Major Incidents or Breaches

  • Ingram Micro, a major IT distributor, is experiencing an ongoing outage attributed to a SafePay ransomware attack. Internal systems have been shut down as a result of the incident.

Newly Discovered Vulnerabilities

  • Exposed Java Debug Wire Protocol (JDWP) interfaces are being actively exploited by threat actors to gain remote code execution and deploy cryptocurrency miners on compromised systems.

Notable Threat Actor Activity

  • Attackers are leveraging exposed JDWP interfaces for illicit crypto mining operations.
  • Hpingbot malware is targeting SSH services to facilitate Distributed Denial of Service (DDoS) attacks.
  • Iran-linked hackers have threatened to release emails related to the Trump campaign.
  • Chinese state-linked threat actors reportedly maintain persistent access within US telecommunications networks.

Trends, Tools, or Tactics of Interest

  • SSH and Telnet honeypot data has revealed the use of new and notable usernames by attackers, indicating ongoing credential stuffing and brute-force attempts.
  • The Flipper Zero multi-tool continues to gain attention for its versatile capabilities, which include radio protocol manipulation and device access, underscoring its popularity among security researchers and potential misuse by threat actors.
  • AI research tools such as ChatGPT Deep Research are expanding integration options, with new connectors including Slack, potentially broadening the attack surface if misconfigured or abused.

Regulatory or Policy Developments Affecting the Security Industry

  • Taiwan’s National Security Bureau (NSB) has issued a public warning regarding the security risks posed by Chinese-developed applications, specifically RedNote (Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud, citing concerns over excessive data collection and potential foreign influence.
  • Android is reportedly developing a feature to warn users about fake cell towers (IMSI catchers), aimed at improving user privacy and security against mobile interception threats.