Coverage: Last 24 hours

Today’s Highlights

This cycle highlights escalating exploitation of legacy infrastructure, deepening AI-driven threats, and recurring operational risks through third-party and SaaS ecosystem breaches. Major themes include the emergence of AI-fueled attack methods, targeting of outmoded network gear, expanded SaaS supply chain risk, and challenges in maintaining data authenticity amid advances in generative AI. Security organizations must evolve their controls to address both the technical and reputational impacts of increasingly sophisticated adversaries and automation.

Table of Contents

1. Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
2. New Mirai campaign exploits RCE flaw in EoL D-Link routers
3. What is Mythos AI and why could it be a threat to global cybersecurity?
4. To be human is to live with friction. That’s something AI boosters will never understand | Alexander Hurst
5. Pentagon asks for $54bn in pivot towards AI-powered war
6. AI-powered robot beats elite table tennis players
7. Met police in talks to buy Palantir AI tech for use in criminal investigations
8. ‘In two years, nobody will care’ if actors are AI or not, predicts La Haine director
9. The Download: introducing the 10 Things That Matter in AI Right Now
10. 5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

Source: The Hacker News | Risk: High | Impacted: Vercel customers, SaaS application teams, Development operations teams

Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its investigation to include an extra set of compromise indicators, alongside a review of requests to the Vercel network and

Why it matters: Unexpected expansion of a SaaS provider breach can quietly magnify risk if organizations have not isolated critical workloads or actively monitored third-party access across their environments.

Practitioner Perspective

Organizations relying on Vercel or similar SaaS frameworks for application deployment need to act on the assumption that unauthorized access to core CI/CD or environment secrets is possible. Attackers may leverage compromised accounts to laterally move, manipulate code, or exfiltrate environment variables. This trend reflects the broader, recurring pattern where SaaS breaches have slow burn impact that is only revealed after extended investigation. Defenders should not wait for vendor confirmation but must proactively assess their own downstream risk. The most urgent need is to map where Vercel credentials interface with production and rotation pipelines, and accelerate detection for anomalous API access.

Recommended Actions

• Audit all Vercel account integrations for exposure of environment variables and secrets
• Rotate OAuth and API credentials that interface with Vercel, especially those with CI/CD pipeline access

New Mirai campaign exploits RCE flaw in EoL D-Link routers

Source: BleepingComputer | Risk: High | Impacted: Organizations with unmanaged home-grown networks, ISPs servicing legacy D-Link hardware, SMBs with unmanaged routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet.

Why it matters: Unpatched, end-of-life routers vulnerable to remote code execution continue to be co-opted for botnets, expanding attack surface for DDoS and secondary attacks inside enterprise perimeters.

Practitioner Perspective

Any presence of D-Link DIR-823X routers, especially those beyond support (EoL), creates systemic risk from commodity botnets like Mirai exploiting CVE-2025-29635. Attackers target these obsolete endpoints across residential and enterprise edges because they are unlikely to ever be updated. The result is persistent botnet infrastructure anchored within the global routing fabric. Defenders should invest efforts in asset discovery and network segmentation before worrying about signatures or reactive blocking. The key question is: does your org know if a forgotten old router still bridges networks?

Recommended Actions

• Scan networks for D-Link DIR-823X and related router models subject to CVE-2025-29635
• Fully replace any D-Link DIR-823X routers with supported models and retire EoL hardware

What is Mythos AI and why could it be a threat to global cybersecurity?

Source: The Guardian | Risk: Medium | Impacted: Research-driven AI teams, Policy and GRC functions, Threat intelligence leads

Anthropic’s decision to restrict access to its powerful new model increases fears about the advanced technology Anthropic has ruled out releasing its latest AI model, Claude Mythos, to the public because of the threat it poses to global cybersecurity. However, the US tech startup behind the Claude chatbot confirmed on Wednesday it was investigating a report that a group of

Why it matters: Restricting frontier AI model access underscores fears that advanced models may enable new attack techniques not yet seen or prepared for, raising the stakes for controlling sensitive tooling.

Practitioner Perspective

Anthropic’s decision to withhold public access to Claude Mythos signals a real concern that large language models could introduce unpredictable cyber risk. The boundary between ‘research’ and operational threat is blurring as even small groups may acquire or leak powerful AI code generation and security bypass capabilities. This situation mirrors the lessons of past dual-use research like offensive security tooling. Security teams need to anticipate rapid advances in capability and consider how even brief model exposure could seed powerful new attack patterns in the wild.

Recommended Actions

• Monitor for gray-market and unofficial access to Anthropic Claude Mythos in your code or AI usage telemetry
• Update threat models to include generative AI-enabled malware or phishing generation scenarios

To be human is to live with friction. That’s something AI boosters will never understand | Alexander Hurst

Source: The Guardian | Risk: Medium | Impacted: Security operations centers, Policy owners for SOAR and automation, User behavior analytics teams

We’re being sold a world where there’s no room for reflection or spontaneity. This is the Black Mirror stage of capitalism How fast do you have to strike a match to get it to light? Not the chemistry of the ignition, but the actual speed, in metres per second, that the little piece of wood and its bulbous head have

Why it matters: As adoption of frictionless AI accelerates, defender teams may lose key detection signals and control levers once relied upon to spot malicious or unusual activity.

Practitioner Perspective

Security operations often depend on moments where users must make decisions or encounter friction: these are opportunities for both security education and behavioral anomaly detection. All-in on automation and AI-driven process can leave teams blind to changes in attacker tradecraft if the human loop is removed. The threat is not just more efficient attackers, but diminishing opportunities to interrupt or observe attack chains. Defenders need to reconsider which controls are about speed versus necessary friction that enables effective incident response. Challenge automation bias: leaving everything to AI may erase critical audit trails and human observation points.

Recommended Actions

• Assess business automation and AI implementations for loss of friction-based detection points
• Review SOAR playbooks to ensure manual escalations remain for high-impact incidents

Pentagon asks for $54bn in pivot towards AI-powered war

Source: The Guardian | Risk: High | Impacted: Defense contractors, ICS-OT operations teams, Aerospace and robotics supply chains

Budget outlines funding for autonomous drone warfare program as experts say military unprepared for risks The Pentagon is aiming to increase funding more than a hundredfold for an autonomous drone warfare program, according to budget documents released this week, signalling a major pivot towards AI-powered war. In its 2027 budget, the Pentagon has asked for over $54bn to fund the

Why it matters: Rapid militarization of AI and autonomous systems invites new attack vectors against critical infrastructure and weaponized platforms not traditionally designed with cyber-resilience as a paramount concern.

Practitioner Perspective

The defense sector’s outsized investment in AI-driven autonomous drones and related systems will push more OT and ICS environments to adopt AI at speed without deep experience in AI risk management. History shows that the introduction of complex, semi-autonomous platforms tends to outpace both technical and policy controls for cyber defense. Security leaders in defense-adjacent sectors need to anticipate both accidental and deliberate misuse, including adversarial AI targeting. The rush to deploy means upskilling OT defenders in AI system assessment is non-optional.

Recommended Actions

• Map AI and ML component dependencies in new OT platforms slated for deployment into critical infrastructure
• Assess military and industrial drone systems for software update, telemetry, and remote override vulnerabilities

AI-powered robot beats elite table tennis players

Source: The Guardian | Risk: Medium | Impacted: ICS and OT robotics teams, Physical security operations, Industries running AI-integrated automation

In feat hailed as milestone in robotics, Sony AI’s Ace wins three out of five matches played under official rules An AI-powered robot has beaten elite players at table tennis in a significant achievement for a machine faced with human athletes in a real-world competitive sport. Named Ace, the robotic system developed by Sony AI, won three out of five

Why it matters: Physical AI systems achieving high-level coordination highlight growing operational risk where industrial robots may be repurposed for sabotage or physical intrusion.

Practitioner Perspective

The leap in robot agility shown by Sony AI’s Ace demonstrates that real-world robotics is approaching reliability and effectiveness that could make AI-powered threats against physical environments plausible. Enterprises with connected robots or industrial automation need to revisit threat models, especially those that assumed ‘hands-on-keyboard’ attacks would be detected well in advance of physical impact. The boundary between IT and OT attack vectors is vanishing. Now is the time to re-evaluate whether your org can detect a repurposed or subverted robot before it causes real-world harm.

Recommended Actions

• Inventory all AI-driven robotics exposed to network or remote management
• Test intrusion detection for anomalous motion control commands in industrial robots leveraging Sony AI technology

Met police in talks to buy Palantir AI tech for use in criminal investigations

Source: The Guardian | Risk: High | Impacted: Law enforcement IT teams, Government data privacy officers, Agencies considering Palantir or similar vendors

Exclusive: Internal concerns over allowing US firm linked to ICE and Israeli military to process highly sensitive data The Metropolitan police has held talks with Palantir that could lead to the London force buying the US spy-tech company’s AI technology to automate intelligence analysis for criminal investigations, the Guardian has learned. Palantir, whose software is used by Donald Trump’s ICE

Why it matters: AI-driven analysis of highly sensitive data by external tech vendors could inadvertently introduce privacy breaches and increase insider or state-level data exposure.

Practitioner Perspective

When law enforcement agencies contemplate onboarding tools like Palantir AI, defenders need to focus on how integration may expand third-party access to classified or operationally sensitive data. Every interface is a potential exfiltration route, either through misconfiguration or deliberate targeting by threat actors. This risk is heightened by the vendor’s existing ties to intelligence and military contracts, promising both technical power and heightened threat interest. CI/CT and privacy teams should align on rigorous scrutiny pre-deployment. The most urgent action is to lock down API and dataset entitlements before any pilot starts.

Recommended Actions

• Review proposed Palantir AI data flows for sensitive PII and law enforcement case material
• Enforce strict segregation and access controls on datasets integrated with Palantir tools

‘In two years, nobody will care’ if actors are AI or not, predicts La Haine director

Source: The Guardian | Risk: Medium | Impacted: Media and communications teams, Enterprise training and HR, Any group at BEC or reputational risk

Mathieu Kassovitz, who is currently working on an AI-enabled film, also dismisses concerns over copyright His hit film was a masterpiece capturing the gritty truth of the Paris suburbs, but the director of La Haine is now sold on an AI-generated future for cinema. Mathieu Kassovitz has called the technology the “the last artistic tool we need” and dismissed concerns

Why it matters: Rapid normalization of AI-generated content may undermine content authenticity controls, exposing organizations to deepfake-driven phishing or reputational attacks.

Practitioner Perspective

As sectors like entertainment publicly embrace AI-generated actors or voices, the downstream effect is a normalization of synthetic media, lowering the bar for deepfakes in social engineering and business email compromise. Security teams can no longer assume recipients will recognize staged or synthetic media, even internally. This increases the need for robust provenance controls and user education around authenticating multimedia. The priority is ensuring your verification processes can keep up as AI democratizes content creation.

Recommended Actions

• Deploy media authentication tooling that can verify internal videos and voice memos
• Update security awareness training to include risks from deepfaked communications or visual phishing

The Download: introducing the 10 Things That Matter in AI Right Now

Source: MIT Tech Review AI | Risk: Medium | Impacted: AI adoption project leads, Security architects, DevSecOps teams

This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology. Introducing: 10 Things That Matter in AI Right Now What actually matters in AI right now? It’s getting harder to tell amid the constant launches, hype, and warnings. To cut through…

Why it matters: AI innovation cycles outpace most security organizations’ ability to adapt, raising the probability that new model releases or architectures will introduce unaccounted-for threat vectors before defenders can respond.

Practitioner Perspective

AI advancements—whether new models, deployment patterns, or use cases—demand proactive threat assessment rather than reactive patchwork. Security leaders must recognize that every new capability may have unintended adversarial application or privacy risk. With velocity comes fragmentation: the attack surface grows in pace with experimentation. Stakeholders should prioritize continuous review of AI/ML adoption across the business—not just major launches but incremental features added via SaaS and APIs. The key is never letting the rate of adoption dictate your risk register.

Recommended Actions

• Establish a regular AI threat review process covering new SaaS, models, and APIs in use
• Map model supply chains to track third-party risk in current AI deployments

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Source: The Verge AI | Risk: High | Impacted: Email security teams, Enterprise phishing response staff, Identity and access management

The cyber capabilities of AI models have experts rattled. AI’s social skills may be just as dangerous.

Why it matters: Human-like AI phishing attacks erode traditional filters and increase the likelihood that even training-aware users will succumb, driving up account compromise rates and fraud losses.

Practitioner Perspective

Attackers leveraging AI models to construct more convincing, dynamic phishing lures pose a major challenge for defenders. If AI yields phishing content indistinguishable from legitimate executive or internal language, both technological countermeasures and security awareness programs must adapt rapidly. This type of threat greatly elevates risk for high-access accounts and identity-driven attack vectors. Consider how your phishing simulations and detection technology will fare against AI-powered social engineering. The most important shift: you can no longer assume a user alert to phishing will catch the next wave.

Recommended Actions

• Simulate AI-driven phishing in awareness programs using models comparable to those demonstrated in the article
• Test resilience of email security gateways against natural language AI-generated phishing

Emerging Signals

It’s all about the angle: Your photos, re-composed

Source: Google AI Research | Risk: Medium | Impacted: Legal and compliance teams, Insurance and claims groups, Brand and marketing risk managers

Generative AI

Why it matters: Generative AI image manipulation further erodes the trustworthiness of photographic evidence, opening organizations to new risks from fake or altered imagery in both technical and reputational domains.

Practitioner Perspective

The spread of generative AI tools that can convincingly recompose photos lowers the bar for image-based social engineering, document fraud, or reputational attacks. Audiences—internal and external—may no longer be able to easily distinguish manipulated content, undermining due diligence and trust. Security and compliance teams need to update their controls around photo and image verification, especially in verticals where photographic evidence underpins business processes (insurance, legal, HR). Establish clear procedures for chain-of-custody on imagery and reevaluate what counts as admissible evidence within your internal policies.

Recommended Actions

• Implement image authentication and manipulation-detection tooling for all business-critical photo workflows
• Establish mandatory provenance requirements for user-submitted photography in risk-sensitive processes

Exploits & CVEs

New Mirai campaign exploits RCE flaw in EoL D-Link routers

Source: BleepingComputer | Risk: High | Impacted: Organizations with unmanaged home-grown networks, ISPs servicing legacy D-Link hardware, SMBs with unmanaged routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability affecting D-Link DIR-823X routers, to enlist devices into the botnet.

Why it matters: Unpatched, end-of-life routers vulnerable to remote code execution continue to be co-opted for botnets, expanding attack surface for DDoS and secondary attacks inside enterprise perimeters.

Practitioner Perspective

Any presence of D-Link DIR-823X routers, especially those beyond support (EoL), creates systemic risk from commodity botnets like Mirai exploiting CVE-2025-29635. Attackers target these obsolete endpoints across residential and enterprise edges because they are unlikely to ever be updated. The result is persistent botnet infrastructure anchored within the global routing fabric. Defenders should invest efforts in asset discovery and network segmentation before worrying about signatures or reactive blocking. The key question is: does your org know if a forgotten old router still bridges networks?

Recommended Actions

• Scan networks for D-Link DIR-823X and related router models subject to CVE-2025-29635
• Fully replace any D-Link DIR-823X routers with supported models and retire EoL hardware

AI Security

See Top Stories section for full coverage of today’s leading AI-driven risks, including SaaS supply chain breaches, AI-enabled attack tools, and challenges for content authenticity and privacy as automation accelerates.

Defensive Actions

• Audit all Vercel account integrations for exposure of environment variables and secrets.
• Rotate OAuth and API credentials that interface with Vercel, especially those with CI/CD pipeline access.
• Scan networks for D-Link DIR-823X and related router models subject to CVE-2025-29635.
• Fully replace any D-Link DIR-823X routers with supported models and retire EoL hardware.
• Monitor for gray-market and unofficial access to Anthropic Claude Mythos in your code or AI usage telemetry.
• Assess business automation and AI implementations for loss of friction-based detection points.
• Map AI and ML component dependencies in new OT platforms slated for deployment.
• Review proposed Palantir AI data flows for sensitive PII and law enforcement case material.
• Deploy media authentication tooling that can verify internal videos and voice memos.
• Simulate AI-driven phishing in awareness programs using models comparable to those demonstrated in the article.

What We’re Watching

Security teams should continue to track developments in AI-generated content, authentication challenges in media and communications, and the growing use of generative models by both state and commodity threat actors. Defenders must be proactive in updating controls for both technical and social engineering attack surfaces as the attack landscape evolves with each new tool and incident.

Categories: Artificial Intelligence, Cybersecurity Blog

Tags: AI Security, Botnets, cve, daily briefing, defensive actions, image manipulation, Incident Response, legacy infrastructure, Phishing, saas supply chain