Weekly threat intelligence roundup covering major cyberattacks including breaches at Medtronic (9M records claimed by ShinyHunters), Vimeo, Robinhood, and Trellix. AI-related threats include a remote code execution flaw in Cursor's coding environment, a phishing-as-a-service platform using GPT-4.1 and other LLMs, and an AI-assisted supply chain attack via Claude Opus introducing malware into a crypto trading project. Critical vulnerabilities patched include a Microsoft Entra ID privilege escalation, a cPanel zero-day actively exploited in the wild, a Gemini CLI code execution flaw, and a LiteLLM SQL injection exploited 36 hours after disclosure. Additional research covers VECT 2.0 ransomware acting as a wiper, a Mirai botnet targeting Brazilian ISPs, and supply chain compromises of SAP npm packages.
Sort: