⚡ Weekly Recap: Chrome 0-Days, Router Botnets, AWS Breach, Rogue AI Agents & More
Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now” feeling
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Some weeks in security feel normal. Then you read a few tabs and get that immediate “ah, great, we’re doing this now” feeling
Also, More ClickFix Attacks and Teen Booters Arrested in PolandThis week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a 14K-router botnet, Polish teens held over DDoS tools and Finland warned of Russian, Chinese espionage. North Korean IT workers for hire.
Also, Envoy Air Confirms Data Compromise Following Clop Extortion CampaignThis week, Qilin didn't hack a Spanish tax agency, Nexperia standoff, Envoy Air confirmed a data compromise, Experian Netherlands fined 2.7M euros, ToolShell used to breach global networks, flaws in TP-Link Omada and Festa VPN routers and a New York firm settled a cybersecurity investigation.
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors
Also: FamousSparrow Is Back, Snowflake Hacker Agrees to ExtraditionThis week, Signal update, FamousSparrow is back, suspected Snowflake hacker agreed to U.S. extradition, train tickets sales hack in Ukraine, a patched Chrome zero-day, phishing targets SEO pros, DrayTek router outage, South African chicken producer attacked, and bad npm packages.
The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure
China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. [...]
Also: Researchers Bypass GitHub Copilot's Protections, Deloitte Pays $5M for BreachThis week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot's protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges breach.
Also: Researchers Bypass GitHub Copilot's Protections, Deloitte Pays $5M for BreachThis week: Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot's protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, cyberattacks target aviation, Spain nabs international hacker, and Deloitte pays $5M for RIBridges breach.
T-Mobile says the Chinese "Salt Typhoon" hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network. [...]
The router specialist says the attacker's claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish.
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to obtain customer information. [...]
ASUS routers have emerged as the target of a nascent botnet called Cyclops Blink, almost a month after it was revealed the malware abused WatchGuard firewall appliances as a stepping stone to gain remote access to breached networks