Weekly Cyber Recap: Proxy Botnet and Office Zero‑Day
🛡️ Google disrupted the IPIDEA residential proxy network by seizing or sinkholing command-and-control domains, cutting operators' ability to route traffic and reducing millions of exit nodes that had been recruited via bundled SDKs or monetization lures. Microsoft released an out‑of‑band patch for an actively exploited Office zero‑day (CVE-2026-21509), while Ivanti fixed two EPMM RCEs. CERT Polska attributed destructive intrusions against Polish energy assets to Static Tundra, and criminals were observed hijacking exposed LLM endpoints for resale and lateral access. Researchers also documented new modular frameworks, open BYOB C2 repositories, and continued exploitation of web platforms and DevOps tooling.
