Daily Brief

Dentsu's U.S.-based subsidiary, Merkle, experienced a cybersecurity breach affecting staff and client data, prompting immediate system shutdowns as a precautionary measure. The breach led to the exposure of sensitive information, including bank details, payroll data, and personal contact information of employees and clients. Dentsu has engaged third-party incident response services to assess the breach's scale and impact, with ongoing investigations to determine the full extent of data compromised. The company has informed relevant authorities in affected countries in compliance with legal requirements and is notifying impacted individuals. Despite the breach, Dentsu's Japan-based network systems remain unaffected; however, the incident is anticipated to have some financial repercussions. No ransomware group has claimed responsibility for the attack, and the investigation continues to identify the perpetrators. The incident underscores the importance of robust cybersecurity measures and proactive incident response strategies to mitigate potential damages.

Academic researchers have developed TEE.Fail, a side-channel attack capable of extracting secrets from Intel and AMD's trusted execution environments, affecting DDR5 memory systems. The attack utilizes an interposition device costing under $1,000 to inspect memory traffic, enabling the extraction of cryptographic keys from Intel TDX and AMD SEV-SNP. TEE.Fail can compromise Nvidia's GPU Confidential Computing by using extracted attestation keys, allowing unauthorized AI workload execution without TEE protections. The attack reveals vulnerabilities in the AES-XTS encryption mode, which fails to prevent physical memory interposition attacks, affecting the security of confidential virtual machines. Researchers recommend software countermeasures to address deterministic encryption risks, though these are potentially costly and complex to implement. Intel and AMD have acknowledged the attack but maintain that physical vector attacks remain outside the scope of their current mitigation strategies. The study raises concerns over the adequacy of current hardware security measures, prompting a re-evaluation of encryption and attestation protocols.

Qilin ransomware, previously known as Agenda, has targeted over 700 victims across 62 countries in 2025, marking it as a significant global threat. The ransomware exploits Windows Subsystem for Linux (WSL) to execute Linux encryptors on Windows systems, bypassing traditional security measures. Attackers utilize legitimate remote management tools and built-in Windows utilities to breach networks and extract sensitive data. The group employs Bring Your Own Vulnerable Driver (BYOVD) techniques to disable security software, leveraging signed but vulnerable drivers. Qilin affiliates use open-source tools like "dark-kill" and "HRSword" to deactivate endpoint detection and response (EDR) systems and erase attack traces. The ransomware's Linux encryptor is designed to target VMware ESXi virtual machines, utilizing command-line options for customized encryption. This strategy demonstrates the evolving threat landscape, as ransomware operators adapt to hybrid environments to enhance attack efficacy and evade defenses.

CISA has issued a warning about active exploitation of two vulnerabilities in Dassault Systèmes' DELMIA Apriso, affecting manufacturing operations management systems. The critical vulnerability (CVE-2025-6205) allows unauthorized remote access, while the high-severity flaw (CVE-2025-6204) enables code injection by privileged users. Dassault Systèmes addressed these vulnerabilities in August 2025, affecting releases from 2020 to 2025, but exploitation continues in the wild. Federal Civilian Executive Branch agencies are mandated to secure their networks by November 18, per Binding Operational Directive 22-01. CISA advises all IT administrators to prioritize patching these vulnerabilities to mitigate risks to federal and enterprise systems. DELMIA Apriso is widely used in sectors such as automotive, electronics, and aerospace, where operational integrity and compliance are critical. The vulnerabilities pose significant risks, as these systems manage key functions like warehouse operations, production scheduling, and quality control.

Researchers from Georgia Tech and Purdue University unveiled TEE.Fail, a side-channel attack compromising trusted execution environments (TEEs) in Intel, AMD, and NVIDIA CPUs. TEE.Fail exploits architectural weaknesses in DDR5 systems, allowing extraction of sensitive data from TEEs, such as cryptographic keys, at a cost below $1,000. The attack requires physical access and root-level privileges, targeting Intel's SGX, TDX, and AMD's SEV-SNP, leveraging deterministic AES-XTS memory encryption. Successful execution involves modifying kernel drivers and using a logic analyzer to capture ciphertexts from DRAM, enabling key extraction and attestation forgery. Intel, AMD, and NVIDIA have acknowledged the vulnerabilities and are developing mitigations, with plans to release official statements following the TEE.Fail paper's publication. While complex and requiring physical access, TEE.Fail poses significant implications for the security of confidential computing environments in server-grade hardware. The findings stress the need for enhanced security measures in TEEs, particularly in systems adopting newer memory technologies like DDR5.

Starting October 2026, Google Chrome will default to "Always Use Secure Connections," warning users before accessing non-HTTPS sites. This change aims to protect users from man-in-the-middle attacks, which can compromise data exchanged over unencrypted HTTP connections. Chrome will initially enable this feature for over 1 billion users with Enhanced Safe Browsing in April 2026, ahead of the full rollout. Users will have the option to enable alerts for insecure connections on both public and private sites, though private sites are generally less risky. Google encourages website developers and IT professionals to adopt HTTPS now to mitigate potential disruptions when the feature becomes mandatory. The transition is expected to be smooth, as over 95% of websites have already adopted HTTPS, a significant increase from 45% in 2015. This initiative is part of Google's broader effort to enhance web security, including recent updates to automatically revoke unused notification permissions.

Cybersecurity researchers have identified a new Android banking trojan, Herodotus, targeting users in Italy and Brazil through device takeover attacks. Herodotus is distributed as part of a malware-as-a-service model, functioning on Android versions 9 to 16, and advertised in underground forums. The malware employs obfuscation techniques similar to the Brokewell trojan, utilizing accessibility services to execute its malicious activities. It uses dropper apps disguised as Google Chrome, distributed via SMS phishing, to conduct credential theft and intercept two-factor authentication codes. Herodotus introduces random delays in remote actions to mimic human typing, aiming to bypass behavior-based anti-fraud systems. Overlay pages targeting financial institutions in the U.S., Turkey, the U.K., and Poland suggest the trojan's operators are expanding their targets. The trojan is under active development, focusing on persisting within live sessions rather than merely stealing static credentials.

Kaspersky reports North Korea-linked BlueNoroff's new campaigns, GhostCall and GhostHire, targeting Web3 and blockchain sectors, part of the long-running SnatchCrypto operation. GhostCall targets macOS devices of tech executives globally, using fake Zoom calls to deploy malware, affecting countries like Japan, Italy, and Singapore. GhostHire lures Web3 developers via Telegram, using booby-trapped GitHub repositories, primarily impacting Japan and Australia. Both campaigns employ sophisticated social engineering tactics, leveraging platforms like LinkedIn and Telegram to gain victims' trust. The malware, including DownTroy, bypasses macOS security controls to harvest sensitive data from various applications and cloud services. Attackers have adapted tactics to use Microsoft Teams alongside Zoom, indicating a flexible approach to infection vectors. The campaigns reflect an advanced threat actor's ability to target both Windows and macOS systems, using generative AI to enhance malware development. Organizations in the blockchain and tech sectors should enhance security measures, focusing on phishing awareness and robust endpoint protection.

Privacy advocacy group Noyb filed a criminal complaint against Clearview AI for unauthorized data scraping, targeting the company's executives for potential criminal penalties. Clearview AI allegedly ignored GDPR fines from multiple EU countries, amassing over $100 million in unpaid penalties, with only the UK fine being contested and lost. The complaint, lodged with Austrian prosecutors, leverages Article 84 of the GDPR, allowing member states to pursue criminal proceedings for data protection breaches. Clearview AI claims to have collected over 60 billion images to enhance law enforcement facial recognition, raising significant privacy concerns across Europe. Austria deemed Clearview's practices illegal in 2023, though no fines were imposed; Noyb seeks criminal accountability for the company's management. The case underscores challenges in enforcing EU data protection laws against non-EU companies, highlighting potential gaps in cross-border regulatory frameworks. This development may prompt EU authorities to strengthen enforcement mechanisms to ensure compliance with data protection regulations globally.

Varonis Threat Labs has spotlighted the BiDi Swap vulnerability, which manipulates URL text direction to create deceptive links, posing a significant risk for phishing attacks. This vulnerability exploits the handling of Right-to-Left (RTL) and Left-to-Right (LTR) scripts, allowing attackers to craft URLs that appear legitimate but redirect users to malicious sites. BiDi Swap builds on past Unicode-based spoofing tactics, demonstrating the ongoing challenge of securing text directionality in web browsers. The vulnerability affects major browsers like Chrome and Firefox, with varying degrees of mitigation; Chrome's navigation suggestions only partially address the issue. Firefox attempts to mitigate risks by highlighting key domain parts in the address bar, aiding users in identifying suspicious links. Microsoft marked the issue as resolved in Edge, although URL representation concerns remain. Varonis recommends integrating advanced threat detection tools, such as Varonis Interceptor, to enhance email and browser security against phishing threats.

Atroposia, a new malware-as-a-service platform, offers a remote access trojan with features like persistent access, data theft, and local vulnerability scanning for a $200 monthly subscription. Discovered by Varonis researchers, Atroposia is designed as a "plug and play" toolkit, making it accessible to low-skilled cybercriminals alongside other platforms like SpamGPT and MatrixPDF. The malware communicates over encrypted channels, bypasses User Account Control on Windows, and maintains stealthy access, posing significant risks to corporate environments. Atroposia's local vulnerability scanner identifies outdated software and unpatched systems, potentially allowing deeper access and exploitation within targeted networks. The emergence of Atroposia lowers the technical barrier for cybercriminals, facilitating the execution of sophisticated attacks by less experienced threat actors. Organizations are advised to download software from reputable sources, avoid pirated content, and exercise caution with online commands to mitigate risks associated with this malware.

Recent research indicates that AI browsers, including OpenAI's Atlas, are vulnerable to prompt injection attacks, posing significant security risks by allowing unauthorized actions on users' behalf. Prompt injection occurs when malicious commands are embedded in content, which AI interprets as user instructions, potentially leading to unauthorized data exfiltration or manipulation. Researchers demonstrated vulnerabilities in AI browsers like Comet and Fellou, where hidden instructions in web content triggered unintended actions such as data extraction from Gmail. Indirect prompt injection can manipulate AI to perform tasks without user consent, while direct injection involves pasting crafted URLs into browsers, leading to data leaks or file deletions. Cross-site request forgery vulnerabilities further compound risks by allowing malicious sites to send commands to AI bots as authenticated users, affecting session data persistence. Security experts acknowledge that prompt injection is a persistent challenge, with no complete solution, as AI systems inherently process untrusted data that can influence outcomes. Mitigation strategies include limiting AI privileges, requiring user consent for actions, and treating all external content as potentially untrustworthy to reduce risk exposure. The growing capabilities of agentic AI, such as automated transactions and data access, necessitate robust security controls to prevent exploitation and protect sensitive information.

A 2022 data breach of the UK's Ministry of Defence Afghan relocation scheme has resulted in severe threats and fatalities among affected individuals and their families. Of the 231 individuals impacted, 49 reported deaths of family or colleagues, and 87% experienced personal risks due to Taliban reactions. Nearly 100 individuals faced direct threats to their lives, with reports of home raids and severe intimidation by the Taliban. Mental health issues, including anxiety and depression, were widespread, affecting 89% of respondents and their families. Affected individuals have called for expedited relocation processes, with many still facing danger in Afghanistan despite offers of resettlement. The UK government is urged to review cases and provide protection to those whose data was compromised, ensuring their safety. The full report on this breach's impact is expected to be published in November, following submission to the Defence Committee.

Early threat detection is crucial for minimizing incident costs and maximizing business continuity, transforming cybersecurity from a reactive cost center to a proactive growth enabler. Organizations that invest in threat intelligence and early detection mechanisms maintain operational confidence, facilitating smoother digital transformations and customer onboarding. A mature cybersecurity posture, demonstrated through early detection capabilities, becomes essential for compliance and business expansion into new markets and sectors. Threat intelligence provides strategic insights into attacker behaviors, enabling organizations to predict and prevent attacks rather than merely reacting to them. ANY.RUN's Threat Intelligence Feeds and Lookup services offer real-time insights, reducing incident timelines and operational costs by providing instant context and prioritization for SOC teams. By leveraging continuous visibility and enriched alerts, businesses can maintain trust and reputation, ensuring long-term stability and competitive advantage. The integration of advanced threat intelligence tools empowers security operations centers to shift from overwhelmed to proactive, focusing on resolving critical threats efficiently.

Google refuted reports of a major Gmail breach affecting 183 million accounts, attributing the claims to misinterpretation of old credential data. The confusion originated from the addition of a large dataset to Have I Been Pwned, collected from infostealer malware logs over several years. This dataset, shared by Synthient, was mistakenly perceived as a new breach, though it reflects long-term infostealer activity rather than a targeted Gmail attack. Google emphasized that Gmail's security remains robust, with proactive measures in place to scan for stolen credentials and prompt password resets. The incident highlights the rapid spread of misinformation and the importance of context in cybersecurity reporting. Users are advised to enable two-step verification, consider passkeys, and update passwords in response to breach notifications. The situation underscores the need for media literacy and careful interpretation of cybersecurity news to prevent unnecessary panic.