectors across Asia and extending into Europe.

The attackers exploited known vulnerabilities in Microsoft Exchange and IIS, deployed web shells for persistence, and used ShadowPad malware for long-term access.

This campaign demonstrates a dual approach:

• Technical exploitation of infrastructure

• Targeted phishing of civil society groups

This combination allows for both system compromise and human intelligence gathering, reinforcing the complexity of nation-state operations.

🎓 Canvas Breach – Sensitive Student Data Exposed Again

Instructure, the company behind Canvas, disclosed its second breach in eight months, exposing student data including private messages, accommodation requests, and mental health disclosures.

This is particularly concerning due to the sensitivity of the data and the regulatory implications. The breach also highlights a recurring issue: attackers returning to previously compromised organizations, exploiting gaps left after initial remediation efforts.

This creates both legal and reputational risk for institutions and raises concerns about persistent vulnerabilities in educational platforms.

🤖 BlueKit Phishing-as-a-Service – AI Supercharges Fraud

BlueKit, a new phishing-as-a-service platform, is introducing AI-powered capabilities including voice cloning, adversary-in-the-middle templates, and automated campaign generation.

The platform supports multiple AI models to create highly convincing phishing content and bypass MFA through real-time token interception.

This represents the industrialization of phishing, where advanced capabilities are now accessible to low-skill operators, dramatically increasing the scale and effectiveness of attacks.

🧑‍💼 Insider Threat – Security Professionals Turned Ransomware Operators

Two cybersecurity professionals were sentenced for conducting ransomware attacks against clients their firms were hired to protect.

"The irony and danger cannot be overstated. Goldberg himself worked as an incident responder, the professional called in during your worst day was conducting the attacks. Zero trust of privileged insiders, including your own security vendors and your IR firms, is no longer paranoia. It's now hygiene." James Azar

This case highlights the reality that insider threat is not theoretical—it’s operational. Individuals with deep knowledge of defensive systems can become highly effective attackers, bypassing controls and exploiting trust.

It reinforces the need for zero trust principles even within security teams and incident response ecosystems.

🚛 Cargo Theft Surge – Cyber Meets Physical Supply Chain

The FBI warned of a surge in cyber-enabled cargo theft, with losses exceeding $725 million in 2025. Attackers are compromising logistics platforms, altering shipment records, and impersonating legitimate carriers.

This is a clear example of cyber attacks translating into physical-world impact, where digital compromise leads directly to theft of goods.

It underscores the expansion of the attack surface into operational and supply chain systems, where traditional cybersecurity controls may not be sufficient.

📱 Facebook Phishing Campaign – Trusted Platforms Abused

A phishing campaign hijacked over 30,000 Facebook accounts using Google AppSheet infrastructure to send legitimate-looking emails.

Because the emails originated from trusted domains, they bypassed traditional spam filters and relied on user interaction to capture credentials.

This is part of a broader trend of legitimate service abuse, where attackers use trusted platforms as delivery mechanisms, undermining traditional security controls based on reputation.

🛠️ Action Items for Security Leaders

• 🔐 Patch cPanel systems immediately and restrict management access

• 🐧 Apply Linux kernel updates and verify patched versions are active

• 🧬 Rotate all credentials exposed through AI and package ecosystems

• 🚀 Audit CI/CD pipelines for unauthorized package modifications

• 🛡️ Monitor security vendor advisories for potential downstream risks

• 🌏 Conduct threat hunting for ShadowPad and web shell activity

• 🎓 Strengthen data protection controls for sensitive user information

• 🤖 Implement phishing-resistant MFA and advanced email filtering

• 🧑‍💼 Enforce zero trust and monitoring for privileged insiders

• 🚛 Secure logistics and supply chain systems against account compromise

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how attackers are chaining together multiple layers of trust. A supply chain compromise leads to credential theft, which leads to infrastructure access, which leads to ransomware deployment. At the same time, insider threats and AI-powered phishing are exploiting the human side of the equation. This isn’t just about one vulnerability—it’s about how everything connects.

The second takeaway is that we need to rethink how we define security. It’s no longer enough to secure systems in isolation. We have to secure ecosystems—developers, vendors, infrastructure, and users all at once. Because attackers are already thinking that way, and if we don’t, we’re always going to be reacting instead of leading.

🔥 Stay Cyber Safe.

Double espresso poured. Baby sleeping. Let’s talk about the week that was.

If there is a single sentence that captures this week’s threat landscape, James Azar said it best: attackers are exploiting before defenders even know there is a problem. This week, that was not a rhetorical device it was literal. The cPanel authentication bypass was being actively exploited in the wild before the advisory was published. The SAP npm supply chain attack exfiltrated credentials the moment a CI/CD pipeline pulled a dependency no user interaction, no alert, no window to respond. GitHub’s RCE was triggered with a single push command from an authenticated user. And LiteLLM was weaponized 36 hours after its SQL injection vulnerability was publicly disclosed.

This week’s four episodes also covered the continuing ShinyHunters SaaS campaign now adding Medtronic and Vimeo to its growing list of victims North Korea’s six-month social engineering campaign against Web3 executives that culminated in a major crypto theft, VECT ransomware that renders data permanently unrecoverable even after payment, and 600-plus industrial control systems exposed via unauthenticated VNC access in energy, water, and government environments.

The geopolitical dimension ran hot as well. Iranian psychological operations targeted U.S. military personnel on WhatsApp. Congress opened investigations into companies using Chinese-developed AI models. The White House convened a senior AI security summit. U.S. Cyber Command warned that foreign adversaries are actively preparing to target the 2026 midterm elections. And a pre-Stuxnet malware strain was uncovered, rewriting the timeline of cyber warfare by at least five years.

The theme connecting all four episodes: the attack surface is no longer just technical. It is the intersection of identity, automation, AI tooling, human behavior, and geopolitical intent all operating simultaneously, all at machine speed.

Let’s get into it.

Subscribe now

🌐 Geopolitical & Nation-State Threats

North Korea: Six-Month Social Engineering Campaign Culminates in Major Crypto Theft

A North Korea-linked group conducted a six-month campaign targeting Web3 executives, building genuine relationships over time before deploying payloads against wallets, admin panels, and private keys. Unlike traditional phishing, these operations establish trust across weeks or months before any technical action is taken. The campaign culminated in a significant crypto theft demonstrating that the most effective attacks against hardened technical environments often require no technical sophistication at all, just patience and psychology. Humans remain one of the most critical and vulnerable attack surfaces in the stack.

Iranian Psychological Operations Target U.S. Military Personnel

An Iran-linked group sent threatening messages via WhatsApp to U.S. military personnel and published personal data of service members online. This is information warfare designed to intimidate and destabilize no system compromise required. Cyber conflict is no longer just about technical disruption. It encompasses psychological pressure, narrative manipulation, and human targeting. Security programs must account for people, not just systems.

Silk Typhoon: Chinese Cyber Operative Extradited

A suspected Chinese cyber operative linked to Silk Typhoon, the group behind mass exploitation of Microsoft Exchange vulnerabilities was extradited to the United States. This is a rare but significant development in holding state-aligned actors accountable. While individual extraditions rarely deter nation-state programs, they signal increasing international willingness to pursue legal action against cyber operators who previously operated with impunity.

Congress Investigates Companies Using Chinese-Developed AI Models

U.S. lawmakers opened formal investigations into organizations using AI models developed in China, citing data exposure, censorship risk, and intellectual property concerns. AI vendor selection is no longer purely a technical or commercial decision. It is a geopolitical and national security decision. Organizations should evaluate AI supply chains not just for performance and cost, but for data sovereignty and vendor geopolitical alignment.

Election Security Warning: 2026 Midterms in the Crosshairs

The head of U.S. Cyber Command and the NSA formally warned that foreign adversaries are actively preparing to target the 2026 midterm elections. Concerns were also raised about reduced federal coordination with state and local election security programs. This fragmentation at exactly the moment adversary preparation is intensifying creates measurable gaps in election infrastructure protection. This is not a hypothetical risk. It is a known and anticipated threat requiring proactive preparation now.

White House Convenes Senior AI Security Summit

Senior White House officials convened a cybersecurity summit with leading AI and technology executives to address security risks associated with advanced AI systems ahead of major upcoming releases including Anthropic’s Mythos. The White House itself is operating at the AI security policy level not delegating to CISA or DHS. Organizations should expect board-level questions about AI risk management, regulatory requirements, and enterprise AI security posture to accelerate significantly in the coming months.

Pre-Stuxnet Malware Discovered: Cyber Warfare Timeline Rewritten

SentinelLabs uncovered a malware strain predating Stuxnet by at least five years, targeting engineering and simulation platforms used in nuclear research operational as early as 2005. This discovery rewrites the accepted timeline of nation-state cyber warfare. Sophisticated sabotage capabilities existed and were deployed against critical infrastructure nearly two decades ago. The implication for practitioners: the adversary advantage in offensive cyber development is older and deeper than previously understood.

🏥 Healthcare & SaaS Supply Chain Breaches

“Cyber risk isn’t just technical anymore — it’s financial, human, and regulatory all at once.”

Medtronic Breach: ShinyHunters Claims 9 Million Records

Medtronic confirmed unauthorized access to corporate IT systems following ShinyHunters claims of over 9 million records and terabytes of internal data. The breach pattern aligns with the broader ShinyHunters campaign: phishing into an identity provider, pivoting into SaaS platforms, and extracting data at scale. Even if medical devices and patient systems were unaffected, exposure of corporate workflows and PII creates downstream risk for targeted phishing against healthcare providers and field engineers — expanding the blast radius well beyond the initial compromise.

Vimeo Breach: Third-Party Analytics Vendor Compromised

Vimeo confirmed a breach stemming from a compromise of its third-party analytics vendor, Anodot, exposing customer emails, video metadata, and technical information. ShinyHunters set a public ransom deadline, threatening data release if demands were not met. This continues the SaaS-through-third-party attack pattern we have been tracking across multiple victims. Metadata and email exposure from platforms like Vimeo enable highly targeted phishing against content creators and enterprise users who trust the platform’s communications.

ADT Breach: Phishing → Okta → Salesforce Chain Confirmed

ADT disclosed a breach where attackers leveraged phishing against Okta to gain entry and pivot into Salesforce, with a potential 10 million record leak. This is now a firmly established and repeating attack chain: phishing targets the identity provider, which becomes the pivot into SaaS platforms, which become the source of large-scale data extraction. SaaS ecosystems are only as secure as the identity layer protecting them and attackers have learned this better than most defenders.

Checkmarx Breach Escalates: Source Code Hits Dark Web

Data from Checkmarx’s previously disclosed GitHub repository compromise has now been published on the dark web, removing any containment possibility. Attackers originally injected credential-stealing code into GitHub Actions workflows, meaning any environment that interacted with those pipelines may have leaked tokens or credentials. Response has now shifted from containment to damage control and credential rotation at scale. If your organization uses Checkmarx tooling, assume exposure and rotate everything.

🤖 AI & Developer Supply Chain

SAP npm Supply Chain Attack: CI/CD Pipelines Exfiltrating Credentials at Machine Speed

Four official SAP npm packages were compromised in an attack dubbed “Mini Shehulud,” embedding a malicious pre-install script that executed automatically the moment a CI/CD pipeline pulled the package. The payload silently exfiltrated GitHub tokens, npm credentials, cloud provider secrets across AWS, Azure, and GCP, and Kubernetes configurations pushing stolen data into attacker-controlled repositories. No user interaction. No alert window. One infected dependency cascading across thousands of environments within minutes. This is supply chain compromise operating at machine speed.

GitHub RCE: One Push Command Compromises the Instance

A critical command injection vulnerability in GitHub’s git push pipeline allows authenticated users with push access to execute remote code on the instance with a single command. GitHub.com deployed a rapid fix, but self-hosted and enterprise GitHub environments remain at risk until patched. CI/CD pipelines are designed for automation and speed, and that same efficiency becomes a catastrophic liability when a single authenticated action can achieve full system compromise.

LiteLLM SQL Injection: Exploited 36 Hours After Disclosure

Attackers began exploiting a pre-authentication SQL injection vulnerability in LiteLLM, the AI gateway platform connecting multiple AI providers just 36 hours after public disclosure. LiteLLM stores API keys and cloud credentials as a core function of its operation, making it a high-value extraction target. AI orchestration layers are being deployed without the security rigor applied to traditional infrastructure, and attackers have identified this gap. The exploitation timeline of 36 hours is the signal. There is no longer any grace period between disclosure and active weaponization for high-value targets.

Gemini CLI RCE: AI Pipeline Becomes Remote Execution Layer

A critical vulnerability in Google’s Gemini CLI allows remote code execution in CI environments by abusing trusted workspace configurations and environment variables. In headless or automated environments, the CLI implicitly trusts local configuration files, allowing attackers to embed malicious settings in repositories that execute upon pipeline invocation. AI tooling is now functioning as a remote execution attack surface within automated workflows that frequently lack human oversight.

73 Malicious VS Code Extensions: Sleeper Model in Developer Ecosystems

Researchers identified 73 fake extensions in the Open VSX marketplace linked to the Glass Worm operation. The attack model is particularly sophisticated: extensions initially appeared benign, building trust over time before later updates introduced malicious payloads typosquatting popular tools, using delayed activation, and delivering secondary payloads through GitHub-hosted components. A single compromised extension exposes source code, credentials, and SSH keys from every developer workstation running it.

PyPI Package Hijack: Elementary-Data Supply Chain Compromise

The “elementary-data” package — 1.1 million monthly downloads was hijacked with attackers publishing a malicious version exfiltrating credentials, environment variables, and crypto wallets. The attack used GitHub Actions script injection to forge legitimate commits and distribute compromised builds simultaneously through the CI/CD pipeline. Attackers are targeting package registries and CI/CD pipelines simultaneously to maximize propagation velocity.

Cursor AI RCE: Cloning a Repository Compromises the Developer

A critical vulnerability in the Cursor AI development tool allows attackers to achieve remote code execution simply by convincing a developer to clone a malicious repository. Pre-commit hooks execute automatically during routine operations no additional user action required. Developer workstations are high-value targets not just because of what they contain, but because of where they connect. Compromised developer environments provide direct pathways into production systems, source code repositories, and cloud credentials.

npm and PyPI Worm: Cross-Ecosystem Autonomous Propagation Continues

The self-propagating worm we have been tracking continues expanding across both npm and PyPI ecosystems, harvesting developer credentials, using stolen tokens to publish malicious packages, and propagating automatically. One compromised developer machine can infect multiple ecosystems within hours. Containment requires revocation of all tokens across both platforms not just the packages themselves.

🔓 Vulnerabilities & Infrastructure Exploitation

cPanel Authentication Bypass: Exploited Before Disclosure

A critical authentication bypass in cPanel and WHM was being actively exploited in the wild before the official advisory and patch were released. Because cPanel functions as a multi-tenant hosting control plane, a single compromised instance grants attackers access to websites, databases, email servers, and administrative controls across multiple customers simultaneously. Hosting providers globally responded by blocking access ports at the network level while racing to deploy fixes. Pre-disclosure exploitation with no defender warning window is now a regular occurrence not an exceptional one.

OT Exposure: 600+ ICS Panels Accessible Without Authentication

Forescout identified over 600 industrial control system and operational technology panels exposed via unauthenticated VNC access, with nearly 60,000 VNC servers globally lacking authentication. These systems span energy, water, manufacturing, and government environments. Attackers do not need advanced exploits they need access. And these systems are handing it over without any credential requirement. Basic security hygiene failures in OT environments create nation-state-level risk.

CISA KEV Additions: SimpleHelp, Samsung MagicINFO, D-Link Routers

CISA added multiple actively exploited vulnerabilities to the KEV catalog this week. SimpleHelp is particularly notable as a remote support tool, a compromised technician account does not just impact one system. It cascades across every client environment that tool manages, turning a single foothold into multi-tenant compromise at scale.

Firestarter Backdoor: Persists on Federal Cisco ASA After Firmware Updates

A Linux-based backdoor called Firestarter was discovered on a federal Cisco ASA firewall, persisting through firmware updates by intercepting termination signals and relaunching itself. Standard patching does nothing to remove it. The only effective remediation is full power down, device reimaging, and rotation of all credentials tied to the device. Edge infrastructure is now a long-term persistence layer not just an entry point. Patching alone is no longer sufficient for compromised edge devices.

Pack2TheRoot: 12-Year Linux Privilege Escalation Flaw

A privilege escalation vulnerability present in Linux since 2014 has been confirmed exploitable across major distributions. Any low-privileged malware landing on a Linux endpoint can exploit PackageKit to immediately escalate to root. This is not a zero-day, it is worse. It is a decade-old design flaw that persisted unnoticed, providing a reliable escalation path for any attacker who achieves initial access to a Linux system.

Windows Zero-Click Vulnerability: Patch Regression Creates New Attack Path

CVE-2026-32202 stems from an incomplete patch to a previous Windows vulnerability, enabling zero-click exploitation via malicious LNK files. Attackers can trigger NTLM authentication or bypass security prompts simply by having the file present, no user interaction required. Patch regression risk, where incomplete fixes open new attack paths is increasingly common and demands validation testing of remediation effectiveness, not just deployment confirmation.

Chrome and Firefox: Critical Memory Safety Patches

Both Chrome and Firefox released critical patches addressing memory safety issues and use-after-free vulnerabilities enabling remote code execution. Browsers remain one of the most consistently targeted attack surfaces. These updates are not optional hygiene, they are active defense. Enforce automatic updates across all enterprise endpoints without exception.

Itron Breach: Utility Supply Chain Risk

Itron disclosed unauthorized access to corporate IT systems, with no customer environments impacted. Itron operates in the utility and grid-edge ecosystem. Even a corporate-level breach at a critical infrastructure vendor raises legitimate concerns about downstream supply chain risk and insider knowledge that could inform future targeting.

Apple App Store: 26 Fake Crypto Wallet Apps

Kaspersky identified 26 malicious crypto wallet apps on Apple’s App Store impersonating Coinbase, MetaMask, and other major platforms. These apps harvested recovery phrases and used OCR to extract sensitive data from screenshots. App store trust is no longer a reliable security boundary, particularly for financial applications. MDM policies restricting unverified app installation are an essential enterprise control.

💰 Financial Cybercrime & Fraud

$2.1 Billion Social Media Scam Surge: FTC Report

Americans lost over $2.1 billion to social media-driven scams in 2025 an eightfold increase since 2020 with investment scams accounting for more than half the total. Cyber risk is no longer confined to enterprise systems. Social platforms are the primary entry point for fraud at consumer scale, and that fraud is funded by the same criminal ecosystems targeting enterprises. Awareness and education are as critical as technical controls for organizations whose employees and customers are exposed to these platforms.

Robinhood Phishing Abuse: Legitimate Infrastructure Weaponized

Attackers created Robinhood accounts using email address variations exploiting Gmail’s dot normalization to trigger legitimate login notifications from Robinhood’s own infrastructure. These emails passed SPF, DKIM, and DMARC checks because they were genuinely sent by Robinhood. This marks a shift from email spoofing to platform abuse: turning trusted communication infrastructure itself into the phishing vector. Traditional email authentication defenses are completely bypassed. Detection relies on application-layer validation and user awareness.

Cyber Insurance Data: Misconfigured MFA Drives 26% of Total Losses

Cyber insurance data reveals that misconfigured MFA accounts for nearly 26% of total cyber losses, the single largest contributing factor. Ransomware represents a smaller portion of incidents but drives the majority of financial damage. This is a powerful data point for board-level conversations: basic security controls, when improperly implemented, produce outsized financial consequences. MFA is not a checkbox, it is a precision control that fails expensively when misconfigured.

VECT Ransomware: Encryption Designed for Destruction, Not Recovery

Checkpoint Research analysis confirmed that VECT ransomware’s encryption process is fundamentally flawed by design discarding critical data during encryption and making recovery impossible even after ransom payment. This transforms ransomware into a wiper event disguised as extortion. Organizations impacted by VECT cannot recover data regardless of compliance with demands. Prevention and offline backup integrity are the only viable defenses.

DraftKings: 60,000 Accounts via Credential Stuffing

The DraftKings credential stuffing case, 60,000 accounts compromised through reused passwords, continues to remind practitioners that the oldest attacks remain effective because the oldest defenses remain absent. No zero-days. No advanced techniques. Phishing-resistant authentication and credential monitoring are still the most impactful controls organizations can deploy per dollar invested.

Black Axe Arrests: Organized Cybercrime Disrupted

European authorities arrested ten members of the Black Axe cybercrime network responsible for large-scale financial fraud, romance scams, and money laundering. These networks operate like structured businesses with defined roles and global reach, and they rebuild quickly after disruption. The broader signal is that cybercrime has reached full industrial maturity, requiring coordinated international responses rather than isolated enforcement actions.

⚖️ Policy, Regulation & Industry

AI Regulation Advances: Bipartisan Legislation on Chatbot Safety

New bipartisan legislation targets AI chatbot regulation with focus on fraud prevention, parental controls, and transparency requirements. For organizations deploying AI systems, this signals incoming compliance requirements, data transparency obligations, and enhanced fraud detection responsibilities. Begin mapping AI data flows and regulatory exposure now, before requirements become mandates.

“JD Vance, whether you like him or not as vice president, is Ivy League educated, a very smart individual, a younger VP with time in Silicon Valley working with some of the big players in the venture capital space. The West Wing is leading the charge here, they’re not waiting for the cyber czar or CISA or DHS or even the Pentagon. The White House itself is operating at this level on AI security. We ought to prepare ourselves for board-level questions of what may happen here.”

Cyber Insurance Data Drives Board Alignment

The insurance data showing MFA misconfiguration driving 26% of total losses provides a rare opportunity: a quantified, dollar-denominated risk metric that boards understand and respond to more effectively than technical risk descriptions. Use this data actively in executive and board conversations to justify investment in identity security controls.

Singapore Infrastructure Incident: Third-Party Contractor Access

A cybersecurity incident affecting a contractor involved in Singapore’s MRT rail and water infrastructure highlights third-party access risk in critical systems. Even when core systems are not directly compromised, contractor access creates pathways that require strict monitoring and access controls as rigorous as those applied to internal staff.

Iran Threat Model Shift: From Destruction to Influence Operations

Industry analysts are reframing Iran’s cyber posture as shifting from large-scale infrastructure attacks toward targeted breaches amplified through information operations. The new model: breach a target, publicize it, and amplify impact through media narrative. Perception and narrative are now as strategically valuable as technical disruption. Incident response plans must account for reputational and information warfare scenarios, not just technical recovery.

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Audit and rotate all credentials and tokens exposed through SAP npm packages — AWS, Azure, GCP, Kubernetes configs, GitHub tokens, npm credentials

• Patch cPanel and WHM immediately and review access logs for exploitation indicators predating the advisory

• Patch GitHub Enterprise and restrict push access permissions — single authenticated push achieves RCE

• Upgrade and secure LiteLLM deployments and rotate all exposed API keys — exploited 36 hours post-disclosure

• Patch Chrome and Firefox across all enterprise endpoints — enforce automatic updates, no exceptions

• Remove unauthenticated VNC access from all OT and ICS environments immediately 600+ exposed panels confirmed

• Reimage and hard-reset any Cisco ASA devices with suspected Firestarter persistence patching alone does not remove this backdoor

• Patch all CISA KEV-listed vulnerabilities including SimpleHelp, Samsung MagicINFO, and D-Link flaws

Short-Term (This Month)

• Rotate all npm and PyPI developer tokens across all environments, worm continues propagating

• Restrict developer environments to approved extensions and package sources with enforced allowlists

• Pin and cryptographically verify all dependencies in npm, PyPI, and other package ecosystems

• Audit all AI tooling in CI/CD pipelines and restrict implicit environment trust in Gemini CLI and similar tools

• Audit Checkmarx pipeline interactions and rotate all credentials that may have been exposed

• Patch Linux systems for Pack2TheRoot privilege escalation across all distributions

• Apply Windows CVE-2026-32202 patch and validate remediation effectiveness — patch regression confirmed

• Implement MDM policies restricting unverified mobile app installation

Strategic (This Quarter)

• Treat all ransomware scenarios as potential wiper events — validate backup integrity and offline recovery capability independently of vendor assurance

• Prepare board-level AI security briefings, White House summit signals accelerating regulatory attention

• Begin mapping AI data flows and vendor geopolitical risk exposure for compliance readiness

• Implement phishing-resistant MFA across all executive and high-value accounts insurance data shows misconfiguration is the single largest loss driver

• Use cyber insurance loss data to frame identity security investment in financial terms for executive and board audiences

• Train personnel on social engineering and psychological cyber tactics, North Korean six-month relationship campaigns are the model

• Develop incident response playbooks specifically for reputational and information warfare scenario

Leave a comment

🎙️ James Azar’s CISO’s Take

When I look across this week’s four episodes, the story that ties everything together is tempo. Attackers are not waiting for defenders to catch up — and in several cases this week, they were already inside before the advisory was published, before the patch was available, before the organization knew there was anything to defend against. The cPanel bypass, the SAP npm attack, the LiteLLM exploitation window of 36 hours: these are not exceptional cases. They are the new baseline. Security teams that measure their response cycle in days are now fundamentally misaligned with the threat environment they are operating in. Real-time visibility, automated response, and pre-built playbooks are no longer aspirational — they are operational requirements.

The second takeaway is that the attack surface has expanded to include everything we have automated, integrated, and trusted without continuous validation. AI pipelines. Developer tooling. SaaS identity chains. Remote support platforms. Third-party analytics vendors. Election infrastructure. The organizations that will remain resilient are the ones that treat every automated trust relationship as a potential attack vector — not because they assume compromise, but because they verify continuously rather than assuming safety. That mindset shift, from perimeter defense to continuous validation across every trusted system, is the defining security challenge of this moment.

Stay Cyber Safe. 🔐

Today’s episode is one of those where you can feel the pressure building across every layer of cybersecurity from supply chain attacks to critical infrastructure exposure to geopolitical cyber threats.

If there’s one theme across everything we covered today, it’s this:
👉 Attackers are moving faster than our ability to detect, respond, and even patch.

Double espresso in hand, let’s get into it.

🧭 Executive Summary

Today’s show highlights a dangerous acceleration in supply chain compromise, infrastructure exploitation, and nation-state cyber activity. We’re seeing attackers weaponize CI/CD pipelines, exploit authentication systems before patches are even deployed, and target both critical infrastructure and democratic institutions.

At the same time, AI tooling and geopolitical tensions are converging, creating a landscape where technical risk, human targeting, and policy decisions are colliding in real time. The takeaway is clear: security teams must operate at attacker speed or risk falling behind.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🧬 SAP npm Supply Chain Attack – CI/CD Pipelines Compromised in Real Time

Four official SAP npm packages were compromised in a supply chain attack dubbed “Mini Shehulud,” where attackers embedded a malicious pre-install script that executed automatically when pulled into CI/CD pipelines. The payload silently exfiltrated GitHub tokens, npm credentials, cloud provider secrets (AWS, Azure, GCP), and Kubernetes configurations.

What makes this attack particularly dangerous is its automation. The moment a pipeline pulled the infected package, the compromise was complete no user interaction required. The stolen data was even pushed into attacker-controlled GitHub repositories, signaling a highly organized and repeatable attack model.

This is supply chain compromise at machine speed. One infected dependency can cascade across thousands of environments within minutes, turning developer pipelines into mass credential exfiltration engines.

🔓 cPanel Authentication Bypass – Exploited Before Disclosure

A critical authentication bypass vulnerability in cPanel and WHM was actively exploited in the wild before the official advisory and patch were released. Hosting providers globally responded by blocking access ports at the network level while racing to deploy fixes.

This vulnerability is particularly impactful because of cPanel’s role as a multi-tenant hosting control plane. A single compromised instance can grant attackers access to websites, databases, email servers, and administrative controls across multiple customers.

The most concerning aspect here is timing—attackers were already exploiting the flaw before defenders even knew it existed, reinforcing the growing trend of pre-disclosure exploitation and shrinking response windows.

🏭 OT Exposure – Hundreds of Critical Systems Accessible Without Authentication

Forescout identified over 600 industrial control system (ICS) and operational technology (OT) panels exposed via unauthenticated VNC access, with nearly 60,000 VNC servers globally lacking proper authentication.

These systems span energy, water, manufacturing, and government environments, meaning exploitation could have direct physical consequences. Attackers don’t need advanced exploits here—just access.

This is a stark reminder that basic security hygiene failures in OT environments can create nation-state-level risks, especially as these systems remain connected to the internet without proper safeguards.

🌐 Browser Security Updates – Critical Vulnerabilities Require Immediate Action

Both Chrome and Firefox released patches addressing critical vulnerabilities, including memory safety issues and use-after-free bugs that could allow remote code execution or data disclosure.

While these updates may seem routine, they are not optional. Browsers remain one of the most exposed attack surfaces in any organization, and delayed patching can provide attackers with an easy foothold into enterprise environments.

This is a reminder that endpoint hygiene is still one of the most effective defensive measures available.

🤖 Cursor AI RCE – Developer Workstations Become Entry Points

A critical vulnerability in Cursor AI allows attackers to achieve remote code execution simply by convincing a developer to clone a malicious repository. The exploit leverages pre-commit hooks that execute automatically during routine operations.

This transforms developer environments into high-value targets. Once compromised, attackers can access source code, API keys, and infrastructure credentials, effectively pivoting into broader enterprise systems.

The risk here extends beyond the vulnerability itself, it’s the combination of automation, trust, and developer behavior, which together create a powerful attack vector.

🇨🇳 AI Supply Chain Scrutiny – Congress Investigates Chinese Model Usage

U.S. lawmakers are investigating companies using AI models developed in China, raising concerns about data exposure, censorship, and intellectual property risks.

This marks a shift where AI is no longer just a technology issue, it’s a national security concern. Organizations must now consider not just performance and cost, but also geopolitical risk when selecting AI vendors.

Expect increased regulation and scrutiny in this space as governments seek to control the flow of sensitive data and protect domestic innovation.

🇮🇷 Iranian Psychological Cyber Operations – Targeting U.S. Personnel

An Iran-linked group conducted a psychological operation by sending threatening messages via WhatsApp to U.S. military personnel and publishing personal data of service members.

While not a direct system compromise, this represents a form of information warfare designed to intimidate and destabilize. These operations blur the line between cyber and psychological tactics, expanding the definition of cyber threats beyond traditional technical attacks.

This is a reminder that cyber conflict is not just about systems, it’s about people and perception.

👮 Black Axe Arrests – Disrupting Organized Cybercrime

European authorities arrested ten members of the Black Axe cybercrime network, known for large-scale financial fraud, romance scams, and money laundering operations.

This highlights the industrialization of cybercrime, where organized groups operate like businesses with structured roles and global reach. While arrests are a positive step, these networks are resilient and often quickly rebuild.

The broader takeaway is that cybercrime is now a mature, global industry, requiring coordinated international responses.

🗳️ Election Security Warning – Midterms in the Crosshairs

The head of U.S. Cyber Command and the NSA warned that foreign adversaries are expected to target the 2026 midterm elections. At the same time, concerns were raised about reduced federal support for election security initiatives.

This creates a potential gap in coordination between federal, state, and local entities responsible for protecting election infrastructure. As adversaries continue to refine their tactics, this fragmentation could increase risk.

This is not a hypothetical scenario, it’s a known and anticipated threat, requiring proactive preparation across all levels of government.

🛠️ Action Items for Security Leaders

• 🔐 Audit and rotate all credentials exposed through SAP npm packages immediately

• 💻 Patch cPanel systems and review logs for unauthorized access attempts

• 🏭 Remove unauthenticated VNC access from all OT and ICS environments

• 🌐 Push Chrome and Firefox updates across all endpoints without delay

• 🤖 Restrict AI development tools and audit repository sources before cloning

• 🧩 Evaluate AI vendor supply chains for geopolitical and data risk

• 🧠 Train personnel on social engineering and psychological cyber tactics

• 👮 Monitor for financial fraud indicators tied to organized cybercrime groups

• 🗳️ Strengthen election security coordination across state and local systems

• 📊 Align detection and response capabilities with faster attack timelines

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how quickly attackers are moving. Whether it’s the SAP supply chain attack or the cPanel vulnerability, the pattern is the same exploitation is happening before organizations even know there’s a problem. That fundamentally changes how we need to think about defense. It’s no longer about reacting quickly, it’s about anticipating where the next attack will happen and closing those gaps before they’re exploited.

The second takeaway is the convergence of cyber and geopolitical risk. From AI supply chain concerns to election security warnings, cybersecurity is now deeply tied to national security and global stability. As CISOs, we’re not just protecting systems anymore, we’re part of a much larger ecosystem that includes policy, economics, and human behavior. And that means our role is only going to get more complex from here.

🔥 Stay Cyber Safe.

☕ Good Morning Security Gang,

Today’s episode is one of those that hits every layer of the stack from SaaS breaches to AI exploitation, from ransomware evolution to geopolitical cyber pressure.

And if there’s one theme that ties everything together today, it’s this:
👉 Attackers are targeting both the systems that run your environment and the people who have access to them.

Double espresso in hand, let’s dive in.

Subscribe now

🧭 Executive Summary

Today’s episode highlights a convergence of SaaS supply chain breaches, CI/CD vulnerabilities, AI gateway exploitation, and evolving ransomware tactics. At the same time, nation-state actors are doubling down on long-term social engineering campaigns, while governments begin aligning policy and regulation around AI security.

The risk environment is no longer siloed identity, automation, AI, and human behavior are now interconnected attack surfaces, and attackers are exploiting them simultaneously.

📰 Top Stories & Deep Dive Analysis

🎥 Vimeo Breach – Third-Party Risk Continues to Expand

Vimeo confirmed a breach stemming from a compromise of its third-party analytics vendor, Anodot, exposing customer data including emails, video metadata, and technical information. ShinyHunters has set a public deadline for ransom payment, threatening to release the data if demands are not met.

This is part of a broader campaign we’ve been tracking across multiple organizations, where attackers compromise SaaS ecosystems through third-party integrations rather than direct attacks. The real risk here isn’t just the exposed data, it’s the follow-on attacks. Metadata and email exposure enable highly targeted phishing campaigns, especially against content creators and enterprise users relying on Vimeo workflows.

💻 GitHub RCE – One Push to Compromise the System

A critical command injection vulnerability in GitHub’s git push pipeline allows authenticated users with push access to execute remote code on the instance with a single command. While GitHub.com deployed a rapid fix, self-hosted and enterprise environments remain at risk until patched.

This vulnerability represents a direct threat to the software development lifecycle. CI/CD pipelines are designed for automation and speed, but this same efficiency becomes a liability when exploited. Attackers gaining control of these pipelines can inject malicious code, access secrets, and compromise production environments without needing traditional lateral movement.

🤖 LiteLLM Exploit – AI Gateway Becomes Data Exfiltration Tool

Attackers began exploiting a pre-authentication SQL injection vulnerability in LiteLLM just 36 hours after disclosure. As a gateway platform connecting multiple AI providers, LiteLLM stores API keys and credentials, making it a high-value target.

The vulnerability allows attackers to extract sensitive data directly from backend databases, including cloud credentials and API keys. This highlights a growing issue AI orchestration layers are being deployed without the same security rigor as traditional infrastructure, creating new high-risk entry points into enterprise environments.

💣 VECT Ransomware – When Encryption Becomes Destruction

Checkpoint Research analyzed VECT ransomware, revealing that its encryption process is fundamentally flawed. Instead of enabling decryption after payment, the malware discards critical data during encryption, effectively making recovery impossible.

This transforms ransomware into a wiper event disguised as extortion. Organizations impacted by VECT cannot recover data even if they pay, shifting the focus entirely to prevention and resilience. This represents a dangerous evolution where attackers either don’t care about recovery—or are unable to provide it.

🧠 North Korea Campaign – Six Months of Social Engineering

A North Korea-linked group conducted a six-month campaign targeting Web3 executives, using sophisticated social engineering techniques to gain access to wallets, admin panels, and private keys.

The campaign culminated in a major crypto theft, demonstrating the effectiveness of long-term, relationship-based attacks. Unlike traditional phishing, these operations build trust over time, making them far more difficult to detect and prevent. This reinforces that humans remain one of the most critical and vulnerable attack surfaces.

🚇 Singapore Infrastructure Incident – Supply Chain in Critical Systems

A cybersecurity incident affecting a contractor involved in Singapore’s MRT rail and water infrastructure highlights the risk of third-party access to critical systems.

Even though public-facing data may be available elsewhere, the contractor’s access to internal systems introduces a potential pathway for attackers into sensitive infrastructure environments. This underscores the importance of tight access control and monitoring for vendors operating within critical sectors.

🏛️ White House AI Cyber Huddle – Policy Meets Technology

Senior U.S. officials convened a cybersecurity summit with leading AI and tech executives to address risks associated with advanced AI systems ahead of upcoming releases like Anthropic’s Mythos.

This signals a shift where AI security is no longer just a technical issue—it’s a national priority. Organizations should expect increased scrutiny, regulatory requirements, and board-level discussions around AI risk management in the near future.

📜 AI Regulation Advances – Bipartisan Momentum Builds

New bipartisan legislation aims to regulate AI chatbot usage, focusing on fraud prevention, parental controls, and transparency.

This aligns with broader federal efforts to establish guardrails around AI deployment. For organizations, this means preparing for compliance requirements, data transparency expectations, and enhanced fraud detection responsibilities tied to AI systems.

📊 Cyber Insurance Data – MFA Misconfiguration Leads Losses

Cyber insurance data reveals that misconfigured MFA accounts for nearly 26% of total losses, making it the single largest contributor to financial impact. Meanwhile, ransomware represents a smaller portion of incidents but drives the majority of financial damage.

“Cyber risk isn’t just technical anymore, it’s financial, human, and regulatory all at once.”

This provides a clear, data-driven insight: basic security controls, when misconfigured, can have outsized financial consequences. It also highlights how boards respond more effectively to financial metrics than technical risk descriptions.

🛠️ Action Items for Security Leaders

• 🔐 Rotate credentials and tokens tied to SaaS and AI integrations

• 💻 Patch GitHub Enterprise and audit push access permissions immediately

• 🤖 Upgrade and secure LiteLLM deployments; rotate exposed API keys

• 💾 Treat ransomware scenarios as potential wiper events; validate backups

• 🧠 Implement phishing-resistant MFA, especially for executive accounts

• 🚇 Audit third-party access to critical infrastructure systems

• 🏛️ Prepare board-level briefings on AI security and regulatory risk

• 📜 Begin mapping AI data flows and compliance requirements

• 📊 Use cyber insurance data to justify budget and control investments

• 🔍 Monitor for abnormal activity in CI/CD and AI pipeline environments

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how attackers are blending technical exploitation with human manipulation. The GitHub RCE and LiteLLM vulnerabilities show how easily automation layers can be compromised, while the North Korea campaign highlights how effective patient social engineering can be. When these two come together—technical access and human trust—the impact becomes exponential.

The second takeaway is that cybersecurity is no longer just about defense—it’s about alignment. Alignment between security and business, between technology and policy, and between risk and financial impact. The cyber insurance data makes it clear: when we frame risk in dollars, it resonates. And that’s how we drive real change at the executive level.

🔥 Stay Cyber Safe.

Today’s episode is one of those where you step back and realize just how fast everything is evolving and breaking at the same time.

We’ve got zero-click Windows exploitation, AI pipeline RCE, supply chain compromise hitting critical developer ecosystems, a massive spike in social engineering fraud, and even a pre-Stuxnet malware discovery rewriting cyber history.

👉 The theme today is simple: automation and trust are being weaponized simultaneously.

Double espresso ready, let’s go.

Subscribe now

🧭 Executive Summary

Today’s landscape reflects a convergence of identity abuse, developer ecosystem compromise, AI tooling risk, and large-scale financial fraud. Attackers are leveraging legitimate infrastructure, trusted platforms, and automation pipelines to operate at unprecedented speed and scale.

We’re also seeing regression in patching effectiveness, with incomplete fixes enabling zero-click exploitation, and a continued shift toward developer environments and AI pipelines as primary attack surfaces. Meanwhile, consumer fraud is reaching record levels, proving that cyber risk is no longer just enterprise, it’s societal.

Subscribe now

📰 Top Stories & Deep Dive Analysis

🏥 Medtronic Breach – ShinyHunters Expands the SaaS Playbook

Medtronic confirmed unauthorized access to corporate IT systems after ShinyHunters claimed over 9 million records and terabytes of internal data. The company executed its incident response plan, and the leak listing has since disappeared typically a signal of ransom negotiations or payment.

What matters here is the pattern. This aligns with previous breaches targeting SaaS ecosystems phishing identity providers and pivoting into platforms like Salesforce. Even if no medical devices or patient systems were impacted, the exposure of corporate workflows and PII creates a downstream risk for targeted phishing against healthcare providers and field engineers, expanding the blast radius beyond the initial breach.

📩 Robinhood Phishing Abuse – Legitimate Infrastructure Turned Weapon

This is one of the most creative attacks we’ve seen.

Attackers created Robinhood accounts using email variations (leveraging Gmail’s dot normalization), triggering legitimate login notifications sent from Robinhood’s own infrastructure. These emails passed all authentication checks—SPF, DKIM, DMARC, but included a malicious link embedded within user-controlled fields.

This marks a shift from spoofing to platform abuse, where attackers weaponize trusted communication channels themselves. The risk is significant because traditional email defenses are bypassed entirely making detection reliant on application-layer validation and user awareness rather than technical controls alone.

💰 $2.1 Billion Social Media Scam Surge – Cybercrime at Scale

The FTC reported that Americans lost over $2.1 billion to social media-driven scams in 2025, an eightfold increase since 2020. Investment scams alone accounted for more than half of that total.

This isn’t just a statistic, it’s a signal. Social platforms have become the primary entry point for fraud, with attackers leveraging trust, relationships, and financial pretexts to drive engagement.

The real takeaway is that cyber risk is no longer confined to enterprise systems. It’s now deeply embedded in consumer behavior, social interaction, and financial decision-making, making awareness and education just as critical as technical controls.

🔓 Checkmarx Breach Escalation – Source Code Hits the Dark Web

Checkmarx confirmed that data from its GitHub repositories, compromised during a March supply chain attack, has now been published on the dark web.

This escalation removes any ambiguity the exposure is now global and permanent. Attackers previously injected credential-stealing code into GitHub Actions workflows, meaning any environment that interacted with those pipelines may have leaked sensitive tokens or credentials.

This is a critical moment for defenders: once data is public, response shifts from containment to damage control and credential rotation at scale.

🧩 73 Malicious VS Code Extensions – Developer Layer Under Attack

Researchers identified 73 fake extensions in the Open VSX marketplace linked to the Glass Worm operation. These extensions initially appeared benign, building trust before later updates introduced malicious payloads.

The attack chain includes:

• Typosquatting popular extensions

• Delayed activation (“sleeper” model)

• Secondary payload delivery via GitHub-hosted components

This is a direct attack on the developer ecosystem. A single compromised extension can expose source code, credentials, and SSH keys, turning a developer workstation into a high-value entry point for attackers.

🧬 PyPI Package Hijack – Supply Chain Risk in Data Engineering

The widely used “elementary-data” package (1.1M monthly downloads) was hijacked, with attackers publishing a malicious version that exfiltrated credentials, environment variables, and crypto wallets.

The attack leveraged GitHub Actions script injection to gain access, forge legitimate commits, and distribute compromised builds.

This highlights a growing trend: attackers targeting CI/CD pipelines and package registries simultaneously, enabling rapid propagation across developer environments and production systems.

🪟 Windows Zero-Click Vulnerability – Patch Regression Exploited

Akamai revealed that a recent Windows vulnerability (CVE-2026-32202) stems from an incomplete patch to a previous flaw, enabling zero-click exploitation via malicious LNK files.

Attackers can now trigger NTLM authentication or bypass security prompts simply by having the file present—no user interaction required.

This is particularly concerning because it demonstrates patch regression risk, where incomplete fixes create new attack paths. It also reinforces that patching alone is not a guarantee of security.

🤖 Gemini CLI RCE – AI Pipeline Becomes Attack Vector

A critical vulnerability in Google’s Gemini CLI allows remote code execution in CI environments by abusing trusted workspace configurations and environment variables.

In headless or automated environments, the CLI implicitly trusts local files and settings, allowing attackers to embed malicious configurations in repositories that execute upon pipeline invocation.

This turns AI tooling into a remote execution layer within CI/CD pipelines, expanding the attack surface into automated workflows that often lack human oversight.

🇨🇳 Silk Typhoon Extradition – State Actors Face Consequences

A suspected Chinese cyber operative linked to Silk Typhoon was extradited to the U.S., facing charges tied to the mass exploitation of Microsoft Exchange vulnerabilities.

This marks a rare but significant development in holding state-aligned actors accountable. While it may not deter all activity, it signals increasing willingness to pursue legal action against cyber operators globally.

🧠 Pre-Stuxnet Malware Discovery – Cyber Warfare Started Earlier Than We Thought

SentinelLabs uncovered a malware strain predating Stuxnet by at least five years, targeting engineering and simulation platforms used in nuclear research.

This discovery rewrites the timeline of cyber warfare, showing that sophisticated sabotage capabilities existed as early as 2005.

The implication is profound: cyber operations as strategic tools have been evolving far longer than most organizations have been defending against them.

🛠️ Action Items for Security Leaders

• 🔐 Rotate all credentials tied to Checkmarx and compromised CI pipelines

• 📩 Audit transactional email templates for user-controlled input injection

• 🧩 Restrict developer environments to approved extensions and package sources

• 🧬 Pin and verify all dependencies in npm and PyPI ecosystems

• 🪟 Apply Windows patches and monitor for abnormal NTLM authentication activity

• 🤖 Secure AI tooling in CI/CD pipelines and restrict environment trust boundaries

• 💰 Implement organization-wide awareness training on social media scams

• 🔍 Monitor SaaS platforms for phishing-based identity compromise patterns

• 📊 Enhance detection for OAuth abuse and API-based data exfiltration

• 🌍 Incorporate geopolitical cyber activity into risk modeling and response plans

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how attackers are leveraging trust at every level from email infrastructure to developer tools to AI pipelines. We’ve spent years building systems to automate and simplify workflows, but in doing so, we’ve also created pathways that attackers can exploit with minimal friction. The Robinhood case and the Gemini CLI vulnerability are perfect examples of how legitimate systems can be turned into attack vectors.

The second takeaway is speed. Supply chain attacks, phishing campaigns, and fraud operations are all happening faster than ever before. By the time we detect an issue, attackers have already pivoted, propagated, and monetized. That means our defenses need to evolve not just to prevent compromise, but to detect and respond in near real time. Because in this environment, the organizations that can’t keep up won’t just fall behind, they’ll become targets.

🔥 Stay Cyber Safe.

We’re kicking off the week with a packed 10-story rundown that hits everything from federal edge compromises to SaaS breach chains, supply chain worms, and even a 12-year-old Linux root flaw still alive and well.

If last week was about trust breaking, this week is about exposure at speed. Attackers are moving faster, pivoting across ecosystems, and exploiting anything left unpatched, unsegmented, or simply forgotten.

Double espresso ready; let’s get into it.

Subscribe now

🧭 Executive Summary

Today’s stories highlight two critical realities:

1. Exposure is everywhere—from SaaS identity chains to federal firewalls to developer ecosystems

2. Tempo is accelerating—attackers are chaining exploits, pivoting faster, and monetizing access almost immediately

We’re seeing convergence across edge infrastructure compromise, SaaS phishing chains, supply chain propagation, and legacy system exploitation, all amplified by a pace that most organizations struggle to match operationally.

🛡️ CISA KEV Additions – Remote Access Tools Become Enterprise Gateways

CISA added multiple actively exploited vulnerabilities to the KEV catalog, including flaws in SimpleHelp, Samsung MagicINFO, and D-Link routers.

What makes this particularly dangerous is the role these systems play. SimpleHelp, for example, is widely used as a remote support tool. A compromised technician account doesn’t just impact one system—it can cascade across every client environment that tool touches.

This is a recurring pattern: attackers aren’t targeting endpoints—they’re targeting tools that manage endpoints, turning a single foothold into multi-tenant compromise.

🔥 Firestarter Backdoor – Federal Cisco ASA Compromise Persists

A Linux-based backdoor dubbed Firestarter was discovered on a federal Cisco ASA firewall, persisting even after firmware updates.

The malware survives by intercepting termination signals and relaunching itself, meaning standard patching or rebooting does nothing to remove it.

This changes the playbook. Instead of patching, organizations must fully power down, reimage, and rotate all credentials tied to the device.

The broader implication is serious: edge infrastructure is now a long-term persistence layer for attackers, not just an entry point.

🏠 ADT Breach – Phishing to SaaS Chain Hits Again

ADT disclosed a breach involving unauthorized access to cloud environments, with attackers leveraging phishing against Okta to gain entry and pivot into Salesforce.

This is now a well-established attack chain:

• Phishing → Identity provider compromise

• Pivot → SaaS platform access

• Extract → Customer data at scale

With a 10 million record leak potentially imminent, this case reinforces that SaaS ecosystems are only as secure as the identity layer protecting them.

And attackers know it.

🧩 Checkmarx Supply Chain Attack – CI/CD Integrity at Risk

Checkmarx was hit again, with attackers compromising Docker images and VS Code extensions tied to its KICS analysis tool.

Although exposure lasted less than 90 minutes, that’s more than enough time in modern pipelines. Any system pulling updates during that window could now be compromised.

This highlights a key issue: CI/CD pipelines operate at machine speed, but security validation often lags behind, creating a window attackers can exploit repeatedly.

🐧 Pack2TheRoot – 12-Year Linux Privilege Escalation Flaw

A privilege escalation flaw present since 2014 has been confirmed exploitable across major Linux distributions.

This vulnerability allows a low-privileged user to escalate to root through PackageKit, meaning any malware landing on a Linux endpoint can immediately gain full control.

This is not a zero-day, it’s worse. It’s a decade-old design flaw that went largely unnoticed, proving that legacy components remain one of the biggest risks in modern environments.

⚡ Itron Breach – Utility Supply Chain Risk Expands

Itron disclosed unauthorized access to corporate IT systems, though no customer environments were impacted.

Even so, the implications are significant. Itron operates in the utility and grid-edge ecosystem, meaning any compromise raises concerns about downstream risk to critical infrastructure.

This reinforces a key shift: attackers are increasingly targeting vendors and suppliers as indirect entry points into high-value environments.

🧬 NPM → PyPI Worm – Cross-Ecosystem Supply Chain Attack

The supply chain worm we’ve been tracking continues to evolve, now spreading across both npm and PyPI ecosystems.

This worm:

• Harvests credentials from developer environments

• Uses stolen tokens to publish malicious packages

• Propagates automatically across repositories

This is supply chain compromise at industrial scale. One compromised developer machine can now infect multiple ecosystems within hours, making containment extremely difficult.

💾 Vercel Data Leak – Breach Data Hits Underground Markets

Data from the earlier Vercel breach has now surfaced for sale, including access keys, source code, and internal databases.

Although the listing was removed, the assumption must be that the data is already circulating.

The attack chain starting with infostealer malware and OAuth token theft—shows how endpoint compromise can quickly escalate into cloud environment exposure.

📱 Apple App Store – 26 Fake Crypto Wallet Apps Discovered

Kaspersky identified 26 malicious crypto wallet apps on Apple’s App Store, impersonating major platforms like Coinbase and MetaMask.

These apps harvested recovery phrases and even used OCR to extract sensitive data from screenshots.

This challenges a long-held assumption: app stores are no longer a reliable trust boundary, especially for financial applications.

🌍 Iran Threat Model – From Destruction to Influence

Industry leaders are reframing Iran’s cyber posture, suggesting a shift from large-scale infrastructure attacks to targeted opportunistic breaches amplified through information operations.

Instead of shutting down power grids, the focus is now:

• Breach a target

• Publicize it

• Amplify impact through media

This aligns with broader geopolitical trends where perception and narrative are as valuable as technical impact.

🎯 Key Takeaway

👉 Exposure + Speed = Modern Cyber Risk

Attackers are no longer waiting. They’re exploiting, pivoting, and monetizing in real time.

🛠️ Action Items for Security Leaders

• 🔐 Patch all KEV-listed vulnerabilities immediately

• 🔥 Reimage and hard reset compromised edge devices (do not rely on patching alone)

• 🧩 Enforce phishing-resistant MFA across identity providers

• 🔍 Audit SaaS integrations, especially Okta and Salesforce chains

• 🚀 Validate CI/CD pipelines and restrict external dependency pulls

• 🐧 Patch Linux systems and monitor for privilege escalation activity

• 🧬 Rotate all npm and PyPI tokens and enforce strict credential hygiene

• ⚡ Conduct vendor risk assessments for critical infrastructure suppliers

• 📱 Restrict unverified mobile app installations through MDM policies

• 🌍 Prepare incident response playbooks for reputational and information warfare scenarios

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how much of our risk is tied to systems we assume are already secure. Whether it’s a firewall that survives patching, a SaaS chain built on identity trust, or a Linux component that’s been around for over a decade, attackers are finding value in what we’ve stopped questioning. That’s the real challenge, we’re defending what we see, while attackers exploit what we’ve forgotten.

The second takeaway is tempo. Every story today reflects a faster cycle from compromise to propagation to monetization. Supply chain worms spread in hours. SaaS breaches turn into data leaks within days. If our detection and response don’t match that speed, we’re always going to be behind. The future of security isn’t just about control it’s about keeping up.

🔥 Stay Cyber Safe.

James is settling into new-parent mode — running on three hours of sleep and double espresso, which, as he puts it, is excellent preparation for a career in cybersecurity incident response. Welcome to the party, baby Azar.

This week’s briefing comes at you from a threat environment that is, frankly, firing on every cylinder simultaneously. Let’s set the stage:

France’s national identity agency confirmed a breach exposing up to 19 million records names, birthdates, addresses, civil status, a foundational identity dataset now in attacker hands. A self-propagating npm worm is autonomously spreading malicious code across developer ecosystems, targeting both npm and PyPI in a single chain. Microsoft issued an emergency out-of-band patch for an ASP.NET Core authentication forgery flaw. Cisco’s SD-WAN control plane vulnerability landed on CISA’s KEV list with a hard federal deadline. The Vercel breach confirmed exactly how AI OAuth integrations create insider-equivalent access through third-party tools. And Lotus wiper malware is actively burning Venezuelan energy infrastructure no ransomware, no negotiation, just destruction.

Meanwhile, April 2026 is on pace to be the worst month for crypto theft since February 2025, with over $606 million lost in 18 days including Lazarus Group’s $290 million KelpDAO exploit. North Korea is running a financial operation that functions less like a hacking group and more like a nation-state treasury department.

The through-line across every story this week is trust. Every attack exploited something that was supposed to be safe an authentication cookie, an OAuth grant, a sandboxed AI environment, a national identity database, a ransomware negotiation firm. Once attackers compromise trust at any layer, everything built on top of it inherits the risk.

Coffee cup cheers. Let’s get into it.

Subscribe now

🌐 Geopolitical Cyber Warfare

Lotus Wiper Malware Targets Venezuelan Energy Infrastructure

Lotus wiper malware is actively targeting energy and utility organizations in Venezuela, operating at a low level to erase data, eliminate recovery mechanisms, and render systems unrecoverable. Unlike ransomware, there is no negotiation, no ransom demand, and no recovery path. The intent is permanent operational disruption specifically targeting power generation and distribution infrastructure. This is cyber operations being deployed as a tool of strategic disruption, not financial crime. Wiper attacks don’t negotiate. They erase.

ZionSiphon Malware Targets Water Treatment and Desalination Systems

ZionSiphon malware is targeting water treatment and desalination infrastructure, with code that specifically references chlorine handling processes and water purification systems including references to water supply manipulation. This isn’t theoretical. Early-stage OT malware with real-world consequence potential is already in the wild. We saw what nearly happened in Oldsmar, Florida, where a single analyst prevented a chlorine dosing attack. This is that playbook evolving. Baseline OT behavior and monitor for any unauthorized process changes immediately.

Sweden Attributes Heating Plant Attack to Russian-Linked Actors

Swedish officials confirmed attribution of a cyberattack on a district heating plant to a pro-Russian group connected to Russian intelligence. The attack failed operationally. But intent is the story. Civilian infrastructure heating, power, water is being targeted not to destroy, but to create societal pressure and psychological instability. Gray-zone warfare doesn’t require success to be effective. The attempt alone achieves its geopolitical objective.

Iranian Reconnaissance: 12,000 Systems Scanned

More than 12,000 systems were scanned in a campaign mirroring Iranian reconnaissance patterns. Combined with nearly 4,000 U.S. industrial devices remaining internet-exposed, this represents active pre-positioning at scale. Scanning is preparation, not attack. The attack comes later with precision, against targets already mapped.

AgingFly Malware Targets Ukrainian Government and Hospitals

The AgingFly malware strain continues targeting Ukrainian government agencies and healthcare systems a deliberate campaign against the institutions that sustain public life during conflict. Disrupting hospitals and government services doesn’t require military action. It just requires persistence and the right malware.

💥 Destructive Attacks & Ransomware

NHS Ransomware: Two Years Later, Still Broken

Nearly two years after a ransomware attack, NHS healthcare services in London are still dealing with operational fallout thousands of delayed procedures, disrupted diagnostics, and persistent system degradation. This is the story the headlines missed when the initial incident faded. Ransomware is not a data problem with a recovery timeline. It is a multi-year operational crisis, and in healthcare, that crisis is measured in patient outcomes. Cyber incidents don’t end when systems come back online. They end when operations fully recover and in healthcare, that may take years.

Gentleman Ransomware and SystemBC: Reading the Pre-Attack Signals

Ransomware groups are deploying SystemBC malware as the pre-attack staging layer establishing proxy tunnels, encrypted C2 channels, and persistent access before ransomware is ever deployed. By the time encryption begins, attackers have already mapped the environment, harvested credentials, and established control. The real opportunity to stop ransomware is at this stage. Detecting SystemBC is detecting the attack before it completes.

Akira Ransomware Hits Defense Supply Chain Manufacturers

Akira continues targeting manufacturing and engineering firms that serve as suppliers to larger enterprises in aerospace and defense. A breach at this tier doesn’t stay contained, it cascades through dependencies, exposing sensitive design data and disrupting production across interconnected supply chains. Supply chain ransomware risk is ecosystem risk, not single-organization risk.

Insider Threat: Ransomware Negotiator Sold Victim Data to BlackCat

A ransomware negotiation consultant pleaded guilty to collaborating with attackers providing BlackCat with negotiation strategies and victim data from clients who trusted them with incident response. Third-party vendors, consultants, and incident responders often have deeper access than internal staff during a crisis. That access must be governed like privileged access with monitoring, segmentation, and time-limited grants not trusted on the basis of relationship alone.

🔓 Data Breaches & Identity Exposure

France National ID Breach: 19 Million Records

France’s national identity agency ANTS confirmed a breach exposing up to 19 million records full names, birthdates, addresses, and civil status. This is not a breach of a loyalty program or a retail database. This is a foundational identity dataset, and its exposure cascades into every system that relies on identity verification for years. The French government has already warned citizens to anticipate smishing and phishing campaigns built from this data. For any organization operating in France or authenticating French users, this is a direct inherited risk. Identity verification confidence across this population has degraded.

AI Threat to Global Banking: Speed vs. Oversight

Financial leaders issued warnings this week that advanced AI models could destabilize portions of the global banking system not through dramatic hacks, but through the gap between AI-driven fraud velocity and human oversight capacity. AI is enabling automated fraud, accelerating attack decision-making, and executing at speeds that regulated institutions cannot match with manual review processes. The risk is systemic fraud operating faster than detection and response. Human approval gates for high-risk AI-driven financial transactions are a necessary architectural control.

Vercel Breach via AI OAuth Integration

The Vercel breach is the most important AI supply chain case study of the week. Attackers did not breach Vercel directly. They compromised a third-party AI tool Context AI harvested credentials from an employee there, and used the OAuth permissions that tool had been granted to access Vercel’s internal environment. OAuth grants are often broad, persistent, and uninspected. Once inside, the attacker reached environment variables, API keys, and internal infrastructure operating with legitimate access, triggering no alerts. An AI tool with unrestricted OAuth scope is functionally indistinguishable from an insider.

McGraw-Hill Salesforce Misconfiguration: ShinyHunters Claims 45 Million Records

ShinyHunters continues its Salesforce-centric campaign with McGraw-Hill as the latest documented victim, claiming 45 million records from a misconfigured Salesforce-hosted web page rather than the core enterprise tenant. The campaign has also touched 7-Eleven, Pitney Bowes, Canada Life, and Aman Resorts within the same two-week window. SaaS misconfigurations do not confine their blast radius to the page they’re located on. Audit every externally reachable SaaS integration not just the primary tenant.

DraftKings Credential Stuffing: 60,000 Accounts, No Zero-Days Required

The DraftKings credential stuffing case involved 60,000 compromised accounts monetized using nothing more than reused passwords from prior breaches. No zero-days. No advanced techniques. Just the persistent reality that credential reuse remains one of the most effective attack methods in existence. The attack is as old as breach databases. It keeps working because password hygiene still fails at scale.

Booking.com and Rockstar Gaming: Trust-Based Cloud Access

Booking.com confirmed a breach tied to credential or support workflow compromise rather than infrastructure attack. Rockstar Games data was accessed via a compromised Snowflake environment through a third-party analytics platform. Both cases follow the same pattern: no forced entry, legitimate access used maliciously, no immediate detection. Cloud and SaaS security monitoring must include behavioral anomaly detection for API and integration access not just perimeter controls.

🕵️ Nation-State & Advanced Persistent Threats

Lazarus Group: $290 Million KelpDAO Exploit

North Korea’s Lazarus Group specifically the TraderTraitor cluster executed a $290 million exploit against KelpDAO through a multi-stage attack chain: compromising the downstream RPC endpoint that a decentralized verifier network relied on, using DDoS to force failover to the poisoned endpoint, then spoofing cross-chain messages through KelpDAO’s single-verifier configuration. April 2026 is now the worst month for crypto theft since February 2025, with over $606 million lost across 18 days. North Korea’s crypto operations have crossed from crime into nation-state-scale financial warfare. The Bybit playbook is being refined and repeated.

APT Using Microsoft Outlook Inboxes for Command-and-Control

A sophisticated APT group is using Microsoft Outlook inboxes as a covert C2 channel. The malware authenticates via Azure AD, retrieves encrypted commands from designated mail folders, executes them locally, and returns results through the same channel all over legitimate Microsoft infrastructure. Traditional network filtering and reputation-based detection are ineffective because the traffic is indistinguishable from normal Outlook usage. This is living-off-trusted-cloud at its most operationally sophisticated.

Scattered Spider Guilty Plea: Social Engineering at Scale

A Scattered Spider member pleaded guilty to attacks that used phishing, SIM swapping, and identity manipulation to breach major platforms and extract millions in financial assets. The techniques worked not because of technical sophistication but because human-layer attacks consistently bypass technical controls. Law enforcement is catching up. The techniques, however, continue to evolve and are being adopted broadly across threat actor communities.

North Korea’s $280 Million Drift Theft: Full Post-Mortem

The Drift crypto theft post-mortem confirms the operation involved fake companies, sustained relationship-building over months, physical conference attendance, and social engineering before any technical exploitation occurred. North Korea is operating cybercrime as a corporate function patient, organized, and designed for maximum yield. Security models that don’t account for this level of persistence and organizational investment are not modeling the actual threat.

🛡️ Vulnerabilities & Active Exploitation

Microsoft Defender Zero-Days: Security Tools as Attack Vectors

Microsoft issued emergency patches for three actively exploited zero-days in Defender for Endpoint that allowed attackers to tamper with detection mechanisms effectively disabling security visibility while remaining on the endpoint. EDR is no longer just a defensive layer. It has become part of the attack surface. Organizations operating with a single EDR solution are operating with a single point of failure. Layer endpoint security products. If attackers can silence Defender, they cannot simultaneously silence a second independent product.

Microsoft ASP.NET Core Emergency Patch: Authentication Cookie Forgery

Microsoft issued an out-of-band emergency patch for a critical ASP.NET Core vulnerability allowing attackers to forge authentication cookies through improper HMAC validation. No phishing, no token theft just a forged cookie and full authenticated access. For public-facing applications relying on ASP.NET Core, patch immediately and rotate all data protection keys generated by vulnerable versions.

Microsoft Domain Controller Patch Failure: Cascading Identity Disruption

Microsoft’s April patch cycle introduced instability in domain controllers triggering reboot loops and cascading authentication failures across login systems, VDI environments, and identity infrastructure. Identity systems must have controlled deployment pipelines with staged rollout and pre-deployment validation. Patching identity infrastructure with the same urgency and process as workstation endpoints creates systemic operational risk.

Cisco SD-WAN CVE-2026-20133: CISA KEV, Federal Deadline Active

CISA added Cisco SD-WAN CVE-2026-20133 to the Known Exploited Vulnerabilities catalog with a rapid federal patch deadline. The vulnerability allows unauthenticated attackers to extract sensitive data from the SD-WAN manager the centralized control plane governing routing, segmentation, and policy enforcement across all branch locations. Compromising this system is not lateral movement. It is centralized network dominance. Patch by the federal deadline, or before it.

MOVEit WAF and Kemp LoadMaster: Breaking the Shield

Progress Software patched multiple vulnerabilities in MOVEit WAF and Kemp LoadMaster, including command injection flaws and a WAF bypass allowing crafted requests to evade inspection. These are systems designed to protect enterprise edges and the vulnerabilities turn them into entry points. Given MOVEit’s history with mass exploitation campaigns, enterprise patching urgency here should match federal agency timelines.

Spinnaker RCE: Unauthenticated Access to Production Pipelines

Two unauthenticated remote code execution vulnerabilities in Spinnaker the continuous delivery platform managing cloud deployments allow attackers to execute commands within cloud driver components. Spinnaker has access to deployment logic, credentials, and production infrastructure. Exploitation is not just a breach of infrastructure it is a compromise of software delivery integrity with downstream impact on everything Spinnaker touches.

Marimo RCE: AI Tooling Exploited Within Hours of Disclosure

The Marimo remote code execution vulnerability was exploited within hours of disclosure, with attack chains incorporating Hugging Face as a staging platform and decentralized C2 infrastructure. AI development tools are now enterprise attack surfaces operating without the security rigor applied to traditional infrastructure. Isolation, network egress restriction, and patching for AI tooling must match enterprise security standards.

AI Sandbox Escape: Terrarium Vulnerability Enables Root Access

A critical vulnerability in Cohere’s open-source Terrarium project allows sandboxed AI-generated code to escape containment and execute at the host level with root privileges through improper WebAssembly and JavaScript prototype handling. Terrarium is widely deployed to execute AI-generated code safely. This vulnerability eliminates that safety boundary entirely. Any untrusted AI-generated script in a vulnerable Terrarium environment can compromise the host, extract secrets, and move laterally. AI infrastructure is being deployed with pre-2010 security assumptions.

Fortinet Sandbox: Unauthenticated Root Command Execution

A critical Fortinet Sandbox vulnerability allows unauthenticated command execution as root, with public exploit code already available. Security appliances with public exploits become trusted footholds with administrative access the moment they are successfully targeted. Patch immediately and treat every security tool as part of the attack surface, not just the defense.

Apache ActiveMQ: Old Bugs, Active Exploitation

Apache ActiveMQ vulnerabilities are being actively exploited, often chained with default credentials and legacy flaws. Middleware sitting deep in application environments is a persistent, quiet attack surface. Default credentials must be eliminated across every middleware component in enterprise environments. There is no acceptable reason for default credentials to survive past deployment.

Anthropic MCP: Architectural RCE Risk Across AI Development Tools

A critical design flaw in Anthropic’s Model Context Protocol introduces remote code execution risk across a wide ecosystem of AI development tools with millions of downloads and hundreds of thousands of instances in scope. The vendor’s position that the behavior is “by design” raises serious concerns about security maturity in AI framework development. Audit and restrict all MCP integrations and AI agent frameworks for scope, permissions, and network access.

ICS Patch Tuesday: OT Exposure Continues

Siemens, Schneider Electric, Rockwell, and five additional major industrial vendors released advisories. OT environments accumulate vulnerability over time through operational continuity constraints and infrequent patching cycles. Dedicated OT vulnerability management processes separate from IT patch workflows are required to address this accumulating risk.

Mirai Botnets: End-of-Life D-Link Routers Actively Exploited

Two Mirai botnet campaigns are actively exploiting command injection vulnerabilities in discontinued D-Link routers. End-of-life devices that are never inventoried, never retired, and never replaced become permanent participants in attacker infrastructure. Asset visibility for all network-connected devices including legacy and end-of-life equipment is a foundational security requirement, not a maturity milestone.

Oracle: 481 Patches Across 28 Product Families

Oracle released 481 security patches in one of the largest patch cycles in its history arriving in the same week as Microsoft’s emergency patches and the broader vendor patch deluge. The risk here is not just vulnerability. It is patch fatigue. When security teams are overwhelmed, prioritization degrades and critical fixes are delayed or missed. Triage ruthlessly by attack surface exposure and business criticality.

🤖 AI, Supply Chain & Developer Threats

Self-Propagating npm Worm: Autonomous Cross-Ecosystem Spread

A malicious npm package targeting the widely used “pg” database ecosystem includes a self-propagating worm that steals developer tokens and republishes malicious versions autonomously across accessible packages. Once it finds a valid npm token, it enumerates accessible packages, injects malicious code, publishes new versions, and repeats cascading through the ecosystem within hours. The worm also targets PyPI, making this a cross-ecosystem supply chain attack. One compromised developer environment can infect the broader ecosystem before a human analyst has time to respond. Revoke and rotate all npm and PyPI tokens across every developer environment immediately.

Cisco Talos Q1 2026 Report: Phishing Reclaims Top Spot

Cisco Talos’ Q1 2026 Incident Response report confirms phishing has re-emerged as the leading initial access vector, accounting for over one-third of incidents. What changed is not the technique it’s the effectiveness. Adversary-in-the-middle phishing kits and real-time MFA bypass capabilities have fundamentally elevated phishing success rates. User awareness training developed even twelve months ago does not reflect the current threat. Update training programs to explicitly address MFA bypass techniques.

Glassworm: Zig-Based Dropper Targets Developer IDEs

Glassworm evolved with a new variant using a Zig-based dropper to target developer environments and IDE ecosystems. Attackers moving into the development lifecycle mean they influence what gets built not just what runs in production. Enforce signed plugin requirements, approved extension lists, and strict access controls across all developer tooling environments.

BlueSky DDoS: Availability as a Security Dimension

A multi-day DDoS attack against BlueSky disrupted core platform functionality for an extended period. Availability is a security property and as organizations and users adopt decentralized architectures and alternative platforms, the DDoS threat surface expands. Pre-defined DDoS mitigation plans and tested response procedures must be in place before the attack begins.

2.4 Million Exposed FTP Servers: Basic Hygiene Still Failing

Over 2.4 million internet-facing FTP servers continue to operate without encryption providing cleartext credential transmission to any attacker willing to look. This is not a sophisticated threat. It is a global-scale failure of basic security hygiene that has persisted for years. Eliminate cleartext protocols. Enforce encryption across all services. There is no operational justification for unencrypted FTP in 2026.

⚖️ Law Enforcement & Policy

Scattered Spider Guilty Plea: Tyler B Sentenced

A Scattered Spider member pleaded guilty to charges involving approximately $8 million in SIM-swap-driven fraud and data theft. Law enforcement is demonstrating meaningful enforcement capability against technically sophisticated social engineering actors. The techniques, however, are spreading to broader threat actor communities faster than enforcement can deter them.

DDoS-for-Hire Network Disrupted: 75,000 Users Warned

Law enforcement disrupted a DDoS-for-hire infrastructure, seizing domains and issuing warnings to over 75,000 registered users. Disruption creates friction and raises cost for criminal operators. It does not permanently eliminate the capability — cybercrime ecosystems rebuild on new infrastructure. Continuous monitoring remains essential.

North Korean IT Worker Sentencing

Two individuals were sentenced for supporting North Korea’s fake IT worker scheme the regime-funded operation placing operatives inside global companies as legitimate remote employees. These enforcement actions represent meaningful progress in attributing and prosecuting an operation that has been running for years. The threat, however, continues.

FCC Cybertrust Mark: IoXT Alliance Named Lead Administrator

The FCC Cybertrust Mark program for connected device security has a new lead administrator in the IoXT Alliance, putting the consumer IoT security baseline program back on track after UL’s withdrawal. Any policy framework that raises the minimum security floor for connected devices has direct defensive value given the persistent exploitation of routers and IoT endpoints.

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Patch Cisco SD-WAN CVE-2026-20133 — CISA KEV with federal deadline, unauthenticated control plane access

• Patch Microsoft ASP.NET Core authentication cookie forgery — emergency out-of-band patch, rotate all data protection keys immediately

• Patch Microsoft Defender for Endpoint zero-days — EDR tampering enabling silent attacker persistence

• Revoke and rotate ALL npm and PyPI developer tokens — self-propagating worm is actively spreading

• Patch MOVEit WAF and Kemp LoadMaster — WAF bypass and command injection with public exposure

• Patch Spinnaker RCE — unauthenticated access to production deployment pipelines

• Patch Fortinet Sandbox — public exploit code available for unauthenticated root execution

• Patch Marimo and audit all Hugging Face integrations for indicators of compromise

Short-Term (This Month)

• Audit ALL OAuth grants across Microsoft 365 and Google Workspace, Vercel breach is the template for AI OAuth pivot attacks

• Layer endpoint security with a second independent EDR product single EDR creates single point of failure

• Implement staged deployment pipelines for identity infrastructure patches separate from workstation cycles

• Enforce just-in-time access and session recording for all third-party incident response and consulting access

• Implement object-level authorization testing in all application security release gates

• Enforce cryptographic signature verification before any software installation in enterprise environments

• Update phishing awareness training to explicitly include MFA bypass and adversary-in-the-middle techniques

• Replace or isolate all end-of-life D-Link routers and unmanaged network devices

• Eliminate all cleartext FTP services 2.4 million exposed servers is a collective failure, don’t be part of it

• Implement human approval gates for high-risk AI-driven financial transactions

Strategic (This Quarter)

• Establish dedicated OT vulnerability management processes independent of IT patch cycles

• Conduct comprehensive audit and restriction of all MCP integrations and AI agent framework permissions

• Isolate AI execution environments with network egress restrictions and runtime monitoring

• Enforce multi-verifier models in all blockchain and DeFi architectures single verifier is a single point of failure

• Build dedicated fast-lane patch processes for internet-facing infrastructure separate from workstation cadence

• Plan post-breach identity degradation response for regions with national identity database exposure (France)

• Stress test offline backup integrity and recovery procedures — wiper malware eliminates recovery paths

Leave a comment

🎙️ James Azar’s CISO’s Take

When I look at this week in its entirety, every story ties back to the same root cause: trust being extended to systems, tools, integrations, and people without continuous validation and attackers exploiting exactly that gap. France’s national identity database. Authentication cookies. OAuth grants to AI tools. Outlook inboxes used as C2 channels. A ransomware negotiator feeding victim intelligence to BlackCat. These aren’t exotic attacks. They are the logical consequence of building systems on trust assumptions that were never designed to be verified continuously. And in 2026, that design assumption is the vulnerability. Control planes are the target this week SD-WAN managers, WAF admin APIs, Spinnaker pipelines, OAuth tokens all one unauthenticated bug or over-scoped consent grant away from total compromise.

The second takeaway is speed. The npm worm demonstrates how quickly compromise propagates when supply chain security is absent. The ASP.NET forgery flaw shows how quickly authentication can be bypassed once a flaw is in the wild. The APT using Outlook for C2 shows how long patient adversaries can persist when detection depends on network indicators instead of behavioral ones. We are operating in an environment where time is the deciding factor, and organizations that cannot detect and respond within the attacker’s operational window will absorb the full impact. Patch the CVE-2026-20133 today. Audit your OAuth grants this week. Stress test your offline backups before you need them. That is how you reduce the blast radius when not if the next trust assumption fails.

Stay Cyber Safe. 🔐

Today’s episode is absolutely loaded, this is one of those “everything is breaking at once” kind of days.

We’ve got a national identity breach, an AI sandbox escape, a Microsoft emergency patch, Mirai botnets, a self-propagating npm worm, an APT abusing Outlook for command-and-control, and more.

If there’s one theme across every story today, it’s this:
👉 The systems we trust to prove identity and enforce boundaries are failing.

Double espresso in hand—let’s get into it.

Subscribe now

Today’s threat landscape highlights a systemic breakdown in identity, trust validation, and software supply chains. From a breach exposing millions of national identities in France to AI sandbox failures enabling root access, attackers are exploiting foundational systems that underpin authentication, execution, and trust.

At the same time, we’re seeing acceleration in automated propagation (npm worm), credential abuse (ASP.NET flaw), and stealthy persistence (APT via Outlook). Combined with large-scale patch cycles and unpatched legacy infrastructure, the result is a highly volatile environment where one weak trust layer can cascade into widespread compromise.

🇫🇷 France National ID Breach – 19 Million Records Exposed

France’s national identity agency (ANTS) confirmed a breach impacting up to 19 million individuals, exposing highly sensitive data including full names, birthdates, addresses, and civil status. This isn’t just another data breach, it’s a foundational identity dataset leak.

The real danger lies in downstream impact. With this level of data, attackers can conduct highly targeted phishing, impersonation, tax fraud, healthcare fraud, and even banking account takeovers for years to come. The French government has already warned citizens to expect smishing and phishing campaigns tied directly to this data.

From a practitioner standpoint, this is a nightmare scenario. Identity is the backbone of authentication systems, and when it’s compromised at a national level, every organization interacting with those users inherits risk.

🤖 AI Sandbox Escape – “Terium” Vulnerability Breaks Containment

A critical vulnerability in Cohere’s open-source Terium project allows sandboxed AI-generated code to escape containment and execute at the host level with root privileges.

This flaw exists in the WebAssembly layer, where improper handling of JavaScript prototypes allows attackers to pivot from a supposedly isolated environment into the underlying Node.js runtime.

This is significant because Terium is widely used to execute AI-generated code safely. With this vulnerability, there is effectively no sandbox, meaning any untrusted AI-generated script can compromise the host system, extract secrets, and move laterally.

This reinforces a growing pattern: AI infrastructure is being deployed with pre-2010 security assumptions, and attackers are catching up fast.

🪟 Microsoft ASP.NET Core Emergency Patch – Authentication Forgery Risk

Microsoft issued an out-of-band patch for a critical ASP.NET Core vulnerability that allows attackers to forge authentication cookies and elevate privileges without valid credentials.

The flaw lies in improper HMAC validation during cookie handling, effectively allowing attackers to bypass authentication entirely. No phishing, no token theft—just a forged cookie and access granted.

This is particularly dangerous for public-facing applications relying on ASP.NET Core, as it directly undermines the integrity of authentication mechanisms.

The urgency here is clear: patch immediately and rotate all data protection keys generated by vulnerable systems.

🌐 Mirai Botnets Return – Exploiting End-of-Life Routers

Two separate Mirai botnet campaigns are actively exploiting vulnerabilities in discontinued D-Link routers, which no longer receive security updates.

Attackers are leveraging command injection flaws to deploy botnet payloads, turning vulnerable devices into part of a distributed attack infrastructure.

The bigger issue here isn’t just the botnet, it’s asset visibility. Organizations often fail to inventory or retire end-of-life devices, leaving them exposed indefinitely.

These devices don’t just sit idle they become active participants in attacks.

🧬 Self-Spreading npm Worm – Supply Chain Attack Goes Autonomous

This is one of the most concerning developments of the day.

A malicious npm package targeting the widely used “pg” ecosystem includes a self-propagating worm that steals developer tokens and republishes itself across other packages.

Once it finds a valid npm token, it:

• Enumerates accessible packages

• Injects malicious code

• Publishes new versions

• Repeats the cycle

This creates a cascading effect where one compromised developer environment can infect the broader ecosystem within hours.

Even more concerning, the worm also targets PyPI, making it a cross-ecosystem supply chain attack.

This is the industrialization of software compromise.

📊 Cisco Talos IR Report – Phishing is Back at the Top

Cisco Talos’ Q1 2026 report shows phishing has re-emerged as the leading initial access vector, accounting for over one-third of incidents.

What’s changed isn’t phishing itself, it’s effectiveness. Adversary-in-the-middle kits and MFA bypass techniques have made phishing campaigns far more successful.

At the same time, exploitation of public-facing applications especially SharePoint continues to drive initial access.

The takeaway is simple: user awareness training from even a year ago is already outdated.

📧 APT Using Outlook for Command-and-Control

A sophisticated APT group is using Microsoft Outlook inboxes as a command-and-control channel.

The malware authenticates via Azure AD, accesses specific mail folders, retrieves encrypted commands from emails, executes them locally, and responds with results.

This technique leverages trusted Microsoft infrastructure, making detection extremely difficult. Traditional network filtering and reputation-based controls are ineffective because the traffic appears legitimate.

This is a prime example of living off trusted cloud services for stealthy operations.

💰 DeFi Exploit – Ownership Validation Bypassed

A DeFi platform was drained of millions after attackers exploited a flaw that incorrectly validated ownership of vault assets.

Unlike typical exploits involving private keys or reentrancy bugs, this attack manipulated logic to convince the system that the attacker was the legitimate owner.

This highlights a critical issue in decentralized finance: trust in smart contract logic is often misplaced, and small validation flaws can lead to massive financial loss.

🧱 Oracle Patch Drop – 481 Fixes Overwhelms Teams

Oracle released 481 security patches across 28 product families, one of the largest patch cycles in its history.

This comes on top of Microsoft’s patch load and emergency fixes, creating a significant operational challenge for security teams.

The risk here isn’t just vulnerability it’s patch fatigue. When teams are overwhelmed, prioritization suffers, and critical fixes can be delayed or missed entirely.

🛠️ Action Items for Security Leaders

• 🔐 Rotate credentials and enforce phishing-resistant MFA across all users

• 🧩 Patch ASP.NET Core immediately and rotate authentication keys

• 🤖 Isolate AI execution environments and restrict network egress

• 🧬 Revoke and rotate all npm and PyPI tokens across developer environments

• 🚫 Block malicious package versions and enforce dependency validation

• 🌐 Replace or isolate all end-of-life networking equipment

• 📧 Monitor Microsoft Graph and Outlook API activity for anomalies

• 🧠 Update phishing training to include MFA bypass techniques

• 💰 Conduct smart contract audits with focus on ownership validation logic

• 🧱 Prioritize patching for internet-facing and high-risk Oracle systems

Leave a comment

🧠 James Azar’s CISOs Take

What stood out to me today is how every single story ties back to trust. Whether it’s a national identity database, an AI sandbox, a software package registry, or an authentication cookie, attackers are going after the mechanisms that define who and what is trusted. And once they compromise that, everything built on top of it becomes vulnerable.

The second takeaway is speed. The npm worm shows how quickly compromise can spread. The ASP.NET flaw shows how quickly attackers can exploit authentication. The APT using Outlook shows how long attackers can persist undetected. We are operating in an environment where time is the deciding factor and organizations that cannot detect and respond quickly will fall behind.

🔥 Stay Cyber Safe.

Today’s episode hits differently. This isn’t just another day of vulnerabilities and breaches, this is a shift in where attackers are focusing. They’re no longer knocking on the front door…

👉 They’re going straight for the control systems that run everything.

Think SD-WAN controllers. Think CI/CD pipelines. Think OAuth integrations.

💡 If it manages your environment, it’s now a primary target.

Double espresso ready, let’s dive in. Coffee Cup Cheers,

🧭 Executive Snapshot

Today’s stories all point to one uncomfortable truth:
Attackers are scaling access by targeting orchestration layers, not endpoints.

• 🎯 Control planes are being exploited

• 🤖 AI integrations are becoming insider threats

• 🏭 OT systems remain dangerously exposed

• 💣 Destructive malware is back on the table

This isn’t about isolated incidents anymore, it’s about systemic exposure across modern architectures.

Subscribe now

🌐 Cisco SD-WAN Vulnerability – Control of the Network Itself

CISA’s addition of the Cisco SD-WAN vulnerability (CVE-2026-20133) to the KEV catalog with a rapid federal patch deadline highlights just how critical this issue is. This flaw allows unauthenticated attackers to extract sensitive data directly from the SD-WAN manager, which acts as the centralized control plane for enterprise connectivity. In practical terms, this system governs routing, segmentation, and policy enforcement across all branch locations. Once compromised, attackers can gain visibility into network topology, harvest credentials, and potentially manipulate traffic flows. This is not lateral movement, it’s centralized dominance of the network, making it one of the most dangerous classes of vulnerabilities we see today.

🧱 MOVEit WAF & Load Balancer Vulnerabilities – Breaking the Shield

Progress Software’s patching of multiple vulnerabilities in MOVEit WAF and Kemp LoadMaster is particularly concerning because these systems are designed to protect enterprise edges. Among the flaws are command injection vulnerabilities and a WAF bypass that allows crafted requests to slip through inspection mechanisms. The implication is severe: attackers can execute commands or bypass defenses without triggering alerts, effectively turning a protective control into an entry point. Given MOVEit’s history with mass exploitation campaigns, this reinforces that edge security appliances remain high-value and high-risk targets, especially when they sit between external traffic and internal systems.

🤖 Vercel Breach via AI OAuth – Trust Exploited Through Integration

The Vercel breach is one of the most important case studies of modern cyber risk. Attackers didn’t exploit Vercel directly—they compromised a third-party AI tool (Context AI), harvested credentials, and leveraged OAuth permissions to gain access to Vercel’s internal environment. Because OAuth grants are often broad and persistent, the attacker effectively operated with legitimate access, reaching environment variables, API keys, and internal systems. This attack demonstrates how AI tools and SaaS integrations blur the line between external and internal access, creating blind spots in security monitoring. It also reinforces that OAuth is no longer just a convenience feature, it is a critical identity boundary that must be governed like privileged access.

🚀 Spinnaker RCE – Direct Path to Production Environments

The disclosure of two unauthenticated remote code execution vulnerabilities in Spinnaker introduces risk directly into the software delivery pipeline. Spinnaker is widely used to manage continuous delivery across cloud environments, meaning it has access to deployment logic, credentials, and production systems. Exploiting these vulnerabilities allows attackers to execute commands within cloud driver components, potentially exposing secrets, altering deployments, or injecting malicious code into production. This is not just a breach of infrastructure, it’s a compromise of software integrity and trust in application delivery, which can have downstream effects across customers and users.

🏭 OT “Bridge Break” Vulnerabilities – The Weak Link Between IT and OT

Forescout’s disclosure of 22 vulnerabilities in serial-to-Ethernet converters highlights a persistent and dangerous issue in industrial environments. These devices act as bridges between operational technology (OT) and traditional IT networks, often enabling remote monitoring and control of physical systems. Because they are frequently exposed to the internet and lack modern security controls, they become ideal entry points for attackers. Exploitation could allow manipulation of sensor data, disruption of industrial processes, or lateral movement into broader networks. This is particularly concerning in sectors like manufacturing, utilities, and healthcare, where these systems underpin critical operations. The reality is that OT environments continue to inherit risk from legacy design assumptions that no longer hold true.

💣 Lotus Wiper Malware – Destruction Over Disruption

The Lotus wiper malware represents a different class of threat—one focused on destruction rather than financial gain. Targeting energy and utility organizations in Venezuela, this malware operates at a low level to erase data, remove recovery mechanisms, and corrupt systems beyond repair. Unlike ransomware, there is no negotiation or recovery path. The intent is to permanently disrupt operations, potentially impacting power generation and distribution. This aligns with broader geopolitical tensions and demonstrates that cyber operations are increasingly being used as tools of strategic disruption, not just crime.

🧠 Gentleman Ransomware & SystemBC – The Signals Before the Storm

The use of SystemBC malware by ransomware groups provides a valuable insight into how attacks unfold. SystemBC establishes proxy tunnels and encrypted communication channels, allowing attackers to maintain persistent access while preparing for later stages of the attack. This phase often includes reconnaissance, credential harvesting, and lateral movement. By the time ransomware is deployed, the attacker has already mapped the environment and established control. This underscores the importance of detecting early indicators, as the real opportunity to stop ransomware is before encryption begins, not after.

🏭 Akira Ransomware – Supply Chain Risk Amplified

Akira’s continued targeting of manufacturing and engineering firms highlights the growing importance of supply chain risk. Many of these organizations serve as suppliers to larger enterprises, including those in aerospace and defense. A breach at this level can expose sensitive data, disrupt production, and create cascading effects across industries. This is no longer about a single organization being compromised, it’s about entire ecosystems being impacted through interconnected dependencies.

⚖️ Insider Threat – When Trust Becomes the Vulnerability

The case of a ransomware negotiator pleading guilty to collaborating with attackers is a stark reminder that insider risk extends beyond employees. Third-party vendors, consultants, and incident response providers often have deep access to sensitive information. In this case, that trust was exploited to provide attackers with negotiation strategies and victim data. This highlights the need for strict controls, monitoring, and segmentation even within trusted relationships, as insider threat is often a function of access, not intent.

👮 Scattered Spider – Social Engineering at Scale

The guilty plea of a Scattered Spider member reinforces the effectiveness of social engineering-driven attacks. This group leveraged phishing, SIM swapping, and identity manipulation to gain access to major platforms and financial assets. Their success demonstrates that even advanced organizations remain vulnerable to human-layer attacks, which often bypass technical controls entirely. While law enforcement actions are a positive development, the techniques used by these groups continue to evolve and proliferate.

Priority Actions

Priority Action

🔴 FridayPatch Cisco SD-WAN CVE-2026-20133

🔴 CriticalPatch MOVEit WAF/Kemp LoadMaster

🔴 CriticalUpgrade Spinnaker

🟠 HighAudit ALL OAuth grants in Workspace/M365

🟠 HighMicrosegment Lantronix/Silex OT gateways

🟡 MediumBlock SystemBC C2 at egress

CISO’s Take

Control planes are the target this week: SD-WAN managers, WAF admin APIs, Spinnaker pods, OAuth tokens, all one unauthenticated bug or over-scoped consent away from compromise. The Vercel breach is the clearest example of AI supply chain risk we’ve seen: a third-party AI tool’s compromised employee led to OAuth pivot into Vercel’s environment. An AI tool with unrestricted OAuth scope is indistinguishable from an insider.

The other thread: destructive intent and insider accountability. Lotus burning Venezuelan energy infrastructure shows wipers don’t ransom—they take generation offline. Akira hitting defense supply chain parts manufacturers creates exposure beyond single victims. And courtrooms are catching up: a ransomware negotiator selling victim data to BlackCat, Scattered Spider’s Tyler B owning up to $8M in sim swaps. If you do three things today: patch CVE-2026-20133 before Friday, audit your OAuth grants, and stress test your offline backups.

Stay Cyber Safe

Share

Today’s show is one of those rare moments where multiple fault lines in cybersecurity crack at the same time. We’re not looking at isolated incidents we’re seeing systemic stress across endpoint security, AI tooling, patch management, and financial ecosystems. The common thread is clear: the controls we trust most are now being actively exploited.

Today’s episode highlights a convergence of risks across enterprise environments. Attackers are no longer focused on bypassing defenses—they are repurposing trusted systems as attack vectors. From Defender zero-days disabling detection capabilities, to AI frameworks introducing remote code execution risks by design, to crypto theft reaching industrial scale, the modern threat landscape is defined by speed, scale, and trust exploitation.

Organizations must shift from a prevention-first mindset to one centered on resilience, validation, and layered defense, particularly across identity, AI, and developer ecosystems.

Subscribe now

Microsoft Defender Zero-Days – Security Tools as Attack Vectors

Microsoft issued emergency patches for three actively exploited zero-days in Defender for Endpoint. These vulnerabilities allowed attackers to tamper with detection mechanisms, effectively disabling security visibility.

This marks a critical shift. Endpoint Detection and Response (EDR) is no longer just a defensive layer, it has become part of the attack surface. If attackers can neutralize your detection stack, they gain time, persistence, and operational freedom.

The implication is significant: organizations relying on a single EDR solution are operating with a single point of failure.

“Attackers aren’t bypassing your defenses—they’re turning them into theirs.” James Azar and continues "That's why you need two endpoint products, not just one. It's a sad truth, but you've got to layer them. They might be able to silence Defender, but they can't silence SentinelOne or CrowdStrike. Attackers are no longer just evading endpoint security, they're actively weaponizing it."

Domain Controller Patch Failure – Operational Risk from Remediation

Simultaneously, Microsoft’s April patch cycle introduced instability in domain controllers, triggering reboot loops and widespread authentication failures.

This resulted in cascading operational disruptions, including login failures, VDI outages, and identity system degradation.

This is the paradox of modern security operations: patching is essential, but poorly validated patches can introduce systemic risk. Identity infrastructure must be treated as mission-critical systems requiring controlled deployment pipelines.

AI Supply Chain Exploitation – Marimo and Hugging Face

The Marimo RCE vulnerability, exploited within hours of disclosure, demonstrates how quickly attackers are operationalizing weaknesses in AI tooling.

Attack chains now include trusted platforms like Hugging Face, combined with decentralized command-and-control infrastructure, making mitigation more complex.

This signals a new reality: AI development environments are now enterprise attack surfaces, often deployed without the rigor applied to traditional infrastructure.

Anthropic MCP Vulnerability – Systemic AI Risk

A critical design flaw in Anthropic’s Model Context Protocol (MCP) introduces remote code execution risk across a wide ecosystem of AI development tools.

The scale of exposure millions of downloads and hundreds of thousands of instances—combined with the vendor’s stance that the behavior is “by design,” raises serious concerns about security maturity in AI frameworks.

This is not a bug. It is an architectural risk.

Lazarus Group Crypto Heist – Industrialized Financial Attacks

North Korea’s Lazarus Group executed a $290 million exploit against KelpDAO, leveraging weaknesses in cross-chain bridge architecture.

This follows a repeatable playbook: compromise infrastructure, manipulate trust assumptions, and extract value at scale.

Layer Zero is attributing the attack to North Korea’s Lazarus Group, specifically the TraderTraitor cluster.

The attack chain:

1. Compromised the downstream RPC endpoint that DVN relied on

2. Used DDoS to force failover to the poisoned endpoint

3. Spoofed cross-chain messages through KelpDAO’s single verifier setup

KelpDAO is disputing the narrative, arguing the single verifier configuration was Layer Zero’s own default rather than an unusual choice.

This correlates with Bybit’s $1.5 billion heist playbook and the broader DPRK revenue engine we’ve been tracking. April 2026 is now the worst month for crypto hacks since February 2025, with over $606 million lost in 18 days.

The volume of crypto theft in April alone underscores a critical trend financial cybercrime is now operating at nation-state scale and efficiency.

Salesforce Campaign – ShinyHunters Expands Targeting

ShinyHunters continues its campaign targeting Salesforce environments, now focusing on high-value organizations like Aman Resorts.

The Aman Resorts story is short but sharp, and the clock is ticking. Ransomware.live and Hookfish report Shiny Hunters added the ultra-luxury hospitality brand Amman Resorts to its leak portal on April 19th, claiming 500,000 Salesforce records of PII with an April 21st deadline to pay or see the data posted publicly.

This listing is the latest in Shiny Hunters’ active Salesforce-centric campaign that has also touched 7-Eleven, Pitney Bowes, Canada Life Assurance Company, and Marcus & Millichap in the last two weeks.

Rather than exploiting platform vulnerabilities, attackers are abusing integrations, OAuth scopes, and API access.

This reflects a broader shift toward identity and integration layer exploitation, where traditional perimeter defenses offer little protection.

Subscribe now

BlueSky DDoS – Availability as a Primary Target

A multi-day DDoS attack against BlueSky disrupted core platform functionality, reinforcing that availability remains a critical component of security.

As organizations adopt decentralized architectures, mitigating volumetric and application-layer attacks becomes increasingly complex.

Internet Exposure – FTP as a Persistent Weakness

Despite years of awareness, over 2.4 million internet-facing FTP servers still operate without encryption. This is not a sophisticated threat, it is a failure of basic security hygiene at global scale.

Cleartext protocols continue to provide attackers with effortless access to credentials and sensitive data.

Key Action Items

• Deploy layered endpoint security controls to mitigate EDR tampering risks

• Implement staged patching and validation for identity infrastructure

• Secure AI and data science environments with enterprise-grade controls

• Audit and restrict AI agent frameworks and MCP integrations

• Enforce multi-verifier models in blockchain and DeFi architectures

• Review SaaS integrations, OAuth scopes, and API access patterns

• Strengthen DDoS response strategies with pre-defined mitigation plans

• Eliminate cleartext protocols and enforce encryption across all services

• Monitor for credential theft and privilege escalation indicators

• Continuously validate trust assumptions across all systems

Leave a comment

James Azar’s CISOs Take

What we’re seeing today is not a series of independent failures, it’s a systemic shift in how cyber risk manifests. Endpoint protection, AI tooling, patching processes, and financial systems are all being tested simultaneously. This isn’t coincidence. It’s the result of attackers identifying where trust has been overextended and exploiting it at scale.

The path forward requires a fundamental change in approach. Security can no longer rely on static controls or assumptions of safety. Every system must be treated as potentially compromised, every integration as a risk vector, and every layer as something that must be continuously validated. Organizations that embrace this mindset will adapt. Those that don’t will continue reacting to incidents rather than preventing impact.

Stay Cyber Safe

Today’s show is one of those where you can clearly see the convergence of everything we’ve been talking about AI risk, supply chain compromise, critical infrastructure targeting, and long-tail operational damage.

And if there’s one theme that cuts across every single story today, it’s this: attackers are abusing trust faster than defenders can validate it.

Double espresso in hand, let’s get into it. Coffee Cup Cheers

Subscribe now

AI Threat to Global Banking: Speed vs. Control

We kick things off with financial leaders warning that advanced AI models could destabilize parts of the global banking system. This isn’t about hallucinations or bad outputs, it’s about scale and speed.

AI is enabling fraud, automating attacks, and accelerating decision-making faster than human oversight can keep up. And in banking, where regulation slows everything down, that gap becomes dangerous.

The real risk here is systemic fraud happening faster than institutions can detect or respond, potentially leading to financial instability.

This is where AI shifts from a tool to a threat multiplier.

Vercel Breach: Developer Infrastructure Under Fire

Next, Vercel confirmed a breach involving unauthorized access to internal systems, with attackers claiming access to source code, tokens, and internal dashboards.

This is a direct hit on developer infrastructure and CI/CD environments.

“Attackers don’t need to break trust, they just need to use it better than we protect it.”

And that matters because these systems aren’t just internal, they’re gateways into production environments and customer data. The risk here isn’t just what was accessed, it’s what can be accessed next through stolen tokens and deployment pipelines.

This is supply chain risk in real time.

Crypto Exchange Hack: Blame vs. Reality

A crypto exchange suffered a $13.7 million hack and blamed Western intelligence agencies. Regardless of attribution, the reality is simple, the funds are gone.

This highlights a recurring issue in crypto incidents: geopolitics often clouds transparency. But users don’t care about attribution, they care about access to their funds.

The risk is erosion of trust in platforms where accountability becomes secondary to narrative.

NHS Ransomware Fallout: Two Years Later, Still Broken

The NHS story is one of the most important today—and the most overlooked.

Nearly two years after a ransomware attack, healthcare services in London are still dealing with the fallout thousands of delayed procedures, disrupted diagnostics, and ongoing operational issues.

“Cyber incidents don’t end when systems come back online—they end when operations fully recover.” James Azar

This is the long tail of cyber incidents. Ransomware isn’t just a data problem, it’s a multi-year operational crisis. And healthcare, more than any other sector, feels that impact directly in patient care.

ZionSiphon Malware Targets Water Infrastructure

This is one of the most concerning stories of the day. ZionSiphon malware is targeting water treatment and desalination systems, specifically looking for processes related to chlorine handling and water purification.

It even includes references to poisoning water supplies. This isn’t theoretical.

This is early-stage OT malware with real-world consequences.

Even if incomplete, it’s enough to cause damage—and that’s what makes it dangerous. We’ve seen this before. Oldsmar, Florida. One analyst prevented disaster. This is that same playbook evolving.

Apache ActiveMQ Exploited: Old Bugs, New Campaigns

ActiveMQ vulnerabilities are now being actively exploited, often chained with default credentials and older bugs. This is a recurring theme:

Old vulnerabilities + weak configurations = new attacks. Middleware like ActiveMQ sits deep in application environments, making it a perfect foothold for attackers.

Quiet. Persistent. Dangerous.

Fortinet Sandbox Flaw: Security Tools Become Attack Vectors

A critical Fortinet Sandbox vulnerability allows unauthenticated command execution as root with public exploit code already available. This is a reminder that security tools themselves are part of the attack surface.

If compromised, they become trusted footholds for attackers. The irony is real and so is the risk.

Apple Alert Phishing: When Real Becomes the Threat

Attackers are abusing legitimate Apple account notifications to deliver phishing messages. These emails pass all authentication checks, SPF, DKIM, DMARC, because they’re actually sent by Apple.

This is next-level phishing. No fake domains. No obvious red flags. Just trusted communication turned into an attack vector.

Good Guys Prevail: DDoS Crackdown and North Korea Sentencing

On the positive side, law enforcement disrupted a DDoS-for-hire network, seizing domains and warning over 75,000 users. Additionally, two individuals were sentenced for supporting North Korea’s fake IT worker scheme.

These are wins—but they’re temporary. Cybercrime ecosystems adapt quickly. Disruption creates friction, not elimination.

DraftKings Credential Stuffing Case: Old Tactics Still Work

Finally, the DraftKings case reminds us that credential stuffing is still highly effective. Attackers used reused credentials from other breaches to access 60,000 accounts and monetize them.

No zero-days. No advanced techniques. Just reused passwords.

Sometimes the biggest risks are still the simplest.

Action Items for Security Leaders

• Introduce human approval gates for high-risk AI-driven financial workflows

• Treat CI/CD and developer platforms as production-grade assets

• Enforce rapid token rotation and eliminate static credentials

• Demand transparency and proof-of-reserve in crypto platforms post-incident

• Build healthcare recovery plans around clinical workflows, not just IT systems

• Baseline OT behavior and monitor for unauthorized process changes

• Remove default credentials and patch middleware like ActiveMQ immediately

• Patch and audit security appliances as high-priority infrastructure

• Train users to verify alerts directly from official apps—not email links

• Strengthen defenses against credential stuffing and automated abuse

Leave a comment

James Azar’s CISOs Take

What stood out to me today is how interconnected everything has become. AI, cloud, OT systems, and user behavior are no longer separate domains—they’re all part of the same attack surface. When attackers exploit trust in one area, it cascades into others. That’s why we’re seeing incidents that start in one place and end somewhere completely different.

The second takeaway is the importance of resilience. Too many organizations still think in terms of prevention, but today’s stories especially NHS and water infrastructure show that recovery and continuity are just as critical. We need to design systems not just to stop attacks, but to survive them. Because in today’s environment, survival is the real measure of security.

Stay Cyber Safe.

We’re back and yes, the Azar family grew by one beautiful baby boy this week. Sleep is rare. Coffee is mandatory. And James is back in the saddle with the double espresso running and the full Security Gang energy you’ve come to expect.

If this week’s stories have a common thread, it’s this: the most dangerous cyber threats aren’t the loudest ones. Sweden was nearly hit by a Russian attack on its heating infrastructure, and that attack failed, but the intent was unmistakable. Ukrainian hospitals and government agencies are being targeted with malware specifically designed to disrupt societal stability. Twelve thousand systems in the Middle East were scanned in an Iranian-style reconnaissance campaign.

And Patch Tuesday arrived with what may be the second-largest Microsoft patch cycle ever 167 vulnerabilities, including an exploited SharePoint zero-day arriving the same week as critical patches from Fortinet, SAP, Adobe, Ivanti, and eight major industrial vendors.

Meanwhile, the week’s breach stories reinforced a pattern we’ve been tracking for months: attackers exploiting trust rather than force. Booking.com, Rockstar Games via Snowflake, McGraw-Hill via a Salesforce misconfiguration, a Kraken insider threat, and supply chain compromises in GitHub, Jira, and npm all shared the same fingerprint legitimate access, trusted platforms, and no alarm bells until it was too late.

James opened one of this week’s shows with a reflection on Yom HaShoah Holocaust Remembrance Day and the quiet, slow erosion that precedes catastrophe. It was a reminder that whether in society or in cybersecurity, the warnings come long before the breaking point. The question is whether we’re paying attention.

“Attackers keep winning by abusing things we already trust — SaaS pages, support workflows, app authorization, collaboration platforms, and even our own security appliances, ERP systems, and VPN clients. The defensive move is not magic. It is knowing which trusted systems have the highest blast radius and hardening those first. That is how you reduce risk.”

Let’s get into it.

Subscribe now

🌐 Geopolitical Cyber Warfare

Sweden Attributes Heating Plant Attack to Russian-Linked Group

Swedish officials attributed a cyberattack on a district heating plant to a pro-Russian group with ties to Russian intelligence. The attack failed operationally but that’s not the lead. The intent is. This fits a sustained European pattern of targeting civilian infrastructure not to destroy it, but to create instability and psychological pressure on populations. Heating. Power. Water. These aren’t military targets they’re societal pressure points. Gray-zone warfare doesn’t need to succeed to succeed. The attempt alone achieves its goal.

“If we treated our power plants the way pilots treat an airplane, we would likely have less of these events on the engineering side. As security practitioners, we ought to be planning for the day after. That day after is network obfuscation. That day after is inline data encryption even within your air-gapped networks.”

AgingFly Malware Targets Ukrainian Government and Hospitals

A new malware strain AgingFly is actively targeting Ukrainian government organizations and healthcare systems. This is not opportunistic cybercrime. It is deliberate targeting of the institutions that sustain public life. Hospitals and government agencies are being hit because disrupting them destabilizes society without requiring kinetic escalation. Cyber resilience in healthcare and public sector environments is no longer an IT goal, it is a national security imperative.

12,000 Systems Scanned in Iranian-Style Reconnaissance Campaign

More than 12,000 systems in the Middle East have been scanned in a campaign mirroring Iranian reconnaissance tactics. Scanning is not the attack, it’s the preparation for one. This is patient, methodical threat actor behavior: map the environment, identify weaknesses, and return with precision. This aligns directly with prior reporting on Iranian pre-positioning across U.S. industrial and critical infrastructure. Today’s scan is tomorrow’s disruption.

4,000 U.S. Industrial Devices Remain Exposed to Iranian Targeting

Nearly 4,000 U.S. industrial devices remain directly internet-exposed and vulnerable to Iranian-linked activity. These are operational technology systems, they control physical processes. Leaving them exposed is not a misconfiguration. It is an open invitation in a high-risk neighborhood. The question is no longer whether someone will walk through that door, it’s when.

Iranian Cyber Threats Target U.S. Energy Infrastructure

CISA and NERC continue to issue warnings around Iranian-linked activity targeting U.S. critical infrastructure, with particular focus on energy systems. The current activity remains focused on reconnaissance and persistence rather than immediate disruption. But in the Iranian threat model, today’s foothold is tomorrow’s leverage. OT environments with any internet exposure should treat this as an active threat, not a theoretical one.

💥 Stryker Fallout: Cyber Becomes a Business Event

Stryker Confirms Material Q1 Earnings Impact from Iran-Linked Attack

Stryker confirmed this week that the March 11 Iran-linked attack had a material impact on Q1 earnings. The Handala group gained access to Microsoft Intune, wiped more than 200,000 devices, and disrupted the company’s ordering and supply chain systems. Operations have since been restored — but the damage was real, measurable, and reported to investors.

This is the clearest example in recent memory of cyber leaving the SOC and landing on a hospital floor, and then in an earnings release. Medical staff adapted under constrained equipment conditions. Hospitals extended the use of existing devices. And a publicly traded company disclosed financial harm directly attributable to a nation-state-linked cyber operation. For CISOs still struggling to quantify cyber risk in business terms, this is the case study.

🔓 Data Breaches & Exposures

Booking.com Breach: Identity and Access, Not Infrastructure

Booking.com confirmed a breach affecting user data, likely tied to compromised credentials or third-party access workflows rather than a direct infrastructure intrusion. This is the modern breach pattern: no forced entry, just trusted access used incorrectly. Travel and hospitality platforms hold high-value identity data that fuels downstream fraud, social engineering, and impersonation at scale. For users, this is a direct reminder that passwords alone are insufficient MFA is non-negotiable on any platform holding financial or travel data.

Rockstar Games: Snowflake Environment Accessed via Third-Party Credentials

ShinyHunters claims access to Rockstar Games data stored in a Snowflake cloud environment via a compromised third-party analytics platform. The attack pattern is textbook: stolen credentials, legitimate API access, no alerts triggered. Once inside a cloud environment via valid credentials, attackers move at the speed of the platform itself. Cloud security monitoring must go beyond perimeter controls to include behavioral anomaly detection for API access patterns across every integrated third-party service.

McGraw-Hill Salesforce Misconfiguration: ShinyHunters Claims 45 Million Records

McGraw-Hill is the latest victim in ShinyHunters’ ongoing Salesforce campaign. The attackers reportedly exploited a misconfigured Salesforce-hosted web page not the core enterprise tenant, and are claiming 45 million records and threatening to leak if not paid. McGraw-Hill stated that core systems, customer databases, and student platforms were not accessed. But the blast radius of SaaS misconfigurations regularly extends far beyond what organizations initially assume. Every externally reachable SaaS-hosted page requires explicit access control validation, not just the main platform tenant.

Kraken Insider Threat: Support Employees Enable Extortion Attempt

Kraken disclosed that a cybercrime group attempted to extort the exchange using videos allegedly showing internal systems. At the root: two support employees accessed limited customer data improperly. Client funds were not at risk. But the incident demonstrates a consistent pattern, when externally hardened environments are difficult to breach, attackers pivot to the human layer. Support functions with access to customer data are high-value social engineering targets, particularly where wage disparities create vulnerability to outside influence. Just-in-time access and session recording for support teams are essential controls.

CPU-Z Trojanized Downloads: Supply Chain at Distribution Level

Attackers compromised the CPUID website to distribute trojanized versions of CPU-Z and HWMonitor. This is supply chain compromise at the final distribution point trusted tools from a recognized domain, delivering malware to users who never suspected anything was wrong. Most users will not verify cryptographic signatures before installing a familiar utility. That’s the gap attackers are exploiting. Enforce signature verification as a baseline requirement before any software installation in enterprise environments.

RCI Hospitality IDOR Vulnerability Exposes Contractor Data

RCI Hospitality disclosed an insecure direct object reference vulnerability in their web application that exposed contractor data without triggering traditional security alerts. IDORs are unglamorous but brutally effective the application hands attackers the data without any exploitation of authentication systems. Object-level authorization testing must be part of every application security release gate, particularly for portals handling workforce and contractor records.

🕵️ Nation-State Activity & Advanced Threats

North Korea’s $280 Million Crypto Theft: Corporate-Grade Operations

The post-mortem on the Drift crypto theft reveals an operation that reads less like a hack and more like a business. North Korea orchestrated a $280 million theft using fake companies, sustained relationship-building, social engineering, and physical presence at industry conferences. This was not remote exploitation, it was long-game infiltration. Fake identities. Real relationships. Trust built over months before a payload was ever deployed. If your security model doesn’t account for adversaries who operate at this level of patience and organizational sophistication, it is not accounting for the actual threat.

North Korea’s APT37: Facebook-Based Social Engineering Campaign

APT37 is running an active social engineering campaign using fake Facebook personas to build relationships with targets before deploying malware payloads. This is patience over speed, psychology over technology. Attackers establish trust across weeks or months before any technical action is taken. This is where most defenses still fall short, because they are built to detect technical indicators, not human behavioral manipulation. Employee awareness of relationship-building social engineering is a required defensive layer.

🛡️ Vulnerabilities & Patch Tuesday

Microsoft Patch Tuesday: SharePoint Zero-Day + 167 Fixes — Second Largest Ever

Microsoft addressed 167 vulnerabilities this month, the second largest Patch Tuesday by CVE count on record including an actively exploited SharePoint zero-day (CVE-2026-29231) that was publicly known before patches were released. Collaboration and content platforms continue to draw the most adversarial attention. Internet-facing systems like SharePoint must have a dedicated fast-lane patch process, they cannot wait in the same queue as routine workstation updates.

Fortinet: CVE-2026-27813 Across Multiple Products

Fortinet released a broad patch set with clear prioritization around CVE-2026-27813, affecting FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiPAM, and FortiSwitch Manager. The perimeter and management plane continue to be primary targets. Every security appliance should be treated as production infrastructure and patched according to attack surface priority, not product popularity.

SAP: 19 Security Notes Including Critical CVSS 9.9 SQL Injection

SAP released 19 new security notes covering more than a dozen products, including CVE-2026-27681, a CVSS 9.9 SQL injection vulnerability in Business Planning and Consolidation and Business Warehouse that could lead to arbitrary code execution. ERP and core business systems must be treated as crown jewel infrastructure. Attackers who land in SAP don’t just steal data they learn how the business operates. Prioritize SAP remediation based on process criticality and direct business exposure.

Adobe: 55 Vulnerabilities Including Critical ColdFusion Flaw

Adobe patched 55 vulnerabilities across 11 products, with a critical ColdFusion vulnerability representing the highest real-world exploitation risk. ColdFusion has a consistent history of showing up in attack chains precisely because it sits in the internet-facing application layer. If ColdFusion is still running in your environment, place it behind additional network controls and treat it as a high-risk exception requiring active monitoring.

Ivanti: RCE and Authentication Bypass Return

Ivanti surfaced again this week with two new vulnerabilities — a remote code execution flaw and an authentication bypass. Platforms that broker access and manage systems sit in the critical flow of enterprise trust. Ivanti’s recurring presence in the threat landscape is not a coincidence it reflects consistent adversarial interest in control-plane compromise. Patch immediately and validate that no previous exploitation paths remain active.

CISA Flags Windows Task Host Privilege Escalation Under Active Exploitation

CISA flagged a Windows Task Host vulnerability as actively exploited, allowing attackers to escalate to SYSTEM-level access. Privilege escalation is where initial access becomes full control. Once an attacker reaches SYSTEM on a shared or high-value system, the scope of compromise expands rapidly. This vulnerability warrants immediate remediation prioritization.

NGINX UI Zero-Day: Management Interface Compromise

Active exploitation of a critical NGINX UI zero-day continues. Exposed administrative interfaces remain one of the most consistently effective attack vectors — not because they’re sophisticated, but because convenience keeps winning over security. Management panels left accessible to the internet are an open invitation. Remove or restrict all exposed administrative interfaces immediately.

ICS Patch Tuesday: Eight Major Industrial Vendors

Siemens, Schneider Electric, Rockwell, and five additional industrial vendors released advisories in this month’s ICS Patch Tuesday. OT environments accumulate risk over time long-lived systems, infrequent patching, and operational continuity constraints combine to create compounding vulnerability. Establish dedicated OT vulnerability management processes that account for the unique operational constraints of industrial environments.

Synology SSL VPN Client: Remote Access Vulnerabilities

Synology released updates for SSL VPN client vulnerabilities. Vendor guidance specifies upgrading to version 1.4.5-0684 or newer and calls for active monitoring of configuration changes and unusual traffic behavior. VPN configuration changes should be monitored with the same urgency as failed login attempts remote access is where trust and network access intersect most dangerously.

Juniper and Chrome Continue Steady Patch Cycles

Juniper patched dozens of Junos OS vulnerabilities, and Chrome released version 147 with 60 fixes including two critical. Neither is a single dramatic event both reflect the ongoing maintenance reality of foundational infrastructure. Browsers and network devices are prime targets precisely because they are ubiquitous and trusted. Keep them current automatically.

🤖 AI, Supply Chain & Developer Threats

Cloud Security Alliance Releases Mythos AI Threat White Paper

The Cloud Security Alliance, led by Gadi Evron, published a white paper on Anthropic’s Mythos AI model and its implications for the cybersecurity threat landscape reviewed by over 100 CISOs. The core concern: AI tools like Mythos dramatically accelerate both vulnerability discovery and exploit development, compressing the timeline between disclosure and weaponization in ways the industry has not yet calibrated for. This is required reading for security leadership. Download it at cyberhubpodcast.com.

OpenAI Caught in Axios npm Supply Chain Compromise

OpenAI was caught in the blast radius of the Axios npm package supply chain compromise. This confirms a pattern: supply chain attacks don’t stop at developers they propagate through enterprise apps, AI platforms, and into production systems. Once trust is compromised at the package level, everything downstream inherits that risk. Software composition analysis is foundational security hygiene, not an advanced practice.

Glassworm Evolves: Zig-Based Dropper Targets Developer IDEs

Glassworm returned with a new variant using a Zig-based dropper to target developer environments and IDE ecosystems. Attackers are moving upstream into the development lifecycle because controlling the developer environment means influencing what gets built. Supply chain compromise at the IDE layer is persistent, quiet, and extraordinarily difficult to detect after the fact. Lock down developer environments with signed plugins, approved extension lists, and access controls.

PHP Composer Flaws Enable Arbitrary Command Execution

New vulnerabilities in PHP Composer enable arbitrary command execution within software build workflows. This is the same threat surface the Team PCP group exploited in expanding across developer toolchains. Pin Composer and all build chain tooling to approved internal baselines rather than allowing developer environments to drift toward the latest available version.

GitHub and Jira Notification Abuse for Malware Delivery

Attackers are abusing GitHub and Jira notification systems to deliver malicious links inside expected, trusted workflow communications. Users don’t question notifications from platforms they rely on daily and attackers have learned to exploit exactly that behavioral pattern. Extend phishing inspection to collaboration platform notifications, not just email. Security teams often overlook these channels entirely.

⚖️ Policy, Regulation & Industry

FCC Cybertrust Mark: IoXT Alliance Named New Lead Administrator

The FCC Cybertrust Mark program, a consumer-facing security certification for connected devices has a new lead administrator after UL withdrew. The non-profit IoXT Alliance takes over, putting the program back on track. Given the persistent exploitation of routers, IoT devices, and unmanaged endpoints, any policy initiative that raises the baseline security floor for connected devices has real-world defensive value. This program matters.

FCC Grants Netgear Exemption in Router Certification Rules

The FCC granted Netgear an exemption related to router certification requirements and foreign-owned testing labs. This sits at the intersection of cybersecurity, geopolitics, and supply chain policy. Hardware certification decisions directly influence how secure or insecure network infrastructure becomes at the consumer and enterprise level alike. Policy decisions are now security decisions.

Privacy Research: Tracking Persists After User Opt-Outs

New research indicates major technology companies can continue tracking users even after opt-out mechanisms are activated. The security implication is not just privacy: if controls don’t behave as documented, then compliance assumptions break down. Defenders cannot rely solely on vendor claims. Validate privacy and tracking controls independently including within your own environment.

Leave a comment

✅ This Week’s Priority Action List

Immediate (Do This Now)

• Patch Microsoft SharePoint CVE-2026-29231 immediately — publicly known before patches released, active exploitation likely

• Patch SAP CVE-2026-27681 (CVSS 9.9) — arbitrary code execution in ERP core infrastructure

• Patch Fortinet CVE-2026-27813 across FortiOS, FortiManager, FortiAnalyzer, FortiProxy, FortiPAM, FortiSwitch Manager

• Patch Ivanti RCE and authentication bypass vulnerabilities — control plane compromise risk

• Patch Windows Task Host privilege escalation — CISA confirmed active exploitation, SYSTEM access at stake

• Remove or restrict all exposed NGINX UI management interfaces — active zero-day exploitation underway

• Patch Synology SSL VPN client to 1.4.5-0684 or newer and monitor for configuration anomalies

Short-Term (This Month)

• Audit every externally reachable SaaS-hosted page and Salesforce integration — McGraw-Hill is not an isolated incident

• Implement just-in-time access and session recording for all support functions touching customer data

• Enforce cryptographic signature verification for all software downloads in enterprise environments

• Add object-level authorization testing to application security release gates

• Eliminate direct internet exposure for all OT, industrial, and ICS systems 4,000 U.S. devices remain exposed

• Deploy behavioral anomaly detection for cloud API access across all third-party SaaS integrations

• Review and pin PHP Composer and developer build tooling to approved internal baselines

• Extend phishing inspection to GitHub, Jira, and all collaboration platform notification channels

Strategic (This Quarter)

• Establish dedicated OT vulnerability management processes separate from IT patch cycles

• Download and review the Cloud Security Alliance Mythos white paper — calibrate your AI threat timeline assumptions

• Build dedicated fast-lane patch processes for internet-facing collaboration platforms separate from workstation cycles

• Treat SAP and ERP systems as crown jewel infrastructure with process-criticality-based patching priority

• Implement network obfuscation and inline data encryption for critical infrastructure environments

🎙️ James Azar’s CISO’s Take

When I look across this week’s stories, the most important thing I see is how much risk sits below the surface — quiet, patient, and methodical. Sweden’s heating plant, Ukrainian hospitals, Iranian reconnaissance across 12,000 systems, a SharePoint zero-day already known to attackers before patches dropped. These are not loud, chaotic events. They are deliberate campaigns against the systems that keep society functioning. And that’s exactly what makes them dangerous — they accumulate unnoticed until the disruption is unavoidable. Stryker hitting a quarterly earnings report is the clearest signal yet that cyber risk is no longer an IT budget line. It is a business event, a financial event, and a human event.

The second takeaway is about the pace of change. The Cloud Security Alliance’s Mythos white paper, Jason Clinton and Kevin Mandia’s commentary, and this Patch Tuesday’s record-setting CVE count all point to the same reality: AI is compressing vulnerability discovery and exploit development into timelines defenders have never had to operate against before. The answer isn’t panic — it’s prioritization. Know which trusted systems carry the highest blast radius. Harden those first. Build resilience into how you operate, not just how you prevent. Because at the scale and speed this threat environment is moving, perfection isn’t achievable but preparedness is.

📋 Week in Summary

This was a week that reminded practitioners of something easy to lose sight of under the volume of daily threat intelligence: cybersecurity is not about protecting dashboards. It’s about protecting the systems that keep hospitals running, supply chains moving, heating plants operating, and governments functioning. Sweden, Ukraine, and Stryker all told the same story from different angles when cyber operations are targeted not at data but at operational continuity, the consequences extend far beyond the perimeter and into people’s lives.

Technically, the week was defined by volume and trust exploitation at scale. The second-largest Patch Tuesday ever. Critical patches from SAP, Fortinet, Adobe, Ivanti, and eight industrial vendors simultaneously. And breach after breach — Booking.com, Rockstar, McGraw-Hill, Kraken — sharing the same fingerprint: no forced entry, just trusted access misused, misconfigured, or manipulated through the human layer. The defensive posture this demands is not more tools or more rules. It is continuous validation of every trust assumption in your environment, prioritized by blast radius, executed with the speed the threat environment now requires.

Stay informed. Stay prepared. Stay Cyber Safe. 🔐

© CyberHub Podcast | Subscribe on Substack | Watch on YouTube | Follow on LinkedIn

Today’s episode is one of those that reminds us cybersecurity isn’t just about alerts and dashboards, it’s about heating plants, hospitals, industrial systems, and the very infrastructure that keeps society running.

What we’re seeing today is not loud ransomware headlines, it’s something far more dangerous: low-visibility, high-impact activity targeting the systems people rarely think about but depend on every day.

“You’re not waiting to be attacked, you’re already on someone’s scan list.”

Coffee cup cheers, let’s dive in.

Subscribe now

Sweden Blames Russia for Energy Infrastructure Attack

We begin in Sweden, where officials have attributed a cyberattack on a heating plant to a pro-Russian group linked to intelligence services.

The attack itself failed, but that’s not the story. The story is intent.

This fits a broader European pattern: probing civilian infrastructure heating, power, utilities not necessarily to destroy, but to create instability and psychological pressure.

These aren’t battlefield operations. These are societal pressure campaigns.

The risk is clear: disruption of everyday life systems without triggering full-scale conflict. And that’s exactly the kind of gray-zone warfare we’re seeing more of.

AgingFly Malware Targets Ukrainian Government and Hospitals

Next, we move to Ukraine, where a new malware strain—AgingFly—is actively targeting government organizations and healthcare systems.

This is not opportunistic cybercrime. This is deliberate targeting of public service continuity.

Hospitals and government agencies are being hit because they represent stability. Disrupt them, and you disrupt society. This is cyber warfare in its purest form, pressure without kinetic escalation.

The takeaway here is that resilience in healthcare and public sector systems is no longer optional, it’s strategic.

12,000 Systems Scanned in Iranian-Style Recon Campaign

In the Middle East, more than 12,000 systems have been scanned in what mirrors Iranian reconnaissance tactics.

And this number matters. Because scanning is the beginning not the end.

This is patient threat actor behavior: map the environment, identify weaknesses, and come back later with precision. This aligns with everything we’ve been saying about pre-positioning. Attackers aren’t rushing, they’re preparing.

The risk is that today’s scan becomes tomorrow’s disruption.

CISA Flags Windows Task Host Flaw Under Active Exploitation

CISA has flagged a Windows Task Host vulnerability as actively exploited, allowing attackers to escalate privileges to SYSTEM.

This is a classic move. Initial access is just step one. Privilege escalation is where the real control begins.

Once attackers reach SYSTEM-level access, they own the box, and often the network. This is a reminder that even “local” vulnerabilities matter, especially in shared or high-value environments.

NGINX UI Zero-Day Under Active Exploitation

We also have active exploitation of a critical NGINX UI vulnerability.

And this one is painfully familiar. Management interfaces exposed to the internet. Admin panels left accessible. These are some of the easiest entry points for attackers, and they keep working.

Why? Because convenience keeps winning over security.

The risk is full server compromise through exposed administrative tooling.

Ivanti Vulnerabilities Continue to Surface

Ivanti is back again with two new vulnerabilities, including an RCE and an authentication bypass. At this point, this isn’t surprising, it’s expected.

Platforms that broker access and manage systems sit directly in the flow of trust. That makes them prime targets. And attackers know it.

The risk is control of the control plane, visibility, automation, and access all in one place.

ICS Patch Tuesday: Industrial Giants Face Ongoing Risk

Eight major industrial vendors, including Siemens, Schneider Electric, and Rockwell, released new advisories in ICS Patch Tuesday.

This highlights a persistent issue: OT environments are long-lived, hard to patch, and often ignored. Unlike IT systems, these environments accumulate risk over time.

“If it runs the physical world, attackers are already looking at it.”

And when vulnerabilities are finally exploited, the impact isn’t just data—it’s physical operations.

Privacy Research: Tracking Persists Despite Opt-Outs

New research suggests that major tech companies can still track users even after opt-out mechanisms are used. This isn’t just a privacy issue, it’s a trust issue.

If controls don’t behave as expected, then assumptions about compliance and protection break down. For defenders, this means we can’t just trust vendor claims, we have to validate them.

FCC Grants Netgear Exemption in Router Certification Rules

Finally, the FCC granted Netgear an exemption related to router certification rules tied to foreign-owned test labs. This may seem administrative, but it’s not.

It sits at the intersection of cybersecurity, geopolitics, and supply chain. Policy decisions now directly impact how secure or insecure, our infrastructure becomes.

Action Items for Security Leaders

• Eliminate internet exposure for OT and industrial control systems

• Implement network obfuscation and segmentation for critical infrastructure

• Isolate healthcare and government systems from public-facing networks

• Prioritize patching of privilege escalation vulnerabilities on key systems

• Remove or restrict access to exposed management interfaces

• Segment ITSM and administrative platforms from broader environments

• Establish dedicated OT vulnerability management processes

• Validate privacy and tracking controls independently of vendor claims

• Monitor large-scale scanning activity as early indicators of future attacks

• Plan for resilience—not just prevention—in critical infrastructure environments

Leave a comment

James Azar’s CISOs Take

What stands out to me today is how much of the risk we face sits below the surface. These aren’t flashy ransomware attacks or headline-grabbing breaches. These are quiet, methodical campaigns targeting the systems that keep society functioning. And that’s what makes them dangerous, because they often go unnoticed until it’s too late.

The second takeaway is that we have to stop thinking about cybersecurity as purely digital. When attacks impact heating plants, hospitals, and industrial systems, the consequences are physical, human, and immediate. Our job as practitioners isn’t just to prevent compromise, it’s to ensure continuity. Because in today’s world, cyber resilience is societal resilience.

Stay Cyber Safe.