Newly Discovered Vulnerabilities and Exploits:

  • Langflow AI vulnerability (CVE-2025-3248) exploited after recent release of version 1.3.0, with significant impact on security.

Phishing Attacks and Tools:

  • Tycoon2FA phishing kit updated to target Microsoft 365 with improved stealth and evasion capabilities.

Supply Chain Risks:

  • ‘Slopsquatting’ emerges as a new supply chain risk due to AI-generated code dependencies hallucinating non-existent package names.

Policy and Regulatory Developments:

  • Department of Homeland Security email mistakenly instructs US citizens on temporary legal status to self-deport, leading to confusion and concerns.

International Cyber Threats:

  • China indirectly admits to hacking US infrastructure, raising concerns about cybersecurity and potential impacts on critical infrastructure.

Industry Updates:

  • OpenAI set to release GPT-4.1 as a successor to GPT-4.0, impacting the artificial intelligence and cybersecurity industry.