InfoSec Dot - Issue #64. 🚨 Salt Typhoon Expands 🌎 | FBI Issues Warning 🚨 | NSA Secrets Exposed 🏴‍☠️

In partnership with

Hi Cybersecurity Enthusiasts,

In this edition, we uncover the growing risks of Shadow AI, as unmonitored AI tools pose security and compliance threats in enterprises. We also dive into Cisco’s warning on Salt Typhoon exploits, highlighting the urgent need for stronger Windows defenses.

Plus, learn about the latest CISA and FBI alerts on Ghost ransomware, and explore how hackers are manipulating Agentic AI with advanced prompt engineering tactics. Stay ahead with these critical insights.

Stay informed with these critical updates to understand and counteract the evolving cybersecurity threats of 2025.

Stay up-to-date with AI

The Rundown is the most trusted AI newsletter in the world, with 1,000,000+ readers and exclusive interviews with AI leaders like Mark Zuckerberg, Demis Hassibis, Mustafa Suleyman, and more.

Their expert research team spends all day learning what’s new in AI and talking with industry experts, then distills the most important developments into one free email every morning.

Plus, complete the quiz after signing up and they’ll recommend the best AI tools, guides, and courses – tailored to your needs.

Sign up to start learning.

🗓️ What’s New

Versa Sovereign SASE: Strengthening Cyber Borders

Versa's Sovereign SASE solution enhances security and compliance by offering region-specific data controls. As global regulations tighten, enterprises seek robust network protection tailored to national cybersecurity policies. Read More (4 Mins)

AWS Security: Uncovering Cloud Vulnerabilities

A deep dive into AWS security risks reveals potential attack vectors that could expose enterprise cloud environments. Experts emphasize proactive security measures to mitigate misconfigurations and emerging threats. Read More (7 Mins)

Cisco Confirms Salt Typhoon Exploits

Cisco has confirmed that the Salt Typhoon threat group exploited vulnerabilities in its products, targeting enterprise environments globally. Security teams are advised to apply patches and bolster defenses against these sophisticated attacks. Read More (3 Mins)

Ransomware Gang’s Tactics Exposed

A notorious ransomware group leveraged advanced infiltration techniques to breach enterprise defenses. This deep dive reveals how attackers gained access, encrypted critical systems, and demanded ransom, highlighting the urgent need for proactive security measures. Read More (3 Mins)

CISA Staff Cuts Spark Cybersecurity Concerns

The recent dismissal of 130 CISA employees has raised alarms within the cybersecurity industry. Experts fear the reduction in workforce could impact national cyber defense capabilities, leaving critical infrastructure more vulnerable to threats. Read More (4 Mins)

🔍 In-Depth Insights

NSA’s Equation Group: A Deep Dive into Cyber Espionage

A closer look at the NSA's Equation Group reveals its advanced cyber capabilities, past operations, and influence on global cybersecurity. With sophisticated malware and cyber tools, this group has been linked to some of the most notorious cyber espionage campaigns. Read More (9 Mins)

How can we secure Notes on iOS & macOS

Apple users often store sensitive information in the Notes app, but is it truly secure? Learn how to encrypt, lock, and protect your notes using built-in security features, ensuring your data stays private. Read More (10 Mins)

🤖 AI in Cybersecurity

Agentic AI Under Siege: The Rise of Prompt Manipulation

Hackers are exploiting Agentic AI using advanced prompt engineering techniques, tricking systems into executing unintended actions. This growing threat highlights the urgent need for robust AI security measures to prevent exploitation. Read More (6 Mins)

Privacera PAIG & NIST AI Risk Framework: Strengthening AI Governance

Privacera introduces PAIG, aligning with NIST's AI Risk Management Framework to enhance data security, privacy, and compliance in AI-driven environments. This initiative aims to mitigate AI risks while ensuring ethical and responsible AI deployment. Read More (4 Mins)

💡 Actionable Insights

The Cat Flap - How to really Purrsist in AWS Accounts 

Security researchers uncover The Catflap, a stealthy backdoor enabling covert access and persistence in compromised systems. The malware’s sophisticated evasion techniques pose a serious challenge to detection and mitigation efforts. Read More (17 Mins)

Shadow AI Risks: How to Detect & Secure Your Enterprise

Unmonitored AI tools are infiltrating workplaces, creating security blind spots. Shadow AI—unauthorized AI systems—can lead to data leaks, compliance violations, and cyber risks. Experts urge businesses to enforce AI governance, monitor usage, and implement security controls to mitigate threats. Read More (6 Mins)

🔗 Miscellaneous Links

• Why Are Cybersecurity Professionals Losing Their Jobs In 2025 ?

• PoC Exploit Published for Critical Ivanti EPM Vulnerabilities

• US authorities warn Ghost ransomware leverages older CVEs

• OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns

• Bybit hacked for almost $1.5 billion in the biggest crypto theft ever

Also, I'd really appreciate it if you could forward it to your friends and colleagues! Your support helps us grow and continue providing great content.

Regards,

Dot