In today’s cybersecurity news…
Copilot AI knocks down cybercrime tools
Microsoft says its Copilot AI helped investigators connect two widely used cybercrime tools, Amadey and StealC, letting the company disrupt their shared infrastructure and file a single lawsuit under the Racketeer Influenced and Corrupt Organizations (RICO) Act, a U.S. law designed to prosecute organized criminal enterprises. Microsoft says the malware was linked to more than 140,000 infected computers in the first two weeks of May. The case shows how AI is helping investigators uncover connections across cybercrime networks that might otherwise be missed. (Bloomberg)
Hackers exploit Cisco zero-day
Google-owned Mandiant says attackers exploited a previously unknown zero-day flaw in Cisco’s Catalyst SD-WAN Manager to gain root-level access to a communications service provider, potentially giving them broad visibility into traffic across the company’s network. Cisco patched the vulnerability earlier this month, but Mandiant says the attackers used sophisticated anti-forensics techniques to hide their activity, highlighting how unpatched edge networking devices are a favorite target for advanced cyberespionage groups. (CyberScoop)
China’s 360 says it matches Anthropic’s Mythos
Chinese cybersecurity company 360 says it’s developed AI tools designed to match Anthropic’s vulnerability-finding model Mythos, arguing that China needs comparable capabilities after the U.S. restricted exports of the technology over national security concerns. The company claims its “Tulongfeng” system has already found more than 3,400 software vulnerabilities, though Reuters says it couldn’t independently verify those claims. What we do know is that AI-powered cybersecurity tools are now part of the broader U.S.-China technology competition. (Reuters)
CISA warns of Lantronix exploit
CISA is warning that attackers are actively exploiting a critical remote code execution flaw in Lantronix EDS5000 devices that can let attackers execute arbitrary commands with root privileges by injecting commands into the username field during failed logins. The agency also confirmed active exploitation of three critical Ubiquiti UniFi OS vulnerabilities that can be chained to gain full root access, urging organizations to apply the available patches as attackers continue targeting network infrastructure devices. (The Hacker News)
Huge thanks to our sponsor, Guardsquare
Malicious OpenClaw skills threaten AI supply chain
Palo Alto Networks’ Unit 42 researchers found five malicious third-party skills in the OpenClaw AI marketplace that bypassed automated security scans and could steal credentials, evade detection, or manipulate AI agents for financial fraud. The skills have since been removed, but the researchers say the incident highlights a growing AI supply chain risk, where seemingly legitimate plugins can abuse the broad access AI agents have to local files, credentials, and connected services. (Dark Reading)
AI browsers get tricked into leaks
LayerX researchers say they found a new attack, dubbed “BioShocking,” that tricks AI-powered browsers and assistants into abandoning their safety rules by convincing them they’re playing a fictional game. In tests against six AI browsers and extensions, including OpenAI’s ChatGPT Atlas, Perplexity Comet, and Anthropic’s Claude extension, every agent was persuaded to copy and exfiltrate login credentials from authenticated accounts. It’s a new form of prompt injection that exploits an AI agent’s understanding of context, but not a true vulnerability. (Infosecurity Magazine)
The march toward quantum-safe security
New data from Forescout Research’s Vedere Labs finds that organizations are making progress toward post-quantum cryptography, but the majority of internet-facing systems aren’t prepared for quantum-era threats. The number of SSH servers supporting quantum-resistant cryptography grew 72% over the past year, but only 11.8% are currently PQC-capable. Researchers warn that organizations need to start identifying and prioritizing quantum-vulnerable encryption now because migrating to quantum-safe systems is expected to take years. (ITSecurity Guru)
New triage model reduces supply chain risk
Researcher Devashri Datta has proposed a new framework called AIVEX that adds AI-specific safety and operational context to existing software vulnerability scoring, arguing that today’s CVSS severity ratings don’t capture the real-world risks of AI systems. The model, which is already being adopted by security vendors including Flexera and Anchore, is designed to help organizations prioritize vulnerabilities based not just on how severe they are, but on whether exploiting them could affect safety-critical AI systems such as autonomous vehicles, robots, or critical infrastructure. (SecurityWeek)