Today's Cybersecurity Pulse
Google sues Chinese cybercrime network for AI‑driven scam campaign
Google has filed a civil lawsuit against the Chinese group Outsider Enterprise, accusing it of using the Gemini generative‑AI model to mass‑produce phishing sites and send millions of fraudulent text messages. The operation deployed roughly 9,000 fake websites, a million malicious domains and dispatched 2.5 million scam texts in two weeks, scamming hundreds of thousands and causing losses in the millions of dollars. Google says the suit aims to dismantle the network and prevent further AI‑enabled abuse.
Also developing:
Dropzone AI Closes 2025 with 11x ARR Growth, Fortune Cyber 60 Recognition, and $37M Series B
Dropzone AI announced an explosive 2025 performance, scaling its annual recurring revenue eleven‑fold and securing a $37 million Series B round led by Theory Ventures. The company now serves over 300 enterprises, achieving 370% net revenue retention and expanding into regulated sectors such as finance and federal government. Recognition from the Fortune Cyber 60 and a pioneering Cloud Security Alliance benchmark underscore the efficacy of its AI‑augmented security operations. Dropzone is positioning itself to evolve from a single AI SOC analyst into a full suite of autonomous agents for a truly agentic SOC.
Top E-Signature Solutions for Fintech: A 2026 Review
The 2026 review evaluates five leading e‑signature platforms—pdfFiller, Scrive, OneSpan, Adobe Sign, and DocuSign—tailored for financial institutions. It outlines each solution’s core features, compliance focus, and pricing structures, highlighting pdfFiller’s low‑cost integration and OneSpan’s bank‑grade security. The analysis shows how...
WordPress Membership Plugin Flaw Exposes Sensitive Stripe Data via @Sejournal, @Martinibuster
A critical vulnerability was discovered in StellarWP’s Membership Plugin – Restrict Content, exposing Stripe SetupIntent client_secret values. The flaw lets unauthenticated attackers retrieve these secrets without any login or capability checks. Rated 8.2 (high) on the CVSS scale, it affects all releases...
Blue Mantis Promotes Adam Caponigro to Senior Vice President of Services
Blue Mantis announced the promotion of Adam Caponigro to Senior Vice President of Services, effective Jan. 1, 2026. In his expanded role he will oversee Managed Services, Professional Services, and Global Delivery Centers across the U.S., Canada, and India, supervising more...
Cisco Finally Fixes AsyncOS Zero-Day Exploited Since November
Cisco has released a patch for the critical AsyncOS zero‑day (CVE‑2025‑20393) affecting Secure Email Gateway and Secure Email and Web Manager appliances with internet‑exposed Spam Quarantine. The flaw allowed remote attackers to execute arbitrary commands with root privileges. Cisco Talos...
RondoDox Botnet Targets HPE OneView Vulnerability in Exploitation Wave
Check Point Research has identified a coordinated exploitation campaign by the Linux‑based RondoDox botnet targeting HPE OneView’s critical CVE‑2025‑37164 vulnerability. The flaw, scored 10.0 on the CVSS scale, allows unauthenticated remote code execution via the ExecuteCommand REST endpoint. In early...
Microsoft: Some Windows PCs Fail to Shut Down After January Update
Microsoft confirmed that the January 13, 2026 cumulative update KB5073455 causes Windows 11 23H2 Enterprise and IoT devices with System Guard Secure Launch to fail shutting down, forcing a restart instead. The bug does not affect consumer editions and also blocks hibernation, leaving machines...
Trusted Smart Chain Completes CertiK Audit, Advancing Secure RWA Tokenization
Trusted Smart Chain announced the successful completion of a comprehensive security audit by CertiK, a leading blockchain audit firm. The audit examined smart‑contract logic, permissioning and threat resilience, confirming the network’s readiness for tokenized securities and real‑world asset issuance. By...
You Have Built an AI. Have You Tried to Break It?
Enterprises are racing to deploy generative AI models, but lab performance alone isn’t enough. Generative AI red teaming flips traditional testing by deliberately provoking models with adversarial prompts to uncover hidden failure modes. This process reveals security leaks, bias, hallucinations,...
China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure
Chinese‑linked APT group UAT‑8837 has been exploiting a critical Sitecore zero‑day (CVE‑2025‑53690, CVSS 9.0) to breach American critical‑infrastructure networks. The attackers gain initial access via the vulnerability or stolen credentials, then deploy open‑source tools such as GoTokenTheft, SharpHound and Rubeus to...
Illumynt Reports 60% Revenue Growth and Launches Global Innovation Center to Meet Rising Enterprise Security and Sustainability Demands
illumynt announced a 60% year‑over‑year revenue increase for 2025, driven by demand from hyperscalers and data‑intensive enterprises. The company expanded its Columbus, Ohio, site to over 190,000 square feet and designated it as a Global Innovation Center of Excellence. The...
Building a Better Bugbot
Cursor’s Bugbot, an AI‑driven code‑review agent, has evolved from a prototype to an agentic architecture that now scans over two million pull requests each month. By introducing a custom resolution‑rate metric and running 40 systematic experiments, its bug‑resolution rate climbed from...
New Dev Tools Promise End‑to‑End Encryption for Open‑Source L
Are there any other developer tools that let you encrypt your workflow? I met with the founders, video coming tomorrow, and they claim that everything is encrypted on open source LLMs even in and out of the LLM.
How Banks Can Reduce Fraud and False Declines with Predictive AI and Stream-First Architecture
Banks face soaring transaction volumes and increasingly complex payment corridors, expanding the fraud surface. Experts argue that merely reacting to bad transactions is insufficient; banks must detect “bad journeys” using predictive AI. When combined with a stream‑first architecture, AI can...
New Intelligence Is Moving Faster than Enterprise Controls
A new NTT global study finds AI integration outpaces enterprise security and governance. Companies expand AI deployments but many lack infrastructure readiness, data integrity controls, and mature governance. Only a small share can support AI at scale; performance drives design,...
APD Investigates Third-Party Cybersecurity Incident, Says No Evidence of Data Compromise
The Anchorage Police Department (APD) disclosed a cybersecurity incident on Jan 7, 2026 involving its third‑party data‑migration vendor, Whitebox Technologies. APD reported no evidence that its systems or data were compromised and immediately shut down affected servers while revoking vendor access....
Who’s on the Other End? Rented Accounts Are Stress-Testing Trust in Gig Platforms
A TransUnion study of U.S. gig workers reveals that 34% have been defrauded by customers, while nearly half admit to renting or selling their accounts. Victims demand stronger identity checks, yet confidence in existing safety tools remains low. The research...
Google Brings Generative AI to Gmail, Raising New Privacy Questions
Google is embedding its Gemini generative‑AI engine into Gmail, launching an AI Inbox that auto‑summarizes messages, generates replies, and extracts to‑do items. The rollout includes free features like smart replies and email overviews, while advanced search and proof‑reading tools are...
All In One SEO WordPress Vulnerability Affects Over 3 Million Sites via @Sejournal, @Martinibuster
A critical vulnerability was found in the All in One SEO (AIOSEO) WordPress plugin, affecting over three million sites. The flaw stems from a missing permission check on the /aioseo/v1/ai/credits REST endpoint, allowing contributors to retrieve the site‑wide AI access...
Grubhub Confirms Hackers Stole Data in Recent Security Breach
Grubhub confirmed that unauthorized actors downloaded data from its systems, prompting an immediate investigation and security hardening. The company disclosed that financial details and order histories were not compromised, but it is facing extortion demands from the ShinyHunters cybercrime group....
New PayPal Scam Sends Verified Invoices With Fake Support Numbers
Scammers are exploiting PayPal's official invoice feature to send verified emails that display the blue tick, making them appear authentic. The malicious invoices include a fake support phone number in the "Note to Customer" section, prompting recipients to call and...
Hackers Exploit Modular DS WordPress Plugin Flaw for Admin Access
Security researchers have identified a critical remote authentication bypass in the Modular DS WordPress plugin, tracked as CVE‑2026‑23550. The flaw, present in versions 2.5.1 and earlier, lets attackers obtain admin‑level access by exploiting a trusted‑request bypass and an automatic login fallback....
Cyberthieves Hit European Space Agency, Stealing Hundreds of Gigabytes of Data
European Space Agency (ESA) disclosed that it has been hit by successive cyber‑attacks, resulting in the theft of over 700 GB of data, including proprietary software, credentials, and mission documentation. The first leak, attributed to hacker “888,” exposed more than 200 GB,...
NDSS 2025 – “Who Is Trying To Access My Account?”
The NDSS 2025 paper investigates how users perceive risk‑based authentication (RBA) notifications triggered by correct passwords, incorrect passwords, and password resets. In a study of 273 participants, over 90% rated these alerts as important, yet they felt suspicious, nervous, and...
Winter Olympics Could Share Podium With Cyberattackers
The Unit 42 report warns that the Milano‑Cortina 2026 Winter Olympics will be a prime target for cyber‑criminals, nation‑state espionage groups, and hacktivists. Ransomware gangs are expected to exploit ticketing, point‑of‑sale and other critical infrastructure for extortion. State‑linked actors such as...
The Cost of EKS Auto + Capabilities vs Fairwinds Managed KaaS
Amazon’s EKS Auto Mode and EKS Capabilities automate the infrastructure layer of Kubernetes—node provisioning, scaling, networking and storage—while leaving architecture, add‑on lifecycle, and 24×7 incident response to the customer. Fairwinds Managed Kubernetes‑as‑a‑Service (KaaS) assumes those omitted responsibilities, delivering design, full...
New StackWarp Attack Threatens Confidential VMs on AMD Processors
Researchers at Germany's CISPA Helmholtz Center disclosed StackWarp, a new hardware vulnerability that spans AMD Zen 1 through Zen 5 processors. The flaw exploits a synchronization error in the CPU's stack engine, allowing a malicious host to manipulate a guest VM's stack...
Website that Leaked Thousands of ICE Agents’ Personal Information Is Down After DDoS Attack
A Netherlands‑based activist’s site, ICE List, which published personal details of thousands of Immigration and Customs Enforcement and Border Patrol officers, was knocked offline by a large‑scale distributed denial‑of‑service attack on Tuesday. The site’s founder, Dominick Skinner, believes the assault...
Vibe Coding Tested: AI Agents Nail SQLi but Fail Miserably on Security Controls
Tenzai evaluated five leading AI coding agents—Anysphere Cursor, Claude Code, OpenAI Codex, Replit, and Cognition Devin—by having them build three identical apps. The 15 generated applications contained 69 vulnerabilities, with no exploitable SQL injection or XSS but universal SSRF issues...
GhostPoster Browser Malware Hid for 5 Years With 840,000 Installs
Researchers uncovered a five‑year browser‑extension malware campaign dubbed GhostPoster, which hid malicious code inside a PNG image to evade static analysis. The campaign spanned Chrome, Edge and Firefox, ultimately involving 18 extensions and more than 840,000 installations. Koi Security first...
NASA’s Top Five Challenges: New Report
The NASA Office of Inspector General released its 2025 Top Management and Performance Challenges report, highlighting five critical agency priorities, including returning humans to the Moon and sustaining low‑Earth‑orbit operations. The report flags a heat‑shield venting defect on Orion’s spacecraft...
Bitcoin Rallies While Unpriced Risks Loom
⏰ Starting in 5 minutes (12pm ET)! Bitcoin is rallying 📈 but the biggest risks may not be priced in yet In today's @Unchained_pod livestream: 🧠 Steven Ehrlich w/ Grayscale's head of research Zach Pandl (@LowBeta_) on markets & regulatory delays then... 🔐 I'll speak...
Aave V4 Contest Ends with Record Participation
The Aave V4 security contest has come to an end. With a record number of participants, enormous thanks to everyone who took part, and we hope you enjoyed our work. See you on mainnet.
The Next Security Battleground: Agentic Identity
Cyata is building a unified control plane to manage "agentic identity," the emerging security challenge of AI‑driven agents that act across SaaS, endpoints, and data stores. Unlike traditional employee accounts, these agents operate dynamically, creating "shadow agents" that evade existing...
Ethereum Foundation Tackles Quantum Threat Head‑On
"I HAVE to highlight the work being done by the Ethereum Foundation to solve the quantum threat." https://t.co/5TvOPraNmP
Quantum Threat Solves Crypto's Biggest Upcoming Challenge
"For all crypto protocols... solving the quantum threat is the most significant and biggest effort they'll have to undergo." https://t.co/5TvOPraNmP
CloudSEK Secures Strategic Investment From Connecticut Innovations
CloudSEK, the Bengaluru‑based AI‑powered cyber‑threat‑intelligence firm, secured a strategic investment from Connecticut Innovations as part of a $10 million Series B2 round. The funding follows a $19 million Series B1 raise and will fuel the company’s U.S. expansion, including a new regional hub in...
Bitcoin's Fate in the Quantum Computing Era
Coming next: What happens to Bitcoin when quantum computers get powerful enough? ⚛️ I'll talk with Alex Pruden of Project Eleven @qdayclock about the post-quantum roadmap 👇 https://t.co/5TvOPraNmP
Global Agencies Release New Guidance to Secure Industrial Networks
The U.S. Cybersecurity and Infrastructure Security Agency, the U.K. National Cyber Security Centre, and the FBI released a joint set of security principles for operational technology (OT) environments. The guidance addresses the expanding attack surface caused by increased connectivity between...
NDSS 2025 – SKILLPoV: Towards Accessible And Effective Privacv Notice For Amazon Alexa Skills
Researchers at NDSS 2025 introduced SKILLPoV, a tool that automatically generates voice‑based privacy notices for Amazon Alexa skills. By analyzing skill code and leveraging ChatGPT, SKILLPoV creates concise notices delivered at skill launch, achieving 91.3% detection accuracy and 96.4% completeness....
Hackers Increasingly Shun Encryption in Favour of Pure Data Theft and Extortion
Cyber‑criminals are increasingly abandoning encryption‑based ransomware in favor of pure data‑theft extortion. Symantec and Carbon Black report a jump from 28 incidents in 2024 to nearly 1,500 in 2025, while traditional ransomware remained flat at about 4,700 attacks. The surge...
Vulnerabilities Surge, But Messy Reporting Blurs Picture
The National Vulnerability Database recorded a record 48,177 CVE identifiers for 2025, marking the ninth consecutive year of growth. Reporting is now dominated by new CNAs, with Patchstack, Wordfence and WPScan contributing 23% of all entries and MITRE falling to...
Seerist Launches AskAnna, a Breakthrough AI-Powered Q&A Tool Transforming Security and Intelligence Workflows
Seerist has launched AskAnna, an AI‑powered natural‑language Q&A tool that taps the company’s proprietary event models and Control Risks’ human‑generated analysis to deliver fully sourced intelligence answers. The platform instantly synthesizes thousands of vetted reports, providing line‑item attribution and transparent...
HHS OCR Comments on Its 2026 Priorities
The HHS Office for Civil Rights (OCR) released its 2026 enforcement roadmap, highlighting four priority areas: continuing the HIPAA Privacy Rule Right of Access initiative, expanding the Security Rule Risk Analysis to broader risk management, intensifying hacking and ransomware actions,...
Cyber Threat Actors Ramp Up Attacks on Industrial Environments
Cybercriminals and hacktivists sharply increased attacks on industrial control systems in 2025, with vulnerability disclosures nearly doubling to 2,451 across 152 vendors. Siemens was the most affected vendor, reporting 1,175 flaws, while Schneider Electric faced a higher proportion of critical...
CodeBuild Flaw Put AWS Console Supply Chain At Risk
Security researchers at Wiz uncovered a critical misconfiguration in AWS CodeBuild that let unauthenticated attackers inject malicious code into core AWS open‑source repositories, including the widely used AWS SDK for JavaScript. The flaw stemmed from an unanchored regular‑expression filter on...
AppGuard Critiques AI Hyped Defenses; Expands Its Insider Release for Its Next-Generation Platform
The episode highlights AppGuard’s critique of AI‑driven detection, arguing that endless AI‑generated alerts cannot keep pace with AI‑enhanced malware that adapts in real time. CEO Fatih Comlekoglu advocates a shift to a default‑deny, controls‑based endpoint strategy that dramatically reduces the attack...
Feedzai and Matrix USA Launch Global Partnership to Modernize Financial-Crime Prevention with AI-Native Defenses
Feedzai, the AI-native risk‑operations platform, has partnered with Matrix USA to create a global Center of Excellence that accelerates AI‑driven fraud and anti‑money‑laundering (AML) deployments for banks. The collaboration blends Feedzai’s real‑time detection engine with Matrix USA’s advisory and integration...
Saying Goodbye to Windows Hello for Business: Five User Experience Pitfalls that Make Business Leaders Go for Best-in-Breed Solutions
The article highlights five user‑experience pitfalls of Windows Hello for Business that cause employees to abandon biometric authentication. Environmental variables—lighting, glasses, hats, facial hair, and device positioning—lead to frequent failures, prompting users to fall back on PINs or passwords. This...