Cybersecurity.watch

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Oct 21 2025

Europol disrupted a SIM farm network enabling the creation of 49 million fake accounts used for various cybercrimes, including phishing and fraud. The operation led to seven arrests and the seizure of equipment and funds across multiple countries, revealing significant financial fraud impacts. The network provided services for anonymous communication and facilitated numerous criminal activities worldwide.

https://thehackernews.com/2025/10/europol-dismantles-sim-farm-network.html

You Only Need $750 of Equipment to Pilfer Data From Satellites, Researchers Say

vulnerability

Oct 20 2025

Researchers found that many satellite communications, including sensitive data from cell phone carriers and militaries, are transmitted unencrypted. A study from UCSD and the University of Maryland revealed that half of the analyzed signals were vulnerable, allowing interception of communications like calls and texts. The researchers used a simple $750 setup to collect this data, warning that companies underestimated potential threats to satellite security. Fixed vulnerabilities have since been confirmed for some affected organizations.

https://gizmodo.com/satellites-are-exposing-unprotected-cellphone-and-military-data-study-finds-2000672091

AI Makes Phishing 4.5x More Effective, Microsoft Says

ai, phishing

Oct 20 2025

Microsoft's report reveals AI enhances phishing emails, boosting click rates from 12% to 54% and potentially increasing profitability by 50 times. Cybercriminals exploit AI for targeted attacks, utilizing tools like voice cloning and deepfakes. Nation-state actors are also adopting AI for cyber operations. Additionally, new tactics like “ClickFix” have emerged, allowing attackers to manipulate users into executing malware. Overall, AI significantly alters phishing strategies, making attacks more efficient and harder to detect.

https://www.theregister.com/2025/10/16/ai_makes_phishing_45x_more_effective/

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

supply chain

Oct 20 2025

Over 100 VS Code extensions leaked access tokens, allowing potential distribution of malicious updates, risking over 150,000 installations. Wiz security identified 550 hard-coded secrets across more than 500 extensions, including major service providers' secrets. Users are advised to limit extensions and enforce scrutiny to mitigate risks. Additionally, a threat actor, TigerJack, published malicious extensions disguised as legitimate ones to exploit unsuspecting developers, reinforcing the vulnerabilities in extension security across platforms. Microsoft is enhancing security measures but warns of risks outside its marketplace.

https://thehackernews.com/2025/10/over-100-vs-code-extensions-exposed.html

How AI-powered Ransomware Could Destroy Your Business

ai, vulnerability

Oct 17 2025

AI-powered ransomware presents a significant threat to businesses, demonstrated by the collapse of KNP Logistics after a ransomware attack exploiting weak passwords. AI techniques like generative adversarial networks (GANs) enhance password cracking, making traditional defenses ineffective. Organizations must adopt robust security measures, including password managers, employee training, and multi-factor authentication, to mitigate these risks. The evolution of AI in cybercrime necessitates a reevaluation of security protocols to combat increasingly sophisticated attacks.

https://www.theregister.com/2025/10/16/machine_learning_meets_malware/

F5 Security Incident

incident

Oct 17 2025

F5 reported a security incident involving a nation-state threat actor accessing and exfiltrating files from their BIG-IP product development environment in August 2025. They confirmed some BIG-IP source code was taken, but no critical vulnerabilities were disclosed or exploited. F5 is updating their software, engaging cybersecurity experts, and implementing security measures. They advise customers to update systems, enhance monitoring, and utilize available resources to strengthen security. Ongoing efforts aim to improve the overall security posture and regain customer trust.

https://my.f5.com/manage/s/article/K000154696

New Pixnapping Attack Steals 2FA Codes From Google Authenticator Within 30 Seconds

google, vulnerability

Oct 15 2025

New Pixnapping attack on Android devices can steal 2FA codes from Google Authenticator in under 30 seconds. It exploits hardware vulnerabilities in GPUs and Android APIs without needing special permissions. The attack bypasses traditional app security, can capture sensitive data from various apps, and has both Google and Samsung addressing the issue. Users are urged to update devices and monitor app behavior to mitigate risks.

https://cybersecuritynews.com/pixnapping-attack/

CamoLeak: Critical GitHub Copilot Vulnerability Leaks Private Source Code

ai, vulnerability

Oct 14 2025

Legit recently reported a critical vulnerability in GitHub Copilot Chat that allowed exfiltration of secrets and code from private repos via remote prompt injection, leading to unauthorized access and code suggestions. GitHub has since fixed this vulnerability.

https://www.legitsecurity.com/blog/camoleak-critical-github-copilot-vulnerability-leaks-private-source-code

Why Signal’s Post-quantum Makeover Is an Amazing Engineering Achievement

post-quantum

Oct 14 2025

Signal Protocol has undergone a significant update to enhance its quantum resistance, crucial as quantum computing could undermine current encryption methods. The upgrade introduces a third “Sparse Post Quantum Ratchet” (SPQR), ensuring secure messaging against potential quantum attacks. This complex engineering feat maintains its robust performance while adapting to the challenges posed by larger quantum-safe keys and asynchronous messaging environments. The result is a groundbreaking achievement in cryptography, ensuring user security remains intact amid future technological threats.

https://arstechnica.com/security/2025/10/why-signals-post-quantum-makeover-is-an-amazing-engineering-achievement/

AI Models Can Acquire Backdoors From Surprisingly Few Malicious Documents

Oct 13 2025

AI models can develop backdoor vulnerabilities from just 250 malicious documents, contrary to previous belief that larger models require proportional amounts. Research shows models of varying sizes, from hundreds of millions to billions of parameters, learned the same backdoor behavior from a small number of poisoned examples. This vulnerability can facilitate actions like generating gibberish on encountering trigger phrases. While the risk is evident, successful defenses exist with adequate clean training data, indicating the need for improved security practices against targeted data poisoning attacks.

https://arstechnica.com/ai/2025/10/ai-models-can-acquire-backdoors-from-surprisingly-few-malicious-documents/

How Your AI Chatbot Can Become a Backdoor

Oct 10 2025

AI chatbots enhance business interactions but pose risks as backdoors to sensitive data. A multi-layered defense is essential for AI security, as no single protective measure suffices. Trend Micro emphasizes the importance of comprehensive protection across the AI ecosystem to mitigate risks associated with new technologies. The article explores vulnerabilities in an AI attack chain.

https://www.trendmicro.com/en_us/research/25/j/ai-chatbot-backdoor.html

Who Owns Express VPN, Nord, Surfshark? VPN Relationships Explained

vpn

Oct 9 2025

VPN ownership and relationships examined, detailing ExpressVPN (owned by Kape Technologies), NordVPN (owned by Nord Security), and Surfshark (merging with NordVPN), along with affiliate dynamics and legal issues in the VPN market.

https://windscribe.com/blog/the-vpn-relationship-map/

Too Salty to Handle: Exposing Cases of CSS Abuse for Hidden Text Salting

Oct 8 2025

Cisco Talos reports on hidden text salting in emails—using CSS to conceal irrelevant content for evasion of spam detection. The technique recently highlighted shows frequent use in spam versus legitimate messages. Four key areas where salt is inserted include the preheader, header, attachments, and body of emails. Common methods involve manipulating CSS properties like font size, visibility, and display, complicating detection efforts. Hidden text salting undermines email security solutions and requires enhanced filtering and detection strategies to mitigate risks effectively.

https://blog.talosintelligence.com/too-salty-to-handle-exposing-cases-of-css-abuse-for-hidden-text-salting/

New Cybersecurity Survey 2025: AI, Scam Fears and Fraud Risks

payments, trends

Oct 7 2025

Mastercard is a global payments technology company offering various credit, debit, and prepaid cards with security and payment solutions. A recent survey reveals many consumers feel more insecure about online safety than home security, with significant anxiety about cyber threats and AI-generated scams. Younger generations are more susceptible to online fraud but express confidence in their threat detection abilities. Trust and security are critical for digital economies, and collaboration between human intuition and AI is essential for effective cybersecurity.

https://www.mastercard.com/global/en/news-and-trends/stories/2025/consumer-cybersecurity-survey.html

How to Detect Hidden Cameras: 8 Ways to Protect Your Privacy

privacy

Oct 6 2025

Extreme TLDR: Detect hidden cameras using visual inspections, Wi-Fi scans, smartphone IR checks, flashlight tests, RF detectors, lens finders, network searches, and sound detection. Report findings if necessary and ensure personal privacy against digital threats. Panda Security offers antivirus protection against broader cybersecurity risks.

https://www.pandasecurity.com/en/mediacenter/how-to-detect-hidden-camera/