Welcome to your daily cybersecurity briefing. Russia has blocked access to Apple’s FaceTime platform and Snap’s Snapchat service, citing their alleged use in coordinating terrorist operations, recruiting criminal actors, and facilitating large-scale fraud against Russian citizens. The decision follows a pattern of escalating restrictions targeting foreign communication platforms, including recent bans on Roblox, Viber, and […]

Welcome to your daily cybersecurity briefing. DeepSeek Releases V3.2 Open Source Model Rivaling GPT-5 The Chinese AI startup DeepSeek has officially released its V3.2 and V3.2-Speciale models under a fully permissive MIT license. Claiming to outperform GPT-5 in reasoning tasks, the release utilizes a novel “Sparse Attention” architecture to maximize efficiency, marking a significant shift […]

Welcome to your daily cybersecurity briefing. Raspberry Pi Raises Prices Amid Rising Production Costs Raspberry Pi has announced a price increase across several models, citing sustained rises in manufacturing and component costs. The company explains that it can no longer absorb global supply chain pressures. The adjustment will particularly impact integrators, IoT builders, and embedded […]

Welcome to your daily cybersecurity briefing. Mattermost Patches Silent Security Flaw CERT-FR reports an “unspecified security issue” in Mattermost Server (MMSA-2025-00545). While technical details remain undisclosed by the vendor, the vulnerability impacts multiple branches including 10.11, 10.12, 11.0, and 11.1. Given the platform’s role in centralizing sensitive internal communications, administrators are urged to apply the […]

Welcome to your daily cybersecurity briefing. Cato CTRL Discloses “HashJack” Prompt Injection Cato Networks has revealed a new indirect prompt injection technique called “HashJack” that hides malicious payloads within URL fragments. This method blindsides perimeter WAFs but is fully processed by client-side AI browsers like Copilot and Gemini, enabling zero-click data exfiltration and callback phishing. […]

Welcome to your daily cybersecurity briefing. CVSS v4.0 – Understanding the New Vulnerability Scoring Model A new analysis from Malwarebytes provides a clear breakdown of CVSS v4.0, detailing how the updated framework shifts focus toward exploitability, environmental modifiers, and attacker utility. The article highlights changes in severity interpretation, granularity in attack requirements, and the impact […]

Welcome to your daily cybersecurity briefing. CISA & Commercial Spyware Targeting Messaging Apps Following a joint alert by CISA, a technical breakdown reveals how multiple threat actors use QR-based session hijacking, zero-click exploits, and fake apps to compromise end-to-end encrypted messaging platforms such as Signal and WhatsApp. Victims include senior officials and civil society actors […]

Welcome to your daily cybersecurity briefing. CERT-FR: Advisory 2025-AVI-1042CERT-FR has issued a new advisory describing several critical vulnerabilities impacting Gitlab. RomCom via SocGholishArctic Wolf reports a campaign in which the RomCom threat group leveraged the SocGholish delivery infrastructure for the first time to deploy a targeted Mythic loader. The intrusion targeted a U.S. company indirectly […]

Welcome to your daily cybersecurity briefing. 💻 JackFix: Fake Windows Update Malware – A new campaign is distributing the JackFix malware through fake Windows Update pop-ups, enabling payload execution and stealthy installation of persistent backdoors. 🇫🇷 CERT-FR: PrimX Targeted – CERT-FR has issued an advisory detailing a compromise affecting PrimX, involving a vulnerability that allows […]

Welcome to your daily cybersecurity briefing. 💸 FBI: Bank Impersonation Alert – The FBI reports that cybercriminals have stolen $262 million since January by impersonating bank support teams through sophisticated vishing and smishing campaigns. 📉 Microsoft: Exchange Online Outage – A major service disruption in North America is blocking access to Outlook mailboxes, caused by […]