Issues

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Over 100 VS Code extensions leaked access tokens, allowing potential distribution of malicious updates, risking over 150,000 installations. Wiz security identified 550 hard-coded secrets across more than 500 extensions, including major service providers' secrets. Users are advised to limit extensions and enforce scrutiny to mitigate risks. Additionally, a threat actor, TigerJack, published malicious extensions disguised as legitimate ones to exploit unsuspecting developers, reinforcing the vulnerabilities in extension security across platforms. Microsoft is enhancing security measures but warns of risks outside its marketplace.

https://thehackernews.com/2025/10/over-100-vs-code-extensions-exposed.html

How AI-powered Ransomware Could Destroy Your Business

,

AI-powered ransomware presents a significant threat to businesses, demonstrated by the collapse of KNP Logistics after a ransomware attack exploiting weak passwords. AI techniques like generative adversarial networks (GANs) enhance password cracking, making traditional defenses ineffective. Organizations must adopt robust security measures, including password managers, employee training, and multi-factor authentication, to mitigate these risks. The evolution of AI in cybercrime necessitates a reevaluation of security protocols to combat increasingly sophisticated attacks.

https://www.theregister.com/2025/10/16/machine_learning_meets_malware/

F5 Security Incident

F5 reported a security incident involving a nation-state threat actor accessing and exfiltrating files from their BIG-IP product development environment in August 2025. They confirmed some BIG-IP source code was taken, but no critical vulnerabilities were disclosed or exploited. F5 is updating their software, engaging cybersecurity experts, and implementing security measures. They advise customers to update systems, enhance monitoring, and utilize available resources to strengthen security. Ongoing efforts aim to improve the overall security posture and regain customer trust.

https://my.f5.com/manage/s/article/K000154696

New Pixnapping Attack Steals 2FA Codes From Google Authenticator Within 30 Seconds

,

New Pixnapping attack on Android devices can steal 2FA codes from Google Authenticator in under 30 seconds. It exploits hardware vulnerabilities in GPUs and Android APIs without needing special permissions. The attack bypasses traditional app security, can capture sensitive data from various apps, and has both Google and Samsung addressing the issue. Users are urged to update devices and monitor app behavior to mitigate risks.

https://cybersecuritynews.com/pixnapping-attack/

Why Signal’s Post-quantum Makeover Is an Amazing Engineering Achievement

Signal Protocol has undergone a significant update to enhance its quantum resistance, crucial as quantum computing could undermine current encryption methods. The upgrade introduces a third “Sparse Post Quantum Ratchet” (SPQR), ensuring secure messaging against potential quantum attacks. This complex engineering feat maintains its robust performance while adapting to the challenges posed by larger quantum-safe keys and asynchronous messaging environments. The result is a groundbreaking achievement in cryptography, ensuring user security remains intact amid future technological threats.

https://arstechnica.com/security/2025/10/why-signals-post-quantum-makeover-is-an-amazing-engineering-achievement/

AI Models Can Acquire Backdoors From Surprisingly Few Malicious Documents

AI models can develop backdoor vulnerabilities from just 250 malicious documents, contrary to previous belief that larger models require proportional amounts. Research shows models of varying sizes, from hundreds of millions to billions of parameters, learned the same backdoor behavior from a small number of poisoned examples. This vulnerability can facilitate actions like generating gibberish on encountering trigger phrases. While the risk is evident, successful defenses exist with adequate clean training data, indicating the need for improved security practices against targeted data poisoning attacks.

https://arstechnica.com/ai/2025/10/ai-models-can-acquire-backdoors-from-surprisingly-few-malicious-documents/

How Your AI Chatbot Can Become a Backdoor

AI chatbots enhance business interactions but pose risks as backdoors to sensitive data. A multi-layered defense is essential for AI security, as no single protective measure suffices. Trend Micro emphasizes the importance of comprehensive protection across the AI ecosystem to mitigate risks associated with new technologies. The article explores vulnerabilities in an AI attack chain.

https://www.trendmicro.com/en_us/research/25/j/ai-chatbot-backdoor.html

Too Salty to Handle: Exposing Cases of CSS Abuse for Hidden Text Salting

Cisco Talos reports on hidden text salting in emails—using CSS to conceal irrelevant content for evasion of spam detection. The technique recently highlighted shows frequent use in spam versus legitimate messages. Four key areas where salt is inserted include the preheader, header, attachments, and body of emails. Common methods involve manipulating CSS properties like font size, visibility, and display, complicating detection efforts. Hidden text salting undermines email security solutions and requires enhanced filtering and detection strategies to mitigate risks effectively.

https://blog.talosintelligence.com/too-salty-to-handle-exposing-cases-of-css-abuse-for-hidden-text-salting/

New Cybersecurity Survey 2025: AI, Scam Fears and Fraud Risks

,

Mastercard is a global payments technology company offering various credit, debit, and prepaid cards with security and payment solutions. A recent survey reveals many consumers feel more insecure about online safety than home security, with significant anxiety about cyber threats and AI-generated scams. Younger generations are more susceptible to online fraud but express confidence in their threat detection abilities. Trust and security are critical for digital economies, and collaboration between human intuition and AI is essential for effective cybersecurity.

https://www.mastercard.com/global/en/news-and-trends/stories/2025/consumer-cybersecurity-survey.html

They Traveled to Thailand. They Wound up Cyber Scam Slaves in Myanmar.

A commercial flight from Ethiopia to Bangkok leads Oly, a 39-year-old I.T. consultant, into a human trafficking scheme. Victims at scam centers in Myanmar, run by Chinese gangs, are forced into online fraud operations. Oly is misled by fake immigration officials and abducted upon arrival, eventually ending up in KK Park, a notorious scam enclave. He and others endure grueling work conditions, violence, and exploitation. Some manage to escape, but rescuers face challenges aiding victims. Despite efforts to shut down centers, thousands remain trapped in ongoing scams, with victims suffering severe mistreatment and public authorities denying involvement.

https://www.reuters.com/graphics/SOUTHEASTASIA-SCAMS/mypmxwdwwvr/

Intel and AMD Trusted Enclaves, a Foundation for Network Security, Fall to Physical Attacks

Intel and AMD's Trusted Execution Enclaves (TEEs) are foundational for cloud security but are vulnerable to physical attacks, as shown by researchers who revealed two new exploits: Battering RAM and Wiretap. These attacks exploit deterministic encryption used in TEEs, allowing attackers to view or manipulate encrypted data. Battering RAM enables active decryption and manipulation, while Wiretap permits passive decryption. Both exploits highlight significant design flaws in TEE security, raising concerns as cloud services rely on these protections. Solutions would require fundamental changes to encryption methods, which are currently unclear.

https://arstechnica.com/security/2025/09/intel-and-amd-trusted-enclaves-the-backbone-of-network-security-fall-to-physical-attacks/

Abusing Notion’s AI Agent for Data Theft

Notion's AI 3.0 is vulnerable to data theft via prompt injection, exploiting its access to private data and ability to communicate externally. Attackers can hide malicious prompts in documents, instructing the AI to extract and send sensitive information. The fundamental issue is that the LLM can't distinguish between legitimate commands and harmful inputs, posing significant security risks. Deploying AI agents without considering these vulnerabilities is reckless.

https://www.schneier.com/blog/archives/2025/09/abusing-notions-ai-agent-for-data-theft.html

Scroll to Top