Good morning, security gang,

This week’s roundup is a masterclass in how trust and identity drive everything we do: vendor-led breaches (hello, Farmers), fourth-party token abuse riding your Salesforce integrations, and cloud delegated-admin gone sideways. Pair that with AI stepping out of the helper lane—running extortion playbooks and even showing up in a weaponized supply-chain hit—and you’ve got a threat surface that’s shifting under our feet.

We also saw real-world impact: municipalities and state services knocked off balance, telecom and loyalty data primed for SIM fraud, and ransomware rippling through manufacturing and logistics. On the flip side, policy and enforcement moved too: FTC lines on foreign censorship, CISA’s SBOM push, and big law-enforcement wins across Africa. I’ve broken everything down by category with crisp, one-paragraph briefs and a practical action list so you can triage, patch, and move on with your weekend.

Identity, SaaS & Cloud Trust

Farmers Insurance – vendor-led data exposure (1.1M). Attackers accessed customer PII (names, addresses, DOBs, driver’s license numbers, last-4 SSNs) via a third-party on May 30, making this the latest ripple in the Salesforce/Snowflake-style vendor compromise wave. For an insurer with ~19M policies, the incident is less a “hack of Farmers” than a failure of downstream identity and access controls—highlighting why vendor IAM, MFA and token governance matter as much as your own.

SalesLoft/Drift → Salesforce supply-chain pivot. A breach of the Drift integration at SalesLoft leaked OAuth/refresh tokens, letting intruders jump into customers’ Salesforce orgs and pull secrets (AWS keys, passwords, Snowflake tokens). SalesLoft revoked tokens and forced re-auth, but the story clarifies many “Salesforce breaches” were actually fourth-party token abuse—an integration trust problem, not a platform flaw.

Murky Panda/Silk Typhoon – abusing cloud delegated admin. CrowdStrike/Microsoft observed China-linked operators compromising cloud service providers with delegated admin rights, then creating stealthy backdoor accounts and reading email at scale. The campaign shows how inherited trust in CSP/customer relationships can eclipse your own tenant hardening if not continuously audited.

S1ngularity – AI-weaponized Nx supply-chain attack. Adversaries stole an NPM token and shipped malicious Nx releases with post-install scripts that exfiltrated SSH keys, GitHub tokens and wallets—while embedding prompts to exploit coding assistants (Claude/Gemini). The blend of package compromise plus AI-assisted reconnaissance marks a turning point in developer-pipeline risk.

Claude run as an autonomous extortion agent. Anthropic’s reporting described an operation that used Claude to coordinate multi-stage recon, credential theft, ransom sizing and tailored extortion across 17 orgs—netting ~$500k. It’s a proof that AI can orchestrate end-to-end crime with minimal human steering.

ScreenConnect “long-con” phishing. More than 900 enterprises were targeted with professionalized, AI-polished social engineering (fake NDAs, vendor threads) to install ConnectWise ScreenConnect for remote takeover. The sophistication sits in the pretext—weeks of believable engagement—more than the payload itself.

MixedShell via “Contact Us” workflows. Attackers ran patient B2B dialogues, then delivered weaponized ZIPs dropping in-memory MixedShell implants to U.S. industrial/semi/biotech firms (plus Japan/Singapore/Switzerland). It’s social-engineering at scale aimed straight at inbound business processes—not email blasts.

Storm-0501 – cloud-native ransomware tactics. Microsoft warned that actors are compromising Entra ID/Azure tenants, resetting MFA, elevating to global admin, encrypting cloud data with new keys and wiping recovery points—then extorting via Teams. Ransomware no longer needs an endpoint foothold when identity is the blast door.

Ransomware, Data Theft & Operational Disruption

Data I/O production shutdown. Ransomware halted manufacturing, shipping and support at the Washington-based device-programming vendor used across semis, EVs and consumer electronics. With ~$6M quarterly sales and blue-chip customers, even a “small” outage can cascade through charging infrastructure and automotive build lines.

Colt Technology – from extortion to open auction. After negotiations failed, the Warlock gang listed ~1M Colt documents for $200k, including financials and network diagrams. The pivot to dark-web auctions underscores how data monetization is maturing beyond victim-only sales.

Sweden’s MiljoData outage (200+ municipalities). Ransomware at a core software supplier knocked regional government HR and citizen services offline, with a 1.5 BTC leak threat. It’s a textbook example of how one vendor can be “critical infrastructure” by function even if not labeled as such.

Nevada state government cyber incident. Multiple agencies lost systems and VoIP—forcing in-person service suspensions—while 911 stayed up. The event again exposes the fragility of state back-office comms when landline or out-of-band fallbacks don’t exist.

Maryland Transit Authority MobilityLink disruption. Scheduling for disability transit went down even as core transit stayed up, illustrating how “niche” systems have outsized, real-world impact on vulnerable populations when resilience is thin.

Iranian tankers cut off at sea. Hackers claimed root access to shipboard satcom, disabling comms on ~60 vessels and isolating them from ports/shore. Maritime cyber remains a strategic weak point for Tehran—and a lever adversaries will keep pulling.

Nation-State & Espionage

Chinese APT targets diplomats with captive portals (PlugX). Google TAG tracked UNC6384 spoofing VPN/update pages to deliver signed loaders and PlugX, harvesting credentials and footholds across Southeast Asia. It’s classic Beijing tradecraft—quiet access for long-term political leverage.

Shadow Silk – China/Russia joint ops. Group-IB detailed a bilingual crew mixing Russian tooling with Chinese operators to hit government/energy in Central Asia and APAC via WordPress/Drupal exploits and Cobalt Strike. Collaboration blurs attribution and widens toolchains.

Salt Typhoon attribution to Chinese companies. A 13-nation intel advisory named PRC tech firms that enabled the wide-ranging campaign against political figures and telecoms, moving accountability from faceless “APTs” toward commercial facilitators.

APT-36 (Pakistan) goes Linux against Indian defense. Spear-phishing with .desktop droppers delivered modular malware via Google Drive, adding persistence and WebSocket C2. It reflects the growing Linux focus in South Asian espionage.

North Korean IT-worker infiltration. U.S.–Japan–ROK coordination in Tokyo addressed DPRK freelancers embedding in Western firms (often via China/Russia) to funnel wages and access to Pyongyang’s cyber/WMD programs—an insider risk masquerading as outsourcing.

Australia braces for Iranian hacktivists. After diplomatic expulsions, authorities expect DDoS/defacement/propaganda—less destructive, more narrative-shaping—prompting preemptive hardening of public-facing assets.

South Korea arrests Chinese hacker targeting BTS & execs. A 34-year-old was charged with telecom intrusions and identity theft tied to $28.9M in fraud, including celebrity targets. The case highlights cyber-enabled financial crime converging with data theft.

Vulnerabilities & Platform Risk

Git (CVE-2025-48384) exploited on macOS/Linux. Attackers manipulate submodule paths to force writes outside expected locations; PoCs are live. Windows isn’t affected, but Unix fleets must patch and hunt for odd file placements.

Citrix NetScaler bugs (KEV & zero-day). CISA added Session Recording flaws (CVE-2024-8068/8069) to KEV for privilege escalation/deserialization abuse; a separate NetScaler ADC/Gateway 0-day (CVE-2025-57775) received a fix. Treat as urgent due to historical mass exploitation.

Docker Desktop (CVE-2025-9074) container escape. Patched in v4.44.3, the flaw impacts macOS/Windows developer workstations; update fast and audit local socket exposure.

FreePBX admin-panel 0-day in the wild. The heavily deployed VoIP platform is seeing active exploitation; internet-exposed consoles should be patched or pulled behind VPN immediately.

Apple ImageIO (CVE-2025-43300) emergency patch. Out-of-bounds write in media parsing linked to spyware-style ops; iOS/iPadOS/macOS updates are available and should be prioritized.

Android malware wave (19M installs). Zscaler found 77 trojanized Play apps (Joker/Anatsa/T-Bot) posing as utilities, siphoning SMS, banking data and MFA tokens before takedowns—reaffirming MDM guardrails for app sources.

Android developer verification (2026). Google will require verified developer identities (incl. D-U-N-S) for all apps—even sideloaded—to curb the off-store malware epidemic. Policy is promising; enforcement will be the test.

Policy, Enforcement & Industry

FTC warns U.S. tech on foreign censorship. New chair Andrew Ferguson says applying EU/UK speech rules to Americans could be an unfair/deceptive practice under Section 5, putting platforms on notice amid Online Safety Act tensions.

"This censorship fight is going to heat up significantly, and eventually it'll hit a boiling point. Not all democracies are equal, and the idea that you can regulate speech or go after a foreign person's speech is itself a huge overreach." James Azar

CISA SBOM draft refresh. Proposed minimum elements add component hash, license, tool name and generation context, signaling a push toward machine-readable SBOMs that feed vuln and provenance workflows—likely hardening into expectations by 2026.

Interpol Serengeti 2.0 – 1,200 arrests, $97M seized. The cross-Africa sweep hit crypto mines, HYIP schemes and trafficking networks—evidence that coordinated law enforcement can dent the cybercrime economy’s logistics.

Insider sabotage – Eaton case. Ex-employee David Liu got four years for planting code that crashed networks after access reductions—an object lesson in insider risk monitoring, least privilege, and off-boarding rigor.

Netskope IPO filing. Strong growth ($707M 1H25, +33%) with continuing losses ($170M) sets up another security bellwether listing, reflecting investor appetite for cloud security despite profitability headwinds.

OFAC sanctions Russia/China nodes aiding DPRK IT. Treasury targeted facilitators of North Korea’s IT-worker scheme—tying financial pressure directly to insider-style cyber operations.

CrowdStrike acquires Onum. The $290M buy brings real-time telemetry pipelines to Falcon’s ecosystem, signaling continued consolidation around high-scale log/telemetry processing for AI-driven detection.

Retail, Telecom & Civic Services

Auchan France loyalty breach. Several hundred thousand loyalty accounts leaked names, contact info and card numbers (no passwords/payments), adding to a run of French retail/telecom hits that suggest systemic gaps in national digital ecosystems.

Orange Belgium (context from week). Exposure of names, numbers, SIM IDs and PUK codes for 850k customers arms attackers for SIM unlock/clone and fraud—telecom identity must be treated like financial credentials.

Maryland & Nevada service disruptions (context linked). Together, these show how VoIP and niche scheduling systems can become single points of failure for citizen-facing services when offline fallbacks aren’t maintained.

AI-Powered Malware (R&D to reality)

PromptLock – AI-enabled ransomware (PoC). Golang-based Windows/Linux samples use an open-weight LLM to generate task scripts for discovery/exfil/encryption. It’s resource-heavy today—but points to self-prompting ransomware with adaptive playbooks tomorrow.

Share

Quick Action List (do these now)

• Clamp SaaS & vendor trust: Enforce phishing-resistant MFA on Salesforce/Workday/Snowflake; revoke stale OAuth apps; rotate secrets; monitor delegated admin in CSPs.

• Patch with hunt: SharePoint CVE-2025-53770, Git CVE-2025-48384, Citrix KEV, Docker Desktop CVE-2025-9074, Apple CVE-2025-43300; then threat-hunt for web shells, token abuse, and odd OAuth grants.

• Harden telecom identity: Treat PUK/SIM data as crown jewels; enable SIM-lock and SIM-swap alerts; add high-risk transaction holds.

• Prepare for cloud-ransomware: Lock Entra ID/Azure: enforce MFA on all admins, disable legacy auth, review elevate-access logs, protect KMS keys/backups from tampering.

• AI-era phishing controls: Block unsanctioned remote tools (ScreenConnect), tighten browser/extension policies, and train for long-con vendor lures (NDAs, SOWs).

• SBOM readiness: Inventory components, capture hashes/licenses/tools; pilot machine-readable SBOM exchange with key suppliers.

Leave a comment

James Azar — CISO’s Take

This week was a clinic in interconnected trust. Farmers didn’t “fail” alone—its vendor did. Data I/O isn’t huge—but its downtime ripples through EV and device supply chains. Murky Panda didn’t need zero-days when delegated admin and stale OAuth could open doors. If your board asks what matters, the answer is simple: identity governance and patch velocity across your org and your vendors. Measure your maturity by two clocks—time to patch, time to mitigate—and by how fast you can revoke tokens, kill sessions, and rotate secrets when the blast radius isn’t yours to choose.

The second signal is the AI turn. We’ve moved from criminals using AI to AI running the play—from S1ngularity’s prompt-wired packages to autonomous extortion ops. That doesn’t mean buy ten new tools; it means turn on the defenses you already own—email authentication, domain protection, browser controls, PAM, and cloud audit baselines—and integrate them. Resilience isn’t “never breached”; it’s being breached, contained, and restored before business or citizens feel it.

If this helped, share it with your team, brief your execs, and hit reply with what you want covered next week.

See you live Monday at 9 AM Eastern. Until then—stay cyber safe.