The overnight popularity of DeepSeek, an artificial intelligence (AI) platform originating from China, has led to extensive scrutiny of its models. The AI chatbot has also been targeted by what the company said were “large-scale malicious attacks,” prompting it to temporarily limit user registrations. The service has since been banned in Italy over data protection concerns.
Texas Republican Governor Greg Abbott has also banned DeepSeek for government-issued devices. A series of law enforcement operations have taken down various online marketplaces that sold hack tools, illegal goods, and crimeware solutions. Millions of users are estimated to have been impacted, earning the threat actors hundreds of thousands of dollars in illegal revenues.
Apple released software updates for iOS, iPadOS, macOS, tvOS, visionOS, and watchOS to address a security flaw (CVE-2025-24085) that has been exploited in the wild. The flaw is a use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate privileges. There are currently no details available on how it has been weaponized in real-world attacks, who may have been targeted, and the scale of the attacks.
Meta-owned WhatsApp disclosed it disrupted a campaign that involved the use of spyware owned by an Israeli company named Paragon Solutions. The attack chain is said to be zero-click, meaning the deployment of the spyware occurs without requiring any user interaction.
Experts discuss AI cybersecurity threats
The company noted the targets were spread across over two dozen countries, including several in Europe. This is the first time Paragon, which claims to provide “ethically based tools” to “disrupt intractable threats,” has been linked to spyware misuse. A Mirai botnet variant dubbed Aquabot is actively attempting to exploit a medium-severity security flaw impacting Mitel phones to ensnare them into a rogue network capable of mounting distributed denial-of-service (DDoS) attacks.
The flaw (CVE-2024-41710), a command injection vulnerability that allows for arbitrary command execution within the context of the phone, was addressed by Mitel in July 2024. A hacking group tracked as UAC-0063 has been linked to a series of attacks that involve the use of documents stolen from one victim to target others and infect them with a known loader malware called HATVIBE. The attacks also involved the deployment of a newly discovered USB data exfiltrator codenamed PyPlunderPlug in at least one incident targeting a German company in mid-January 2023.
Microsoft said it’s adding a new scareware blocker to its Edge browser to defend against tech support scams that use fake web pages to fool victims into thinking their systems are infected with malware. The scareware blocker uses a machine learning model to recognize the tell-tale signs of scareware scams and puts users back in control of their computer. Brazilian data privacy regulators have prohibited Tools for Humanity, a biometric identity company co-founded by OpenAI CEO Sam Altman, from offering compensation to citizens for iris scans, citing concerns over interference with a person’s decision to grant consent for access to sensitive personal data.
A new study by researchers from the Indian Institute of Technology Kharagpur and Intel has uncovered a critical flaw in Intel’s Trust Domain Extensions (TDX) technology that breaks the isolation between the Virtual Machine Manager (VMM) and Trust Domains (TD), compromising their confidentiality and integrity. An unknown threat actor is targeting script kiddies by distributing a trojanized version of the builder through GitHub repositories, file-sharing services, Telegram channels, and YouTube videos. The malware uses Telegram as its command-and-control (C&C) infrastructure, compromising over 18,459 devices globally.
Cameron is a highly regarded contributor in the rapidly evolving fields of artificial intelligence (AI) and machine learning. His articles delve into the theoretical underpinnings of AI, the practical applications of machine learning across industries, ethical considerations of autonomous systems, and the societal impacts of these disruptive technologies.
