Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

AI-Driven Software Development Demands a New Approach to Security Audits

 



Artificial intelligence is rapidly reshaping how software is built, enabling developers to generate code, automate repetitive tasks and accelerate application development. While these tools are helping organizations improve productivity, cybersecurity experts warn that they are also introducing new security and governance challenges that traditional software audits were never designed to address. As AI-generated code becomes more deeply embedded in development workflows, security leaders are being encouraged to expand software audits beyond compliance checks and evaluate how artificial intelligence influences the entire software development lifecycle (SDLC).

Unlike conventional audits, which primarily examine financial records, operational controls and regulatory compliance, modern software audits must determine how AI contributes to software development and whether its use introduces security risks before applications are deployed. This includes identifying which developers are using AI-powered coding assistants, understanding how frequently these tools are used, determining where AI-generated code enters development pipelines, and verifying that approved tools are being used responsibly. Collectively, these activities form what many security professionals now describe as the Agentic Development Lifecycle (ADLC), where governance extends beyond the software itself to the AI systems supporting its creation.

The need for stronger oversight is becoming increasingly urgent. Research has found that one in five organizations has experienced a serious security incident associated with AI-generated code, highlighting how limited visibility into AI-assisted development can expose organizations to unnecessary risk. Without a clear understanding of developer practices and AI tool adoption, Chief Information Security Officers (CISOs) face growing challenges in enforcing security policies, demonstrating regulatory compliance and providing boards with measurable assessments of AI-related risk.

Although AI coding assistants can significantly improve developer efficiency, security specialists caution that they should not be treated as autonomous software engineers. Studies comparing human developers with large language models (LLMs) show that leading AI models can effectively identify issues such as insecure coding patterns, code smells and certain design weaknesses. However, they continue to struggle with more complex security responsibilities, including denial-of-service protections, insufficient logging and permission management. As a result, experienced developers remain essential for reviewing AI-generated code, identifying inaccuracies and ensuring vulnerabilities are eliminated before software reaches production.

Security leaders also recommend that organizations adopt a structured auditing framework for AI-assisted development. This includes maintaining an inventory of approved AI coding tools, mapping AI-generated code to development activities, benchmarking models against known vulnerability patterns and monitoring integrations to ensure AI agents access only authorized tools and data sources. Regular vulnerability assessments, developer upskilling and risk-based evaluations can further help organizations identify skill gaps, strengthen governance and reduce the likelihood of preventable security incidents.

Ultimately, effective AI governance requires more than simply adopting new technologies. By combining continuous oversight with skilled human review and well-defined security policies, organizations can harness the productivity benefits of AI while maintaining secure software development practices. As AI becomes an increasingly permanent part of modern software engineering, comprehensive audits will play a central role in ensuring innovation does not come at the expense of security.

MSG Data Breach: Hackers Leak Facial Recognition Records of 26 Million Visitors

 

A massive data breach at Madison Square Garden has exposed the facial recognition and personal records of millions of visitors, sparking outrage and legal action. The cybercrime group ShinyHunters leaked 45 gigabytes of stolen data after the arena’s parent company missed a ransom deadline, raising serious concerns about biometric privacy and surveillance. 

The breach, which reportedly occurred on June 5, 2026, involved the theft of what hackers claim are 26 million customer and corporate records. The leaked files include biometric tracking logs, internal threat assessments, background check information, and detailed dossiers on attendees—some dating back to 2018. Among the exposed data were references to New York Knicks players, coaches, and talent, with fields listing addresses, contact details, and even “cost of talent.” Customer emails were also part of the dump, including messages from fans who had previously expressed concern about being misidentified by MSG’s facial recognition cameras. 

What makes this incident particularly alarming is MSG’s extensive use of facial recognition technology across its venues. For years, the arena has deployed biometric systems to screen visitors—and controversially, to ban lawyers from firms that have sued the company. The leaked surveillance records now reveal how deeply the venue tracked individuals, creating detailed profiles without clear consent. Privacy advocates argue this breach underscores the risks of unchecked biometric data collection, especially when security practices fail to protect such sensitive information.

In the wake of the leak, a federal class-action lawsuit—Avalo v. MSG Entertainment—was filed on June 16 in a New York court. The plaintiff, Carlos Avalo, alleges his biometric data was captured during a 2025 concert visit without proper disclosure or consent. The suit seeks at least $5 million in initial damages and highlights violations of biometric privacy laws. This is not MSG’s first major breach in under a year, further eroding trust in the company’s ability to safeguard visitor data. Despite repeated requests, MSG Entertainment has not publicly confirmed the full scope of the breach or commented on the lawsuits. 

The ShinyHunters group, known for targeting high-profile organizations like Kodak and Instructure, claimed responsibility for the attack, alleging they gained access by socially engineering a low-level employee. The incident serves as a stark reminder of the vulnerabilities in even the most advanced surveillance systems—and the human element that often remains the weakest link. As investigations continue, the breach raises urgent questions about the ethics of biometric data collection, the adequacy of current privacy regulations, and the responsibilities of venues that turn guests into data profiles.

Google Targets NetNut Residential Proxy Network Operating Across Two Million Devices


 

Several international authorities have coordinated operations to disrupt the infrastructure behind a large residential proxy network, also known as Popa, after Google dealt a significant blow to one of the internet's largest residential proxy ecosystems. 

Through the action, which was conducted in collaboration with Lumen Technologies, the FBI, and other industry partners, millions of compromised Android-powered devices, including smart TVs, streaming boxes, and other internet-connected consumer hardware, were prevented from accessing the network. This significantly reduced the network's operational capacity. 

In the network, ordinary household devices were covertly transformed into proxy relays that permitted cybercriminals and state-linked threat actors to route malicious activity through legitimate residential IP addresses while masking their identities while provoking suspicions among unsuspecting individuals. 

According to security researchers, there are at least two million compromised devices worldwide comprised of the botnet, indicating both its scope and the growing misuse of consumer IoT infrastructure in modern cyber campaigns. In addition to its sheer scale, NetNut has become an integral component of the underground residential proxy market, providing infrastructure to hundreds of cybercriminals and espionage-linked threat actors. 

Several domains were used to conduct the operations of the service, including netnut.com, seized as a result of the FBI's disruption efforts. Researchers at the Google Threat Intelligence Group (GTIG) observed 316 distinct threat clusters that leveraged suspected NetNut exit nodes during one week last month, illustrating the platform's substantial operational reach. 

As a result of the analysis, attackers were not only able to hide access to their own infrastructure, but also were able to conduct password-spreading campaigns and establish covert connections into targeted environments by using trusted residential IP addresses. NetNut operators are dependent on Google to provide malware command-and-control (C2) services, so Google disabled their accounts and cloud services, effectively cutting them off from their critical backend infrastructure. 

The company notified affected Android users and deactivated malicious applications associated with the botnet simultaneously through Google Play Protect, and it distributed technical intelligence on NetNut's software development kits (SDKs) and C2 architecture to platform providers, law enforcement agencies, and cybersecurity researchers in order to strengthen coordination in detection and mitigation. 

Moreover, Google emphasized that the disruption is likely to spread beyond a single botnet, as NetNut's reseller model has provided infrastructure to multiple residential proxy providers for many years, making the operation potentially significant for the entire illicit proxy ecosystem. Investigations into the operation have also highlighted the commercial infrastructure that underpins the proxy network. 

A report from Qurium, Synthient, Nokia Deepfield, and Spur in June linked the Popa botnet to NetNut, an Israeli public company owned by Alarum Technologies. During controlled testing, Synthient demonstrated that traffic routed through NetNut's commercial gateway originated from a device that was intentionally enrolled in the Popa network, providing evidence that the commercial proxy service was directly connected to compromised endpoints. 

In addition to the researchers refraining from attribution of intent or operational knowledge to Google, Google stated that its own threat intelligence was consistent with the public findings, treating NetNut and Popa as components of the same network and supporting the research team's assessment of proxy infrastructure construction. 

In contrast, Alarum has firmly rejected those conclusions, rejecting the categorization of NetNut as a botnet, and stating that the research is based on "unverified facts, as opposed to demonstrably inaccurate assertions and flawed deductions." In addition to maintaining that its platform operates as a legitimate, consent-based bandwidth-sharing service, the company maintains that it does not compromise user devices or function without authorization. 

Synthient's analysis challenged that position, revealing that none of the twenty examined applications related to the ecosystem provided meaningful consent prompts before enrolling users' devices in bandwidth sharing operations, raising further questions about transparency in the software distribution process. 

Aside from cautioning that removing NetNut represents only the first phase of a much larger effort, Google also stressed that the company operates a large white-label reseller program that allows third parties to market access to the same residential proxy infrastructure under a variety of brand names. As the company points out, a number of residential proxy services which appear to be independent ultimately draw connectivity from the NetNut device pool, so disruptions can affect multiple brands simultaneously if one provider is disrupted. 

However, Google characterized the latest actions as degradation, not a complete takedown, pointing out that operators have previously restored capacity through the use of competing proxy providers to source infrastructure. As evidence of the resilience of these interconnected ecosystems, the company cited its disruption of the China-linked IPIDEA residential proxy network in January and its subsequent legal action against the operators of the BadBox 2.0 botnet, whose Android TV infrastructure is similar to Popa, which was launched in July 2025. 

In order to create long-term impact, sustained, coordinated disruption across multiple providers must be undertaken. According to researchers, consumers' access to residential proxy networks is most commonly facilitated by applications that offer financial rewards for "unused bandwidth" or "sharing internet access." It is highly recommended that security teams only install apps from trusted app stores, carefully review VPN and proxy software permission requests, enable protections such as Google Play Protect, and purchase smart TVs and streaming devices from reputable manufacturers to minimize the risk of preloaded or malicious software being installed. 

Additionally, the report warns that residential IP addresses will not be in short supply in the cybercriminal ecosystem following NetNut's disruption. In order to identify any reemergence of NetNut-related traffic, continued monitoring of reseller brands and successor infrastructure is essential. 

According to Alarum's corporate legal counsel, Omer Weiss, a statement following the operation was issued by the company in which it was made aware of the FBI's seizure of certain NetNut-related domains on July 2, 2026. According to Weiss, Alarum is seriously concerned about the matter and will work closely with law enforcement authorities to investigate any misuse of its infrastructure and support the pursuit of accountability for those responsible. 

 As a result of NetNut's disruption, an important step in challenging the growing abuse of residential proxy infrastructure has been achieved, but the disruption also underscores the increasingly interconnected nature of commercial services, compromised consumer devices, and cybercriminal operations as well.

In a rapidly evolving proxy ecosystem characterized by reseller networks and shared infrastructure, sustained collaboration between technology providers, law enforcement agencies, and cybersecurity professionals will remain crucial. Maintaining trusted software sources, enforcing built-in security protections, and monitoring for unauthorized network activity remain practical safeguards against a threat landscape that is becoming increasingly adaptable.

Apple Expands AI in iOS 27 with Smarter Everyday Features Beyond Siri

 

Apple is expanding its artificial intelligence strategy beyond Siri with iOS 27 by integrating AI across its apps and services instead of relying on a standalone chatbot. The new features are designed to simplify everyday tasks through automation while giving users control and maintaining Apple’s privacy-first approach. 

One of the key additions is Bill Splitting, which uses Apple Cash to divide restaurant bills. After scanning or uploading a receipt, Apple Intelligence identifies ordered items, quantities, taxes, tips, and the total amount. Through Messages, users can select what they ordered, allowing everyone to pay their share without manually calculating costs. Apple is also enhancing account security with its Passwords app. 

The feature can detect compromised or weak credentials exposed in data breaches, recommend stronger passwords, and securely update them on supported websites without requiring users to manually log in and change each password. The Messages app is gaining AI-powered suggestions that help users complete common tasks. It can recommend photos when someone asks about a past event, suggest creating reminders when someone requests an item, and prompt users to add meetings or dinner plans to their Calendar without leaving the conversation. 

A new Call Context feature will display useful information, such as booking confirmation numbers stored in Mail, during customer service calls. Apple says all processing happens on the device, ensuring personal information remains private. The Shortcuts app is also becoming easier to use by allowing users to create automations using natural language. Instead of manually building workflows, users can simply describe what they want, such as updating their calendar, controlling smart home devices, or sharing their ETA with family members.  

Additional iOS 27 features include AI-powered tab organization in Safari, which groups related webpages by topic, and smarter Home app notifications that combine multiple smart home events into a single alert. Apple has also improved search within the Home app to help users quickly find important camera clips, such as package deliveries. Together, these updates highlight Apple’s broader AI vision of embedding intelligence throughout its software rather than limiting it to Siri. 

By integrating AI into familiar apps, the company aims to make daily tasks faster, simpler, and more secure while continuing to prioritize user privacy.

Anubis Ransomware Gang Attacks Again, Exploit Remote Access


Hackers linked with Anubis ransomware operation were found abusing the Citrix Bleed 2 (CVE-2025-5777) flaw to find initial access. 

According to Arctic Wolf, the techniques vary among different affiliates, and few patterns surfaced in tradecraft via authentic Remote Management and Monitoring (RMM) tooling, hands-on-keyboard procedures and credential access. 

Anubis also exploited authentic remote access and admin tools such as MeshAgent, Total Software Deployment, ScreenConnect, UltraVNC, and Zoho Assist to merge with usual IT operations while handling control of target systems.

About Anubis 

Anubis is a RaaS gang that first surfaced in late 2024 as a spinoff of Sphinx ransomware. The ransomware campaign was first disclosed on the Ransomware and Advanced Malware Protection (RAMP) darkweb forum in February last year. As per the data from Ransomware.Live, the cybercrime gang has taken responsibility for 91 victims on its data leak website, with 11 targets in June 2026.

Areas impacted

Some significant areas attacked are business services, technology, financial services, healthcare, and technology. Above 50% of the targets are based in the U.S, then U.K, Australia, France, and Canada.

Rubrik Zero Labs published a report in July 2025 which said Anubis promotes promising profit splits, which offers 80% of the ransom paid, and combines it with a data wiping (irresistible) feature to further blackmail the victims to pay upfront.

Experts at Rubrik said that “when Anubis's /WIPEMODE module is activated, files remain in directories but are reduced to a 0 KB size regardless of ransom payment.” The experts added that when “Anubis changes ransomware’s traditional strategic calculus, it creates powerful incentives for motivated threat actors to deploy Anubis in pursuit of lucrative returns.”

The impact

Commenting on the severity of the attack, Rubrik said that, “Knowing threat actors can revert victims' environments to this scorched-earth state with a single command significantly increases pressure on victims to pay before the wiper is fully activated.”

The ransomware incidents in 2026 consist both exploitation of CVE-2025-5777 (CVSS score: 9.3), a severe flaw affecting Citrix Net and valid VPN credential use.

The source of VPN credentials in these attacks is unknown, but experts say that they are likely to be collected after the first compromise, or via credential stuffing, initial access brokers (IABs), or information stealer operations.  

runZero Uncovers Seven FatFs Vulnerabilities That Could Expose Millions of Embedded Devices to Code Execution

 

Security firm runZero has revealed seven security vulnerabilities in FatFs, a lightweight filesystem library widely used by embedded devices to read and write FAT and exFAT storage formats found on USB drives and SD cards.

The vulnerabilities are considered significant because FatFs is integrated into the firmware powering a broad range of products, including security cameras, drones, industrial control systems, hardware cryptocurrency wallets, and devices running real-time operating systems (RTOS).

According to the researchers, attackers could exploit the flaws by introducing a specially crafted USB drive, SD card, or malicious firmware update file to vulnerable devices. On severely affected systems, successful exploitation could lead to memory corruption and arbitrary code execution.

runZero noted that many embedded devices do not implement the memory protection mechanisms commonly found in smartphones and desktop operating systems. As a result, "any physical access leads to a jailbreak." The researchers warned that devices such as public kiosks, security cameras with SD card slots, ATMs, and voting machines equipped with USB ports could potentially be compromised with only brief physical access.

The seven vulnerabilities stem from a similar root cause. When FatFs processes intentionally malformed storage media or firmware images, it improperly handles invalid data, creating opportunities for crashes, memory corruption, or data leakage. The vulnerabilities have received CVSS ratings ranging from Medium to High, with none classified as Critical.

The most severe issue, tracked as CVE-2026-6682 (CVSS 7.6), is an integer overflow affecting FAT32 volume mounting. Incorrect calculations can generate an inaccurate file size, which is later interpreted as a legitimate read length, potentially resulting in memory corruption and remote code execution.

The complete list of disclosed vulnerabilities includes:

  • CVE-2026-6682 (CVSS 7.6 – High): Integer overflow during FAT32 volume mounting that can cause memory corruption and possible code execution. The flaw may also be exploited through certain firmware update mechanisms.
  • CVE-2026-6687 (CVSS 7.6 – High): A buffer overflow involving an exFAT volume-label field that enables memory corruption.
  • CVE-2026-6688 (CVSS 7.6 – High): Long filenames can overflow wrapper code commonly implemented around FatFs, making mitigation dependent on downstream developers rather than the library itself.
  • CVE-2026-6685 (CVSS 6.1 – Medium): Integer wraparound in cache handling for fragmented volumes that may silently corrupt stored data.
  • CVE-2026-6683 (CVSS 4.6 – Medium): Divide-by-zero vulnerability in exFAT handling that can crash devices and potentially render hardware unusable during firmware updates.
  • CVE-2026-6686 (CVSS 4.6 – Medium): Improper file extension handling that may expose residual data from previously deleted files.
  • CVE-2026-6684 (CVSS 4.6 – Medium): A malformed GPT partition table can cause devices to hang while mounting storage media. This is currently the only vulnerability addressed upstream in FatFs version R0.16.

runZero also highlighted challenges surrounding coordinated disclosure. The company said it repeatedly attempted to contact the FatFs maintainer and involved Japan's JPCERT/CC coordination center but did not receive a response.

As a result, the researchers stated that there are currently no upstream patches for the memory corruption vulnerabilities, no dedicated security advisory process, and no centralized mechanism for notifying the numerous vendors that bundle FatFs into their products. While upgrading to FatFs R0.16 mitigates the GPT partition issue, the remaining vulnerabilities require downstream vendors to develop and distribute their own fixes.

The vulnerabilities affect multiple software platforms and frameworks that incorporate FatFs, including Espressif ESP-IDF, STMicroelectronics STM32Cube, Zephyr, MicroPython, ArduPilot, RT-Thread, Mbed, Samsung TizenRT, and the SWUpdate firmware updater. This broad adoption extends the potential impact across consumer IoT devices, industrial equipment, drones, and cryptocurrency hardware wallets.

As of runZero's public disclosure on July 1, no known attacks exploiting these vulnerabilities had been reported. However, the researchers have released proof-of-concept disk images, a testing framework, and a functional QEMU-based exploit demonstration, making technical details publicly available.

For firmware developers, runZero recommends identifying any bundled FatFs implementations, reviewing wrapper code for unsafe filename and file-size handling, and preparing vendor-specific patches. Organizations operating affected devices are advised to treat USB ports, SD card slots, and firmware update channels as potential attack vectors by restricting physical access and applying firmware updates as they become available.

AI-assisted vulnerability research speeds up discovery

runZero revealed that it initially reviewed FatFs manually in 2017 but found few noteworthy issues. During a renewed assessment in March 2026, the researchers employed an AI-assisted workflow using Visual Studio Code, GitHub Copilot running in "auto" mode, and a series of simple prompts.

The AI-generated workflow created a fuzzer capable of feeding malformed inputs into the filesystem library, uncovering vulnerabilities that had been missed during the earlier manual review while also helping validate their exploitability.

The researchers compared this trend to other recent AI-assisted security discoveries, including Google's Big Sleep identifying an exploitable memory flaw in SQLite during late 2024 and an autonomous AI agent discovering 21 memory-safety vulnerabilities in FFmpeg last month.

runZero argued that the increasing accessibility of AI-powered security research means attackers can leverage similar techniques, making timely vulnerability disclosure and remediation increasingly important.

The company also warned that patch deployment across the embedded ecosystem is likely to take years rather than months. It cited the 2024 PixieFail vulnerabilities affecting EDK II firmware as an example of slow downstream remediation and suggested that FatFs faces an even greater challenge due to the absence of an active upstream security response.

Until upstream fixes become available and platform vendors release security updates, organizations should assume that many deployed embedded devices continue to process untrusted FAT and exFAT media using vulnerable code.

Nissan Confirms Employee Data Breach Following Oracle PeopleSoft Zero-Day Cyberattack

 

Nissan has confirmed that it fell victim to a third-party cyberattack after being targeted as an Oracle PeopleSoft user, making it the latest company to suffer an attack due to a yet-revealed vulnerability. The breach is currently under investigation, with Nissan reporting that the attackers could have accessed the personal data of thousands of employees worldwide. 

Based on the breach notification sent to the California Department of Consumer Affairs, Nissan Americas uses Oracle PeopleSoft to perform essential employee management functions, including payroll, taxes, and record-keeping. The attack relied on a zero-day flaw, CVE-2026-35273, which was patched later, with the vulnerability already being actively exploited. There breached data is reported to affect current and former employees in the United States, Canada, Mexico, and Brazil. 

Notably, the data includes social security, banking, financial, and tax information. Nissan is currently investigating the scope of the damage, with the company yet to conclude its research. Researchers report that ShinyHunters extortion gang is behind the identified Oracle PeopleSoft-related attacks, with over 100 companies already reportedly identified as victims of the zero-day flaw. 

Although Nissan was not found on the ShinyHunters data leak site, reports suggest that the cybercriminals might still use the data for extortion. It remains unclear whether the breached data would be published or utilized in ransomware attacks by the threat actors. The vulnerability affecting Oracle PeopleSoft, which has been reported to affect thousands of enterprise users worldwide, continues to raise concerns. 

Since the affected software is designed for critical data, including employee management, the security flaw may have severe implications. Besides Nissan, several companies have been reported to fall victim to the vulnerability, with Everest Ransomware Group recently claiming to have stolen customer data from the car manufacturer. Cybercriminals seem to target major manufacturers, including those based in the United States and threatening to expose the data for extortion. 

Although only a handful of companies have officially confirmed to be victims of the Oracle PeopleSoft cyberattack, others are likely to suffer due to the scale of the problem. National Association of Insurance Commissioners recently confirmed being a victim of the attack, with the University of Nottingham also reportedly being among the affected institutions. 

The most significant damage, however, seems to be related to the education sector, with Illinois Central College and Moody Bible Institute being the only two confirmed victims at the time of the publication. According to cybersecurity analysts, the sector has suffered the largest fallout from the PeopleSoft attack, with several universities reportedly being targeted by the ShinyHunters extortion gang. 

Another PeopleSoft cyberattack serves as a reminder of the constant security challenges facing enterprise users relying on the application to protect sensitive employee data. With investigations into the breach underway, more companies may be identified as victims of the attack in the coming weeks.

81 Million Login Attempts Linked to Azure CLI Password Spray Attack

 


A large-scale password spraying campaign targeting Microsoft 365 environments through Microsoft’s Azure Command-Line Interface (Azure CLI) generated more than 81 million authentication attempts and compromised at least 78 user accounts across 64 organizations, according to cybersecurity firm Huntress.

Huntress said the activity was observed between June 12 and June 21, with attackers typically compromising two to four accounts per day before activity surged around June 22, when 23 organizations were affected. Most of the login attempts originated from AS32167, an autonomous system associated with hosting provider LSHIY LLC.

The company said the campaign formed part of a larger wave of credential-spraying attacks spanning multiple autonomous systems and noted that the volume of such attacks across its customer base has increased more than 155-fold during the past six months. Investigators believe the operation relied primarily on previously exposed username-and-password combinations obtained from credential leak collections.

A key element of the campaign was the use of the OAuth Resource Owner Password Credentials (ROPC) flow through Azure CLI. Although ROPC has been deprecated in OAuth 2.1, it can still exchange valid usernames and passwords directly for access tokens without an interactive sign-in prompt. Huntress said this allowed attackers to authenticate successfully in environments where multi-factor authentication policies did not fully cover that authentication flow.

The investigation identified several configuration gaps among affected organizations, including MFA policies applied only to certain cloud applications or user groups, enforcement limited to non-trusted locations, and policies that had been configured but never enforced. Huntress also found that eight impacted organizations had no MFA policy enabled.

Huntress emphasized that the findings should not be interpreted as evidence that MFA is ineffective. Instead, organizations should review Conditional Access policies, eliminate deprecated authentication methods where possible, ensure MFA protections apply to all supported sign-in flows, and monitor Azure CLI authentication activity for unusual login patterns.

The IPv6 address range used in the campaign belongs to LSHIY, an internet infrastructure provider registered in Hong Kong, Wuhan, China, and New York. Huntress said it reported the activity through the provider’s abuse-reporting channel but had not received a response.

BioSchocking Attacks Tricked AI-powered Browsers into Data Theft


A new prompt injection termed “BioShocking” can manipulate AI-based browsers into treating malicious actions as a video game, and give away your login credentials. The technique was discovered by experts at security firm LayerX. The experts tricked six AI-powered browsers and assistants into recording users’ credentials and sending them to the threat actor. 

The browsers include:

ChatGPT Atlas from OpenAI

Comet from Perplexity

Anthropic’s Claude browser

Fellou

Genspark browser

Sigma browser

LayerX experts made a proof-of-concept (PoC), which was tested against these agentic AI browser products. The findings revealed that only one browser addressed the issue after receiving the report.

What is an AI browser?

An AI browser can streamline the entire workflow for the users. If you switch it to agent mode, it can click type, and visit sites that the user has already logged into. Access is the key point hare, which also becomes the problem.

BioShocking attack tactic

Experts made a (PoC) in which an infected webpage showed a BioShock-themed puzzle that rewards wrong answers. This tricks the browser that normal rules are not applicable. 

The trap works because of how these AI-powered browsers read. The webpage and instruction surface as a single stream of text, which allows a malicious page access in commands mimicking ordinary content or game rules. The agent can not tell which is which. Experts have termed this indirect prompt injection.

Tricking the browser

For instance, the compromise starts with a web page made as a puzzle. 3+4+=9 is a wrong answer but the browser rewards it. When the agent accepts that wrong answer is the reward, it follows game puzzle logic not security logic. Following this, the puzzle asks the browser to record login credentials. All six browsers could not flag it as something malicious. To win the game, the agent is commanded to go to a GitHub repository and share the data in the code, such as sensitive data like passwords.

When the link is sent to the target's GitHub repository, it retrieves SSH login credentials and sends them to the hackers. The main issue here is that browsers can’t differentiate between real scenarios and malicious fictional ones. 

According to LayerX, “Once the agents figured out the rules and learned that 'incorrect' actions are acceptable, they were no longer tied to reality.” “When tasked with the final step of the puzzle – compromising user credentials – all 6 agents failed to identify it as going against their safety guardrails,” the experts continued.

The PoC did not execute any malicious commands but warned that it could do so.

AI vendors’ response

According to experts, only OpenAI implemented a working patch for BioShocking in its browser.

Anthropic tried to fix the issue on its chrome login, but the patch was not working against the PoC. Perplexity did not fix the issue, and closed the report. 

LayerX advises that AI vendors should add specific user acknowledgement for sensitive work, and stronger security checks.

Google Cripples NetNut Proxy Network Spanning 2 Million Devices

 

Google has delivered a major blow to NetNut, one of the world’s largest residential proxy networks, by crippling its ability to route malicious traffic through millions of compromised home devices. The operation, conducted in coordination with the FBI, Lumen, and other partners, marks a significant escalation in the fight against infrastructure that cybercriminals rely on to hide their activities. 

Google’s Threat Intelligence Group (GTIG) estimates that NetNut—also tracked under the name Popa—spanned at least 2 million devices globally, including smart TVs, streaming boxes, and other internet-connected appliances. In a single week in June, Google observed 316 distinct threat clusters using suspected NetNut exit nodes to mask their location and carry out activities such as password guessing and malware distribution. By disabling accounts and services tied to NetNut’s command-and-control infrastructure, Google says it has reduced the network’s usable device pool by millions, severely degrading its business operations. 

NetNut grew by embedding its software development kit (SDK) into seemingly legitimate apps and firmware, often on low-cost or no-name hardware. Many victims unknowingly installed applications that promised payment for “unused bandwidth” or “sharing your internet,” a common lure for these networks. Once integrated, the SDK turned devices into relays for other people’s traffic, making malicious activity appear to originate from ordinary home IP addresses and helping attackers bypass security tools and geo-restrictions. 

Google’s response combined legal, technical, and user-protection measures. The company disabled infrastructure used for NetNut-related malware operations, shared detailed technical intelligence on the group’s SDK and backend systems with law enforcement, and worked with partners to seize domains controlling compromised devices. On the user side, Google Play Protect was updated to automatically warn users and disable apps found to integrate the NetNut SDK, while Google identified hundreds of Android apps and thousands of Windows files linked to the network’s infrastructure.

While Google describes the action as a “degradation” rather than a full takedown—NetNut also operates through reseller programs and white-label brands—the disruption raises the cost and complexity for attackers using residential proxies. For everyday users, the incident underscores the risk of installing obscure apps, especially those offering payouts for bandwidth, and of using cheap, unbranded streaming devices. Sticking to official app stores, reviewing app permissions, keeping Play Protect enabled, and buying hardware from reputable manufacturers remain the best defenses against ending up as an unwitting node in the next NetNut-style network.

Anthropic Clarifies Claude Fable 5 Subscription Removal Is Temporary, Plans Return After Capacity Improves

 

Anthropic has clarified that its flagship AI model, Claude Fable 5, will no longer be included in Claude subscription plans after July 7. However, the company emphasized that the change is temporary and that it intends to bring the model back to subscription tiers once it has enough infrastructure capacity to support demand.

The update comes shortly after Anthropic reinstated access to Fable 5 following the removal of US export restrictions on its advanced AI models, Fable 5 and Mythos 5.

With the relaunch, the company made Fable 5 available across Claude.ai, Claude Code, Claude Cowork, and the Claude Platform. However, due to overwhelming user interest, Anthropic has decided to limit access and transition the model to a usage-based billing system starting next week.

"For Pro, Max, Team, and select Enterprise plans, Fable 5 will be included for up to 50% of weekly usage limits through July 7, after which it will be available via usage credits," Anthropic said in its original blog post.

That announcement sparked concerns among users that Claude Fable 5, the company's most advanced AI model, would permanently become a premium add-on instead of remaining part of standard subscription plans.

Addressing those concerns, a Claude Code lead engineer confirmed that the shift is not intended to be permanent and that Anthropic plans to restore the model to subscription offerings when resources permit.

"I've heard a lot of questions about Fable's availability on subscription plans," the engineer wrote in a post on X. "While it will come off subscriptions after July 7th, we aim to restore Fable as a standard part of our subscriptions as soon as capacity allows, as we mentioned in our original blog post."

Anthropic expects unpredictable demand for Fable 5

Anthropic acknowledged that estimating demand for Fable 5 remains challenging, noting that interest in the model is expected to remain exceptionally high.

According to the company, Fable 5 is currently fully accessible through the Claude API and consumption-based Enterprise plans. Subscription-based access, however, is being introduced gradually to better manage capacity.

"For subscription plans, we’d rather give access sooner than later, so we’re rolling out more conservatively, in stages," Anthropic said.

The company also reiterated that it plans to make Fable 5 a standard feature of subscription plans again once additional capacity becomes available.

"when sufficient capacity allows us to do so."

Until then, users on Claude subscription plans who want continued access to Fable 5 after July 7 will need to use usage credits, as the temporary billing change will remain in effect.

U.S. Secures Extradition of 19-Year-Old Linked to Scattered Spider


US authorities have intensified their pursuit of individuals linked to the financially motivated hacking collective Scattered Spider, and the extradition of a 19-year-old suspect marks another significant development. 

Peter Stokes, who is a dual citizen of the United States and Estonia, is accused of taking part in coordinated cyber intrusions, ransomware extortion, and fraud operations linked to the group, which disrupted more than 100 organizations across critical industries and generated more than $100 million in extortion payments for the group. 

After Stokes was arrested in Finland on a Red Notice from Interpol, he was transferred to the United States to be tried on several federal charges, which included conspiracy, computer intrusion, and extortion, demonstrating the increasing international cooperation being deployed for the dismantling of one of the most persistent cybercrime groups. 

In describing the prosecution, Federal officials said it is part of an ongoing effort to combat increasingly sophisticated cybercrime activities that target U.S. organizations across a range of industries. In his remarks, Andrew S. Boutros, U.S. Attorney for the Northern District of Illinois, co-chair of the Acting Attorney General's White Collar, Cyber, and Crypto Subcommittee Advisory Committee, stated that the allegations of the Scattered Spider attack caused widespread disruption to businesses nationwide and highlighted the increased capabilities of cybercriminals operating across international borders driven by financial gain. 

The Justice Department has demonstrated its commitment to pursuing technologically advanced threat actors regardless of where they are located with the charges, he stressed. In support of this position, Brett Leatherman, Assistant Director of the FBI's Cyber Division, stated that the group has consistently used employee-focused extortion and network compromise campaigns, which have resulted in millions of dollars of financial losses and disruptions to critical business operations. 

According to him, the investigation illustrates the importance of coordinating the efforts of domestic and international law enforcement to identify, disrupt, and prosecute cybercriminals, wherever they operate. The superseding criminal complaint alleges that Stokes is associated with several cyber intrusions allegedly conducted by his online alias "Bouquet," including activities that date back to his 16th year of age. 

A prosecutor contends that these activities were part of Scattered Spider's overall intrusion campaign, which also includes Octo Tempest, UNC3944, and 0ktapus, which are also tracked by security researchers. According to the investigation, the group compromised more than 100 networks by using highly targeted social engineering techniques, enabling the deployment of ransomware, data theft, and extortion schemes that collectively resulted in over $100 million in ransom payments as well as millions more in recovery costs for the organizations affected.

The complaint details a number of incidents in which Stokes and his co-conspirators allegedly breached a luxury jewelry retailer's network in May 2025, exfiltrating sensitive corporate data and demanding approximately $8 million in cryptocurrency. According to reports, the company declined to negotiate with the attackers, removed them from its environment, and incurred remediation expenses ranging from $2 million to $3 million. 

Stokes was reportedly apprehended at Helsinki Airport as he attempted to board a flight to Japan, where Finnish law enforcement officials confiscated two 2-terabyte hard drives as part of the investigation. According to investigators, Scattered Spider is not a traditional hierarchical cybercrime syndicate, but rather a decentralized, English-speaking network of young threat actors operating throughout the United States, the United Kingdom, and Europe. 

In order to gain initial access, the attackers utilize sophisticated social engineering techniques rather than exploiting software vulnerabilities. In their investigations, investigators assert that Scattered Spider has consistently focused on human manipulation rather than technical exploitation. It has been reported that members impersonate legitimate employees when contacting corporate IT support desks, convincing them to reset their credentials or authorize their account access before moving laterally through compromised environments, exfiltrating sensitive data, and demanding payment under the threat of publication.

After the high-profile compromises of MGM Resorts and Caesars Entertainment in 2023, the group's techniques have come under scrutiny. The intrusion at MGM severely disrupted casino and hotel operations. Several security researchers have observed a sector-focused targeting strategy since then, connecting the collective with multiple campaigns against major UK retailers, including Marks & Spencer, Harrods, and Co-op before it moved on to target American insurance companies, followed by the aviation industry. 

A. Tysen Duva, assistant attorney general, pointed out that the collective was responsible for over 100 network intrusions resulting in over $100 million in ransom payments. It is important to note that Stokes' case also represents the culmination of a broader international law enforcement campaign that has relentlessly dismantled the individuals operating under the pseudonym Scattered Spider. 

During recent prosecutions, Scottish national Tyler Buchanan, 24, admitted to fraud and identity theft by admitting to his role in phishing campaigns targeting Twilio and LastPass. As a result, prosecutors stated that $8 million in cryptocurrency was stolen and carries a maximum sentence of 22 years in prison.

In addition, Florida-based member Noah Urban was sentenced in August 2025 to 10 years in prison as well as a $12 million fine, while U.K. citizens Thalha Jubair and Owen Flowers pleaded guilty in June 2026 in connection with the Transport for London hack in 2024. As indicated in court documents, Flowers admitted to conspiring to compromise the networks of U.S. healthcare providers SSM Health and Sutter Health, demonstrating how far prosecutions have spread in an effort to dismantle the group's international cybercrime network. 

Despite successive arrests disrupting Scattered Spider's operations, cybersecurity researchers caution that the group's tactics continue to affect the wider threat landscape. As a result of the law enforcement actions of 2025, Mandiant observed a temporary drop in activity; however, it also stated that other financially motivated threat groups have begun replicating the collective's social engineering approach. 

An important defensive lesson of the assessment is that identity verification processes are often the primary attack surface rather than perimeter security measures. It is recommended that assistance desk authentication procedures be strengthened and that phishing-resistant authentication methods, such as hardware-backed passkeys or security keys, be adopted as effective measures for limiting unauthorized access through credential reset abuse. 

According to a joint advisory issued by U.S. and international cybersecurity authorities, once the attackers gained initial access, they have reportedly been observed monitoring internal collaboration platforms and taking part in incident response calls as a way of tracking defensive actions in real-time and evading containment measures.

Researchers believe the digital evidence recovered during Stokes' arrest in Helsinki may provide valuable information about the group's broader infrastructure as well as potential associates. Even though Stokes remains presumed innocent until proven guilty in court, this latest extradition highlights a growing international enforcement effort that is demonstrating the inability of geographical distance, decentralized operations, and youth to provide reliable barriers to coordinated cybercrime prosecution. 

International authorities are increasingly combining cross-border investigations with coordinated prosecutions to pursue individuals behind sophisticated intrusion campaigns that can disrupt businesses and disrupt lives. Increasing sophistication in identity-based attacks requires organizations to strengthen authentication controls, harden help desk verification processes, and continuously monitor privileged access in order to reduce the impact of increasingly sophisticated social engineering tactics.

Accenture Buys Cybersecurity Firms Dragos, runZero, NetRise for $4.18 Billion

 

In a landmark move to fortify its cybersecurity capabilities, Accenture has announced a $4.18 billion deal to acquire a majority stake in industrial cybersecurity leader Dragos, alongside full ownership of asset intelligence firm runZero and device security specialist NetRise. This strategic acquisition spree underscores Accenture’s ambition to expand beyond traditional consulting services and establish itself as a comprehensive provider of software-driven cybersecurity solutions, particularly for critical infrastructure sectors vulnerable to AI-powered cyber threats and geopolitical risks. 

The timing of the deal reflects both opportunity and necessity. While global consulting demand has softened—partly due to the ongoing Iran war impacting Middle East operations—cybersecurity remains a high-growth domain with surging client investment. Accenture, already operating a $10 billion cybersecurity business, sees industrial and operational technology (OT) security as a key frontier. By integrating Dragos’s OT threat monitoring, runZero’s real-time asset discovery, and NetRise’s embedded device security, the firm aims to deliver end-to-end protection for energy grids, manufacturing facilities, transportation systems, and other mission-critical environments increasingly targeted by state-sponsored and criminal hackers.

Dragos brings deep expertise in securing industrial control systems, with a platform widely used by utilities and heavy industries to detect and respond to OT-specific threats. runZero complements this with advanced asset intelligence, enabling organizations to maintain accurate, dynamic inventories of all connected devices—a foundational requirement for effective cybersecurity in complex, hybrid IT-OT environments. NetRise adds another critical layer by securing firmware and embedded systems, which are often overlooked but increasingly exploited attack vectors. Combined, these three companies contribute approximately $208 million in annual recurring revenue and significantly enhance Accenture’s software-led service portfolio. 

The transactions are structured to close by August or September 2026, subject to regulatory approvals and standard closing conditions. Accenture’s majority stake in Dragos—rather than full acquisition—suggests a collaborative approach that preserves the firm’s entrepreneurial agility while leveraging Accenture’s global scale and client network. Full ownership of runZero and NetRise, meanwhile, allows deeper integration into Accenture’s existing cybersecurity and cloud practices. This hybrid model reflects a broader industry shift where consultancies blend strategic partnerships with outright acquisitions to rapidly scale niche capabilities without disrupting innovation cultures. 

For the cybersecurity market, Accenture’s move signals intensifying competition among large professional services firms to capture share in the booming industrial security segment. Enterprises, especially in critical infrastructure, stand to benefit from more integrated offerings that combine strategy, implementation, threat intelligence, and managed services under a single provider. However, investor reaction has been cautious, with Accenture’s shares dropping over 13% following the announcement, partly due to weaker-than-expected quarterly guidance tied to geopolitical headwinds. Still, the $4.18 billion bet highlights Accenture’s long-term conviction that cybersecurity—particularly in the industrial realm—will remain a cornerstone of digital transformation and risk management in the AI era.

Researchers Warn of Unpatched Argo CD Flaw That Enables Cluster Takeover

 


Organizations using Argo CD to automate application deployments on Kubernetes are being urged to review their network configurations after security researchers disclosed an unpatched vulnerability that could allow attackers to execute arbitrary code on the platform's repo-server component and ultimately seize control of an entire Kubernetes cluster.

The vulnerability was identified by French cybersecurity firm Synacktiv, which says the issue affects the repo-server, a core Argo CD service responsible for retrieving application source code from Git repositories and converting it into Kubernetes manifests before workloads are deployed. Because the repo-server sits at the center of the GitOps deployment process, compromising it gives an attacker an opportunity to interfere with how applications are delivered throughout the cluster.

According to the researchers, exploitation does not require authentication. An attacker only needs network access to the repo-server's internal gRPC service, which accepts requests from other Argo CD components but does not verify the identity of the caller. Once that communication channel becomes reachable, a specially crafted request can be used to trigger remote code execution on the vulnerable service.

Synacktiv reported the vulnerability to the Argo CD maintainers in January 2025 through a responsible disclosure process. However, roughly eighteen months later, the issue remains unresolved, with no official security patch or CVE identifier assigned. The researchers chose to disclose their findings publicly to give administrators time to strengthen their deployments while awaiting a permanent fix.

At the center of the attack is Argo CD's repo-server, which continuously retrieves application definitions stored in Git repositories and prepares them for deployment by generating Kubernetes manifests. These manifests describe the desired state of applications, including containers, services, networking, storage, and other deployment configurations that Kubernetes uses to build and manage workloads. Since every deployment passes through this component, gaining control of the repo-server can provide attackers with extensive influence over the software being deployed inside a cluster.

The vulnerability stems from an unauthenticated internal gRPC interface exposed by the repo-server. gRPC is a high-performance communication framework commonly used for communication between services inside distributed applications. In Argo CD's design, the interface is intended for trusted internal communication. However, Synacktiv found that the service performs no authentication checks, allowing any system capable of reaching the port to submit requests that the repo-server will process.

The researchers demonstrated the attack against Argo CD version 2.13.3. They noted that no patched release currently exists and did not publish a complete list of affected versions, leaving administrators without a definitive inventory of vulnerable deployments.

To achieve code execution, the attack abuses Kustomize, a Kubernetes configuration management tool that Argo CD relies on to generate deployment manifests. Kustomize can also invoke Helm, another widely used package manager for Kubernetes, through the "--helm-command" option that specifies which executable should be launched.

Instead of directing Kustomize to the legitimate Helm binary, Synacktiv discovered that an attacker can send a malicious GenerateManifest request instructing it to execute a script stored inside an attacker-controlled Git repository. When Kustomize begins processing the deployment, it unknowingly launches the attacker's script in place of Helm, providing arbitrary code execution within the repo-server environment.

Although the vulnerable interface is intended to remain internal, the researchers warn that internal services should not automatically be considered secure. Kubernetes clusters frequently host dozens or even hundreds of interconnected workloads, and a compromise affecting a single pod can become the starting point for lateral movement if internal communication is not properly restricted.

Argo CD includes Kubernetes NetworkPolicy resources designed to limit access to sensitive services such as the repo-server and Redis. However, Synacktiv found that these protections are disabled by default when Argo CD is deployed using its Helm chart because the "networkPolicy.create" option is set to "false". As a result, installations that rely on the default configuration may unintentionally leave the repo-server reachable from other workloads running inside the cluster.

In such environments, compromising a single pod may be enough for an attacker to contact the repo-server and exploit the vulnerability.

The researchers also demonstrated that remote code execution represents only the beginning of the attack chain. After obtaining execution on the repo-server, they extracted the Redis password stored in an environment variable, authenticated to Argo CD's Redis instance, and modified cached deployment information. When Argo CD later performed its routine synchronization with the Git repository, the poisoned cache caused the platform to deploy an attacker-controlled workload instead of the intended application.

According to Synacktiv, this technique effectively revives a previously addressed weakness tracked as CVE-2024-31989. That earlier vulnerability, discovered by Cycode, exposed Argo CD deployments where Redis lacked password protection, allowing any pod inside the cluster to manipulate deployment cache data. Although Argo CD later introduced Redis password protection to address that issue, the cache contents themselves remain unsigned. By stealing the Redis credentials through the newly disclosed repo-server vulnerability, attackers can once again tamper with deployment data and recreate a similar compromise path.

With no software update currently available, researchers recommend treating network segmentation as the primary line of defense. Administrators should enable Kubernetes NetworkPolicy rules to ensure that only legitimate Argo CD components can communicate with the repo-server and Redis services. Organizations deploying Argo CD through Helm should verify that these policies have been explicitly enabled rather than relying on the chart's default configuration.

Administrators can inspect active network policies by running:

"kubectl get networkpolicy -A"

A properly secured deployment should display dedicated network policies protecting each Argo CD component, including both the repo-server and Redis. Missing policies may indicate that sensitive internal services remain accessible to other workloads inside the cluster.

To help organizations evaluate their exposure, Synacktiv developed a proof-of-concept tool named argo-cdown, capable of automating the complete attack chain. The researchers have postponed its public release to provide defenders with additional time to secure vulnerable environments. The tool is expected to be published on GitHub later, allowing administrators to validate the effectiveness of their own security controls.

The newly disclosed vulnerability is the latest in a series of security issues affecting Argo CD's privileged position within Kubernetes environments. In September 2025, the project patched CVE-2025-55190 after researchers found that an API token with only basic read permissions could retrieve Git repository credentials associated with a project. Several months later, in May 2026, another flaw tracked as CVE-2026-42880 enabled read-only users to access plaintext Kubernetes secrets.

Taken together, these incidents point to a recurring challenge rather than isolated implementation flaws. Argo CD occupies one of the most privileged positions within Kubernetes deployments, maintaining access to source repositories, deployment pipelines, cluster resources, and sensitive credentials. As a result, weaknesses affecting its internal services can quickly become pathways to broader infrastructure compromise.

Until an official patch becomes available, organizations should assume that internal cluster traffic cannot always be trusted. Restricting communication between workloads, enabling Kubernetes NetworkPolicy protections, and limiting access to critical Argo CD services remain the most effective measures for reducing exposure to this newly disclosed attack technique.

WhatsApp Tests New Android Chat Backup Management Feature to Improve Google Drive Storage Control

 

Managing WhatsApp backups on Android might become significantly easier in the future as the messaging platform prepares new solutions to give users more control over their data. The upcoming update will allow people to organize and delete old backups, thus saving space on their devices and ensuring a better management of information stored on Google Drive. 

WhatsApp has been working on the tool for quite some time, while it has not been publicly available yet. Reporters found out about the future feature as they explored the latest beta version of the app. The new tool will appear in the Backup section and will enable users to delete old backups directly from WhatsApp, thus providing more space for data stored on Google Drive. 

This update will make managing storage much easier for millions of Android users who experience difficulties deleting excess data from Google Drive. The update comes as WhatsApp continues working on new ways to improve its cloud backup system. Last year, reporters learned about the company’s plan to create its cloud storage system. That way, WhatsApp users will be able to store their backups on Google Drive or the company’s cloud. 

According to the publication, WhatsApp’s storage will offer 2 gigabytes of space for free, and an additional 10 gigabytes can be acquired for a small fee. Moreover, regardless of the storage method, WhatsApp backups will be end-to-end encrypted. The encryption can be supplemented by a passkey, a regular password, or a 64-digit code. At the same time, WhatsApp has not abandoned its reliance on Google Drive. The application updates in 2021 demonstrated Android users’ demand for more control over their WhatsApp backups. 

Developers worked on ways to meet the users’ requirements and made the new in-app management system more accessible by adding shortcuts to Google Drive’s management system and Android’s built-in settings. In the same vein, Google has also been working on ways to provide more convenience and flexibility for Android users. Recently, Android users have received an additional tool to manage WhatsApp backups. 

With version 26.23 of Google Play Services, users gained the ability to view and control their WhatsApp backups directly from their device’s Settings menu. Thus, the Settings page now offers access to WhatsApp backups without having to open the messaging app. Right now, WhatsApp users can back up their chats, media files, voice notes, and other content to Google Drive. The application can automatically perform backups every day, weekly, or monthly. 

To restore a backup, one has to reinstall WhatsApp on their device and log in with their Google and WhatsApp account. The upcoming update will allow Android users to manage backups directly in WhatsApp, complementing Google’s newly introduced settings. The new system for managing WhatsApp backups will enable Android users to delete unwanted backups directly inside the application. 

That way, the update will enable more control over the backups, which will help the users that have multiple devices or simply change their smartphones too often. Having more than one phone results in multiple backups, whereas excessive WhatsApp backups consume more space on Google Drive. Though WhatsApp has not announced when the update will be released, it should come in the near future. 

After Google released its new system that allows Android users better control over WhatsApp backups, the update can be available to users soon. If the update arrives in 2022, Android users will appreciate the additional flexibility and convenience of managing their WhatsApp backups while keeping their data safe and secure.

Hackers Breached Kubota, Employee Data Compromised


Kubota North America Corporation revealed that threat actors compromised its network systems and accessed few resources for over a month in the beginning of 2026.

After an investigation of the breach, the organization discovered that between March and April, the hacker accessed files carrying personal data of employees.

About Kubota 

It is a Japanese industrial manufacturer famous for its construction and agricultural work. Kubota has plants in 120 counties and currently employs over 52,000 people. Kubota has an annual revenue of $20 billion.

The North American division consists of facilities that make utility vehicles, tractors, and mowers. 

About the data leak

“We discovered that files maintained by our human resources team were accessed as part of this incident. We carefully reviewed these files, and on June 16, 2026, we determined that one or more files may have contained personal information related to certain employees and their dependents,” Kubota reported on its site.

What may have been leaked?

As per the announcement posted on the Kubota USA portal, the following employee information may have been revealed:

  • Social security numbers (for dependents too)
  • Full employee names (for dependents too)
  • Dates of birth (for dependents too)
  • IDs of taxpayers
  • Bank account details of direct deposit
  • Corporate payment card details
  • Benefits enrollment data and limited claims information (for dependents too)
  • Driver’s license details or other government IDs

Attack tactic

The specific data that was exposed varies per person. Kubota also started sending personalised mails to inform the individuals about the exact impact on them.

The notification information consists step by step instructions for using Kroll identity protection to help the targets address the threats coming from the leak of their personal data. 

Kubota has specially advised people to look out for bank accounts and  healthcare related statements and promptly report any malicious activity to the concerned authorities.

Safety measures

Kubot has implemented robust security measures to avoid such incidents from happening in the future. 

No cybercrime gangs, data extortion gangs, or ransomware gangs have claimed responsibility for the Kubota breach.

Kubota did not report any operational or business disruptions due to the breach.

On ensuring employee safety, Kubota said, “We take the privacy and confidentiality of our employees’ information very seriously. To help prevent something like this from happening again, we have taken and will continue to take steps to further enhance our existing security measures.” 

Medtronic Alerts Customers After Data Breach Exposes Personal Information

 

Healthcare technology company Medtronic has started informing affected customers about a cybersecurity incident that resulted in unauthorized access to their personal information.

The company had earlier disclosed that its corporate IT infrastructure had been compromised by hackers. The cyber extortion group ShinyHunters later claimed responsibility for the attack, alleging it had obtained around 9 million records containing personally identifiable information (PII) and internal corporate data.

According to the notification shared by the company, “On April 15, 2026, Medtronic became aware of unusual activity on certain corporate IT systems.”

The notice further states, “Medtronic launched an investigation with the assistance of leading third-party cybersecurity experts to determine the impact and scope of the incident.”

Following the investigation, the company concluded that “The investigation determined that from April 13 to April 19, 2026, an unauthorized actor accessed certain Medtronic corporate IT systems.”

The information that may have been exposed includes:

  • Full name

  • Contact information

  • Date of birth

  • Social Security number

  • Health-related information

ShinyHunters is known for publishing stolen information when ransom demands are not met. The group reportedly added Medtronic to its dark web leak site on April 18, claiming it possessed more than 9 million records and warning that the data would be released if a ransom was not paid by April 21.

However, the listing disappeared from the group's portal later that month. In its customer notification, Medtronic clarified that the compromised data has not been made publicly available online.

Medtronic operates in over 150 countries and employs approximately 95,000 people, generating annual revenue of around $33.5 billion.

Despite the breach involving customer information, the company has reassured users that its medical devices continue to operate safely and were not impacted by the cybersecurity incident.

Customers receiving breach notifications are being encouraged to enroll in the company's complimentary 24-month credit monitoring and identity theft protection program to reduce potential risks.

The company has also advised affected individuals to stay alert for suspicious emails, messages, or calls that could exploit the exposed information for phishing, social engineering, or other fraudulent activities. Customers are also encouraged to regularly review their account activity for any signs of unauthorized access.