Cybersecurity Headlines Scams target MENA region, pen testers accused of blackmail, DDoS protection faces fresh challenges
Dec 25, 2025
A wave of coordinated scams is targeting job seekers in the MENA region with over 1,500 fake ads. Meanwhile, Pen Test Partners finds itself in hot water over accusations of blackmail from Eurostar, revealing flaws in their chatbot. In a shocking report, hackers stole a record $2.7 billion in crypto in 2025, mainly from a massive breach linked to North Korea. DDoS defenses are struggling against unprecedented levels of automated bot traffic, complicating cybersecurity efforts.
AI Snips
Chapters
Transcript
Episode notes
Disclosure Clash Over AI Chatbot Flaws
- Pentest Partners found prompt-injection, system prompt leakage, and potential XSS in Eurostar's public AI chatbot.
- They reported being accused of blackmail by Eurostar's head of security during disclosure.
Guardrail Design Can Be Bypassed
- The chatbot's guardrails only validated the latest message, letting attackers tamper with earlier messages to bypass protections.
- Pentest Partners warns it's unclear whether all vulnerabilities were fully fixed.
Record Crypto Thefts Rise Again
- Hackers stole a record $2.7 billion in crypto in 2025, up from $2.2 billion in 2024.
- A $1.4 billion Bybit heist, attributed to North Korean state-linked actors, was the largest incident.