Latest Intelligence
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
OpenAI has disrupted three groups that were misusing its ChatGPT AI tool for cyberattacks, specifically in the development of malware. One notable threat actor, operating in Russian, utilized ChatGPT to create a remote access trojan and a credential stealer designed to avoid detection. Read Original »
Cyberattack Leads to Beer Shortage as Asahi Recovers
A ransomware attack last week affected the Asahi brewery in Japan, disrupting its ability to process orders and deliver products. This incident highlights the growing trend of manufacturers being targeted by cyberattacks. Read Original »
Attackers Season Spam With a Touch of 'Salt'
Researchers have observed a rise in the use of hidden content in spam and malicious emails, which is aimed at confusing filters and security mechanisms. This tactic poses a challenge for cybersecurity defenses. Read Original »
Security Concerns Shadow Vibe Coding Adoption
The article discusses a recent poll regarding the adoption of vibe coding in AppDev, highlighting a divide between those who have found success and those who are concerned about the associated risks. Security concerns are a significant factor influencing the decision to adopt vibe coding. Read Original »
BatShadow Group Uses New Go-Based 'Vampire Bot' Malware to Hunt Job Seekers
The BatShadow group, a Vietnamese threat actor, has launched a campaign targeting job seekers and digital marketing professionals with a new malware called Vampire Bot. The attackers utilize social engineering tactics by posing as recruiters and distributing malicious files disguised as legitimate job-related documents. Read Original »
Medusa Ransomware Actors Exploit Critical Fortra GoAnywhere Flaw
Researchers have identified that the Medusa ransomware actors are exploiting a critical vulnerability in Fortra's GoAnywhere software, specifically CVE-2025-10035. The exploitation process requires a private key, and there is uncertainty regarding how the Storm-1175 threat actors obtained it. Read Original »
Google's New AI Doesn't Just Find Vulnerabilities — It Rewrites Code to Patch Them
Google's DeepMind has introduced CodeMender, an AI agent that automatically identifies and fixes vulnerabilities in code, enhancing security by preventing future exploits. This development builds on previous AI initiatives aimed at improving vulnerability detection. Read Original »
Delta Electronics DIAScreen
Delta Electronics DIAScreen has multiple vulnerabilities related to out-of-bounds writes, which could allow attackers to write data outside the allocated memory buffer when a user opens a malicious project file. Affected versions include DIAScreen version 1.6.0 and prior, with a recommended update to version 1.6.1 to mitigate these vulnerabilities. Read Original »
CISA Releases Two Industrial Control Systems Advisories
CISA released two advisories on October 7, 2025, addressing security vulnerabilities in Industrial Control Systems (ICS). These advisories highlight current security issues and recommend users and administrators to review them for technical details and mitigations. Read Original »
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added a new vulnerability, CVE-2025-27915, related to the Synacor Zimbra Collaboration Suite, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability presents significant risks to federal networks and requires timely remediation by federal agencies and other organizations. Read Original »
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise
A new report by LayerX highlights that artificial intelligence has become the largest uncontrolled channel for corporate data exfiltration, challenging the perception of AI as merely an emerging technology. This shift indicates that security leaders need to reconsider their approach to AI in the context of data security. Read Original »
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities
XWorm malware has evolved into a highly adaptable tool for executing various malicious activities on infected systems, featuring a modular design that includes a core client and over 35 specialized plugins. Researchers highlight its enhanced data theft capabilities as a significant concern in cybersecurity. Read Original »
Patch Now: 'RediShell' Threatens Cloud Via Redis RCE
The article highlights a critical vulnerability in the Redis data storage service that has remained unpatched for 13 years, posing a severe risk of full host takeover. With over 300,000 instances currently exposed, immediate action is advised to mitigate the threat. Read Original »
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis has revealed a critical security vulnerability in its in-memory database software that allows remote code execution through a specially crafted Lua script. This flaw, known as CVE-2025-49844 or RediShell, has been assigned a maximum CVSS score of 10.0. Read Original »
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware
Microsoft has linked the threat actor Storm-1175 to the exploitation of a critical vulnerability in Fortra GoAnywhere software, which has been used to deploy Medusa ransomware. The vulnerability, identified as CVE-2025-10035, has a CVSS score of 10.0 and allows for command injection without authentication. Read Original »