Weekly Recap: Over 300,000 Plex Media Servers remain exposed to potential attacks due to persisting Git Remote Code Execution (RCE) flaw vulnerability

In the ever-evolving landscape of cybersecurity, various developments and concerns are making headlines. Here's a roundup of the latest news:

AI in Cybersecurity

A new AI tool, Chimera, is simulating both normal and malicious employee activity in enterprise settings. This tool can help organizations better understand potential security risks and prepare for malicious attacks.

On the other hand, AI is also being actively used in cybercrime, according to a report from Anthropic. Adversarial AI Attacks, Mitigations, and Defense Strategies, a book by experts in the field, discusses how AI systems can be attacked and defended.

Satellite Cybersecurity

The realm of satellite cybersecurity is gaining attention, with risks, vulnerable points, and secure practices being discussed. As satellites become increasingly integrated into our daily lives, ensuring their security is paramount.

Data Breaches

A threat group has pilfered troves of data from Salesforce corporate instances, seeking credentials that can be used to compromise those organizations' environments. This underscores the importance of secure data storage and regular audits.

Vibe Hacking and Phishing

Cybercriminals have started using AI to help with "vibe hacking", causing breaches and extortions in 17 distinct organizations. Additionally, a phishing campaign is targeting firms in industrial manufacturing and other companies critical to various supply chains.

Maritime Cybersecurity

Maritime cybersecurity is a growing concern as ships equipped with new technologies become targets for criminals. With the increasing reliance on digital systems in the maritime industry, securing these systems is crucial to maintaining economic stability and public safety.

Cybersecurity Job Opportunities

There are various cybersecurity job opportunities available right now, providing a chance for professionals to make a difference in this vital field.

Product Releases

August saw the release of infosec products from Black Kite, Brivo, Cloudflare, Descope, Doppel, Druva, Elastic, ExtraHop, LastPass, Prove, Riverbed, Rubrik, StackHawk, and Trellix.

Security Vulnerabilities

CVE-2025-48384, a vulnerability in the popular distributed revision control system Git, is being exploited by attackers. Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158. Three new vulnerabilities affecting Citrix NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks.

AI and Cybersecurity Culture

A video explains how organizations can build a secure AI culture. Kopia, an open-source backup and restore tool for Windows, macOS, and Linux, can also aid in maintaining secure systems.

Scam Calls and Regulatory Scrutiny

Scam calls could soon be powered by AI, a new study suggests. A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours.

The Energy Sector

The energy sector is at risk of cyberattacks, which can disrupt economic stability and public safety. The organization that published the AI Safety Map linking AI vulnerabilities to real-world impacts is OWASP (Open Web Application Security Project).

Feedly Threat Intelligence

The Feedly Threat Intelligence platform aims to make threat analysis easier by automating data collection and adding context.

Concerns about AI Misuse

AI is not expected to take over the world, but there are concerns about its potential misuse. As AI continues to evolve, it's crucial to remain vigilant and proactive in addressing these concerns.

Weekly Recap: Over 300,000 Plex Media Servers remain exposed to potential attacks due to persisting Git Remote Code Execution (RCE) flaw vulnerability