BankInfoSecurity.com

Attackers Could Hijack Developer Machines via Tampered Config Files
OpenAI patched a command injection flaw in its Codex CLI tool that let attackers run arbitrary commands on developer machines by hiding malicious configuration files inside code repositories. Hackers could turn ordinary repository files into execution vectors.

Government Opts for Voluntary Frameworks Over Enforceable Safeguards
Australia's federal government has quietly shelved the mandatory AI guardrails it proposed just three months ago, replacing enforceable requirements with voluntary guidance in its National AI Plan released today.

CEO Matt Garman Shares Plans for Developing Billions of Autonomous Agents
For two decades, AWS has been the undisputed leader in cloud computing, but listening to AWS CEO Matt Garman at the re:Invent 2025 conference, the future isn't in the infrastructure layer. Garman envisions a fundamental shift from applications in the cloud to a cloud of autonomous AI agents.

MuddyWater Hides Malware With Game Delay Technique
Iranian nation-state hackers took inspiration from a mobile phone time-killing mainstay, say security researchers who spotted hackers downloading malware masquerading as the Snake video game. A callback to the game isn't nostalgia, say researchers at Eset.

Chinese Developer Formerly Employed by Company Suspected of Data Theft
South Korea's biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is a suspect.

Industry Wants to Stick to Voluntary Measures
U.S. telecommunications networks are still vulnerable to foreign intrusion, national security and industry panelists told senators during a Tuesday hearing, warning that China and other adversaries are refining long-term access into American infrastructure.

Class Action Litigation Alleges Web Trackers Shared Patient Data With Tech Firms
Kaiser Permanente has agreed to pay up to $47.5 million to settle litigation stemming from its use of tracking codes in its websites, patient portals and mobile apps. Claimants alleged the trackers unlawfully shared patients' information with third parties, including Google and Microsoft.

Microsegmentation no longer remains a buzzword. In today's threat landscape, organizations are adopting it as a frontline defense against cyberattacks and higher cyber insurance premiums. About 90% of organizations are using some form of segmentation, according to Akamai's 2025 Segmentation Impact Study.

Move Comes After Ruling in Separate Case Discarded HIPAA Reproductive PHI Changes
The state of Texas has dropped a federal lawsuit filed against the U.S. Department of Health and Human Services that sought to vacate the 25-year-old HIPAA privacy rule, as well as 2024 rule changes under the Biden administration that prohibit the disclosure of reproductive health information.

Rapid7's Christiaan Beek on Ransomware Tactics and How to Mitigate Attacks in 2026
Ransomware attacks are reaching record highs, and 2026 may be even worse, said Christiaan Beek, senior director of threat intel and analytics at Rapid7. He warns that hackers are exploiting vulnerabilities as soon as they're disclosed, and they're focusing on flaws in devices on the network edge.

Hackers Could Adjust Life Support Settings of At-Home Life 2000 Ventilation System
The Food and Drug Administration is warning that Life 2000 - an at-home ventilation system by medical device maker Baxter - has been permanently recalled due to a cyber issue that could allow individuals with physical access to tamper with the gear's life support settings.

Proposed Tech Modernization Fund Allocation Falls to $5M Despite Bipartisan Support
Congressional appropriators have proposed significant reductions to federal cybersecurity and modernization initiatives in the 2026 budget, signaling a potential retreat from centralized cyber federal oversight even as agencies struggle with aging infrastructure and escalating nation-state threats.

Also: Prompt Injection Complicates Digital Forensics, Why AI Seems So Deceptive
In this week's ISMG Editors' Panel, four editors unpacked India's new data protection rules, the digital forensic implications of prompt injection attacks and the reasons why artificial intelligence tools so often seem to display deceptive behavior.

Innovation Continues, Although Sloppy Coding Can Still Leave Data Unrecoverable
Ransomware groups continue to display more innovation, persistence and planning in their quest to amass ransom-paying victims and maximize profits. This has included repeat supply-chain attacks, harvesting credentials to use in later campaigns, as well as launching their own affiliate programs.

ChatGPT Maker Probes Third-Party Data Breach; OpenAI API Users' Information Exposed
OpenAI has temporarily ceased use of Mixpanel after the analytics firm disclosed a breach affecting profile data of the artificial intelligence giant's API platform users. The company is notifying impacted organizations and watching for signs of data misuse.

Uncovered: Typosquatted Domains Linked to Suspected Ransomware Group Campaign
Continuing its targeting of customer data, the cybercrime group Scattered Lapsus$ Hunters appears to be gearing up for large-scale attacks involving typosquatted domains that lead to phishing domains designed to steal Zendesk users' valid credentials, warn security researchers.

Public-Private Cooperation Key for Ransomware Mitigation, Says Anne Neuberger
Ongoing, high-profile ransomware attacks against Britain and the United States have transformed cybersecurity into a national security priority, Anne Neuberger, the former White House deputy national security adviser for cyber, said at a Wednesday event in London.

Ground Stations a Top Target in Any Future Conflict, Warns Intelligence Official
Space is becoming a domain of warfare, with private sector companies' planet-side infrastructure on the front lines - and the first shots will likely be fired in cyberspace, a senior U.S. intelligence official warned this month. "If someone owns the ground station, they own the satellite."