AWS Account Hijacking and HR Malware Campaign: AI-Powered Phishing Kits Exposed

Post Views: 6

Cybersecurity News Roundup: AiTM Phishing Kit Targets AWS Accounts, HR Departments Hit by Malware Campaign

A recent phishing campaign has been using the AiTM phishing kit to hijack Amazon Web Services (AWS) accounts. The attackers are sending fake security alerts to AWS account holders, redirecting them to a cloned AWS Management Console sign-in page. In one observed case, the operator authenticated to a compromised AWS account within 20 minutes of credential submission.

Malware Campaign Targets HR Departments and Job Recruiters

A year-long malware campaign has been targeting HR departments and job recruiters. The attackers have been using a specialized module to kill antivirus and endpoint detection software, allowing them to remain under the radar. The campaign is believed to be the work of Russian-speaking attackers.

Microsoft Patches Over 80 Vulnerabilities

Microsoft has patched over 80 vulnerabilities in its software and cloud services, including two publicly disclosed flaws that could allow attackers to gain SQLAdmin privileges or trigger a denial of service attack.

Vishing-as-a-Service Platform Uses AI-Powered Text-to-Speech Capabilities

Researchers have also discovered a vishing-as-a-service platform that uses AI-powered text-to-speech capabilities to carry out “press 1” scams. The platform is misusing the services of AI voice technology company ElevenLabs.

Agentic Attack Chains Are Advancing

A new report from Flashpoint has found that agentic attack chains are advancing, with infostealers flooding criminal markets. The report notes that stolen identity data, unpatched vulnerabilities, and ransomware operations are becoming increasingly interdependent.

Cyberattack on US Medical Device Giant Stryker

Hackers linked to Iran have claimed responsibility for a cyberattack on US medical device giant Stryker. The attack is believed to be an escalation of cyber activity tied to the ongoing conflict in the Middle East.

Disruption of Residential Proxy Network

Law enforcement agencies have also disrupted a residential proxy network used to exploit thousands of compromised home routers worldwide, resulting in millions of dollars in fraud.

President Trump’s Cyber Strategy for America

The week also saw the release of President Trump’s Cyber Strategy for America, a policy framework outlining the administration’s priorities for maintaining US leadership in cyberspace. The strategy commits to a coordinated, government-wide response to cyber threats that extends beyond cyberspace and relies on close cooperation with allies, industry, and academia.

Importance of Submarine Cables in Critical Infrastructure Security

A new sector report has highlighted the growing importance of submarine cables in critical infrastructure security. The report notes that demand growth, hyperscaler investment, and geopolitical pressure are converging on infrastructure that governments and operators are only beginning to treat as a security priority.

Anthropic Institute and Codex Security

Anthropic has established the Anthropic Institute, a research unit focused on studying the societal effects of AI and informing policy responses to risks from more advanced systems. The company has also introduced Codex Security, an AI agent that reviews codebases to find, verify, and help fix software vulnerabilities.

AI Coding Agents Introducing Security Vulnerabilities

A recent report from DryRun Security has found that AI coding agents are introducing security vulnerabilities at a high rate across nearly every type of application they build. The report notes that coding agents are repeating decade-old security mistakes, highlighting the need for improved security measures in AI development.