Today’s security landscape is highlighted by a significant third-party data breach affecting OpenAI API users via their analytics vendor, Mixpanel. Concurrently, the ‘Bloody Wolf’ threat actor is expanding its RAT-based campaigns across Central Asia, posing a persistent nation-state threat. We are also tracking an unconventional jailbreak method for AI models that uses poetry to bypass security safeguards. This summary covers the critical intelligence you need to understand today’s evolving threats.
Top 5 Critical Security Alerts
- OpenAI API Customer Data Breach via Mixpanel Vendor Hack: OpenAI is notifying API customers of a data leak after its third-party analytics vendor, Mixpanel, was compromised, exposing limited user information. Read more
- Bloody Wolf APT Expands NetSupport RAT Attacks in Central Asia: The threat actor ‘Bloody Wolf’ has broadened its campaign, now targeting Uzbekistan in addition to Kyrgyzstan with a Java-based NetSupport RAT. Read more
- Asahi Confirms 1.5 Million Customers Affected in Major Cyber-Attack: Japanese beverage giant Asahi confirmed a major cyberattack may have exposed the personal data of up to 1.5 million customers. Read more
- Scattered Lapsus$ Hunters Target Zendesk Users with Fake Support Sites: The notorious cybercrime group is actively targeting Zendesk users by creating sophisticated phishing domains disguised as legitimate support portals. Read more
- FCC Warns of Hackers Hijacking Radio Equipment For False Alerts: The FCC has issued a warning after multiple incidents where hackers compromised radio equipment to broadcast false and sometimes profane emergency alerts. Read more
Threat Intelligence
- Poland detains Russian citizen suspected of hacking local firms: Polish authorities have arrested a Russian national who allegedly obtained refugee status before carrying out cyberattacks against local companies. Read more
Security Breaches & Incidents
- Gainsight Expands Impacted Customer List Following Salesforce Security Alert: Following a security alert from Salesforce, Gainsight has disclosed that a larger list of its customers was impacted by suspicious activity than initially reported. Read more
- Scottish council still rebuilding systems two years after ransomware attack: A council in Scotland is still facing significant challenges and continues to rebuild its IT systems two full years after a debilitating ransomware attack. Read more
Security Tools & Best Practices
- Microsoft to Block Unauthorized Scripts in Entra ID Logins with 2026 CSP Update: Microsoft plans to enhance Entra ID security by updating its Content Security Policy (CSP) to block unauthorized script injection attacks during the sign-in process. Read more
Security Standards & Frameworks
- Key Provisions of the UK Cyber Resilience Bill Revealed: A UK government official has outlined key provisions for the upcoming Cyber Resilience Bill, aimed at strengthening national cybersecurity posture and incident response. Read more
Emerging Security Technologies
- Roses are red, violets are blue, if you phrase it as poem, any jailbreak will do: A new study reveals that LLMs can be easily jailbroken by phrasing malicious requests as poetry, bypassing security filters with up to a 100% success rate. Read more
