This weekly roundup highlights multiple cybersecurity developments, including a 3.7 million-record exposure at Sears Home Services, nine critical IP-KVM vulnerabilities, scams targeting OpenClaw developers, Claude prompt-injection chains, and a new infostealer called Speagle. It also covers The Gentlemen ransomware exploiting FortiOS flaws, FCA rules for faster incident reporting, Operation Alice’s takedown of 373,000 dark web domains, and Google’s new scam-resistant Android sideloading flow. #SearsHomeServices #Speagle
Keypoints
- Nearly 3.7 million Sears Home Services customer records, including AI chatbot logs and call recordings, were exposed in unprotected databases.
- Eclypsium disclosed nine vulnerabilities in budget IP-KVM devices that can enable BIOS-level compromise, with some vendors still unpatched.
- Attackers used fake GitHub accounts and a cloned OpenClaw site to try to drain developer wallets, though no confirmed victims were reported.
- Oasis Security’s “Claudy Day” chain of flaws allowed silent hijacking of Claude sessions; Anthropic patched the prompt-injection issue while other fixes are pending.
- Symantec and Carbon Black identified the Speagle infostealer tied to actor “Runningcrab,” which activates only on systems with Cobra DocGuard and searches for missile-related documents.