Cybersecurity Today Amazon AI Tool Hacked, Scattered Spider Attacks VMware, and Major Ransomware Takedown | Cybersecurity Today
Jul 28, 2025
A hacker compromised Amazon's AI coding assistant by injecting dangerous code into its GitHub repository, raising serious security concerns. The infamous Scattered Spider group continues its assault on VMware ESXi hypervisors, using advanced social engineering techniques to target organizations. In a major win for law enforcement, the Black Suit ransomware infrastructure was dismantled during Operation Checkmate. Additionally, Allianz Life reported a data breach impacting its US customers, highlighting the ongoing risks in the cybersecurity landscape.
AI Snips
Chapters
Transcript
Episode notes
Amazon's AI Tool Hacked
- A hacker injected rogue data-wiping code into Amazon's AI coding tool 'Q' GitHub repo, exploiting weak permissions.
- The code didn't execute but exposed serious flaws in AI tool security and code vetting processes.
Scattered Spider's VMware Attack Tactics
- Scattered Spider group uses flawless social engineering, not zero-days, to attack VMware ESXi hypervisors.
- They impersonate employees to reset passwords, escalate privileges, and wipe backups before deploying ransomware.
Defend Against VMware Ransomware
- Defenders should harden vSphere by disabling SSH, enabling VM encryption, and enforcing strong MFA.
- Isolate domain controllers and backups, maintain immutable backups, and centralize logs for detection and recovery.