This week's threat intelligence report highlights several high-profile breaches, including RansomHub's attack on Apple supplier Luxshare and a massive data leak involving 72 million records from Under Armour. Global infrastructure was also targeted, with India's Raaga music platform and Germany’s Dresden State Art Collections experiencing significant service disruptions and data exposure.
The report emphasizes the growing intersection of AI and cybercrime, detailing indirect prompt-injection flaws in Google Gemini and the discovery of 'VoidLink,' a Linux malware framework authored almost entirely by AI. Additionally, critical vulnerabilities were addressed in Anthropic's Git MCP server, Zoom Node Multimedia Routers, and Fortinet’s FortiCloud SSO, the latter of which is currently seeing active exploitation by threat actors.
Finally, Check Point Research identified advanced phishing operations from North Korean groups like KONNI and a campaign abusing Microsoft Visual Studio Code tunnels for remote access. These groups are increasingly targeting developers with AI-generated backdoors and leveraging cloud-native techniques to infiltrate secure environments and deliver ransomware like Osiris.
Top comments (0)