AI-Forged Military IDs Used in North Korean Phishing Attack

The phishing campaign involved emails impersonating a South Korean defense-related institution, claiming to manage ID issuance for military personnel. These emails contained malicious attachments.

Malicious MCP servers used in supply chain attacks

A recent investigation has revealed how the Model Context Protocol (MCP), an open standard for integrating AI assistants with external tools, can be exploited as a supply chain attack vector.

Qrator Labs Mitigated Record L7 DDoS Attack from 5.76M-Device Botnet

A record-breaking Layer 7 (L7) Distributed Denial of Service (DDoS) attack was successfully mitigated after being launched by a massive botnet comprising 5.76 million compromised devices.

FBI Warns of Salesforce attacks by UNC6040 and UNC6395

The FBI has issued a FLASH alert warning organizations of ongoing malicious campaigns by cybercriminal groups UNC6040 and UNC6395. These groups are actively targeting Salesforce platforms to conduct data theft and extortion operations.

Google, Microsoft account takeover made easy via VoidProxy

VoidProxy is a PhaaS platform actively used by multiple cybercriminal groups to hijack Microsoft and Google accounts. It targets a wide range of victims, from SMBs to large enterprises, and facilitates real-time theft of credentials.

DDoS defender targeted in 1.5 Bpps denial-of-service attack

A European DDoS mitigation provider was recently targeted in a record-breaking distributed denial-of-service (DDoS) attack that peaked at an unprecedented 1.5 billion packets per second (Bpps).

Suspected Chinese operation aims to recruit former feds with job postings, research shows

A suspected Chinese intelligence operation has been uncovered using fake job postings and fictitious consulting websites to recruit former and current U.S. federal employees, particularly those with security clearances or technical expertise.

iCloud Calendar abused to send phishing emails from Apple’s servers

A sophisticated phishing campaign is exploiting Apple’s iCloud Calendar invite system to send callback phishing emails directly from Apple’s legitimate email servers. This abuse allows the phishing messages to bypass standard email security filters.

Rogue AI Agents In Your SOCs and SIEMs – Indirect Prompt Injection via Log Files

AI agents in SOCs and SIEMs are vulnerable to indirect prompt injection, where malicious inputs are embedded in log files. These log files, when ingested by the AI, can trigger unintended behaviors such as altering event classifications.

Stealthy attack serves poisoned web pages only to AI agents

This method enables attackers to serve malicious web content exclusively to AI agents while presenting benign pages to human users, thereby hijacking the agents’ behavior for malicious purposes.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags