AWS Accounts Hijacked by AiTM Phishing, HR Targeted in Year-Long Malware Campaign
▼ Summary
– SheSpeaksCyber is a new directory launched to increase the visibility of women experts in cybersecurity and help close the gender gap on conference stages.
– Threat actors are increasingly automating attacks, using agentic systems to run entire intrusion cycles, as detailed in Flashpoint’s 2026 threat report.
– Major tech companies like OpenAI and Anthropic are releasing new AI-powered tools designed to review code and find software vulnerabilities.
– A significant Iran-linked cyberattack on medical device maker Stryker represents a potential escalation of cyber conflict tied to geopolitical tensions.
– Research indicates that wireless vulnerabilities are being disclosed at an unprecedented rate, doubling every few years according to recent data.
The cybersecurity landscape is constantly shifting, with attackers refining their methods to exploit both human and technological weaknesses. Recent incidents highlight a worrying trend of sophisticated, long-term campaigns targeting critical business functions. A particularly alarming scheme involves phishing kits designed to bypass multi-factor authentication (MFA) and hijack corporate AWS accounts, while a separate, year-long malware operation has stealthily infiltrated human resources departments. These attacks demonstrate a move towards persistence and operational resilience, challenging even well-defended organizations.
Diversity and inclusion remain pressing issues within the industry. Initiatives like SheSpeaksCyber aim to amplify the voices of women experts by creating a global directory for event organizers, directly addressing the persistent lack of representation on conference stages. Similarly, professionals who are deaf or hard of hearing are navigating unique challenges, with leaders like CISO Stu Hirst adapting their work lives around significant hearing loss, highlighting the need for broader accessibility considerations in cybersecurity roles.
On the technological front, the tools available to both defenders and attackers are evolving rapidly. Open-source projects like Cloud-audit offer streamlined AWS security scanning with actionable remediation steps, providing a practical alternative to costly enterprise platforms. Conversely, criminal markets are flooded with infostealers, and threat actors are building “agentic” attack chains that automate entire intrusion cycles with minimal human oversight. This automation is shortening attack timelines, as seen in cloud environments where software vulnerabilities are now outpacing credential abuse as a primary intrusion method.
The resurgence of advanced espionage toolkits poses a significant national security threat. Researchers have uncovered a modernized Sednit framework using dual cloud-based implants, enabling sustained surveillance of military personnel. In the corporate world, a stealthy campaign has compromised HR and recruiting teams for over a year by employing modules specifically designed to disable antivirus and endpoint detection software, allowing it to operate largely undetected.
The proliferation of artificial intelligence introduces both powerful new defenses and novel threats. While OpenAI and Anthropic race to release AI-assisted code security tools, researchers warn that AI coding agents are frequently repeating decade-old security mistakes in production code. On the offensive side, a vishing-as-a-service platform is leveraging AI-powered text-to-speech technology to execute convincing “press 1” phone scams, and fake installation pages for AI tools like Claude Code are tricking users into downloading malware.
Infrastructure security is gaining renewed strategic focus. The subsea cables that form the backbone of global internet traffic are moving to the center of critical infrastructure debates, with growing recognition of their geopolitical importance and vulnerability. At the same time, the disclosure rate for wireless vulnerabilities has reached an unprecedented high, doubling every few years and presenting a massive attack surface that is difficult to manage.
Policy and enforcement efforts are attempting to keep pace. International law enforcement successfully dismantled the SocksEscort residential proxy network, which facilitated millions in fraud through compromised home routers. In Europe, parliamentarians voted to extend rules allowing voluntary detection of child sexual abuse material online, while in the U.S., a new presidential cyber strategy promises a more aggressive, coordinated response to threats.
For everyday users, platform companies are rolling out new safeguards. Meta is deploying advanced AI to sniff out scams across Facebook, Messenger, and WhatsApp, while YouTube is expanding its deepfake detection tools to protect politicians and journalists. WhatsApp is also introducing parent-managed accounts for younger users, offering enhanced privacy controls.
The human element of cybercrime continues to surprise. Contrary to the stereotype of teenage hackers, analysis indicates that many individuals behind cyber extortion operations are often in their forties, representing a more experienced and established criminal demographic. This insight comes as seasoned security professionals express growing frustration with traditional bug bounty programs, showing a preference for structured penetration testing contracts instead.
As organizations integrate more AI tools into workflows, unintended consequences are emerging. Research points to increased cognitive strain and burnout, dubbed “AI brain fry,” resulting from the constant context-switching required to manage multiple AI agents. This underscores the complex interplay between advancing technology and human factors, a dynamic that will undoubtedly shape the future of cybersecurity defense and risk management.
(Source: HelpNet Security)
