Daily Recap, Agentic AI was reported to drive a ransomware attack via Langflow, while Cursor AI IDE flaws could allow OS-level remote code execution affecting developers. Ransomware groups are also leveraging Citrix Bleed 2, BYOVD, and stolen supply-chain credentials, as CISA warns that a Microsoft SharePoint RCE bug is actively exploited in the wild.
#Langflow #AgenticAI #Cursor #CitrixBleed2 #BYOVD #SharePoint #RCE #Pegasus #ScatteredSpider #Medtronic #NetNut #ConsentFix #ClickFix #M365 #UKNationalCyberActionPlan
#Langflow #AgenticAI #Cursor #CitrixBleed2 #BYOVD #SharePoint #RCE #Pegasus #ScatteredSpider #Medtronic #NetNut #ConsentFix #ClickFix #M365 #UKNationalCyberActionPlan
AI Threats
- Agentic AI was reportedly used to launch a ransomware attack through Langflow, highlighting the growing abuse of AI workflows for intrusion and extortion – AI Ransomware
- Cursor AI code editor flaws could enable OS-level remote code execution, exposing developers to high-impact compromise – Cursor Flaws
Ransomware & Exploits
- Ransomware operators are increasingly using Citrix Bleed 2, BYOVD, and stolen supply-chain credentials to break into networks and accelerate attacks – Citrix Bleed
- CISA warned that a Microsoft SharePoint RCE flaw is now actively exploited in the wild, making immediate patching critical – SharePoint RCE
- Microsoft fixed GIF functionality in the Windows Emoji Panel, addressing a small but notable usability/security-related issue – Emoji Fix
Spyware & Hacking
- A European Parliament member investigating spyware was allegedly hacked with Pegasus, underscoring the continued use of advanced surveillance tools against officials – Pegasus Hack
- Another report says a spyware probe overseer was targeted with spyware, reinforcing concerns about retaliation against investigators – Spyware Probe
- An alleged long-time Scattered Spider member was extradited to the US, marking another major step in a high-profile cybercrime case – Spider Extradition, Spider Case
Data Breaches & Privacy
- Medtronic disclosed a data breach affecting 3.8 million people, adding to the week’s list of large-scale exposure events – Medtronic Breach
- A Supreme Court ruling could threaten the EU-US data transfer agreement, creating fresh uncertainty for transatlantic privacy and compliance frameworks – Data Transfer
- Google lost its final appeal against a €4.1 billion EU fine, closing a major antitrust and regulatory battle – Google Fine
Proxy Networks & Disruption
- Google and the FBI disrupted the NetNut residential proxy network, which allegedly relied on millions of infected or enrolled home devices – NetNut Hit, Proxy Takedown
Microsoft 365 Account Abuse
- ConsentFix and ClickFix techniques can hijack Microsoft 365 accounts in just 3 seconds, showing how fast OAuth abuse can lead to full compromise – M365 Hijack
UK Cyber Policy
- The launch of the UK National Cyber Action Plan was delayed amid a Labour leadership crisis, slowing a key government cybersecurity initiative – UK Cyber Plan