Daily Brief

SonicWall firewall devices have been increasingly compromised by Akira ransomware attacks since late July, likely exploiting an unknown vulnerability. Akira ransomware, which emerged in March 2023, has affected over 300 organizations and secured over $42 million in ransoms from 250 victims. High-profile victims of Akira include major firms and institutions such as Nissan, Hitachi, and Stanford University. Arctic Wolf Labs noted that the ransomware intrusions often began via unauthorized SonicWall SSL VPN connections. Potential entry points for the attackers could include zero-day vulnerabilities or credential theft through brute force and dictionary attacks. The attackers utilized virtual private server hosting to disguise their VPN authentication efforts. SonicWall advised customers to disable SSL VPN services temporarily and enhance security measures while awaiting patches. A separate security advisory was issued recently urging customers to patch SMA 100 appliances against a critical vulnerability, signaling ongoing security challenges for SonicWall.

Pi-hole, a network-level ad blocker, announced that a security flaw in the GiveWP WordPress plugin led to the exposure of donor names and email addresses. The leak occurred through the donation form on Pi-hole's website, making personal donor data visible in the page’s source code without authentication. The affected data did not include financial details as these are processed separately by Stripe and PayPal, and the Pi-hole software product was not compromised. The data breach impacted nearly 30,000 donors, with information about the breach added to the 'Have I Been Pwned' notification service. GiveWP responded to the security report by releasing a patch within hours, but Pi-hole criticized the delay and their initial handling of the issue. Pi-hole has apologized to donors and acknowledged the potential damage to its reputation, stressing accountability although the vulnerability was unexpected. Despite the patch, Pi-hole highlighted ongoing concerns over the plugin developer’s acknowledgment of the flaw's potential impact on donor privacy.

Cybersecurity researchers at Aim Labs identified a severe vulnerability in the Cursor AI code editor, enabling remote code execution. The flaw, tracked as CVE-2025-54135 with a CVSS score of 8.6, was patched in the software's version 1.3 released on July 29, 2025. Attackers could exploit this vulnerability by injecting malicious data through a Slack MCP server, leading to automatic command execution without user confirmation. Exploits could allow attackers to execute code, deploy ransomware, steal data, and manipulate AI behavior. The vulnerability stemmed from the automatic execution feature of MCP server entries, which did not require user approval to run potentially malicious payloads. Cursor has responded by updating their security features, moving from a denylist approach to an allowlist to control executable commands more securely. Additional attacks exploiting similar vulnerabilities in GitHub README.md file parsing were disclosed, showcasing methods for stealing sensitive information like API keys and SSH credentials. Other coding platforms, such as Google's Gemini CLI, have also been targeted with similar security flaws, highlighting an industry-wide need for enhanced security measures in developmental tools.

A staff member at Everglades Correctional Institution mistakenly emailed inmates with contact details of visitors, causing security concerns. The leaked information included names, email addresses, and phone numbers of visitors. Families of inmates express fears of potential extortion threats following the leak. Several affected individuals were notified by the prison about the data breach. This incident adds to the series of similar data breaches through email by official sources in recent years including a significant leak by the Police Service of Northern Ireland. The Florida Department of Corrections has not responded to inquiries regarding the incident. Victims impacted by the breach, like those with past stalking experiences, are particularly worried about their safety.

Cybersecurity researchers uncovered a new series of attacks using fake Microsoft OAuth applications for credential phishing and account takeovers. Phishing emails impersonate legitimate companies like Adobe and RingCentral, urging users to click on malicious links leading to fake OAuth consent pages. These attacks employ phishing kits like Tycoon and ODx that can bypass multi-factor authentication, tricking users into divulging credentials and MFA codes. Despite the appearance of legitimacy, the permissions requested by these fake applications serve mainly to facilitate further stages of the attack, including redirects to fake Microsoft account authentication pages using adversary-in-the-middle techniques. Over the past year, these techniques have led to nearly 3,000 attempted compromises across more than 900 Microsoft 365 environments. Microsoft is responding by tightening security measures, including disabling legacy authentication and requiring admin consent for new third-party apps. Proofpoint warns of the increasing sophistication in attack chains designed to evade detection and gain unauthorized access, predicting this method will become the criminal industry standard.

Cursor IDE's AI-agent can execute code with developer privileges due to the CurXecute vulnerability, identified as CVE-2025-54135. Attackers can trigger malicious commands in Cursor by injecting harmful prompts, potentially leading to ransomware and data theft. CurXecute vulnerability is compared to the EchoLeak vulnerability in Microsoft 365 CoPilot, which also allowed data theft without user interaction. Cursor's integration with MCP protocol exposes it to security risks from untrusted external data, potentially rewriting critical configuration files. Successful exploitation allows attackers to run arbitrary commands or manipulate the AI's behavior, significantly impacting both project integrity and security. Aim Security disclosed the vulnerability to Cursor, which prompted a swift response with a patch released in Cursor version 1.3. Users are urged to update to the latest version of Cursor to mitigate risk associated with this and other known vulnerabilities.

Malicious npm package, @kodane/patch-manager, used AI to disguise as a node utility, draining Solana funds from over 1,500 victims before its removal. Developed by an unknown user under the pseudonym "Kodane" and uploaded on July 28, 2025, the package claimed to optimize Node.js application performance. The package executed a post-installation script that hid its payload in system directories, linked to a command-and-control server to coordinate its actions. This malware specifically targeted cryptocurrency wallets on compromised machines, automatically transferring funds to a hardcoded Solana wallet address. Safety, a software supply chain security firm, identified and disclosed the malicious nature of the npm package. Features suggestive of AI involvement include the use of descriptive comments, emojis, and a README.md consistent with outputs from Anthropic's Claude AI. The incident underscores rising concerns about using AI tools to develop sophisticated and convincing malware in software supply chains.

Security Operations Centers (SOCs) are heavily investing in AI, but often use outdated data that limits AI effectiveness. SOC teams need enriched, context-rich data for AI models to effectively detect and respond to threats. Legacy data, with its lack of granularity and context, generates "data debt," hindering AI's potential within cybersecurity. Attackers are using AI to create adaptive, precise strategies, widening the gap with SOCs using inadequate data. Transitioning to AI-ready data involves structuring and enriching information to feed AI models efficiently. AI-driven detection and response are enhanced by comprehensive, real-time data that captures full event contexts. As AI technology evolves, the quality of data fed into AI systems has become critical to outperform advanced threats. The quality and structure of data are as decisive for AI in cybersecurity as nutrition is for a triathlete's performance.

The Zero Day Initiative announces a $1 million bounty for a zero-click WhatsApp exploit at Pwn2Own Ireland 2025. Meta, alongside Synology and QNAP, sponsors the event scheduled for October 21-24 in Cork, Ireland. Contest targets multiple technologies, including mobile phones, smart home devices, and wearable tech from big brands like Samsung and Apple. This year, the contest introduces expanded attack vectors including USB port exploitation to compromise locked mobile devices. Registration for participants ends on October 16, with the competition order decided by a random drawing. After successful exploits, vendors have a 90-day window to patch vulnerabilities before they are publicly disclosed by the Zero Day Initiative. The previous year's event in Ireland awarded over $1 million for various security vulnerabilities across multiple devices.

A cybercriminal group "UNC2891" used a Raspberry Pi connected to a bank’s network to illegally withdraw money from an ATM in Indonesia. The device, equipped with a 4G modem, facilitated remote access to the bank's network, bypassing security measures like perimeter firewalls. UNC2891 deployed a backdoor, Tinyshell, to maintain persistent control over the network and facilitate the cash theft. Although some of the loot was successfully extracted, the attack was mitigated a few days after the first withdrawal. The attackers also aimed to deploy a rootkit named "Caketap" to spoof authorization messages for further withdrawals. Forensic investigators struggled to trace and address the breach due to advanced obfuscation techniques used by the criminals. The incident highlights the necessity for enhanced network and memory forensics beyond conventional incident response strategies.

Storm-2603, a suspected China-based threat actor, has utilized vulnerabilities in Microsoft SharePoint to deploy ransomware variants including Warlock and LockBit Black. This group employs a diverse toolbox integrating legitimate software and custom malicious tools, utilizing both HTTP and DNS communication protocols via their AK47 C2 framework. Their operations were notably targeting organizations in Latin America and the Asia-Pacific region throughout the first half of 2025. Tools mentioned include masscan, WinPcap, and a custom DNS-commanded backdoor, along with malware execution through cmd.exe. Storm-2603 also uses techniques like BYOVD to bypass security measures by using third-party drivers to disable endpoint defenses. Despite their ransomware deployment, the exact motivation—whether espionage or purely financial—is still undetermined. This group’s approach indicates a blend of APT-level tactics and criminal activities, raising concerns about the evolving sophistication in global cyber threats.

ASIO Director-General Mike Burgess highlighted the risks of Australian defense employees listing sensitive job details on LinkedIn. Foreign intelligence services are intensifying efforts to target Australians involved in defense and intelligence through cyber espionage and other methods. Multiple incidents noted where foreign entities approached Australian defense contractors at events and compromised their systems, leading to intellectual property theft. Over 35,000 Australians with profiles on LinkedIn indicate access to potentially classified information. Despite a decrease in numbers, Burgess expressed concern over the still prevalent over-sharing on professional networks. The Australian Strategic Policy Institute report suggests Australian intelligence is lagging behind in technology updates, impacting their capabilities. Burgess called for improved personal and organizational cybersecurity practices to mitigate espionage risks.

Ransomware gangs are increasingly threatening physical violence against employees and their families to compel payment from victim organizations. A survey by Censuswide for Semperis found that 40% of 1,500 security and IT professionals reported physical threats from attackers. Traditional threats remain prevalent, with 52% facing system lockouts and 63% experiencing data destruction threats. Attackers also threaten regulatory repercussions, with nearly half of the respondents indicating a risk of complaints to authorities similar to the SEC complaint against MeridianLink. Semperis' report shows that 78% of organizations surveyed faced a ransomware attack in the past year; 56% of these attacks resulted in successful infections. A notable decline in recovery speed from ransomware attacks was observed, with only 23% recovering within a day, down from 39% the previous year. Approximately 15% of organizations that paid the ransom did not receive functional decryption keys, and an additional 3% reported leaked data despite payment. Semperis' director of breach preparedness and response, Jeff Wichman, emphasized the dangers of paying ransoms, noting that attackers often resell stolen data.

Illumina has settled with the U.S. government for $9.8 million over allegations of selling insecure genetic testing systems. The Department of Justice claimed Illumina failed to meet required cybersecurity standards while billing government agencies for compliant devices. The settlement addresses whistleblower claims that for over seven years, Illumina submitted false claims regarding the security compliance of their devices. Illumina controls over 80% of the global genetic testing market, highlighting significant impact potential from the alleged security lapses. Security concerns included hardcoded user credentials, improper account privileges, and unresolved insider threat mitigation. Despite the allegations, Illumina made no admission of wrongdoing, citing the settlement as a measure to avoid prolonged litigation and costs. The company asserts to have rectified the implicated software issues and emphasizes its commitment to stringent data security and customer relationship management. Illumina expresses relief at resolving these issues while emphasizing investments in cybersecurity best practices.

Kali Linux has been updated to run on macOS systems within Apple's new containerization framework on Apple Silicon. The feature was introduced at Apple's WWDC 2025, highlighting integration similar to Microsoft’s WSL2 for Linux distros. Users must install a specific CLI through Homebrew and use commands to launch and manage the Kali Linux container. This implementation supports mounting local directories to the Kali VM to enable file access from the host macOS. The new containerization on macOS Sequoia currently faces some limitations, such as lack of support for Intel Macs and networking issues within containers. Cybersecurity experts advise that certain Kali Linux use cases might be restricted due to the inability to perform hardware passthrough. Though there are identified bugs and limitations, this development simplifies the process of conducting security tests on macOS using Kali Linux.