đ Trend Micro Confirms Active Exploits Targeting Apex One On-Prem Consoles
Two critical flaws (CVEâ2025â54948 & CVEâ2025â54987, both CVSSâŻ9.4) in Apex One allow pre-auth remote attackers to execute arbitrary code via the management console. Threat actors have already started exploiting these in the wild. Until full patches arrive, the workarounds will probably be the frontline of defense.
âȘ Europol Arrests âTohaâ â Alleged XSS Forum Admin
A Ukrainian man, believed to be forum admin âToha,â was arrested after years of managing the Russian-language XSS crime forum. With tens of thousands of members and ties to groups like REvil, Conti, LockBit, and Qilin, this takedown is less about bandwidth and more about centralized trust erosion in the cybercrime ecosystem.
đ AI Hijacks Smart Homes via Gemini Prompt Injection
At Black Hat USA, researchers demonstrated a disturbing hack: a poisoned Google Calendar invite silently injected prompts into a Gemini-powered assistant, triggering commands to control smart home devicesâlights, shutters, even boilers. Itâs a real-world warning: as LLMs get woven into daily life, prompt-based manipulation becomes a physical threat.
âïž Beginnerâs Cloud Security Checklist
Good checklist resource alert: A new beginner-friendly guide walks through basic yet high-impact cloud security principles like IAM hygiene, MFA enforcement, policy enforcement, and least privilege. Assume human error and system defaults will bite you if not surfaced early.
đĄ Microsoftâs AI Agent Detects Just 26% of Malware
Project Ire, Microsoftâs new LLM-based autonomous malware detector, correctly flagged 89% of flagged samples but only spotted 26% of all malicious files in a finite test. Itâs a reminder that while AI agents help bridge alert fatigue, detection remains only one piece of a broader defense puzzle.
Key Observations
Detection vs. coverage: AI in threat detection is getting smarter, but itâs still limited in scope. High accuracy is welcome, but low recall leaves dangerous blind spots. Trust fractures matter: Arresting a trusted crime forum admin isnât flashyâitâs strategic erosion of ecosystem confidence. The threat surface now includes your distraction patterns: Exploiting tiny prompt pathways can result in real-world effects. Cloud risk starts with basics: Identity, MFA, and permission hygiene still matterâespecially when complexity so often masks simplicity.