Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [09 Aug 2025]

admin
Cybersecurity News | Daily Recap [09 Aug 2025]

AI security experts demonstrate that GPT-5 can be easily jailbroken, posing risks of zero-click attacks on cloud and IoT systems. Meanwhile, DARPA’s AI code-review challenge highlights advances in defensive AI, with Team Atlanta winning a $4 million prize. #GPT5Jailbreak #AICodeWin

AI & Model Security

  • Researchers and red teams show GPT-5 is easily jailbreakable—enabling zero-click AI agent attacks against cloud and IoT systems—while DARPA’s AI code-review challenge (won by Team Atlanta) highlights defensive AI advances and a $4 million prize. – GPT-5 Jailbreak, GPT-5 Redteam, AI CodeWin

Vulnerabilities & Exploits

  • Critical flaws in CyberArk and HashiCorp vaults (named “Vault Fault”) allow remote takeover of enterprise secrets, and a WinRAR zero-day (CVE-2025-8088) has been exploited to deliver the RomCom malware. – Vault Fault, WinRAR Zero-day

Judiciary & Government Hacks

  • The U.S. federal judiciary confirmed a breach of its electronic case-management service (PACER), prompting cross-agency efforts to harden court cybersecurity and protect sensitive records. – Courts Breach, Courts Harden

Privacy & Regulation

  • Regulatory and research scrutiny grows as the Australian regulator sues Optus over a 2022 breach affecting 9.5 million people, the new EU law to shield journalists from spyware takes effect amid enforcement concerns, and research flags privacy gaps in Apple Intelligence/Siri data handling. – Optus Lawsuit, EU Spyware Law, Apple Privacy

Ransomware & Crime

  • The Embargo ransomware gang—linked to BlackCat/Alphv—has handled at least $34 million in about a year, targeting healthcare, manufacturing and services with high-value demands. – Embargo Gang

Phishing, Social Engineering & Fraud

  • Attackers are accelerating social-engineering using AI, fake CAPTCHAs and tunneling tools—evidenced by an AI-driven Brazilian phishing campaign that used SEO-poisoned sites and PIX scams while the Efimer trojan stole crypto from 5,000 victims—and U.S. seniors lost a record $700 million to scammers in 2024. – Deception Trends, Brazil Phishing, Senior Losses

Transportation & IoT

  • Researchers warn that smart buses with public Wi‑Fi, unprotected protocols and default passwords can be remotely hacked to track vehicles, access cameras, manipulate data or disrupt services. – Bus Wi‑Fi

Conferences & Software Security

  • CodeSecCon 2025 spotlights software supply-chain risks, AI security implications, compliance strategies and scaling security for modern architectures. – CodeSecCon 2025

Cybersecurity News | Daily Recap – hendryadrian.com