# Today's Top Stories

Peter Williams, former L3Harris executive, was sentenced to 87 months in prison for selling eight proprietary zero-day exploits to Russian broker Aleksei Burkov and his company Cybercrime LLC. The U.S. Treasury simultaneously sanctioned Burkov's zero-day brokerage for acquiring stolen defense contractor tools and selling them to unauthorized customers.

CrowdStrike's 2025 threat report shows attackers now move laterally through breached networks in just 29 minutes on average, representing a 65% speed increase from the previous year. The acceleration is attributed to credential misuse, AI-powered attack tools, and persistent security blind spots in enterprise environments.

SolarWinds patched four critical remote code execution vulnerabilities in Serv-U that could grant attackers root access to unpatched servers. The flaws affect the file transfer protocol server and represent high-severity security risks for organizations using SolarWinds infrastructure management tools.

Orca Security disclosed the 'RoguePilot' vulnerability in GitHub Codespaces that allowed attackers to inject malicious instructions into GitHub issues, causing Copilot to leak GITHUB_TOKEN credentials when processing repository data. Microsoft has since patched the AI-driven flaw following responsible disclosure.

North Korean Lazarus Group has been observed deploying Medusa ransomware in attacks against U.S. healthcare organizations and Middle Eastern entities. The threat actors also used Comebacker backdoor, Blindingcan RAT, and Infohook stealer to establish persistence and exfiltrate data from compromised networks.

The 'Diesel Vortex' threat group conducted phishing attacks using 52 domains to steal credentials from freight and logistics operators across the U.S. and Europe. Over a five-month period, attackers compromised over 1,600 login credentials to intercept freight shipments and commit check fraud.

ShinyHunters extortion group published personal information from 12.4 million CarGurus accounts after allegedly breaching the U.S.-based automotive platform. The exposed data includes user records from the digital car marketplace, marking another significant breach by the prolific cybercriminal organization.

Wynn Resorts confirmed employee data was stolen from its systems after being listed on ShinyHunters extortion gang's leak site. The casino operator disclosed the breach following extortion threats, though specific details about the number of affected employees were not provided.

The UK Information Commissioner's Office fined Reddit £14.47 million ($19.5 million) for unlawfully collecting and using personal information of children under 13 without adequate age verification safeguards. The penalty targets Reddit's failure to implement robust age assurance mechanisms for protecting minors' data.

Anthropic identified 'industrial-scale campaigns' by Chinese AI firms DeepSeek, Moonshot AI, and MiniMax that generated over 16 million queries through 24,000 fraudulent accounts to illegally extract Claude's capabilities. The distillation attacks violated terms of service and aimed to improve competing AI models using stolen intellectual property.