Hello, World! I'm Vivian, a cybersecurity and AI Product Manager trying to keep up with an industry that moves faster than I can whisk up my morning matcha. Every week brings a new wave of vulnerabilities, AI security mishaps, and breaches that keep us on our toes, so I take some time to share the most interesting news instead of letting it all blur together. Let's dive into what kept us up at night recently in cybersecurity and AI security.

AI News:

US Cyber Defenses Weakened by Government Shutdown

The US government shutdown has forced furloughs at key cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology. With reduced staffing and operations, experts warn this could create opportunities for attackers looking to exploit weakened defenses and slower response times.

Red Hat Breach Exposes Consulting GitLab Data

Red Hat confirmed that one of its self-managed GitLab instances used by its Consulting team was hacked after the "Crimson Collective" group claimed to have stolen roughly 570 GB of data from 28,000 repositories. Investigation is ongoing, but Red Hat has confirmed that some data was accessed and copied from the instance.

Discord Vendor Breach Exposes User Data

A third-party customer support provider was compromised, leaking some Discord users' contact information, limited billing information, and ID images.

US Air Force Freezes SharePoint After Data Exposure

The US Air Force blocked SharePoint following a PII/PHI breach. Limited information is available, and it's unclear if this is related to Microsoft SharePoint attacks that made headlines in July.

WestJet Hack Exposes Data of 1.2 Million Passengers

Hackers linked to the Scattered Spider group compromised WestJet systems, accessing sensitive passenger records. Exposed information includes travel documents, contact details, and loyalty rewards data.

Windows 10 Support Ends October 14

Microsoft will officially stop issuing security updates for Windows 10 on October 14. Devices that remain un-upgraded will quickly become high-value targets for attackers. Users who need more time can opt into Microsoft's Windows 10 Consumer Extended Security Updates program, which provides critical patches for up to one year.

SideWinder APT Deploys Fake Email Portals for Credential Theft

The SideWinder advanced persistent threat group recently rolled out a new credential-theft campaign using spoofed Outlook and Zimbra login pages. These phishing portals are designed to capture credentials of government and military personnel, with recent activity heavily focused on South Asian maritime sectors. The campaign highlights both the persistence and adaptability of SideWinder, which has a history of targeting critical national infrastructure.

Critical Sudo Vulnerability Enables Root Escalation

A critical flaw in the sudo utility lets local users escalate to root by abusing the rarely used chroot option with custom nsswitch.conf settings. The vulnerability has been added to CISA's Known Exploited Vulnerabilities Catalog.

VC/Startup Watch

Descope Extends Seed Funding by $35M

The Identity and Access Management startup has extended its seed financing with an additional $35 million, bringing its total seed capital to $88 million. The company plans to use the funding to accelerate R&D in "agentic identity" — a growing focus in the evolving IAM landscape.

55 North Launches €300M Quantum Fund

The VC firm's new vehicle targets post-quantum crypto and secure networking startups, signaling fresh investor appetite for quantum-resilient technologies.

 

That's all for now… Stay informed and protected.