Threat Digest: Morning Briefing
Storm-2755 Payroll Heists: Adversaries use AiTM session replay and poisoned Office 365 searches to siphon Canadian salaries, including Microsoft’s HR systems. Precision targeting exposes HR workflow risks.
CISA KEV Milestone: 1B unpatched Known Exploited Vulnerabilities signal systemic failure—human effort alone can’t scale patching. SecOps must rethink automation and prioritization.
GlassWorm Campaign Escalates: Zig dropper disguised as WakaTime tracker infects VS Code, Cursor, VSCodium, and other IDEs on dev machines. Chains infections across developer environments.
Project Glasswing: AI scans open-source codebases, unearthing decades-old vulnerabilities missed by humans. Redefines vuln discovery; expect integration into security pipelines.
ClickFix Mac Campaign: Fake Apple disk cleanup page prompts credential theft and crypto wallet drainage. Active phishing preys on macOS users seeking storage relief.
Juniper Junos Patches: 36 flaws fixed, including privilege escalation, DoS, and default password. Echoes 2015 breaches—network admins: audit configs immediately.
Iranian ICS Infiltration: Hackers exploit exposed PLCs in US Midwest water plants (CISA alert). Silent valve manipulation threatens critical infrastructure stability.
Prioritize AiTM defenses, IDE vetting, and ICS hardening. Patch aggressively. (248 words)
