Cyber (In)Securities – Issue 165

Global Cyber Threats, Leadership Blind Spots, and AI Infrastructure Risks

This edition of Cyber (In)Securities offers a global scan of today’s evolving cyber threat landscape, spanning ransomware takedowns, credential leaks, AI infrastructure vulnerabilities, and critical insights from CyAN leaders.

Key highlights:

• A powerful new EDR killer tool is being used by eight ransomware groups to bypass security defences and deploy attacks undetected.
• The Royal and BlackSuit ransomware gangs are linked to over 450 US victims and more than $370 million in ransom payments.
• Google, Pandora, Air France, and Chanel face breaches involving third-party service providers and data exposures.
• CISA issues an emergency directive for Microsoft Exchange CVE-2025-53786 and releases 10 new ICS advisories.
• Massive smishing campaigns from China, spyware infrastructure linked to Hungary and Saudi Arabia, and rising credential abuse in New Zealand reveal a truly global risk footprint.

Editor’s Desk – by Kim Chandler McDonald
Kim explores how leadership blind spots and poor communication can undermine cybersecurity resilience. She also addresses the tension between safety and surveillance as privacy laws like the UK’s Online Safety Act introduce large-scale age checks and identity verification measures.

Root Access – by Michael McDonald
Michael dives into architectural risk across AI and container-based environments. From Docker’s Managed Control Plane vulnerabilities to the discipline of Talos Linux in Kubernetes, he calls for secure-by-design infrastructure in AI workloads.

Insights include:

• The growing ransomware-as-a-service economy
• The surge in zero-day exploits
• Prompt injection and AI promptware risks
• Windows 10 end-of-life planning
• Man-in-the-middle attack prevention strategies

Toolbox & Releases feature:

• Zero-trust authentication for web apps
• Shadow IT protection from LastPass
• Offline file-sharing tools for Windows
• Linux backup utilities and identity governance updates

CyAN Community Spotlights:
We celebrate AWSN 2025 finalists Kim Chandler McDonald and Saba Bagheri and highlight recent blog posts and podcasts by CyAN members including John Salomon, Didier Annet, Nick Kelly, Sapann Harish Talwar, and Nicolas Francis.

View the full edition

You can download this edition by clicking the three dots icon on the bottom right and selecting Download PDF File. To enlarge the view, click the fullscreen icon on the bottom right. All article titles inside the flipbook are clickable links.