Major Incidents or Breaches

  • The French Football Federation (FFF) disclosed a data breach following a cyberattack in which attackers used a compromised account to access administrative management software. Member data was confirmed stolen.
  • More than 17,000 secrets were found exposed in public GitLab repositories, spanning over 2,800 unique domains, following a scan of all 5.6 million public GitLab Cloud repositories.
  • A man was sentenced to over seven years in prison for operating “evil twin” WiFi networks to steal data from travelers at Australian airports.

Newly Discovered Vulnerabilities

  • Vulnerable code in legacy Python bootstrap scripts used by multiple PyPI packages was identified, creating a domain takeover risk and potential for supply chain compromise.
  • A cross-tenant issue in Microsoft Teams guest access was reported, allowing attackers to bypass Microsoft Defender for Office 365 protections when users join external tenants, exposing organizations to potential threats.

Notable Threat Actor Activity

  • North Korean threat actors behind the Contagious Interview campaign have deployed 197 additional malicious npm packages since last month, used to spread an updated version of the OtterCookie malware.

Trends, Tools, or Tactics of Interest

  • A large phishing campaign is distributing fake seasonal party invites to trick users into installing remote management and monitoring (RMM) tools.
  • Researchers demonstrated that AI chatbots can be manipulated using poems to bypass safety guardrails and provide information on sensitive topics, such as nuclear weapon creation.

Regulatory or Policy Developments Affecting the Security Industry

  • The Common Vulnerability Scoring System (CVSS) version 4.0 has been released, introducing changes to how vulnerabilities are characterized and scored.