CyberScoop
@cyberscoop.bsky.social
We report on news and events impacting technology and security. https://linkin.bio/cyberscoop/
Pinned
CyberScoop
@cyberscoop.bsky.social
· Feb 21
The CyberScoop editorial team is closely monitoring the federal government's activities and developments in cybersecurity. If you're interested in discussing what's happening across these areas, we have several reporters actively covering these topics who you can reach out to via Signal:
The next steps for the law, now extended for a short time, are up in the air. via @timstarks.bsky.social cyberscoop.com/cyber-threat...
Information sharing law’s expiration could squander government vulnerability hunting efforts, senator says
Senators caution that letting the cyber threat data sharing law expire could hinder vulnerability detection and information sharing between businesses, putting national security and corporate protecti...
cyberscoop.com
November 19, 2025 at 2:57 PM
The next steps for the law, now extended for a short time, are up in the air. via @timstarks.bsky.social cyberscoop.com/cyber-threat...
Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions into a global cryptojacking bot for profit, according to researchers at cybersecurity firm Oligo. via @derekbjohnson.bsky.social cyberscoop.com/ray-ai-crypt...
Hackers turn open-source AI framework into global cryptojacking operation
Hackers are exploiting a critical vulnerability in Ray, an open-source AI framework, to launch widespread cryptojacking campaigns targeting exposed servers and high-value GPUs, security researchers wa...
cyberscoop.com
November 19, 2025 at 2:57 PM
Malicious hackers have been attacking the development environment of an open-source AI framework, twisting its functions into a global cryptojacking bot for profit, according to researchers at cybersecurity firm Oligo. via @derekbjohnson.bsky.social cyberscoop.com/ray-ai-crypt...
The national cyber director and a top FBI official shared more details about the forthcoming Trump administration document Tuesday. via @timstarks.bsky.social cyberscoop.com/trump-cyber-...
Completed draft of cyber strategy emphasizes imposing costs, industry partnership
The forthcoming Trump administration cyber strategy will introduce six key pillars, emphasizing deterrence of cyber threats and enhanced industry partnerships, with action items and deliverables for U...
cyberscoop.com
November 19, 2025 at 2:57 PM
The national cyber director and a top FBI official shared more details about the forthcoming Trump administration document Tuesday. via @timstarks.bsky.social cyberscoop.com/trump-cyber-...
The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread attacks were already underway. via @mattkapko.com cyberscoop.com/fortinet-del...
Fortinet’s delayed alert on actively exploited defect put defenders at a disadvantage
The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread attacks were already underway.
cyberscoop.com
November 19, 2025 at 2:57 PM
The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread attacks were already underway. via @mattkapko.com cyberscoop.com/fortinet-del...
The letter comes as countries in Europe have moved over the past year to regulate or mandate legalized access for criminal and national security investigations. via @derekbjohnson.bsky.social cyberscoop.com/encryption-s...
Dozens of groups call for governments to protect encryption
The letter comes as countries in Europe have moved over the past year to regulate or mandate legalized access for criminal and national security investigations.
cyberscoop.com
November 19, 2025 at 2:56 PM
The letter comes as countries in Europe have moved over the past year to regulate or mandate legalized access for criminal and national security investigations. via @derekbjohnson.bsky.social cyberscoop.com/encryption-s...
Reposted by CyberScoop
Ah @cyberwarcon.bsky.social the only conference for intel ops research authored by the terminally online
November 19, 2025 at 2:46 PM
Ah @cyberwarcon.bsky.social the only conference for intel ops research authored by the terminally online
Reposted by CyberScoop
Reposted by CyberScoop
ICYMI last week, @derekbjohnson.bsky.social discusses Anthropic's 'China AI' attack in @cyberscoop.bsky.social: 'China’s ‘autonomous’ AI-powered hacking campaign still required _a ton_ of human work' cyberscoop.com/anthropic-ai... @gate15.bsky.social
China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work
Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as what’s possibl...
cyberscoop.com
November 17, 2025 at 8:07 PM
ICYMI last week, @derekbjohnson.bsky.social discusses Anthropic's 'China AI' attack in @cyberscoop.bsky.social: 'China’s ‘autonomous’ AI-powered hacking campaign still required _a ton_ of human work' cyberscoop.com/anthropic-ai... @gate15.bsky.social
Reposted by CyberScoop
China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work by @derekbjohnson.bsky.social at @cyberscoop.bsky.social. cyberscoop.com/anthropic-ai...
China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work
Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as what’s possibl...
cyberscoop.com
November 14, 2025 at 8:00 PM
China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work by @derekbjohnson.bsky.social at @cyberscoop.bsky.social. cyberscoop.com/anthropic-ai...
Federal prosecutors secured five guilty pleas from people who supported overseas remote IT workers, and seized $15 million in stolen cryptocurrency tied to the North Korean regime. via @mattkapko.com cyberscoop.com/doj-north-ko...
DOJ lauds series of gains against North Korean IT worker scheme, crypto thefts
Federal prosecutors secured five guilty pleas from people who supported overseas remote IT workers, and seized $15 million in stolen cryptocurrency tied to the North Korean regime.
cyberscoop.com
November 14, 2025 at 10:43 PM
Federal prosecutors secured five guilty pleas from people who supported overseas remote IT workers, and seized $15 million in stolen cryptocurrency tied to the North Korean regime. via @mattkapko.com cyberscoop.com/doj-north-ko...
Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as to show what’s possible. via @derekbjohnson.bsky.social cyberscoop.com/anthropic-ai...
China’s ‘autonomous’ AI-powered hacking campaign still required a ton of human work
Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as what’s possibl...
cyberscoop.com
November 14, 2025 at 10:42 PM
Anthropic and AI security experts told CyberScoop that behind the hype, effective AI-driven cyberattacks still require skilled humans, with the attack possibly done to send a message as to show what’s possible. via @derekbjohnson.bsky.social cyberscoop.com/anthropic-ai...
SecAlliance and Silent Push confirmed that the suspected Chinese operators of the phishing kit appear to have been affected. via @timstarks.bsky.social cyberscoop.com/lighthouse-t...
Google, researchers see signs that Lighthouse text scammers disrupted after lawsuit
The phishing kit Lighthouse, which has aided text scams like those soliciting victims to pay unpaid road tolls, appears to have been hampered shortly after Google filed a lawsuit aimed at its creators...
cyberscoop.com
November 14, 2025 at 10:42 PM
SecAlliance and Silent Push confirmed that the suspected Chinese operators of the phishing kit appear to have been affected. via @timstarks.bsky.social cyberscoop.com/lighthouse-t...
The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise. via @mattkapko.com www.youtube.com/watch?v=DmHk... | cyberscoop.com/washington-p...
Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment
YouTube video by CyberScoop
www.youtube.com
November 14, 2025 at 9:53 PM
The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise. via @mattkapko.com www.youtube.com/watch?v=DmHk... | cyberscoop.com/washington-p...
Officials shared indicators of compromise observed as recently as this month to help organizations hunt for and defend against the ransomware group, which has pocketed $244 million as of late September. via @mattkapko.com cyberscoop.com/akira-ransom...
FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses
Officials shared indicators of compromise observed as recently as this month to help organizations hunt for and defend against the ransomware group, which has pocketed $244 million as of late Septembe...
cyberscoop.com
November 14, 2025 at 1:42 PM
Officials shared indicators of compromise observed as recently as this month to help organizations hunt for and defend against the ransomware group, which has pocketed $244 million as of late September. via @mattkapko.com cyberscoop.com/akira-ransom...
Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. via @derekbjohnson.bsky.social www.youtube.com/watch?v=WTgi... | cyberscoop.com/sora-2-deepf...
Advocacy group calls on OpenAI to address Sora 2’s deepfake risks
YouTube video by FedScoop
www.youtube.com
November 14, 2025 at 3:08 AM
Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. via @derekbjohnson.bsky.social www.youtube.com/watch?v=WTgi... | cyberscoop.com/sora-2-deepf...
The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise. via @mattkapko.com cyberscoop.com/washington-p...
Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment
The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise.
cyberscoop.com
November 13, 2025 at 5:38 PM
The newspaper said a “bad actor” contacted the company in late September, prompting an investigation that nearly a month later confirmed the extent of compromise. via @mattkapko.com cyberscoop.com/washington-p...
Rhadamanthys, VenomRAT, and the Elysium botnet were targeted in the takedowns. via @gregotto.bsky.social cyberscoop.com/operation-en...
Operation Endgame targets malware networks in global crackdown
Rhadamanthys, VenomRAT, and the Elysium botnet were targeted in the takedowns.
cyberscoop.com
November 13, 2025 at 3:56 PM
Rhadamanthys, VenomRAT, and the Elysium botnet were targeted in the takedowns. via @gregotto.bsky.social cyberscoop.com/operation-en...
Trump’s dismissive remarks on cyber threats contrast sharply with his administration’s official calls for action. via @timstarks.bsky.social www.youtube.com/watch?v=OgkN... | cyberscoop.com/trump-cyber-...
While White House demands deterrence, Trump shrugs
YouTube video by FedScoop
www.youtube.com
November 13, 2025 at 12:52 AM
Trump’s dismissive remarks on cyber threats contrast sharply with his administration’s official calls for action. via @timstarks.bsky.social www.youtube.com/watch?v=OgkN... | cyberscoop.com/trump-cyber-...
Forty House and Senate members tell Democratic governors they may not be aware of how much they’re sharing with ICE and other immigration agencies. via @derekbjohnson.bsky.social cyberscoop.com/congressiona...
Congressional Dems press governors to block feds from accessing state DMV data
Forty Democratic members of the House and Senate issued a joint letter Wednesday to 19 states led by Democratic governors, urging them to block Immigrations and Customs Enforcement and other federal a...
cyberscoop.com
November 12, 2025 at 9:26 PM
Forty House and Senate members tell Democratic governors they may not be aware of how much they’re sharing with ICE and other immigration agencies. via @derekbjohnson.bsky.social cyberscoop.com/congressiona...
The suspected Chinese schemers behind it enable those constant fake E-Z Pass and U.S. Postal Service smishing messages. via @timstarks.bsky.social cyberscoop.com/google-files...
Google files lawsuit against Lighthouse ‘phishing for dummies’ text scammers
Google on Wednesday filed a lawsuit against pesky text message scammers in an attempt to disrupt a “phishing for dummies” operation the company accuses of victimizing more than 1 million people.
cyberscoop.com
November 12, 2025 at 8:59 PM
The suspected Chinese schemers behind it enable those constant fake E-Z Pass and U.S. Postal Service smishing messages. via @timstarks.bsky.social cyberscoop.com/google-files...
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon. via @mattkapko.com cyberscoop.com/amazon-threa...
Amazon pins Cisco, Citrix zero-day attacks to APT group
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon.
cyberscoop.com
November 12, 2025 at 8:58 PM
The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon. via @mattkapko.com cyberscoop.com/amazon-threa...
Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. via @derekbjohnson.bsky.social cyberscoop.com/sora-2-deepf...
Advocacy group calls on OpenAI to address Sora 2’s deepfake risks
Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes.
cyberscoop.com
November 12, 2025 at 8:58 PM
Public Citizen’s letter urges OpenAI to temporarily take Sora 2 offline and work with outside experts to prevent the spread of harmful deepfakes. via @derekbjohnson.bsky.social cyberscoop.com/sora-2-deepf...
Reposted by CyberScoop
NEW: @timstarks.bsky.social looks at President Trump’s dismissive remarks on cyber threats, and how they contrast sharply with his administration’s official calls for action, specifically China cyberscoop.com/trump-cyber-...
While White House demands deterrence, Trump shrugs
U.S. cyber officials have pushed for strong action against foreign hacking, while President Trump has downplayed threats, creating mixed signals on cyber defense policy.
cyberscoop.com
November 12, 2025 at 7:53 PM
NEW: @timstarks.bsky.social looks at President Trump’s dismissive remarks on cyber threats, and how they contrast sharply with his administration’s official calls for action, specifically China cyberscoop.com/trump-cyber-...
Reposted by CyberScoop
I took a look at how Trump officials' comments on cyber deterrence contrast with the man himself, and what it means or reflects for the global scene. cyberscoop.com/trump-cyber-...
While White House demands deterrence, Trump shrugs
U.S. cyber officials have pushed for strong action against foreign hacking, while President Trump has downplayed threats, creating mixed signals on cyber defense policy.
cyberscoop.com
November 12, 2025 at 7:51 PM
I took a look at how Trump officials' comments on cyber deterrence contrast with the man himself, and what it means or reflects for the global scene. cyberscoop.com/trump-cyber-...
Researchers warn that although exploitation of the zero-day is complex, a functional exploit exists in the wild. cyberscoop.com/microsoft-pa...
Microsoft Patch Tuesday addresses 63 defects, including one actively exploited zero-day
Researchers warn that although exploitation of the zero-day is complex, a functional exploit exists in the wild.
cyberscoop.com
November 12, 2025 at 4:27 PM
Researchers warn that although exploitation of the zero-day is complex, a functional exploit exists in the wild. cyberscoop.com/microsoft-pa...