"US cybersecurity officials are proposing a significant reduction in federal remediation timelines, moving from a 14-day window to just three days for critical vulnerabilities, Reuters learned. This shift is driven by the rise of sophisticated AI models like Anthropic's Mythos and OpenAI's GPT-5.4-Cyber, which allow attackers to weaponize software flaws at unprecedented speeds. It's worth noting that CISA even now instructs federal agencies to patch some vulnerabilities within three days if the risk of exploitation is significant."
"Cisco Talos has identified a modular malware campaign featuring the CloudZ remote access tool and a new plugin named Pheno. This threat intercepts one-time passwords and SMS messages by targeting the Microsoft Phone Link application to extract data from synchronized SQLite databases on the host PC. The infection chain utilizes a Rust-compiled loader and reflective .NET execution to bypass detection mechanisms."
"Venezuelan national David Jose Gomez Cegarra was sentenced to time served for his role in an ATM jackpotting operation that stole nearly $300,000 from several banks. The group bypassed security by physically accessing ATM hard drives to install malware, allowing them to trigger cash dispensations. Following his conviction for bank larceny, Cegarra was ordered to pay $29"
US cybersecurity officials are proposing a reduction of federal remediation timelines from 14 days to three days for critical vulnerabilities. The change is linked to faster weaponization of software flaws enabled by advanced AI models. CISA already instructs agencies to patch some vulnerabilities within three days when exploitation risk is significant. Cisco Talos identified a modular malware campaign using the CloudZ remote access tool and a plugin called Pheno. The malware targets the Microsoft Phone Link application to intercept one-time passwords and SMS messages by extracting data from synchronized SQLite databases. The infection chain uses a Rust-compiled loader and reflective .NET execution to evade detection. A Venezuelan ATM jackpotting case resulted in a sentence for a participant involved in malware installed via physical access to ATM hard drives.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]