Geinbot, SolarWinds, Brave, UNK_Deaddrop, durabletask, Insta, Aaran Leyland, and More on the Security Weekly News.
AI is changing the threat landscape in real time, from automated attacks to faster exploitation. At the same time, SOC teams are drowning in alerts and struggling to keep up.
Join the AI for Next-Gen SOC Virtual Cybersecurity Summit on June 24th to hear how defenders are using AI to keep pace, improve detection, and respond faster to emerging threats.
Security Weekly listeners can register for free at https://securityweekly.com/nextgensoc using the promo code: CSS26-SW
Doug White
- CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
- Brave Software releases Origin for a paid, bloat-free browsing experience
- Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
- GitHub nukes 70+ Microsoft repos, breaks CI/CD pipelines, following suspected worm infections
- Silent Ransom Group moves to in-person method if vishing attempt fails
- Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse
- AI song creator Suno raises $400 million in one of the largest Mass. VC deals of the year – The Boston Globe
- “Chat is dead”: OpenAI preps overhaul of ChatGPT
Aaran Leyland
- WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order
Phone Malware — Two Tiers
Check first iVerify Basics — $0.99, iOS + Android. Five-minute Pegasus scan. iOS: apps.apple.com/us/app/iverify-basic/id1466120520 Android: play.google.com/store/apps/details?id=com.trailofbits.iverify Apple Threat Notifications — Apple alerts you if it detects mercenary spyware. Keep notifications on. support.apple.com/en-us/111900
Tier 1 — Everyday malware Update the OS. Most malware exploits patched holes. Do this first. Delete the suspicious app. iPhone: App Library → Remove App. Android: Settings → Apps → Uninstall. Also check Device Admin privileges and revoke anything unrecognised. iPhone — check for rogue profiles. Settings → General → VPN & Device Management. Remove anything you didn't install. Android — run Play Protect. Play Store → Profile → Play Protect → Scan. support.google.com/googleplay/answer/2812853 Android — Safe Mode. Hold Power → long-press Power Off → Safe Mode. If the problem disappears, a bad app is responsible. Factory reset. Wipes most spyware clean. iPhone: Settings → General → Transfer or Reset → Erase All Content. Android: Settings → General Management → Reset → Factory Data Reset. Back up first — restore only what you know is clean.
Tier 2 — Nation-state / Pegasus-class No reliable removal exists without a full wipe. No exceptions. Reboot. Some variants don't survive it. First step, not a fix. Update the OS now. Closes the exploit they used. Do not wait. Enable Lockdown Mode — iPhone iOS 16+. Settings → Privacy & Security → Lockdown Mode → Turn On & Restart. Blocks attachments, restricts web tech, stops unknown FaceTime calls, blocks rogue profiles. Annoying. Effective. support.apple.com/en-us/105120 Android — Google Advanced Protection. Restricts installs to Play Store, adds account protections, requires a security key. landing.google.com/advancedprotection Full wipe or replace the device. Restore only from a clean backup made before the compromise. Restore a dirty backup and you reinfect yourself. After the wipe — rotate everything. Change all passwords from a separate clean device. Revoke active sessions. Check for unknown devices on Apple ID or Google account.
Journalist, activist, civil society? Don't do Tier 2 alone. Free professional forensic support: Access Now: accessnow.org/help Amnesty Security Lab: securitylab.amnesty.org/tools-and-guides Amnesty MVT (technical users only): github.com/mvt-project/mvt
