SPS Digital Tech

Don't come to the end of your life without letting your ideas see the light of day because even if you think you can't do something, do it anyway!

Asahi Shimbun Ransomware and AI-Assisted Malware in Japan/Asia-Pacific Japanese media and cybersecurity outlets reported that Asahi and/or a related entity suffered a ransomware attack involving unauthorised data transfer. The incident coincides with broader evidence in the APAC…

European Business Leaders Flag AI-Driven Cyber Risk for 2026 A survey of UK and European CISOs found that 69% view AI-accelerated attacks, misuse of AI systems, ransomware and supply-chain compromise as the top cyber-risks heading into 2026. Particularly notable: 55% flagged…

Clearview AI Criminal Complaint in Austria over Biometric Data: EU Privacy NGO noyb filed a criminal complaint in Austria against Clearview AI and its leadership, alleging repeated violations of the General Data Protection Regulation (GDPR) by scraping billions of publicly…

Verisure Billing Partner Breach: Sweden Swedish alarm manufacturer Verisure flagged that a data breach occurred via an external billing partner’s system, affecting the subsidiary brand Alert Alarm. The leak impacted approximately 35,000 current and former customers, exposing…

Indian Marketing Firm Exposes 40 Billion Records in Massive AI Data Leak A 13-terabyte database belonging to an Indian marketing and customer-engagement firm was found publicly accessible without encryption or password protection. The database contained more than 40 billion…

AI-Generated Deepfakes Fuel Phishing and Influence Ops A major cybersecurity newsletter highlighted how adversaries are now using multiple AI models in coordination: one LLM to craft a prompt, another to generate a video impersonating a real person, and deploying that for…

Gemini ASCII-Smuggling Prompts Expose AI Workflow Risk Google’s AI tool Gemini was shown to be vulnerable to an “ASCII smuggling” attack: hidden prompts (e.g., white font on white background or size-zero text) embedded in emails could trigger malicious actions when summarised by…

AI Tools Now Top Data Exfiltration Threat in Enterprises Security research reveals that AI tools used in enterprise workflows, particularly unmanaged generative AI sessions and copy/paste into AI platforms, have become the number-one vector for sensitive data leakage, surpassing…

AI-Generated Code Drives Major Breaches in Europe New research shows AI-generated code is now behind roughly one in five major security breaches, with 24% of production code written by AI tools and 69% of developers/security professionals detecting serious vulnerabilities in…

Data Exposure via AI-Use in Australian State Government Chatbot Workflow In Australia, around 3,000 homeowners impacted by the Northern Rivers floods had their personal data uploaded into an AI chatbot (via ChatGPT) by a government contractor assessing buy-back applications. The…

Crimson Collective Targets Amazon Web Services (AWS) Cloud Environments Security firm Rapid7 found that Crimson Collective, a hacker group previously tied to a major breach at Red Hat, has shifted focus to AWS-hosted cloud environments. The attackers scan for exposed AWS…

SonicWall Cloud-Backup Breach: All MySonicWall Customers Impacted On October 10 2025 SonicWall admitted that a breach of its MySonicWall cloud backup service had impacted all of its customers (approximately 500,000 globally). The breach allowed theft or exposure of firewall…

AI-Powered Phishing Attacks Are 4.5× More Effective Than Traditional Ones A new industry report shows that phishing emails generated or assisted by AI are dramatically more successful than traditional human-crafted ones. Click-through rates up to 54% compared to ~12% for older…

Scammers Are Using Video Deepfakes of Journalists to Peddle Products Online Fraudsters are leveraging video deepfakes of well-known journalists to promote products and services online. Using appearances of trusted media personalities, they embed fake endorsements in social media…

AI Video Apps Become a Scammer’s Goldmine A new wave of scams is exploiting AI video-generation apps that can create highly convincing impersonation content. In particular, Sora, an iOS video-creation tool released by OpenAI, enables users to generate realistic videos with…

OpenAI Thwarts Attempts to Misuse ChatGPT for Malware, Surveillance and Disinformation In October 2025, OpenAI published a report titled “Disrupting malicious uses of our models”, revealing that it had blocked numerous attempts to abuse ChatGPT for creating malware, surveillance…

F5 Breach: BIG-IP Source Code Exposed by Nation-State Hackers F5, a major provider of application delivery and security devices (e.g. BIG-IP), confirmed that threat actors accessed their systems and stole portions of the BIG-IP source code and information about undisclosed…

Qantas Data Leak After Ransom Deadline (Salesforce Platform Breach) Hackers linked to Scattered Spider, Lapsus$, and ShinyHunters released data of 5.7 million Qantas customers after a ransom deadline passed. The attackers claimed the breach stemmed from a compromise of a…

AI-Enabled Phishing Campaign Evades Filters Microsoft issued alerts about a phishing campaign that used AI techniques to obfuscate malicious payloads and evade detection by security filters. Attackers used generative models or obfuscation tactics to craft delivery methods and…

Reasoning Interruption Attack on DeepSeek-R1 In May 2025, researchers published a new class of attack on reasoning large language models (RLLMs), targeting DeepSeek-R1 in particular. They call it the Practical Reasoning Interruption Attack. With just ~109 tokens of adversarial…