SecurityWeek’s roundup highlights a surge in rapid, vulnerability-driven cloud attacks and a string of high-impact disclosures and breaches affecting vendors and services. The update also covers prosecutions, global takedowns, and emerging threats such as AI-generated Slopoly and activity by ShinyHunters. #Slopoly #ShinyHunters
Keypoints
- Google Cloud reports attackers now favor exploiting disclosed vulnerabilities for faster cloud intrusions.
- Multiple critical flaws were disclosed or exploited, including CVE-2025-68613 in n8n, CrackArmor issues in AppArmor, and high-severity Veeam bugs.
- Telus Digital confirmed a breach claimed by ShinyHunters, and Coruna iOS exploits tied to L3Harris prompted Apple patches.
- Law enforcement actions include the indictment of a BlackCat/Alphv negotiator and charges against minors selling DDoS tools in Poland.
- Interpol’s Operation Synergia III disrupted thousands of malicious servers, while IBM discovered AI-generated Slopoly linked to Hive0163.