Author: Staff Writer

Quick Takeaways Forta disclosed a critical vulnerability in GoAnywhere MFT (CVE-2025-10035), but concerns arise over signs of active exploitation based on credible evidence, despite the vendor not confirming this. Researchers warn that the presence of specific IOCs in logs suggests attackers may already be exploiting the flaw, complicating efforts for defenders to assess true risk. Exploitation appears to require access to a private key, whose whereabouts are unknown, raising doubts about whether attackers possess it, and highlighting potential leaks from cloud-based license servers. Experts emphasize the importance of vendors providing transparent, timely information about exploitation status and vulnerabilities to enable…

Quick Takeaways The Cybersecurity and Infrastructure Security Agency (CISA) is urging security teams to monitor their systems following the Shai-Hulud supply chain attack, which compromised over 500 software packages in the Node Package Manager ecosystem. Attackers injected malware after gaining access, targeting sensitive credentials such as GitHub Personal Access Tokens and API keys for cloud services, which were subsequently uploaded to a public repository. GitHub has proactively removed more than 500 compromised packages from its npm registry and blocked new packages with indicators of the malware. CISA recommends immediate actions, including reviewing software dependencies, checking for affected cached versions, rotating…

Summary Points Interpol’s coordinated crackdown across 14 African countries arrested 260 suspects involved in online romance and extortion scams, targeting over 1,400 victims with nearly $2.8 million lost. The scams mainly involve building fake romantic relationships to extort money or blackmail victims using explicit images, causing significant financial and psychological harm. Ghana, Senegal, and Ivory Coast authorities made numerous arrests, uncovering tactics like fake identities, celebrity impersonation, and blackmail with intimate images. Interpol emphasizes that growing online platforms have facilitated new forms of cybercrime, posing increasing challenges to international law enforcement efforts. Key Challenge In a recent coordinated operation led…

Essential Insights Controlled Restart: Jaguar Land Rover has partially restored its digital operations after a significant cyberattack that began on September 2, pausing production and disrupting supply chains. Operational Recovery: The company’s Global Parts Logistics Centre is returning to normal, and it is working to clear a backlog of supplier payments by increasing IT capacity for invoice processing. Financial System Restoration: JLR has reestablished its financial systems for processing wholesale vehicle sales, enabling quicker sales and registration. Cybersecurity Collaboration: The automaker is collaborating with law enforcement and cybersecurity experts while addressing data theft, confirming that customer data was compromised in…

Fast Facts The US Department of War introduced a new Cybersecurity Risk Management Construct (CSRMC) to improve real-time, automated cyber defenses across system development and operations. Cybercriminals released LockBit 5.0 ransomware variants with randomized file extensions and log-clearing features, following a crackdown on the LockBit group. Major breaches include a hack at South Korean credit company impacting 3 million users, Maryland Transit Administration ransomware attack, and an exposed data leak involving over 270,000 Indian bank transfer records. Security updates and vulnerabilities: OnePlus disclosed an unpatched flaw allowing data access, Microsoft detected an AI-assisted sophisticated phishing campaign, and Co-op suffered £206…

Summary Points Most organizations are rapidly adopting AI but lack adequate security measures, leaving them vulnerable to cyber threats such as AI-driven phishing, model manipulation, and deepfake scams. Deploying insecure AI systems poses significant compliance and security risks, as attackers exploit generative AI for fraud and data breaches, with 47% of organizations viewing AI-enabled attacks as a top concern. To mitigate risks, organizations must embed security into AI development, continuously monitor AI models, and unify cybersecurity strategies across all digital environments. Success in the AI era requires integrated, proactive security strategies; only 10% of companies are currently "Reinvention-Ready," and those…

Quick Takeaways Crash Testing Cybersecurity: Just as car manufacturers conduct crash tests to ensure safety, Breach and Attack Simulation (BAS) provides critical validation for cybersecurity defenses, revealing real vulnerabilities that dashboards often miss. Stark Statistics: The Blue Report 2025 found cybersecurity defenses faltering—prevention dropped from 69% to 62%, 54% of attacks went undetected, and data exfiltration was stopped only 3% of the time, highlighting critical performance gaps. Transforming Security Validation: BAS continuously simulates real-world attack scenarios, ensuring organizations can confidently prove their resilience against threats, turning anxiety into assurance for CISOs. Data-Driven Assurance: Using BAS with prioritization models can dramatically…

Fast Facts The Russian APT group COLDRIVER has launched new ClickFix-style attacks, deploying lightweight malware BAITSWITCH and SIMPLEFIX to deliver backdoors and establish persistence. These attacks manipulate victims into executing malicious DLLs disguised as CAPTCHA checks, which communicate with attacker-controlled servers to download payloads and erase traces of infection. Targeting primarily NGOs, human rights advocates, and civil society connected to Russia, COLDRIVER’s sophisticated tactics include data exfiltration, remote command execution, and complex C2 communications. Concurrently, Russian cybersecurity reports reveal new campaigns by BO Team and Bearlyfy, involving espionage tools and ransomware aimed at Russian companies, with Bearlyfy operating since early…

Essential Insights Transformative Impact: AI is revolutionizing Governance, Risk, and Compliance (GRC), bringing both significant opportunities and complexities for organizations. Navigating Risks: Organizations must harness AI’s benefits while proactively addressing emerging risks and adhering to regulatory standards. Practical Insights: The webinar will provide real examples, key takeaways from AI implementation, and common pitfalls to avoid in GRC contexts. Future Collaboration: Discussion on how Hyperproof and industry leaders are working together to responsibly innovate and adapt GRC practices for the future. Opportunities in AI for Governance, Risk, and Compliance Artificial intelligence (AI) is revolutionizing Governance, Risk, and Compliance (GRC). Consequently, organizations…

Top Highlights A malicious npm package, postmark-mcp, was secretly used to exfiltrate sensitive email data by adding a backdoor, highlighting a new threat in AI-powered software supply chains. The attack involved a seemingly legitimate developer copying code from an official source, injecting malicious code from version 1.0.16 onward, causing widespread trust and widespread integration. MCP servers’ high-level permissions and autonomous operation create major security blind spots, enabling attackers to bypass traditional safeguards and potentially exfiltrate thousands of emails daily. Organizations must urgently uninstall compromised packages, rotate credentials, and enhance verification protocols, as the incident underscores the critical need for ongoing…