< ciso
brief />

Hello, stay ahead with CISO Brief 🚀

Every day the cybersecurity world moves fast — new incidents, evolving AI risks, changing regulations, and critical vendor updates. We cut through the noise to deliver only what matters most for your business and security strategy.

CISO Brief brings you a daily digest of high-signal news: major breaches, hyperscaler security releases, AI and compliance shifts, and the latest threat intelligence — all in one concise update.

Built for CISOs, CTOs, and architects, our goal is to save you time, reduce distraction, and keep you always on pulse with the risks and opportunities that shape tomorrow.

👉 Join our Telegram channel for your daily update — stay informed, stay ready.

Cybersecurity News Digest — Daily Briefings

Japan’s largest taxi operator halts systems after attack

🚨 Nihon Kotsu, Japan's largest taxi and chauffeur operator, has shut down parts of its IT infrastructure after detecting unauthorized external access and a malware infection early Saturday. The outage has affected the taxi dispatch system, web booking, reservation management, phone dispatch services, and some internal systems, leaving key services offline while the company investigates. Nihon Kotsu has engaged external cybersecurity experts, warned customers to avoid suspicious attachments and links, and has not yet confirmed any data leakage or any claim of responsibility by ransomware groups.
read more →

Jscrambler npm package compromised with infostealer

🛡️ Jscrambler disclosed that a threat actor published malicious npm releases (8.14, 8.16, 8.17, 8.20) containing an info-stealer executed via the preinstall hook. The tampered package was live for two hours, downloaded 1,479 times, and affected four dependent packages that were deprecated and replaced. Jscrambler revoked compromised publishing credentials and urged users to rotate secrets and update to the safe release.
read more →

Amazon DocumentDB added to Agent Toolkit

🛠️ The new Amazon DocumentDB skill in the Agent Toolkit enables AI coding agents to provision, manage, migrate, optimize, and troubleshoot DocumentDB clusters using guided, best-practice workflows. The skill supports seven workflows including provisioning, schema design, MongoDB compatibility assessment, DMS migration with change data capture, performance tuning, a 41-check well-architected review, and major version upgrades. When used with the AWS MCP Server, agents can execute AWS CLI commands and diagnostic queries with IAM guardrails, CloudTrail logging, and sandboxed execution. The skill is also available standalone via the AWS CLI and is provided at no additional charge as part of the Agent Toolkit for AWS.
read more →

CrashStealer macOS info stealer uses signed dropper

🛡️ Jamf Threat Labs discovered a new native C++ macOS information stealer named CrashStealer that harvests credentials, browser data, cryptocurrency wallet extensions, password manager entries, and keychain material. The campaign uses a signed and Apple-notarized disk image dropper served from a gated site and persists via LaunchAgent after re-signing itself. Collected files are AES-GCM encrypted before exfiltration to an attacker-controlled server, and the malware employs multiple analysis-resistance techniques.
read more →

ModHeader removed after hidden browsing-history collector

🛡️ Google and Microsoft removed the popular ModHeader extension after researchers found a dormant browsing-history collector embedded in the official store builds. The collector, confirmed by Stripe OLT to be in the genuine Chrome package, stored encrypted domain lists and device fingerprints locally and was designed to upload them to api.stanfordstudies[.]com on a schedule if an internal allow-list were populated. While the allow-list shipped empty and no evidence shows data was exfiltrated, the extension still pinged extensions-hub[.]com and logged request metadata locally. Users are advised to uninstall ModHeader, rotate exposed secrets, and defenders should block the implicated domains and hunt for related indicators.
read more →

Microsoft makes passkeys default for Entra ID

đź”’ Microsoft Entra ID will begin rolling out passkeys as the default phishing-resistant authentication method starting September 1, 2026. Users currently using SMS or voice for MFA will be auto-enabled for passkeys and prompted to register on their next sign-in. Microsoft will retire native SMS and voice delivery on February 1, 2027, after which telecom partners via the Microsoft Security Store will be required for those methods.
read more →

Open-source k8s‑aibom for automated AI BOMs

🔍 k8s-aibom is an unprivileged Kubernetes controller that continuously monitors cluster workloads to detect AI runtimes and generate standard CycloneDX 1.6 Machine Learning Bill of Materials (ML-BOMs). It runs as a single Deployment with zero developer friction—no sidecars, no privileged DaemonSets—and exports deterministic BOMs to in-cluster CRs and optional external sinks like Google Cloud Storage. Designed for audit-grade evidence, it supports compliance frameworks and GitOps workflows.
read more →

Key findings from the 2026 public sector M‑Trends report

🛡️ The 2026 Public Sector Threat Landscape report summarizes Mandiant’s 2025 incident investigations and highlights how adversaries now move at machine speed, notably the 22-second hand-off from initial access to ransomware. It argues public agencies must adopt continuous verification and machine-speed defenses. Google outlines three core capabilities—identity as the perimeter, agentic defense, and hardened infrastructure—and describes new AI agents in Google Security Operations and customer success stories.
read more →

AWS adds Gemma‑4‑E2B‑it to SageMaker JumpStart

đź“° Amazon Web Services has added gemma-4-E2B-it, a multimodal instruction-tuned foundation model from Google DeepMind, to Amazon SageMaker JumpStart. The model supports text, image, audio inputs and text outputs with a built-in stepwise reasoning mode and broad capabilities including image and video understanding, OCR, function calling, and multilingual code assistance. Customers can deploy it from the SageMaker Studio Models section or via the SageMaker Python SDK for rapid integration into AWS AI workflows.
read more →

Qwen3 retrieval models now in SageMaker JumpStart

🔍 AWS added Qwen3-VL-Embedding-2B and Qwen3-Reranker-4B to Amazon SageMaker JumpStart, enabling modular search and retrieval pipelines. The embedding model creates multimodal vectors from text, images, screenshots, and video across 30+ languages, while the reranker scores query–document pairs across 100+ languages. Customers can deploy these models via SageMaker Studio or the SageMaker Python SDK with a few clicks.
read more →

Voxtral-Mini realtime speech model in SageMaker

🎙️ AWS added Voxtral-Mini-4B-Realtime-2602 to Amazon SageMaker JumpStart, a multilingual, low-latency speech-transcription model from Mistral AI. The model offers natively streaming architecture for real-time transcription across 13 languages and configurable delay/accuracy trade-offs. Customers can deploy it via the SageMaker Studio Models section or the SageMaker Python SDK for rapid integration into speech applications.
read more →

OpenAI privacy-filter now in SageMaker JumpStart

🔒 Amazon Web Services has added OpenAI’s privacy-filter to Amazon SageMaker JumpStart, offering a bidirectional token-classification model for PII detection and masking. The model is designed for fast, context-aware, tunable, high-throughput data sanitization workflows that can run on-premises. It detects PII spans like account numbers, addresses, emails, names, phones, URLs, dates, and secrets, labeling inputs in a single forward pass. Customers can deploy the model via the SageMaker Studio Models section or the SageMaker Python SDK.
read more →

CISA warns of exploited RCE in Joomla extensions

đź”’ The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns that attackers are actively exploiting arbitrary file upload vulnerabilities in the iCagenda and Balbooa Forms Joomla extensions to achieve remote code execution. The agency designated these flaws as maximum priority and ordered federal agencies to apply updates or mitigations within three days. Vendors released fixes in iCagenda 4.0.8/3.9.15 and Balbooa Forms 2.4.1 after automated and zero-day exploitation was observed. Administrators should check installations and apply the available patches immediately.
read more →

Weekly recap: ShareFile warning and broad threats

🛡️ Progress urged ShareFile customers to shut down Windows Storage Zone Controllers amid a credible external threat, temporarily disabling access while investigating; there are no signs of account or data compromise. Other top stories include a critical Zimbra XSS patch, a compromised Jscrambler npm package distributing a multi-platform Rust stealer, and Microsoft detailing the destructive GigaWiper backdoor. Large-scale web shell operations (SHELLSTORM), HalluSquatting attacks against AI assistants, and many actively exploited CVEs round out the week's threats.
read more →

Behavior-First Security Training for AI-Driven Risks

đź”’ AI has increased employee awareness of cyber risks, but understanding threats is not the same as being ready to respond. The 2025 Security Awareness and Training report shows high awareness but a clear readiness gap: only 40% of organizations say employees are highly prepared for AI-based threats. Fortinet advocates behavior-first, role-based training with short scenario-driven modules to help employees apply judgment, verify requests, protect data, and use AI tools safely.
read more →

Rival Chinese and Indian Cyber Espionage Hits Pakistan

đź”’ SentinelLabs reports that suspected China- and India-linked cyber operators targeted multiple Pakistani law enforcement systems between February 2024 and April 2026, focusing on Balochistan Police. The compromise affected servers hosting biometric records, case files and tenant registrations, and included implants in a public Complaint Management System. Analysts linked PlugX, ShadowPad and Cobalt Strike to China-nexus activity and Remcos to a suspected India-nexus actor. The incidents underscore risks from centralized police IT systems and concentrated intelligence value.
read more →

Lidl discloses online shop customer data breach

🔒 Lidl notified customers in Germany, Belgium, and the Netherlands that attackers accessed a separately stored file at a third‑party service provider and stole personal data from users of its online shop. The retailer said the shop's systems were not affected, but it cannot yet exclude the theft of passwords, billing or payment details. Lidl and the service provider have reported the incident to authorities and engaged forensic experts, while warning customers to watch for phishing and identity fraud.
read more →

MemGhost attack shows persistent memory poisoning risk

🛡️Researchers show a one-email exploit can trick an AI personal agent into writing a false, persistent memory and hiding the change. The tool, MemGhost, was tested in lab conditions against OpenClaw and other agent frameworks, succeeding frequently in background runs. The authors propose provenance tagging, user confirmation, and write logging as mitigations while vendors consider memory-write controls.
read more →