In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool – Source: www.securityweek.com

SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.

We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.

Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. 

Here are this week’s stories: 

Otorio launches Compensating Scoring for Asset Vulnerability framework for OT

OT security firm Otorio has unveiled a new Compensating Scoring for Asset Vulnerability (CSAV) framework designed to quantify cybersecurity risks for OT assets that lack published CVEs. The free tool calculates a score based on parameters such as CVEs for similar devices, potential attack surface, firmware/OS recency, lifecycle status, security certifications, and vulnerability management policy. 

DeepSeek targeted in LLMjacking attacks

LLMjacking attacks, in which threat actors use stolen credentials to gain access to someone’s LLM account for malicious purposes, have started targeting the Chinese AI model DeepSeek, according to Sysdig, whose researchers coined the term. 

Russia’s Sandworm targets Ukraine with trojanized Microsoft KMS activators

EclecticIQ reported that the notorious Russian threat group Sandworm (aka APT44) has been targeting Ukrainian Windows users since late 2023 in a campaign involving pirated Microsoft Key Management Service (KMS) activators and fake Windows updates to deliver a new version of a loader named BackOrder, which deploys the Dark Crystal RAT to enable attackers to conduct cyberespionage and steal valuable data. 

Gemini AI’s memory corrupted in new hack

Researcher Johann Rehberger has found a way to use prompt injection to corrupt the long-term memory of Google’s Gemini AI model, Ars Technica reported. The hack bypasses prompt injection protections and allows an attacker to plant false information that will be used by the chatbot in the future. Google confirmed the findings, but said the impact and risk are low. 

Arizona woman pleads guilty over North Korean fake IT worker scheme

Christina Marie Chapman, an Arizona woman charged over her role in a North Korean fake IT worker scheme that generated more than $17 million, has pleaded guilty. Chapman ran a laptop farm at her home that enabled North Koreans to trick US companies into believing that they were located in the United States. 

California teen sentenced to 4 years in prison for swatting 

Alan W. Filion, an 18-year-old from California, has been sentenced to four years in prison for over 375 swatting and threat calls. The teen targeted individuals, education institutions, government officials and religious organizations, making false claims about bombs and shootings. Filion is believed to have conducted swatting for years and at some point turned it into a business, offering his services for a fee. 

Cybereason CEO sues investors

Eric Gan, the CEO of cybersecurity firm Cybereason, has filed a lawsuit against two major investors, former Treasury Secretary Steven Mnuchin and SoftBank Vision Fund. According to Gan, these investors are putting Cybereason at risk of bankruptcy by refusing to accept financing proposals in order to “preserve their control and financial advantages”. The accused investors have denied the accusations. Gan wants to raise $150 for the company. 

Russian cybercriminal released by US in prisoner swap

Alexander Vinnik has been handed over by the US to Russia in exchange for Marc Fogel, a school teacher sentenced to 14 years in prison for drug trafficking charges. Vinnik is a Russian national charged and held in the US for operating BTC-e, a cryptocurrency exchange used by cybercriminals to launder illicit proceeds. Prior to being extradited to the US, he was sentenced to prison in France for money laundering. Vinnik’s sentencing in the US was scheduled for June. 

CISA and FBI warn of buffer overflow vulnerabilities 

CISA and the FBI have released another Secure-by-Design alert, urging software developers to take steps to eliminate buffer overflow vulnerabilities, which are often exploited by threat actors for initial access and lateral movement. 

Google pays $10,000 bug bounty for YouTube vulnerability

A researcher has earned a $10,000 bug bounty from Google for responsibly disclosing a vulnerability that could have been exploited to obtain the email address associated with any YouTube account. The hack involved mapping unique IDs exposed via user blocking requests to email addresses. This was achieved through a forgotten Google app. 

Related: In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report

Related: In Other News: Browser Syncjacking, Fake AWS Hack, Google Blocked 2M Bad Apps