Cyber Attacks, Jailbreaking GPT-5, and Hacker Summer Camp 2025 Highlights

David Shipley

The US Federal judiciary confirms cyber attack on case management systems Sonicwall says no zero day behind spate of recent compromises researchers demonstrate Jailbreak technique against OpenAI's brand new GPT5 and observations from Hacker Summer Camp 2025 this is cybersecurity Today, and I'm your host David Shipley coming to you from sunny Las Vegas. Let's get to the news. The US Federal judiciary has confirmed its electronic case management systems used to store and manage court documents were targeted in a recent cyber attack. While most court records are public, sealed filings containing sensitive information are now under stricter controls to block unauthorized access. The announcement follows a Politico report alleging a breach of the cm, ECF and PACER systems, the core platforms for federal court document access. Politico sources say the judiciary realized the full scope on July 4th and later held a close briefing on the matter. The statement from the judiciary stopped short of confirming some of the details from POLITICO's reporting, including whether confidential PACER data was accessed, but does acknowledge urgent security steps are now underway. This story comes amidst increasingly aggressive attacks on government systems, particularly on the justice system, with notable cases against law enforcement and courts. Earlier this year, a drug cartel in Mexico was revealed to have hacked telecommunications and camera networks to track an FBI legal attache, with some identified individuals later threatened or even killed. If informant information has been exposed in the latest judicial incident, it could compromise investigations, put people at risk, and weaken people's trust in law enforcement and the judicial system. Here's some practical advice for systems holding sensitive data make sure that you always have layered defenses, apply patches quickly, strict access controls, and make sure you've got things like MFA and monitoring for anomalies. Another campaign shows how known vulnerabilities, even after they're patched, can still come back to haunt you if you missed some key steps. Sonicwall says ransomware attacks against its Gen7 firewall customers since July are linked to a previously disclosed flaw, CVE2024 4766 and are not a new zero day attack. The previous flaw, an improper access control vulnerability, was exploited when legacy credentials were reused during migrations from Gen 6 devices. Attackers have used the flaw in opportunistic Akira ransomware intrusions. Sonicwall reports fewer than 40 confirmed compromises, while security firm Huntress says 28 of its customers were affected, and other firms expect the total will grow. Many incidents occurred where passwords were never reset after migration. Although some researchers initially suspected a zero day, SonicWall says the pattern matches the previous CVE exploitation and the company urges customers to reset local and LDAP based credentials as well as upgrading to Sonic OS 7 3.0. Now, some practical advice here. After any major upgrade or security patch, particularly on perimeter devices like firewalls or VPNs, and particularly where there are known zero days or CVEs that have been out there, make sure you consider rotating credentials, always verify log integrity, and absolutely ensure there are no reused passwords that remain in place. Strong credential hygiene is one of the most effective defenses against opportunistic ransomware. And while firewalls and court systems face these direct intrusion issues, another front in the cybersecurity battle continues to unfold attacks aimed at artificial intelligence researchers at NeuroTrust have developed a new jailbreak technique that bypasses GPT5's ethical guardrails, producing harmful instructions. The method combines Echo Chamber, a context poisoning technique, with narrative steering using storytelling to avoid triggering refusal mechanisms in large language models. First detailed in June 2025, Echo Chamber works through indirect references and multi step inference. In recent tests, researchers began with harmless keyword lists, built those lists into a story, and gradually extracted illicit guidance without asking the system directly. The attck works well in multi turn conversations where keyword based filters can be sidestepped, and Trend Micro warns that this kind of attack, combined with connecting AI models to external systems can expand the attack surface. Their testing found that GPT5's unguarded version was nearly unusable for enterprise without hardening, and it was also still vulnerable to basic adversarial tricks. The risks extend, of course, to AI agents. Zenity Labs has detailed agent flare zero click attacks that exploit integrations like Google Drive or Jira to exfiltrate sensitive data. Other research revealed this past week showed how poisoned calendar invites could hijack smart homes via Google's Gemini AI, and another exploit used crafted emails to trick Microsoft copilot into agents into leaking information. Now here's some practical advice. Red teen AI systems regularly and make sure you train specialists in LLM manipulation and in things like Model context protocol or MCP threats. Use defenses with strict output filtering and monitoring. Limit AI agent autonomy for sensitive systems. Apply the same controls you would when thinking about human access to production systems. Train your developers and your users to recognize the risks of AI and ensure they use critical thinking about when, where and how to use AI safely. As AI becomes embedded in workflows across all businesses, securing it against stealthy context based manipulation will be critical to maintaining trust and integrity in these systems. But fair warning, large language models were built on a massive amount of data from the open web, some of which was extremely harmful, hateful, or disturbing. And too much of that awful content remains deeply embedded in these large language models. And what was true in the 1950s remains so today, perhaps even more so with AI. Garbage in, garbage out. Guardrails that exist today in models are nothing but air fresheners. They mask, but they don't eliminate the source of the odor. Now, from compromised court systems to ransomware exploiting old credentials, from previous exploits to AI models manipulated through subtle narratives, these incidents all highlight a central truth in cybersecurity. Even the most advanced technology is only as secure as the vigilance of the people who manage it. Now here's a recap of what I saw at hacker Summer Camp 2025. First, a special thank you to BSIDES Las Vegas for inviting me to present PEBCAC rebooted A Hacker's Guide to People Patching in 90 Days, a talk based on the latest research from Boseron's work. With 1300 organizations and more than a million people, it was a privilege to speak at the OG BSides event. For those who don't know BSides, Las Vegas was the start of the global B Sides movement of these local, community driven conferences. BSIDES began as a place for those who didn't get picked to speak at Black Hat or defcon. It's a stage for voices that might otherwise be missed, and it's grown into an incubator for new talent building confidence, soft skills and professional networks. Over the years I've attended B Sides events in Canada from Vancouver to St. John's and this year I added in the US San Francisco and Las Vegas. And once again, the talks didn't disappoint. One that stood out for me was infiltrating like a ninja, unveiling detection gaps in physical security across Japan and the US by By Yu Nakatsura Fumiya Amai and Viet Liu. Their first ever conference talk, and the first time that many of them had presented in English, explored not just technical weaknesses or issues, but also cultural differences and how they shape and impact physical security. It was exactly the kind of fresh perspective that B Sides was built for. Another highlight for me came from the Eye on the Cavalry track, which focuses on how the security community can help protect critical infrastructure and society. The panel on Healthcare Cybersecurity was excellent and it featured a great project from the University of California, San Diego called Crash Cart. It's a mobile IT system complete with networks and hardware and laptops and systems that could be deployed to restore a hospital that's in the midst of a ransomware or other cyber incident. The project itself was inspiring, but the discussion also revealed the dire financial state of US healthcare, especially rural hospitals. And with recent cuts to federal funding and continued pressure, that's going to lead to more and more consolidation of hospitals into larger and larger systems. Consolidation, the researchers warn, means that dozens or even hundreds of hospitals can be taken offline in a single attack, which has happened several times now and is poised to get worse. What they noted is that the Crash Cart project isn't scalable. It can help particular hospitals, but if you take down dozens or hundreds at a time, it doesn't work. And last but not least, there was Casey Ellis's talk from bugcrowd. Casey's a speaker I've admired for years, and last year Casey faced a life threatening heart issue right before the summer conference season. His talk this year was focused on the idea of the two fools and reflected on the value and fragility of knowledge sharing across generations. As Casey put it, the young fool thinks that old knowledge is useless, and the old fool thinks that new knowledge is invaluable. Passing wisdom between generations is something that BSides fosters, but across our wider industry, it's a skill we're in danger of losing, especially as AI adoption threatens many entry level opportunities that once help people build technical and critical thinking skills. And this was just a taste of the talks. In a month or two you can watch many of these talks on YouTube. In the meantime, a talk I mentioned from my trip to Bside San Francisco by Daniel A. Ray on the AI Apocalypse is now online and I highly encourage you to watch it. Now, I didn't attend any Black hat sessions this year, but I did meet some people who did attend the event. One comment stuck out for me from someone who was part of the AI Summit, and it was something like this. All the AI talks kept stressing the need for humans in the loop. But isn't it interesting? For 20 years many of these same folks have been saying humans are the weakest link. Food for thought. Maybe people weren't the weakest link after all. Now. Defcon Massive, Chaotic, Brilliant, and surprisingly hopeful. Yes, there were sobering talks about the worsening security problem, and many had an AI twist. But there was also an overwhelming sense of energy from thousands of people working to break and fix things for the better. And if you've ever wondered what a hacker or security pro looks like after spending the week with tens of thousands of them, they look just like you. Whatever your age, background or skill level. If you're curious, if you love solving problems, there is a place for you in this community. Wearing my DEF CON badge was like an open invitation. Strangers would strike up conversations, share a table in the food hall, or swap stories in the hallway. DEF CON's early days were wilder, sure, and some old timers missed that, but its reach and inclusivity today is its own kind of cool. Is it crowded? Yeah, it's massive. And do you have to plan ahead? Absolutely. And can you see everything? Not even close. It will probably take me the rest of the year to watch all the talks that I wanted to see. I'll dig into some of the standout DEF CON talks on Wednesday's show, but for now, remember this. Even if you couldn't make it to Hacker Summer Camp this year, many of the talks will be online in a month or two. You'll be able to catch many of them on YouTube and the lessons, insight and some of the inspiration will be just as valuable then. As always, stay skeptical. Keep your devices up to date and keep learning. We're always interested in your opinion and you can contact us@EditorialEchnewsDay CA or leave a comment under the YouTube video as well. A small ask Help us spread the word about the show. Give us a Like or a subscribe. Please consider leaving us a review on your favorite podcasting platform. And if you like the show, please tell others. We'd love to grow our audience even more, and we need your help. I've been your host, David Shipley. I'll be back on Wednesday sitting in for Jim, who will be back on Friday. Thanks for listening.