House Lawmakers Push to Ban AI App DeepSeek From US Government Devices
A bipartisan group of U.S. lawmakers is pushing legislation to ban DeepSeek, a Chinese-developed AI app, from government devices. Reps. Josh Gottheimer and Darin LaHood introduced the "No DeepSeek on Government Devices Act," citing concerns over national security risks, including surveillance and misinformation by the Chinese government. This follows DeepSeek's launch of an AI model that rivals American firms like OpenAI and Meta, triggering concerns about data security. The proposed bill targets DeepSeek and its parent company, High-Flyer, while allowing exceptions for national security research. This follows prior U.S. actions against Chinese tech companies like TikTok and Huawei, highlighting tensions in the tech race between the U.S. and China. Read more here.
1,000 Apps Used in Malicious Campaign Targeting Android Users in India
Zimperium has uncovered a massive malicious campaign targeting Android users in India. Known as FatBoyPanel, the campaign uses over 1,000 apps to steal personal and banking data by exploiting live phone numbers for OTP theft. The threat actor has compromised approximately 50,000 users, with the malware exfiltrating data like banking details via SMS messages. The apps, distributed through WhatsApp, impersonate legitimate government or banking apps, misleading users into installing malware. Zimperium also found unsecured Firebase storage buckets containing the stolen data. Read more here.
Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security
Astra Security and Invary, two cybersecurity startups, have secured funding to enhance their AI-powered security solutions. Astra raised $2.7 million to advance its AI-powered pentesting platform, which identifies vulnerabilities in applications. Meanwhile, Invary raised $3.5 million to improve runtime security products protecting systems from tampering and hidden threats. Both companies plan to expand their offerings, with Astra focusing on cloud environments and Invary enhancing support for Windows and Linux platforms. Read more here.
Hacker Who Targeted NATO, US Army Arrested in Spain
Spanish authorities arrested a hacker suspected of attacking over 40 organizations, including NATO, the US Army, and the International Civil Aviation Organization. The 18-year-old hacker, known online as Natohub, allegedly leaked stolen data and posted on the BreachForums. Authorities seized devices and linked the hacker to cryptocurrency accounts. This arrest follows a string of cyberattacks against governments, military bodies, and private entities, underscoring the growing threat of cyber espionage. Read more here.
Five Eyes Agencies Release Guidance on Securing Edge Devices
The Five Eyes intelligence alliance has issued joint guidance to secure edge devices against cyber threats. Edge devices, such as routers and IoT devices, are increasingly targeted in attacks. The guidance urges manufacturers to integrate secure-by-default logging, improve device configurations, and implement multi-factor authentication. The recommendations also cover VPNs, firewalls, and routers, which are critical to maintaining secure connections. These steps aim to mitigate risks from misconfigurations, vulnerabilities, and DDoS attacks. Read more here.
Security Teams Pay the Price: The Unfair Reality of Cyber Incidents
A cybersecurity professional draws a parallel between workplace accidents and the pressures faced by security teams during incidents. Despite being often blameless, security teams bear the brunt of the consequences when breaches occur. From application security flaws to insider threats, they are called upon to remediate and investigate incidents. The article highlights the importance of proper preparedness, training, and collaboration to prevent security teams from shouldering the fallout alone. Read more here.
Cisco Patches Critical Vulnerabilities in Enterprise Security Product
Cisco has released patches for critical vulnerabilities in its Identity Services Engine (ISE), which could allow attackers to execute arbitrary commands on vulnerable devices. The flaws, CVE-2025-20124 and CVE-2025-20125, affect ISE APIs and require immediate patching. Cisco also addressed high-severity vulnerabilities in the SNMP subsystem of Cisco IOS and other devices, which could lead to denial-of-service conditions. Organizations are urged to update their ISE installations as soon as possible. Read more here.
7AI Launches With $36 Million in Seed Funding for Agentic Security Platform
7AI has launched an agentic security platform that uses AI agents to automate routine security tasks, enhancing efficiency for security teams. The platform's AI agents can triage alerts, enrich signals, and identify threats autonomously, allowing security teams to focus on high-priority tasks. The company raised $36 million in seed funding, with plans to expand its AI capabilities and product offerings. Read more here.
Semgrep Raises $100M for AI-Powered Code Security Platform
Semgrep has raised $100 million in Series D funding to bolster its AI-powered code security platform. The company, which focuses on proactive application security, plans to use the funds to expand its AI-driven platform that helps developers detect and fix code vulnerabilities. Semgrep’s approach combines static analysis with AI to reduce false positives and help developers prioritize security flaws. The funding will also support expansion and executive hires. Read more here.
Researchers Link DeepSeek’s Blockbuster Chatbot to Chinese Telecom Banned From Doing Business in US
Researchers have uncovered links between the Chinese AI company DeepSeek and China Mobile, a telecom giant banned from operating in the U.S. The DeepSeek chatbot's web login page contains obfuscated code connecting to China Mobile's infrastructure. This revelation raises national security concerns about data security and surveillance. DeepSeek's use of Chinese servers and ties to state-owned entities highlight the risks of using AI platforms from adversarial countries. Read more here.
How Agentic AI will be Weaponized for Social Engineering Attacks
AI advancements are enabling more sophisticated social engineering attacks, as cybercriminals leverage agentic AI to automate personalized phishing campaigns, create deepfakes, and adapt to targets' responses. With AI's growing capabilities, threats are becoming more adaptive and multi-faceted. Experts warn organizations to prepare by using AI to bolster security and educate employees on the risks of agentic AI in cyberattacks. Read more here.
Riot Raises $30 Million for Employee Cybersecurity Solution
Riot has raised $30 million in Series B funding to enhance its employee cybersecurity platform. The platform integrates with organizations' IT systems to assess employees' cyber posture and provide real-time recommendations. Riot’s software uses a cyber companion, Albert, to guide users in improving security practices, helping protect over one million employees from advanced social engineering attacks. The funding will support product development and global expansion. Read more here.
Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms
Cybersecurity firm WatchTowr discovered over 150 abandoned Amazon S3 buckets that could have been exploited to deliver malware or backdoors to high-profile organizations, including governments and Fortune 500 companies. These unsecured buckets received millions of requests for sensitive files, raising concerns about potential supply chain attacks. The security firm worked with AWS to secure the buckets and prevent further abuse. Read more here.
Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine
Russian hackers exploited a zero-day vulnerability in the 7-Zip archiver tool to target Ukrainian government entities. The flaw, CVE-2025-0411, bypassed Windows' Mark-of-the-Web protection, allowing attackers to execute malicious code. The attackers used homoglyph attacks to deceive victims into opening the infected archives. This campaign highlights the risks of exploiting software vulnerabilities for cyberespionage. Read more here.
CISA Issues Exploitation Warning for .NET Vulnerability
CISA has added a .NET vulnerability, CVE-2024-29059, to its Known Exploited Vulnerabilities catalog. The flaw, patched in January 2024, can lead to remote code execution and poses a serious risk if exploited. The cybersecurity agency has urged organizations to patch their systems and has also added other older vulnerabilities to the catalog. Read more here.
Riot Raises $30 Million for Employee Cybersecurity Solution
Riot, a cybersecurity startup focused on enhancing employee security, announced it raised $30 million in Series B funding. The company’s platform helps employees improve their cybersecurity posture and protect against sophisticated social engineering attacks. Riot’s software integrates with IT systems, assessing individual cyber health and providing real-time recommendations through its cyber companion, Albert. The solution is already protecting over one million employees across 1,500 organizations. The funding will be used to expand internationally and enhance product development. Read more here.
Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms
WatchTowr uncovered over 150 abandoned Amazon S3 buckets, which could have been exploited by threat actors to deliver malware or backdoors to high-profile targets, including governments and Fortune 500 companies. Researchers registered the buckets and tracked HTTP requests, finding millions of queries for sensitive files. Had these buckets been controlled by malicious actors, they could have facilitated large-scale supply chain attacks. AWS and government agencies intervened to secure the buckets and prevent exploitation. Read more here.