Google disrupts China-linked UNC2814 espionage campaign after decade of stealth
Google says China-linked UNC2814 ran a decade-long espionage campaign, using a novel backdoor against 53 victims in 42 countries.
AI is shrinking attacker breakout time to four minutes, report says
ReliaQuest says AI-assisted attacks can reach breakout in four minutes and exfiltration in under 10, shrinking defender response time.
Refund fraud has become a repeatable underground business
Flare says refund fraud is now sold as a service, helping criminals exploit retailer returns and payment disputes at scale.
Anthropic says Chinese AI firms used Claude in distillation attacks
Anthropic says DeepSeek, Moonshot AI and MiniMax used Claude for unauthorized distillation to train competing AI models.
Over-privileged AI tied to 4.5 times higher incident rates, study finds
Teleport survey data suggests over-privileged AI systems are linked to a 76% incident rate and 4.5 times more security incidents.
Crypto payments linked to human trafficking jump 85%, Chainalysis warns
Chainalysis says crypto payments linked to human trafficking rose 85%, driven by scam compounds and fraud operations using forced labor.
North Korean hackers use deepfake video calls to target crypto firms
North Korean hackers reportedly use stolen Telegram accounts, fake Zoom calls and ClickFix lures to infect crypto firms with infostealers.
Singapore takes down Chinese hackers targeting telco networks
Singapore says Operation Cyber Guardian disrupted China-linked hackers targeting telecom networks, underscoring the espionage risk facing critical com
Malicious GitHub Codespaces commands can trigger remote code execution
Researchers say crafted GitHub Codespaces repos or pull requests can run malicious setup commands and expose code, tokens and secrets.
Pre-disclosure attacks climb as nearly 29% of exploited flaws are hit before public disclosure
VulnCheck says 28.96% of exploited flaws in 2025 were attacked before disclosure, up from 23.6% in 2024.
Microsoft disrupts RedVDS, a subscription service tied to AI-powered phishing and BEC attacks
Microsoft says it disrupted RedVDS, a criminal subscription service linked to AI-assisted phishing, BEC and fraud that cost victims millions.
Beast ransomware server exposure reveals a playbook built to kill backups
An exposed Beast ransomware server suggests the gang systematically targets backups to block recovery and increase extortion pressure.











