BadIIS SEO-Poisoning Campaign Redirects Traffic and Installs Web Shells in Vietnam and Southeast Asia Summary of the discovery Cybersecurity researchers have identified an SEO poisoning campaign that uses malicious search-result manipulation to infect or redirect visitors and then deploy a malware family dubbed “BadIIS.” The activity, tracked by Palo Alto Networks Unit 42 as CL-UNK-1037…
Microsoft begins Windows 11 beta rollout of AI-powered Gaming Copilot Overview of the rollout Microsoft has started a staged beta rollout of Gaming Copilot to Windows 11 PCs. The company is making the beta available to users aged 18 or older, but the rollout explicitly excludes devices located in mainland China. Microsoft has begun rolling…
Microsoft Begins Beta Rollout of Gaming Copilot for Windows 11 PCs Overview of the rollout Microsoft has started a beta rollout of Gaming Copilot to Windows 11 systems. The initial deployment is limited to users who are 18 years or older and excludes availability in mainland China. Microsoft’s announcement positions the release as an expansion…
UNC1549 Campaign Compromises 34 Devices at 11 European Telecom Firms Using LinkedIn Job Lures and MINIBIKE Malware Summary Security researchers have attributed a recent espionage campaign targeting European telecommunications companies to the cluster known as UNC1549. According to reporting by thehackernews.com and tracking by Swiss cybersecurity firm PRODAFT, the actor (tracked by PRODAFT as “Subtle…
Automating Alert Triage with AI Agents and Confluence SOPs Using Tines Summary of the workflow The workflow highlighted by Tines automates security alert triage by using AI-driven agents to identify the correct Standard Operating Procedures (SOPs) documented in Confluence, and then executing the appropriate response steps through the platform. The underlying Tines library — maintained…
OpenAI adds user control over GPT‑5 “thinking” depth for Plus and Pro subscribers What OpenAI announced OpenAI has begun rolling out a new toggle that lets users select how “hard” the GPT‑5‑thinking model should work on a given prompt. The feature is being made available to ChatGPT Plus and Pro subscribers, enabling users to adjust…
SonicWall Urges Password Resets After Cloud Backup Files Accessed in MySonicWall Breach Incident summary SonicWall has notified customers that it detected suspicious activity targeting its cloud backup service for firewalls and that unknown threat actors accessed firewall configuration backup files stored in the cloud for less than 5% of MySonicWall accounts. The vendor has urged…
CountLoader: New Multi‑Version Loader Fuels Russian Ransomware Operations Overview of the discovery Security researchers have identified a new malware loader, tracked as “CountLoader,” that is being used by Russian-affiliated threat actors to deliver post‑exploitation tools and remote access malware. According to published reporting, CountLoader has been observed distributing Cobalt Strike, AdaptixC2, and a remote access…
TA558 Deploys Venom RAT Using AI-Generated Scripts Against Hotels in Brazil and Spanish-Speaking Markets Overview Russian security vendor Kaspersky has attributed a fresh campaign to the threat actor tracked as TA558 that delivered multiple remote access trojans (RATs), including Venom RAT, to breach hotels in Brazil and other Spanish-speaking markets. Kaspersky observed the activity in…
Microsoft and Cloudflare Disrupt RaccoonO365 Phishing-as-a-Service That Stole Thousands of Microsoft 365 Credentials Incident summary Microsoft and Cloudflare have jointly disrupted a large-scale Phishing-as-a-Service (PhaaS) operation known as RaccoonO365. According to reporting, the service enabled cybercriminals to run tailored Microsoft 365 credential-harvesting campaigns and helped steal thousands of Microsoft 365 credentials. The action targeted the…