Security Insights ai threat intelligence

Security Insights: Zero-Days, APTs and AI Risks

Hero image for Security Insights: Zero-Days, APTs and AI Risks

Security Insights: Zero-Days, APTs and AI Risks

We look at the standout research and updates from across the industry to help you stay on top of emerging security trends.

Shift Towards Enterprise Zero-Days in 2024

In 2024, Google observed 75 zero-day vulnerabilities exploited in the wild, down from 98 in 2023. Notably, 44% targeted enterprise security products from vendors like Ivanti, Palo Alto Networks, and Cisco.

Exploit chains using multiple zero-days primarily targeted mobile devices. Microsoft Windows, Apple Safari, iOS, Android, Chrome, and Firefox were affected. Most exploits were carried out by China and North-Korea linked groups, with a few cases tied to commercial-spyware customers and the RomCom gang.

Google Threat Intelligence: 2024 Zero-Day Trends

Defending a Cybersecurity Company from Today’s Adversaries

SentinelOne has defended against multiple attacks from financially motivated crimeware to campaigns by advanced nation-state actors. The report reveals a rarely-discussed attack surface: security vendors themselves.

SentinelOne Labs: Defending a Cybersecurity Company

Also see our related article Insider Threats Are Evolving: Is Your Threat Model?

WhatsApp Introduces Privacy-Preserving AI Features

WhatsApp launched Private Processing, enabling AI features which this Meta engineering blog post says preserves privacy using confidential virtual machines and encrypted communication. The post says the system uses Oblivious HTTP relays and Trusted Execution Environments, ensuring neither Meta nor WhatsApp can access user messages.

This approach mirrors Apple’s Private Cloud Compute, focusing on privacy-preserving AI in messaging.

The work to build Private Processing began with developing a threat model to help identify potential attack vectors and vulnerabilities that could compromise the confidentiality, integrity, or availability of user data.

Meta Engineering: Building Private Processing for AI on WhatsApp

Meta Releases LlamaFirewall to Secure AI Systems

More from Meta who introduced LlamaFirewall, an open-source framework protecting AI systems from prompt injection, jailbreaks, and insecure code generation via modular guardrails. Updated tools like LlamaGuard and CyberSecEval detect violating content and benchmark AI security.

See our post on LlamaFirewall.

Meta also launched the Llama for Defenders program for AI security collaboration and previewed Private Processing technology for enhanced user privacy in AI features.

Meta AI Blog: AI Defenders Program and Llama Protection Tools

Chinese APT TheWizards Uses IPv6 Spoofing for AitM Attacks

The Chinese APT group TheWizards uses the Spellbinder tool for adversary-in-the-middle attacks via IPv6 SLAAC spoofing, enabling lateral movement and traffic interception. They hijack software updates of popular Chinese apps like Sogou Pinyin and Tencent QQ to deliver the WizardNet backdoor.

The campaign targets gaming sectors across Asia and the Middle East, demonstrating advanced network exploitation.

WeLiveSecurity: TheWizards APT Group SLAAC Spoofing

Insider Threat Facilitates North Korean Access to US Gov Systems

More insider threats as a Maryland man pleaded guilty to wire fraud for outsourcing US government software work to a North Korean developer in China, gaining unauthorised access to sensitive FAA systems. The scheme involved fake resumes and remote access software to mask location, affecting multiple US companies and federal agencies.

The case highlights risks from insider threats and foreign actors exploiting remote work to access critical infrastructure.

US Department of Justice: Maryland Man Pleads Guilty to Wire Fraud Conspiracy

Model Context Protocol Vulnerable to Prompt Injection Attacks

This blog post demonstrates how the Model Context Protocol (MCP) framework is vulnerable to prompt injection, tool poisoning, and rug pull attacks leading to unauthorised actions like data exfiltration.

The Agent2Agent (A2A) protocol also faces risks where compromised agents can hijack tasks, highlighting new AI interoperability security challenges.

Tenable Blog: MCP Prompt Injection - Not Just for Evil

MFA Bypass Attacks Surge via Reverse Proxy Phishing

Cybercriminals increasingly bypass MFA using adversary-in-the-middle attacks via reverse proxies, facilitated by Phishing-as-a-Service kits like Tycoon 2FA and Evilproxy. WebAuthn offers protection by preventing password transmission and binding credentials to origins, but adoption is low.

Cisco Talos Blog: Threat Source Newsletter May 2, 2024

See our related post on the Zero Trust Identity Pillar

Critical SonicWall SMA100 Vulnerabilities Actively Exploited

Two critical vulnerabilities in SonicWall SMA100 Series appliances are actively exploited: a high-severity OS command injection flaw (CVE-2023-44221) and session hijacking via Apache mod_rewrite (CVE-2024-38475). SonicWall urges customers to apply patches released in late 2023 and 2024 and monitor for unauthorised access.

These incidents follow prior exploitation of another SonicWall vulnerability flagged by CISA.

SonicWall PSIRT Advisory SNWLID-2023-0018

Nation-State Actor Exploits Commvault Azure Zero-Day

A nation-state actor exploited CVE-2025-3928, a zero-day vulnerability in Commvault’s Azure environment, impacting some customers without evidence of data access. Commvault rotated credentials, enhanced security, and advised implementing Conditional Access policies and monitoring IPs.

CISA added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, mandating federal patching by May 19, 2025.

Commvault Security Advisory Update

Claude AI Exploited for Global Influence Campaign

Threat actors exploited Claude AI to orchestrate over 100 fake political personas across Facebook and X, running a financially motivated global influence campaign. Claude was used for content generation and orchestrating bot interactions, demonstrating advanced AI-driven social engineering.

Other misuse involved brute-force attacks, recruitment fraud, and malware development, highlighting AI’s role in lowering barriers for cybercrime.

Anthropic News: Detecting and Countering Malicious Uses of Claude

← Back to Blog Contact Us →