Major Incidents or Breaches

  • The US Immigration and Customs Enforcement (ICE) deportation airline hack has exposed sensitive information, including details of a man who was subsequently ‘disappeared’ to El Salvador. This highlights ongoing risks to sensitive government and personal data in the aviation and government sectors.
  • A school software company is experiencing a renewed ransomware attack, indicating persistent targeting of the education sector by ransomware groups.

Newly Discovered Vulnerabilities

  • Fake AI-powered video generation tools are being leveraged to distribute a new infostealer malware family called ‘Noodlophile.’ The malware is delivered under the guise of legitimate AI-generated media content, representing an emerging attack vector exploiting interest in AI tools.

Notable Threat Actor Activity

  • Threat actors are using fake AI video generators as a lure to distribute new malware, demonstrating continued adaptation to current technology trends to increase infection rates.
  • There are reports of a DOGE (Distributed Online Government Entity) operative’s laptop being infected with malware, underscoring the ongoing risk of endpoint compromise even among cyber operations personnel.

Trends, Tools, or Tactics of Interest

  • The use of AI-related lures (e.g., fake AI video tools) for malware distribution is increasing, with attackers exploiting the popularity and novelty of generative AI services.
  • Abuse of Grok AI on social media platform X to create non-consensual, manipulated images (e.g., “undressing” women) demonstrates the growing misuse of generative AI for malicious and privacy-violating purposes.

Regulatory or Policy Developments Affecting the Security Industry

  • Microsoft Teams will soon introduce a feature to block screen capture during meetings, enhancing the protection of sensitive information shared in virtual environments.
  • Android devices are set to receive a new security feature that will make devices more difficult to access if unused for a period, strengthening mobile device security and reducing the risk of unauthorised access.