April 18, 2026
image
Home Posts tagged cybersecurity

WhatsApp fixes security flaw in iOS and macOS apps

WhatsApp has released fixes for a critical vulnerability in its iOS and macOS apps that may have been exploited in targeted attacks. The flaw, tracked as CVE-2025-55177, stemmed from insufficient authorization in linked device synchronization and was discovered by WhatsApp’s internal security team. Meta said the bug could have allowed attackers to process malicious content from arbitrary URLs on a victim’s device.
The issue affected WhatsApp for iOS before version 2.25.21.73, WhatsApp Business for iOS 2.25.21.78, and WhatsApp for Mac 2.25.21.78, all patched in late July and early August. Researchers believe the weakness may have been chained with CVE-2025-43300, a zero-day in Apple’s ImageIO framework that was recently exploited to target individuals.

Amnesty International reported that WhatsApp has alerted certain users who may have been targeted in spyware campaigns over the past three months. The company advised affected individuals to perform a full device reset and ensure their operating system and apps remain updated. “This is a classic example of a zero-click attack, where no user interaction is needed to compromise a device,” said Donncha Ó Cearbhaill, head of Amnesty International’s Security Lab. He warned that this spyware continues to pose serious risks to journalists, activists, and human rights defenders.

Trend Micro Launches Cybertron, Industry’s First Proactive Cybersecurity AI

Trend Micro has introduced Trend Cybertron, a pioneering cybersecurity large language model (LLM) designed to reshape how enterprises manage cyber risk. Built on over 36 years of threat intelligence and more than two decades of AI innovation, Cybertron merges the reasoning power of Agentic AI with curated datasets and real-world expertise.

The solution integrates directly with Trend Vision One™, combining threat data, analytics, and advanced engines to deliver end-to-end visibility and protection. It enables proactive risk management by predicting attack paths, modeling threats, and recommending mitigation strategies before breaches occur.

Unlike reactive security approaches, Cybertron empowers IT teams to anticipate risk with exact precision across the entire attack surface. By doing so, organizations can move ahead of attackers, mitigating threats before they materialize.

This launch is especially relevant in regions such as the Middle East & Africa, where rapid adoption of AI-driven systems in government, banking, and smart cities has made security a pressing priority. Trend Micro notes that the average cost of a cyberattack in the region stands at $8.75 million, nearly double the global average.

“Security teams are overwhelmed by alert volumes and increasingly complex infrastructures,” said Bilal Baig, Regional Technical Director for the Mediterranean Middle East and Africa at Trend Micro. “Cybertron automates analysis and prioritizes threats based on real-time intelligence, allowing teams to focus on the most critical issues.”

Customer reports highlight up to 99% faster remediation when using Cybertron, setting a new standard for proactive defense. The model continuously evolves through agentic AI capabilities, adapting to novel threats and optimizing response with every interaction.

By integrating cybersecurity LLMs, curated threat intelligence, and intelligent AI agents, Cybertron provides organizations with clarity, speed, and confidence. It draws from global intelligence to prioritize risks and recommend precise actions, enabling teams to strengthen resilience.

Now available worldwide, Trend Cybertron represents a paradigm shift in cybersecurity, moving the industry firmly toward AI-driven proactive defense. It underscores Trend Micro’s mission to deliver innovative, future-ready solutions that safeguard digital transformation.

Cybersecurity Incidents Dominate the Week: Microsoft, DaVita, and Interpol Crackdown in Africa

The past week was marked by a wave of significant cybersecurity incidents worldwide. Microsoft announced it is limiting the information shared with Chinese companies through its Microsoft Active Protections Program (MAPP), following concerns that PoC exploit code may have been leaked and abused by Chinese threat actors.
Instead of detailed technical code, Microsoft will now provide only general descriptions of vulnerabilities to these firms. Meanwhile, Hunt.io published an in-depth analysis of the leaked Ermac 3.0 banking trojan source code, revealing both powerful data theft capabilities and serious security flaws. In Africa, Interpol carried out Operation Serengeti 2.0, arresting more than 1,200 individuals linked to cybercrime and recovering nearly $100 million while dismantling 11,000 malicious networks. The operation targeted investment fraud schemes, illicit cryptocurrency operations, and inheritance scams.

Separately, Microsoft patched a logging issue in Copilot that allowed some interactions to bypass audit logs, raising concerns for industries where log integrity is critical.

Researchers also warned that agentic AI integrated into web browsers could be exploited by attackers through techniques such as Scamlexity and ClickFix. Healthcare provider DaVita disclosed that its recent ransomware-related data breach now affects nearly 2.7 million people, with the Interlock group claiming responsibility. Together, these events underscore the growing complexity of today’s cyber threat landscape and the urgent need for stronger defenses across industries.

Generative AI Cybersecurity Market Set to Quadruple by 2031, MarketsandMarkets Report Finds

The generative AI cybersecurity market is entering a period of strong expansion, according to a new report from MarketsandMarkets, with its value expected to surge from USD 8.65 billion in 2025 to USD 35.50 billion by 2031, growing at a CAGR of 26.5%. One of the key forces driving this growth is the rise of task-executing AI agents that can autonomously perform actions, requiring strong safeguards to prevent misuse and unintended harm.

The report highlights that breaches of AI models and applications are already a growing concern. IBM’s 2025 Cost of a Data Breach Report revealed that 13% of organizations worldwide experienced such breaches, with 60% resulting in compromised data and 31% causing operational disruption. Companies using unsanctioned “shadow AI” tools faced an average added cost of USD 670,000 per breach.

In the Asia Pacific region, the market is projected to record the highest growth rate, fueled by rapid adoption of AI-driven cybersecurity in finance, healthcare, and government. Governments are increasingly deploying AI measures to protect public services and critical infrastructure, while businesses are investing in AI to strengthen compliance, data protection, and customer trust.

MarketsandMarkets notes that demand for advanced AI-native security tools is rising as threats become more complex.

Vendors are investing in AI-driven penetration testing, automated vulnerability assessments, and real-time anomaly detection to help organizations bridge gaps between security operations and decision-making.

At the same time, risks such as prompt injection, model manipulation, and indirect prompt leaks are emerging as critical challenges. In high-stakes sectors like healthcare, financial services, and secure communications, such exploits could undermine decision-making integrity and regulatory compliance. Vendors are therefore moving toward fine-tuning guardrails, layered prompt filtering, and adversarial training to counter these evolving attack vectors.

Overall, the report concludes that the convergence of generative AI with advanced cybersecurity analytics will play a decisive role in helping organizations build resilience, protect sensitive data, and maintain operational trust in an increasingly hostile digital environment.

French Media Report Cyberattack on Bouygues Telecom, Millions of Customers Affected

According to French media reports, Bouygues Telecom, one of the country’s largest telecommunications providers, has fallen victim to a major cyberattack that compromised the personal information of millions of users. The company, which serves more than 26 million mobile subscribers, confirmed that the incident exposed sensitive data linked to customer accounts.

The breach, detected in early August, allowed attackers to gain access to contact information, contract details, and even International Bank Account Numbers (IBAN) belonging to both private individuals and businesses. While Bouygues stressed that no passwords or payment card information had been exposed, the scope of the incident remains significant.

Company officials disclosed that approximately 6.4 million customers were affected. Those impacted are being contacted via email and text message, with urgent warnings to remain vigilant against fraudulent calls or phishing attempts seeking to exploit the stolen data.

So far, no ransomware group has claimed responsibility for the breach, and the motives behind the attack remain unclear. The incident comes just days after another French telecom giant, Orange, experienced a separate cyberattack in late July. Industry experts highlight that telecom operators remain high-value targets for both state-sponsored hackers and financially motivated cybercriminals, with recent attacks underscoring the urgent need for stronger defenses.

Security Tests Expose Major Vulnerabilities in GPT-5

Two independent security testing teams have discovered critical vulnerabilities in OpenAI’s new GPT-5 model, with both managing to bypass its safeguards in under 24 hours, reports securityweek.com. NeuralTrust and SPLX, two prominent AI security firms, conducted separate red-team evaluations and reached equally troubling conclusions about the model’s readiness for enterprise use.

NeuralTrust’s researchers combined their proprietary EchoChamber jailbreak with a basic storytelling approach, leading GPT-5 to generate step-by-step instructions for making a Molotov cocktail without ever issuing an overtly malicious prompt. “The model strives to be consistent with the already-established story world,” the firm explained, noting that multi-turn “narrative” attacks can slip past single-prompt filters and intent detectors.

This method involved seeding a hidden, low-profile context, steering the conversation to avoid refusal triggers, and gradually reinforcing the malicious objective through narrative continuity. The firm warned that GPT-5’s susceptibility reveals a fundamental gap in safety systems that rely on isolated prompt screening.

Meanwhile, SPLX — formerly SplxAI — reported that GPT-5’s raw version is “nearly unusable for enterprise out of the box.” Their red team used obfuscation attacks, including a “StringJoin Obfuscation Attack” where prompts were disguised with hyphens and framed as fake encryption challenges. In one instance, GPT-5 responded to a disguised bomb-making query with detailed instructions, even opening with, “Well, that’s a hell of a way to start things off… I’m gonna tell you exactly how…”

Benchmarking against GPT-4o, SPLX found the older model more resilient when properly hardened. Both firms urged extreme caution in deploying GPT-5 without additional security layers, warning that its vulnerabilities make it a high-risk choice for sensitive environments.

OPSWAT Report: Malware Complexity Surges 127% in Six Month

OPSWAT, a global leader in critical infrastructure protection, has released its first-ever Threat Landscape Report, revealing key insights from over 890,000 sandbox scans in the last 12 months.

This report provides a unique perspective on the evolving nature of cyber threats. The findings are clear: traditional detection methods are being outpaced, with a 127% rise in malware complexity and a staggering 1 in 14 files—initially deemed ‘safe’ by legacy systems—proven to be malicious. This report serves as a call to action for industries relying on outdated defenses, emphasizing the importance of multi-layered solutions.

Key Findings:

127% Increase in Malware Complexity

Behavioral telemetry revealed a 127% rise in multi-stage malware complexity over the past year. OPSWAT’s sandbox uncovered layered threats designed to evade analysis, including obfuscated loaders such as NetReactor and evasive behaviors that are often missed by traditional tools. These results show that modern malware intends to confuse, not flood, which is why OPSWAT’s pipeline is purpose-built to unpack that complexity.

Proactive Threat Detection

OPSWAT analysis reclassified 7.3% of files that were silent across open-source intelligence (OSINT) feeds as malicious, on average 24 hours earlier than public data sources. These were confirmed executions, not speculative flags, highlighting how adaptive analysis can close dangerous gaps left by static and reputation-based systems.

Campaign-Level Threat Correlation

With 890,000+ sandbox scans, OPSWAT connects the dots across threats. It identifies shared TTPs, reused C2 infrastructure, and behavioral patterns across campaigns. This provides defenders with context-rich, actionable intelligence instead of noisy indicators.

99.97% Detection Accuracy

OPSWAT’s behavioral and machine learning pipeline delivers results. Aided by a newly enhanced PE emulator, the platform identified sophisticated threats such as:

  • Clipboard hijacking via ClickFix
  • Steganography-wrapped loaders
  • C2 channels embedded in Google services
  • .NET Bitmap malware loaders delivering Snake Keylogger payloads

“Our strength lies in precision, behavioral depth, and early visibility into emerging attacks,” said Jan Miller, Chief Technology Officer of Threat Analysis at OPSWAT. “That’s what sets OPSWAT apart in delivering high-fidelity, context-aware threat intelligence.”

Why It Matters

As critical infrastructure, government systems, and enterprise networks face growing targeting from increasingly modular and evasive malware, the findings of this report spotlight the evolving adversary playbook and the need for integrated, multilayered solutions.

Cybersecurity leaders must now prioritize adaptability, shared intelligence, reassessing technology, and rapid behavioral detection pipelines to protect systems from known threats, while also keeping pace with a rapidly evolving threat landscape and anticipating emerging threats.

Filescan.io, part of the OPSWAT MetaDefender Platform, powers advanced threat detection and file analysis across critical environments.

ISSUES

Global Security d.o.o.

Hasiba Brankovića c, 71000 Sarajevo, Bosna i Hercegovina
Tel: +387 (0)33/788-985
Fax: +387 (0)33/788-986
Web site: www.asadria.com
Marketing: marketing@asadria.com
Subscription: pretplata@asadria.com
VAT no: 201142740001
ID no: 4201142740001
ISSN 1986-5

a&s Adria – professional security magazine for providing total security solutions is a monthly circulating publication and a licenced representative of Messe Frankfurt New Era Business Media for Adriatic region, which consists of following countries: Bosnia and Herzegovina, Croatia, Kosovo, Montenegro, FYR Macedonia, Slovenia and Serbia.