Daily Brief

WhatsApp has launched a new feature called Private Processing, enabling AI enhancements while ensuring privacy. This technology allows users to utilize AI for actions like message summarization without compromising the security of message contents. Messages are processed in a Confidential Virtual Machine (CVM), where no third parties, including Meta or WhatsApp, can access the users' data. Private Processing uses anonymous credentials and Oblivious HTTP connections to protect user identity and data integrity. A Trusted Execution Environment (TEE) processes user requests and sends information back to the device in an encrypted format that only the device and server can decrypt. Meta acknowledges potential security vulnerabilities such as insider threats and supply chain risks, taking a defense-in-depth approach to mitigate these. Meta plans to release third-party logs for external scrutiny to assure transparency and further safeguard user data. The launch complements similar initiatives by other tech giants like Apple, which has developed its own confidential AI processing technologies.

Google Threat Intelligence Group observed 75 zero-day exploits in 2024, a decrease from 98 in 2023 but an increase from prior years. Over 50% of these exploits were linked to cyberespionage by state-sponsored groups and commercial surveillance vendors, with significant activity from China and North Korea. Enterprise technology, especially security and networking products, were the primary targets, comprising 44% of the total zero-days. Notable affected vendors included Microsoft, Google, Apple, and Ivanti, with Ivanti notably targeted by China’s UNC5221 group. The exploitation landscape is supported by a thriving underground market for zero-day exploits and slow adoption of secure development practices. Intelligence from the Five Eyes alliance indicates that zero-days are among the most abused vulnerabilities, urging vendors to enhance vulnerability management. Google predicts a continued rise in zero-day exploits despite improvements in vendor security practices, suggesting these will remain a critical threat in enterprise technology sectors.

South Korean mobile provider SK Telecom will offer free SIM card replacements to 25 million customers due to a USIM data breach. The breach, detected on April 19, involved malware that allowed theft of SIM data, including IMSI and MSISDN numbers, but did not expose personal or financial information. The primary risk associated with the breach is unauthorized SIM swapping, which could lead to cloned SIM cards. SK Telecom has enhanced its Fraud Detection System and SIM Protection Service to block unauthorized porting attempts. The company currently has 1 million SIM cards available and plans to secure an additional 5 million by May 2025, aiming to replace up to 6 million SIMs. Only subscribers as of April 18, 2025, are eligible for the replacement, and they must book through an online system to manage potential congestion. Investigations into the full extent and cause of the breach are ongoing, and no secondary damage or dark web leaks have been confirmed yet. Affected customers will receive personalized security instructions and can benefit from temporarily disabled roaming services, with plans to upgrade this feature for international use.

Generative AI services like OpenAI ChatGPT and Google Gemini are vulnerable to "jailbreak" attacks, where safety guardrails are bypassed to generate harmful content. Two main jailbreak methods identified: "Inception," which involves nested scenarios to elude safety measures, and direct querying about restricted responses. These attacks could allow the generation of illicit content including malware code and phishing schemes. Additional findings suggest generative AI can produce insecure code as a default, highlighting the risks in AI-driven software development ("vibe coding"). Security assessments on OpenAI’s GPT models show newer versions may introduce unintended security vulnerabilities, complicating model updates. The Model Context Protocol (MCP) can be exploited to perform covert data theft or manipulate AI behavior, as demonstrated in practical attacks and unauthorized Chrome extension activities. Researchers call for robust built-in guardrails and thorough testing of AI models to mitigate potential abuses and security breaches.

China has surpassed Russia as America's primary cybersecurity threat, significantly impacting US critical infrastructure through the Volt Typhoon cyberattacks. Former Rear Admiral Mark Montgomery emphasized the shift in cyber dynamics at the RSA Conference, highlighting China's advanced capabilities in targeted espionage and infrastructure disruption. Montgomery underscored the necessity of aggressive recruitment for US cyber military forces, advocating for the integration of National Guard talents into cyber defense strategies. He criticized the current corporate management of critical infrastructures, suggesting that US corporations lack motivation to enhance security measures against cyber threats. Montgomery proposed extending the Sarbanes-Oxley Act to enforce stringent cybersecurity measures among corporations to fortify national security. He predicted potential Chinese cyber retaliation linked to geopolitical tensions, particularly concerning Taiwan, which could undermine public confidence and crisis response. Montgomery dismissed other nation-states like North Korea and Iran as lesser threats compared to China, citing their limited capabilities and local focus. The article stresses an urgent need for proactive cyber defense measures to safeguard American interests and security against sophisticated nation-state cyber operations.

CISA has added vulnerabilities in Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail to its Known Exploited Vulnerabilities catalog. A significant arbitrary code execution flaw discovered in multiple versions of Broadcom's specialized Fabric OS could allow attackers with admin privileges to run or modify OS commands. The Broadcom vulnerability, tracked as CVE-2025-1976, was actively exploited, prompting a necessary update to Fabric OS version 9.1.1d7 to mitigate the issue. Commvault's vulnerability (CVE-2025-3928) allows authenticated remote attackers to deploy webshells, affecting several versions of its software on both Windows and Linux platforms. The security flaw in Commvault's systems has also been under active exploitation, despite the fact that exploitation requires authenticated access. Another critical vulnerability in Qualitia Active! Mail was identified, affecting all versions up to BuildInfo: 6.60.05008561 and also actively exploited, predominantly impacting Japanese organizations. CISA has set deadlines for affected organizations to apply critical updates or mitigations to these vulnerabilities, with varying dates in May 2025 for compliance.

An open letter from the EFF and top cybersecurity professionals calls on President Trump to cease the investigation into former CISA head Chris Krebs, labeling it as political retaliation. The campaign against Krebs is linked to his discrediting of election fraud claims, which led to his firing post-2020 election confirmation of security. Trump's presidential memo accuses Krebs of abusing his power at CISA to suppress 'unfavored' viewpoints, particularly regarding election security and COVID-19 narratives. The memo involved revoking Krebs’ and his current employer SentinelOne’s security clearances, potentially affecting federal contracts and infosec community integrity. The cybersecurity community emphasizes the importance of independent, truthful reporting without fear of political repercussions to safeguard democracy. Krebs recently resigned from SentinelOne to focus on defending democracy and freedom of speech outside of corporate influences. Major concerns are raised about the broader implications for cybersecurity practices and national safety if such political interference persists.

SentinelOne identified attempts by a Chinese-related cyberespionage group, PurpleHaze, to conduct reconnaissance on its infrastructure and high-value clients. PurpleHaze is linked to the state-sponsored group APT15 and has previously targeted governmental organizations in South Asia using sophisticated malware such as GoReShell and ShadowPad. The threat actors employed operational relay box networks and Windows backdoors, complicating tracking and attribution of their cyber operations. Analysis revealed that the same South Asian government entity attacked in June 2024 was also a target in a later PurpleHaze operation employing ShadowPad, indicating potential ongoing espionage. ShadowPad has been used to target over 70 organizations across multiple industries, exploiting vulnerabilities in CheckPoint gateway devices. SentinelOne also detected efforts by North Korea-aligned individuals attempting to infiltrate their workforce, and ransomware groups trying to access the company’s security tools to evade detection. The underground cybercrime market continues to thrive, with offerings like 'EDR Testing-as-a-Service' allowing attackers to evaluate and refine their malware discreetly. Nitrogen, a ransomware group run by a Russian national, has been innovating by using social engineering to mimic legitimate companies and bypass security product procurements.

FBI Deputy Assistant Director Cynthia Kaiser highlighted the increased efficiency of Chinese government-backed hackers in utilizing AI across various stages of cyber attacks. These state-sponsored groups have infiltrated U.S. critical infrastructure sectors including government, telecommunications, energy, and water systems, often undetected for extended periods. Specific incidents noted include the Volt Typhoon, which compromised outdated routers to create a botnet aimed at U.S. targets, and the Salt Typhoon, which breached U.S. telecommunication and government networks. Chinese attackers commonly exploit unpatched vulnerabilities or outdated devices to gain initial access, then navigate silently within the compromised networks. AI is being deployed by these attackers not for autonomous end-to-end attacks but to enhance preliminary tasks like scanning and initial exploitation, making these processes faster and more effective. The rise of AI in cyber attacks poses challenges in network security, specifically in detection and prevention of lateral movement within networks. The FBI continues its efforts in tracking and responding to both nation-state and criminal cyber threats, despite recent governmental budget and personnel cuts. Kaiser underscores the importance of implementing robust security measures like multi-factor authentication (MFA) to counter sophisticated social engineering attacks, including those using deepfake technology.

Microsoft 365 Copilot presents new security risks by accessing sensitive data across various SaaS applications. Reco, a SaaS security platform, addresses these vulnerabilities by treating Copilot as part of the SaaS ecosystem requiring continuous monitoring. Reco's security approach includes analyzing user prompts, managing data exposure, and ensuring robust access governance. The platform uses techniques like natural language processing and attack pattern matching to identify suspicious queries. It also monitors Copilot’s actions and outputs, integrating with systems like Microsoft Purview to manage data sensitivity. Reco provides direct visibility into Copilot’s interactions across the SaaS environment, helping to detect potential data breaches or unauthorized accesses. The strategy includes detecting risks from new or unsanctioned integrations that might occur as Copilot gets interconnected with other applications. Reco's comprehensive security measures are critical for entities utilizing Copilot to prevent data leaks and ensure data privacy.

In 2024, Google observed a reduction in zero-day vulnerabilities being exploited, totaling 75, down from 98 in 2023. A significant 44% of these zero-day exploits targeted enterprise security products, with 20 specific flaws in security software and appliances. Shift in zero-day exploit targets includes 33 zero-days in enterprise software, predominantly within tools like Ivanti, Palo Alto Networks, and Cisco. Mobile devices and browsers saw a decline in zero-day exploits, with a third less for browsers and nearly half less for mobile compared to the previous year. Microsoft experienced 22 vulnerabilities, while high-profile vendors like Apple, Android, Chrome, and Firefox also faced various exploits. Six broad threat activity clusters have been linked to 34 of the 75 zero-day vulnerabilities, aligning with espionage and financial motivations. Google discovered sophisticated exploit chains in Firefox and mobile browsers used by threat actors for high-impact attacks, including RomCom RAT deployment. The Google Threat Intelligence Group highlighted the evolution of zero-day threats and noted an improvement in vendor mitigation strategies against such exploits.

In 2024, Google's Threat Intelligence Group reported 75 zero-day vulnerabilities exploited, with over 50% linked to spyware attacks. This represents a decrease from 97 zero-days in 2023, but part of an overall upward trend from 63 in 2022. Notable contributors to these exploits include China-linked groups and North Korean operators, with the latter involved in zero-day exploits blending espionage and financial motives for the first time. The majority of these exploits targeted end-user platforms like web browsers, mobile devices, and desktop operating systems, with Windows emerging as a particularly popular target. Exploits against enterprise-targeted products, such as security and networking software, accounted for 44% of the zero-day attacks, signifying a shift towards more focused attacks on business environments. Google has observed a slow but steady increase in zero-day exploits, although efforts by vendors to mitigate these vulnerabilities are beginning to show results. The future trends in zero-day exploitation are expected to be influenced heavily by vendors' proactive security measures and their ability to adapt to evolving threats.

North Korean operatives are securing jobs in top global companies to steal intellectual property and fund their regime. Methods include using AI-generated LinkedIn profiles and having teams work on job challenges, while a "front man" handles interviews. A simple yet effective interview question about Kim Jong Un instantly reveals these infiltrators, who then terminate the interview. Once hired, these workers perform well to gain further access to company systems and extract sensitive information gradually to avoid detection. The FBI recommends conducting coding tests on company premises and being vigilant about remote work applications to prevent such infiltrations. Perpetrators often leave behind malware and collect sensitive login information even if caught and fired, heightening risks of future breaches. Tactics are evolving, with North Korean operatives adapting to countermeasures, like setting up laptop farms in the US to circumvent IP tracking. Continuous education for all staff involved in the hiring process and increased scrutiny during the interview and onboarding phases are advised to combat this threat.

Researchers from the University of Zurich conducted a secretive AI study on Reddit's r/changemyview, posing as users to test AI's persuasive abilities. The study involved AI-generated responses aimed at altering the viewpoints of real users, without disclosure, violating subreddit rules. The team did not inform the subreddit moderators of their methods, which included using AI to emulate personal traits and argumentative skills. Despite achieving results suggesting that AI can outperform human persuasive benchmarks, the experiment has been criticized for ethical lapses. The experiment had initially received ethical approval from the university, yet variations to the study lacked subsequent ethical reviews. The subreddit moderators have protested the study and requested that the university prevent its publication, citing unethical practices. University insists the study’s insights are vital and do not justify suppression, though external academics criticize the ethical handling and potential harms. The controversy highlights broader concerns about the use of AI in manipulating public opinion and the ethical implications of non-disclosure in research settings.

In March 2025, senior members of the World Uyghur Congress, who live in exile, were targeted by a Windows-based malware aimed at surveillance. The malware was delivered through a spear-phishing campaign using a trojanized version of UyghurEdit++, a legitimate tool designed to support the Uyghur language. Victims received alerts from Google indicating they were subject to government-backed attacks. Investigations suggest these threat actors employed tactics associating with the Chinese government. The malicious emails included Google Drive links that downloaded a password-protected RAR archive containing the compromised software. The malware had capabilities for system profiling, sending collected data to an external server, and could also fetch and execute additional malicious commands and plugins. This incident is part of ongoing digital transnational repression aimed at the Uyghur diaspora, with the intent to monitor their communications and influence concerning the human rights situation in Xinjiang.