A

Zipline phishing flips the script with victims emailing attackers first. Google urges 2.5 billion Gmail users to reset passwords. Prompt lock shows how AI is reshaping ransomware. NX supply chain attack turns AI assistants into data thieves. And a whistleblower says Doge puts Social Security records at risk. This is cybersecurity today. I'm your host, Jim Love. A new phishing campaign called Zipline is changing the rules of the game. Instead of spamming inboxes, these attackers make you email them first. It starts with a simple message through the company's contact us form. When the staff reply, they're unknowingly opening a door of what looks like a normal business exchange. From there, the attackers don't rush. They'll spend days or even weeks building trust, trading messages, sending polite follow ups and sharing routine business documents like non disclosure agreements or project summaries. Everything looks professional, but eventually one of those attachments is different. A zip file carrying a malicious shortcut. Open it and it launches. A PowerShell loader that installs Mix Shell, a stealthy implant that hides in memory, uses DNS tunneling to talk to its controllers, and can reinfect machines even after cleanup. The only real tell so far? All the fake company websites use identical about us pages. The so called founders are stock photos, ironically pictures of White House butlers. A quick image search could reveal that some of these people don't actually exist. Targets so far have been US manufacturing and supply chain firms, but the technique could work anywhere. Zipline shows how phishing is evolving. Attackers are willing to act like real business partners for weeks before slipping in malware. And sometimes the only defense is noticing the smallest detail, like whether the people on a website are real. Google is urging all 2.5 billion Gmail users to reset their passwords after a hacker group known as Shiny Hunters gained access to business information and launched a massive phishing campaign. Now, the attackers didn't steal passwords directly. Instead, they broke into a Google Salesforce database and pulled out business contact details. With that information, they're now impersonating Google support staff and and targeting users with calls, texts and emails that look convincing. Victims are being pushed to hand over login details or one time security codes. What makes this campaign dangerous is its scale. Two and a half billion accounts are potential targets. Only about a third of users regularly update their passwords. That leaves a huge pool of people vulnerable to to these phishing messages. Google has already emailed affected users and is urging everyone to take precautions. That means changing your password, turning on two factor authentication and better yet, switching to pass keys, which rely on biometrics or your device and are much harder to fish. This isn't a drill. Hackers are using legitimate looking data to pose as Google itself, and at this scale, even even a small success rate could mean millions of compromised accounts. Reset now secure your logins and never trust the password reset request unless you initiate it yourself. Researchers at ESET have identified a new ransomware they're calling Prompt Lock. It's notable because it may be the first ransomware to actually use artificial intelligence as part of its attack. Instead of relying on a fixed set of commands, Prompt Lock runs a local AI model, OpenAI's open source GPT OSS 20B, and it does that through the Ollama API. Now that model generates malicious LUA scripts on demand. One script might search through files, another might exfiltrate data, another could encrypt it. Because the AI output changes every time, the ransomware never looks quite the same, which makes it harder for traditional signature based tools to catch. It's written in Golang, a language that's becoming very popular with attackers because of its cross platform support. That allows the same code base to target Windows, macOS and Linux, which saves effort and expands the attack surface. At this stage, Prompt Lock appears to be a proof of concept. The ransomware includes spec 128 bit encryption and there's even a dormant code for more destructive behavior, although it doesn't appear that that's been activated. But even as a concept, it's a warning. AI is lowering the technical barrier to creating malware that adapts in real time. PromptBlock isn't in widespread use yet, but it shows how quickly attackers are moving from experimentation with AI to actual attacks. Defenders need to assume malware won't always look the same from one incident to the next, and plan for a threat landscape that unfortunately is evolving on the fly. On August 26, the widely used build platform NX, a tool for managing complex JavaScript and TypeScript projects, was hijacked in a sophisticated supply chain attack. Here's what happened. Attackers published a malicious version of NX packages to the NPM Registry, which is the Central hub where JavaScript developers get their software libraries. For about five hours, those poisoned packages delivered a post install script that launched a hidden payload. The payload scanned developers systems on Linux and macOS, harvesting sensitive files like cryptocurrency wallets, SSH keys, and GitHub tokens. It then exfiltrated the data to public GitHub repositories under the victim's own accounts. The innovation here is troubling. The malware actually abused locally installed AI developer tools like Claude, Gemini and Q by prompting them to search for and extract secrets. In other words, it turned trusted AI assistants into reconnaissance agents. And while nobody's really sure why, the attacker even added a forced shutdown command to users terminal configs so that every new shell session would instantly crash. And this is likely how the compromise was first spotted, this attack shows how AI is already being integrated into offensive campaigns for developers. It's a reminder to review dependencies carefully, rotate credentials, and assume that even your AI coding tools can be manipulated into doing the attacker's work. A whistleblower at the Social Security Administration has filed a complaint alleging that the Department of Government Efficiency, known as Doge, put the personal data of nearly every American at risk. Charles Borges, who was serving as chief data officer, says Doge uploaded a complete copy of the Social Security database to a commercial cloud system without the safeguards required by law. That database includes Social Security numbers, names, birth dates, addresses and even information on citizenship and ethnicity. Borges argues that this not only bypassed SSA oversight but may have violated existing court restrictions on how the data could be stored. SSA officials insist that they have no evidence of a breach and say the database remains secure. But outside experts warn that if such a database were exposed, the scale of identity theft could be unprecedented and the government might even be forced to consider issuing new Social Security numbers. Congressional leaders are already demanding investigations, and for critics, the episode illustrates the risks of centralizing too much authority under efficiency programs without adequate transparency or technical safeguards. For critics, the episode illustrates the risk of centralizing too much data under the guise of efficiency programs without adequate transparency on or technical safeguards. The allegation shows how quickly modernization efforts can cross the line into dangerous territory when sensitive data is handled without strict controls. And that's our show for today. We'll have a special weekend show for you and this being a long weekend, I think we're going to be back with our regular start of the week show on Tuesday morning and will look for you then. I'm your host Jim Love. Thanks for listening.