Daily Recap, AI-native security, agentic workflows, and AI-abusing malware were front and center, including Nebulock’s $25 million raise for contextual AI security, the expanding MCP spec bringing new enterprise risks, and a new macOS malware strain that plants fake errors to throw off AI analysis. Other key stories covered Robinhood speeding up access approvals, Poland’s SIM-swapping gang bust tied to millions in crypto theft, and Microsoft extending free Windows 10 ESU support to October 2027.
#Nebulock #MCP #macOS #Robinhood #Philip Martin #Uber #Akrites #Poland #SIMSwapping #Bluekit #Cellebrite #FCC #CISA #Windows10ESU #Chrome #Shop #PirloTV #TataElectronics #Snyk
#Nebulock #MCP #macOS #Robinhood #Philip Martin #Uber #Akrites #Poland #SIMSwapping #Bluekit #Cellebrite #FCC #CISA #Windows10ESU #Chrome #Shop #PirloTV #TataElectronics #Snyk
AI & Security
- AI-native security, agentic workflows, and AI-abusing malware dominated the day, with Nebulock raising $25 million, the MCP spec expanding enterprise use but adding new risks, and a new macOS malware strain planting fake errors to confuse AI analysis tools – AI Security, MCP Risks, macOS Malware
- Mythos-style AI, red-team GRC automation, and security operations thinking were in focus as analysts weighed the impact of new AI systems and the case for NDR in modern detection workflows – Mythos AI, GRC Agent, NDR Case
Enterprise Security & Identity
- Robinhood said it cut access-approval times to support high-velocity development, while Philip Martin joined Uber as CISO, highlighting leadership and access-governance changes at major tech firms – Robinhood Access, Uber CISO
- The Linux Foundation launched Akrites, a new open-source security project aimed at strengthening modern defenses – Akrites Project
Cybercrime & Phishing
- Poland busted a SIM-swapping gang linked to millions in crypto theft, while a browser-in-the-middle phishing kit and callback scams showed attackers continuing to refine credential theft – SIM-Swapping Bust, Bluekit Phishing, Callback Scam
- A new bulletin highlighted smart TV proxyware, a 24-year-old curl bug, and more AI crime forums activity, underscoring the breadth of current threat chatter – ThreatsDay Bulletin
Nation-State & Disruptions
- Ukraine‘s state postal operator and a Russian dairy company both reported cyberattack-related disruptions, showing ongoing operational impact across Eastern Europe – Ukraine Postal, Russian Dairy
- Russia was also reported to have used Cellebrite to access an activist’s phone even after contract cancellation, raising fresh concerns over digital surveillance – Cellebrite Use
Policy, Regulation & Government
- The FCC adopted new cybersecurity rules for emergency systems and undersea cables, while a federal court struck down a Trump election-focused executive order as illegal – FCC Rules, Court Ruling
- At CISA, DHS said the president has met with a potential nominee as the agency looks to hire 600 people, signaling a major workforce push – CISA Hiring
Vulnerabilities & Platform Abuse
- Microsoft quietly extended free Windows 10 ESU support to October 2027, giving users more time before end-of-support pressures intensify – Windows 10 ESU
- A Chrome ad blocker with more than 10 million installs was found capable of dormant script injection, and the Shop order-tracking app was abused to enable phishing campaigns – Chrome Add-on, Shop Abuse
- PirloTV‘s sports piracy network was disrupted with 44 domains seized, marking another hit against large-scale illegal streaming infrastructure – PirloTV Seizure
Breaches & Business News
- Coverage of the day also included a Tata Electronics breach and Snyk layoffs as part of broader security-industry and corporate news – Industry Roundup