There is never a quiet moment on the internet This article explores escalation vulnerability windows. . There are new security issues, scams, and hacks every week.
The stories this week demonstrate how quickly attackers adapt their strategies, how minor errors can escalate into major threats, and how the same old tools are constantly coming up with new ways to gain access. Continue reading to catch up before the next wave arrives. After the group claimed on Telegram that it had hacked the company and stolen client and internal data, cybersecurity firm Resecurity disclosed that it had purposefully tricked threat actors posing as members of Scattered LAPSUS$ Hunters (SLH) into falling into a trap.
CVE-2002-0367, a privilege escalation vulnerability in the Windows NT and Windows 2000 "smss.exe" debugging subsystem that has been known to be used in ransomware attacks, is the oldest vulnerability in the catalog. In a consolidated AI copyright case in the United States, OpenAI was ordered to turn over 20 million anonymized ChatGPT logs after failing to persuade a federal judge to overturn a magistrate judge's order, which the company claimed did not adequately consider privacy concerns. Major news outlets like the New York Times and Chicago Tribune are among the plaintiffs in this well-known lawsuit.
The main contention is that millions of copyrighted works from the news organizations were included in the data that powers ChatGPT without their permission or payment.
AI training is fair use, according to OpenAI, which further stated that "the data we are making accessible to comply with this order has undergone a de-identification process intended to remove or mask PII and other private information, and is being provided under tight access controls designed to prevent the Times from copying and printing data that isn't directly relevant to this case."" In an apparent attempt to avoid copyright claims, the news plaintiffs have also claimed that OpenAI destroyed "relevant output log data" by failing to temporarily stop its deletion practices as soon as litigation began.
The U.S.-based spyware company declared itself "out of business and completely done" in May 2024 after gigabytes of data were uploaded to its homepage by an unidentified hacker. A security flaw in the app, which secretly took screenshots of hotel booking systems, made the screenshots accessible to anybody on the internet. Over 138,000 users who had signed up for the service were impacted by the breach.
In June 2021, the U.S. Homeland Security Investigations (HSI) reportedly started looking into pcTattletale for "surreptitiously spying on spouses and partners." Although pcTattletale was marketed as a parental control and employee monitoring tool, it also advertised that it could spy on domestic partners and spouses by recording every click and screen tap.
These tokens provide complete access to the victim's Open WebUI account once they are acquired. API keys, uploaded documents, and conversations can all be made public. MuddyWater, an Iranian nation-state group, has been carrying out phishing attacks that use executable files masquerading as PDFs and DOC files with macro code to deliver well-known backdoors like Phoenix and UDPGangster.
Both implants have the ability to execute commands and upload and download files. The 360 Threat Intelligence Center stated, "It is noteworthy that MuddyWater has gradually reduced the use of ready-made remote control programs like RMM and instead developed and deployed a variety of dedicated backdoors to implement penetration for specific targets."
The criminal networks that operate the scam hubs are changing at a never-before-seen rate, according to the United Nations Office on Drugs and Crime (UNODC), despite continuous crackdowns. According to UNODC estimates, scam victims lost between $18 billion and $37 billion globally in 2023. According to a Barracuda analysis, the number of phishing-as-a-service (PhaaS) toolkits doubled in 2025, and 90% of high-volume phishing campaigns used these tools.
Sneaky 2FA, CoGUI, Cephas, Whisper 2FA, and GhostFrame were a few of the prominent PhaaS players. These kits use stealth deployment, MFA bypass, and sophisticated anti-analysis techniques that make them more difficult to find using conventional methods.