editorially independent. We may make money when you click on links
to our partners.
Learn More
Major Threats & Vulnerabilities
Zero-Day and Critical Vulnerabilities
Google Chrome zero-days were patched this week after active exploitation in the wild. The flaws in the Skia graphics library and V8 JavaScript engine allowed attackers to execute arbitrary code through malicious websites. Users are urged to update immediately and monitor browser activity for anomalies.
Microsoft released an emergency Windows 11 hotpatch addressing three critical RRAS vulnerabilities capable of remote code execution. While no active exploitation has been reported, administrators should apply the patch and restrict RRAS access to trusted administrators only.
A flaw in Microsoft Authenticator exposed MFA codes to interception through deep links on mobile devices. Affecting over 75 million users, this vulnerability underscores the importance of keeping authentication apps updated and avoiding untrusted installations.
Cloud and Infrastructure Risks
Researchers uncovered an AWS Bedrock flaw that enables covert DNS data exfiltration from sandboxed environments. The issue undermines isolation and could allow command-and-control activity. Organizations should isolate workloads, enforce DNS controls, and apply least-privilege access policies.
A Kubernetes NFS driver vulnerability before version 4.13.1 allows path traversal attacks that could expose or delete data. Administrators should patch immediately, restrict persistent volume creation, and enhance validation and monitoring.
Application and Framework Vulnerabilities
An Angular vulnerability in internationalization features bypasses sanitization, enabling cross-site scripting (XSS) attacks. Developers are advised to patch, enforce input validation, and deploy Content Security Policy (CSP) with Trusted Types.
Mobile and Device Exploits
The DarkSword exploit kit is targeting outdated iOS versions, potentially affecting up to 270 million iPhones. The attack steals sensitive data and erases traces, signaling a growing mobile threat landscape.
A MediaTek chipset vulnerability could allow attackers to bypass secure boot protections on Android devices, exposing encryption keys. With up to 875 million devices affected, users should ensure all updates are installed and limit physical access to devices.
AI and Emerging Threats
Researchers discovered that AI-generated email summaries can be manipulated to deliver phishing messages. Hidden instructions can trick Microsoft Copilot into generating deceptive alerts, emphasizing the need to treat AI outputs as untrusted and monitor for anomalies.
A LangSmith vulnerability exposed enterprise AI workflow data by allowing attackers to hijack accounts and redirect API requests. Organizations should patch systems, monitor for unusual API activity, and secure tokens.
Industry News
Major Data Breaches
An Aura vishing breach exposed nearly 900,000 marketing records after a social engineering attack on an employee. The incident highlights how voice phishing can bypass technical defenses.
A firewall compromise at Marquis led to the theft of data from over 672,000 individuals, disrupting multiple financial institutions. The breach underscores the risks of vendor compromise in interconnected systems.
Nordstrom’s email system was hijacked to send cryptocurrency scam messages to customers, showing how trusted domains can be exploited for fraud.
Starbucks suffered a phishing breach that compromised 889 employee accounts, exposing sensitive HR data including Social Security numbers and financial details.
Loblaw confirmed a breach exposing customer contact data, though no financial or health information was affected.
The AiLock ransomware group claimed responsibility for stealing 129GB of data from England Hockey, threatening to leak it online.
AI and Privacy Developments
Meta announced it will discontinue encrypted Instagram DMs by 2026, citing low adoption. The move removes a key privacy feature, and users are encouraged to migrate to platforms with default end-to-end encryption.
An AI facial recognition error led to the wrongful arrest of a Tennessee woman, reigniting debates about the reliability and oversight of automated identification systems.
Meta also rolled out AI-powered scam detection across Facebook, WhatsApp, and Messenger, removing over 159 million scam ads in 2025 and expanding its anti-fraud capabilities.
Geopolitical and Targeted Campaigns
A Russian phishing campaign is targeting Signal and WhatsApp users by impersonating support staff. The operation relies on social engineering rather than technical exploits, and users are advised to verify linked devices and avoid sharing verification codes.
Security Tips & Best Practices
Could Your Mobile Device Be at Risk?
- Enable automatic updates and use mobile threat defense tools.
- Turn on phishing-resistant MFA and limit app permissions.
- Avoid unsecured Wi-Fi, use a VPN on public networks, and enable encryption with screen locks.
Is Your Kubernetes Environment Secure?
- Enforce least-privilege access and segment network traffic to reduce unauthorized access and lateral movement.
- Scan container images and enforce deployment policies to block vulnerable workloads.
- Secure secrets and continuously monitor activity to detect and contain threats quickly.
How Secure Is Your Data Right Now?
- Encrypt and classify data to protect sensitive information at rest and in transit while prioritizing critical assets.
- Enforce RBAC and monitor activity with logging and DLP tools to prevent unauthorized access and data exfiltration.
- Maintain secure, offline backups to help recovery from ransomware or data loss incidents.
Where Are the Risks in Your AI Supply Chain?
- Use trusted model repositories and validate signatures or checksums.
- Maintain a software bill of materials (SBOM) and use third-party risk management tools.
- Validate dataset integrity and enforce least-privilege access for model modification.
- Use dependency scanners and AI observability tools to detect tampering or vulnerabilities.
Could AI Misidentify You?
- Limit public facial data by reducing high-quality photos and tightening social media privacy settings.
- Monitor identity activity using fraud detection tools and challenge incorrect matches quickly.
- Understand how biometric systems store facial data and advocate for human verification in automated decisions.
Organizations should leverage continuous monitoring, automated patch management, and AI observability tools to stay ahead of evolving threats. Resources like patch management platforms and DNS security frameworks remain essential for mitigating emerging vulnerabilities and maintaining operational resilience.
If you want to see more from our Newsletter Archive please click here.
