Major Incidents or Breaches

  • An app previously used to dox critics of Charlie Kirk reportedly exposed the personal information of its own users.
  • A ransomware gang has stolen data on 8,000 preschoolers.
  • Microsoft has blocked Israel’s military from using its cloud services for surveillance purposes.

Newly Discovered Vulnerabilities

  • The call-recording app Neon has paused operations due to the discovery of security vulnerabilities.

Notable Threat Actor Activity

  • China-linked threat actors are conducting ongoing campaigns targeting telecommunications and manufacturing sectors in Central and South Asia, distributing a new variant of PlugX malware.
  • Fake Microsoft Teams installers, distributed via SEO poisoning and search engine advertisements, are being used to infect Windows devices with the Oyster backdoor, facilitating initial access for attackers.
  • Two Dutch teenagers were arrested for attempting to spy on Europol on behalf of Russia, reportedly using hacking devices.

Trends, Tools, or Tactics of Interest

  • Malvertising and SEO poisoning are being actively used to distribute malware, specifically through fake installers for widely used software such as Microsoft Teams.
  • Data center operators are increasingly retrofitting nuclear bunkers, mines, and underground facilities to enhance physical security for critical digital infrastructure.

Regulatory or Policy Developments

  • Microsoft’s decision to block Israel’s military from using its cloud services for surveillance reflects ongoing scrutiny and policy enforcement regarding the use of cloud infrastructure in sensitive geopolitical contexts.