Google warns of Vietnam-based hackers using bogus AI video generators to spread malware

Fake AI-powered video generators are being used to spread infostealers and other types of malware, Google researchers have found. A group of cybercriminals created a network of fraudulent websites masquerading as cutting-edge AI tools and then bought ads on social media platforms to promote the sites, the researchers said.  Experts from the tech giant’s Mandiant unit published a report backing previous assessments by Facebook and security firm Morphisec that identified a campaign designed to weaponize interest in AI tools that can generate videos based on user prompts. 

T-Mobile’s App Is Recording Your Screen by Default, and You Should Turn It Off

It’s not easy to maintain your privacy when using technology today. That’s largely the fault of companies who prioritize data collection over the integrity of their users. But even though I’m quite used to the lack of respect most companies pay towards my privacy and security, I have to admit, I’m a bit taken aback by T-Mobile’s latest decision. T-Life, T-Mobile’s tech support app, has a rather unconventional and unnerving feature. For some users, it appears T-Life can record your screen whenever you have the app open. This setting is quite hidden, and worse, enabled by default. Who signed off on this?

U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government

An IT specialist employed by the Defense Intelligence Agency (DIA) was arrested today for attempting to transmit national defense information to an officer or agent of a foreign government. Nathan Vilas Laatsch, 28, of Alexandria, Virginia, was arrested today in northern Virginia, and will make his initial court appearance in the Eastern District of Virginia tomorrow. According to court documents, Laatsch became a civilian employee of the DIA in 2019, where he works with the Insider Threat Division and holds a Top Secret security clearance. In March 2025, the FBI commenced an operation after receiving a tip that an individual — now known to be Laatsch — offered to provide classified information to a friendly foreign government. 

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023. “The threat actor mainly targets the SQL injection vulnerabilities discovered on web applications to access the SQL servers of targeted organizations,” Trend Micro security researcher Joseph C Chen said in an analysis published this week. “The actor also takes advantage of various known vulnerabilities to exploit public-facing servers.” Some of the other prominent targets of the adversarial collective include Indonesia, Malaysia, the Philippines, Thailand, and Vietnam.

CISA Releases Guidance on SIEM and SOAR Implementation

Newly released guidance from the US and Australian governments aims to provide organizations with advice on how to improve their security posture through implementing SIEM and SOAR platforms. The US cybersecurity agency CISA in collaboration with the Australian Cyber Security Centre (ACSC) this week released fresh recommendations for organizations looking to procure SIEM and SOAR platforms, which collect and analyze log data from the network, and identify anomalous behavior and automate response. SIEM and SOAR platforms provide increased visibility over an organization’s information and communication technology (ITC) environment and help with the detection of cybersecurity incidents, enabling defenders to respond to them early.