In partnership with

⏱️ ≈ 7-minute read

Editor’s Note: This week, cyber risk made itself everyone’s business — from courtrooms to car factories. Vendor breaches exposed the trust gap, AI proved it’s not done breaking browsers, and even satellites took a moral stand. Grab your coffee; we’re patching our faith in tech again.

📬 This Week’s Clickables

  • 📌 Big NewsNSO faces the music; ransomware brings JLR’s supply chain to its knees

  • 🚨 Can’t MissF5 breach fallout, Oracle SSRF in the wild, Microsoft vs. Teams malvertising, State AGs flex privacy power

  • 🤖 AI in CyberNation-states scale AI ops, browsers betray users, and developers vibe-code vulnerabilities

  • 🧪 Strange Cyber StoryStarlink flips the kill switch on scam syndicates

🚨 Big Stories

🔒 Judge Bars NSO from Targeting WhatsApp; Slashes Damages

Intro: A rare courtroom win for privacy — and a sharp rebuke to the spyware industry.
What Happened: A U.S. federal judge permanently barred NSO Group from using or marketing spyware that circumvents WhatsApp, while slashing Meta’s damages claim from $168 million to $4 million. The decision caps a five-year legal fight over Pegasus-style surveillance targeting journalists and diplomats.
Why It’s Important: The injunction sets a major precedent: spyware vendors can’t hide behind sovereign-immunity claims when they attack commercial platforms. It also gives other tech firms a legal playbook for countering private surveillance sellers.
The Other Side: NSO argues its government customers can still lawfully use the tools — meaning the market for mercenary spyware isn’t going dark anytime soon.
👉️ Takeaway: A clear victory for user privacy, but the demand for commercial spyware remains alive and profitable.
TL;DR: The court clipped NSO’s wings — not the entire surveillance industry.

Further Reading: The Record coverage 

“Security is a process, not a product.” — Bruce Schneier

🚗 Jaguar Land Rover Cyberattack Pegged at $2.5B Economic Hit

Intro: The week’s most expensive reminder that cyber risk doesn’t stop at IT — it hits GDP.
What Happened: Jaguar Land Rover’s August ransomware attack continues to reverberate, with analysts now estimating a £1.9 billion (~$2.5B USD) blow to the UK economy. The outage halted factory production, froze dealership logistics, and disrupted more than 5,000 suppliers across its supply chain.
Why It’s Important: The attack underscores how industrial ransomware has evolved into an economic event, not just an IT one. The cascading effect on suppliers shows that “supply-chain risk” isn’t metaphorical anymore — it’s measurable in billions.
The Other Side: JLR says systems are being restored in phases, and it hasn’t named the attackers or confirmed ransom payments. The UK’s NCSC continues to investigate broader impact.
👉️ Takeaway: Ransomware resilience isn’t just a security strategy — it’s national infrastructure policy.
TL;DR: JLR’s downtime didn’t just stop production — it dragged the entire UK economy into the red.

Further Reading: The Guardian | The Record

The Gold standard for AI news

AI keeps coming up at work, but you still don't get it?

That's exactly why 1M+ professionals working at Google, Meta, and OpenAI read Superhuman AI daily.

Here's what you get:

  • Daily AI news that matters for your career - Filtered from 1000s of sources so you know what affects your industry.

  • Step-by-step tutorials you can use immediately - Real prompts and workflows that solve actual business problems.

  • New AI tools tested and reviewed - We try everything to deliver tools that drive real results.

  • All in just 3 minutes a day

Join 1M+ pros

🔥 Can’t Miss

  • 🧱 F5 Incident Broadens After Source Code Theft
    F5 confirmed intruders accessed BIG-IP source code and internal vulnerability data, prompting a CISA emergency directive. No pipeline tampering found, but customers face heightened risk from stolen intel.
    👉️ Takeaway: Vendor breach = shared exposure. Audit your dependencies now, not post-incident.

  • 🧾 CISA Confirms In-the-Wild Exploitation of Oracle E-Business Suite SSRF (CVE-2025-61884)
    The critical SSRF flaw is being actively exploited and now sits on CISA’s KEV list with a Nov 10 patch deadline. Attackers exploit the bug to reach internal ERP systems.
    👉️ Takeaway: ERP vulnerabilities aren’t rare anymore — they’re retail shelf staples for attackers.

  • 🪟 Microsoft Disrupts Rhysida / Vanilla Tempest Teams Malvertising Wave
    Fake Teams installers signed with valid certificates delivered “Oyster” malware via SEO and ad lures. Microsoft revoked over 200 certificates tied to the campaign.
    👉️ Takeaway: Signed ≠ safe — internal controls beat external trust seals every time.

  • 🏛️ State AGs Quietly Ramp Privacy Enforcement
    A new EPIC report highlights more than 1,200 state-level privacy actions since 2019, with data-broker oversight and breach fines on the rise.
    👉️ Takeaway: The privacy cops you should fear aren’t in D.C. — they’re in your state capital.

Find out why 100K+ engineers read The Code twice a week.

That engineer who always knows what's next? This is their secret.

Here's how you can get ahead too:

  • Sign up for The Code - tech newsletter read by 100K+ engineers

  • Get latest tech news, top research papers & resources

  • Become 10X more valuable

Join 100k+ engineers

🤖 AI in Cyber

  • 🛰️ AP: Microsoft Says Adversaries Are Scaling AI in Ops
    Microsoft’s latest Digital Defense Report logged 200+ AI-assisted influence and phishing ops in one month, led by Russia, China, Iran, and North Korea. These models generate convincing lures and misinformation faster than defenders can react.
    👉️ Takeaway: AI has fully joined the attacker toolkit — treat it as adversary infrastructure.

  • 🌐 Atlas Privacy & Attack Surface: Browser AI Goes Rogue
    Joint WaPo, Fortune, and SecurityWeek coverage revealed prompt-injection, insecure sidebars, and data-leak risks in AI-powered browsers. Enterprise use policies are already lagging behind adoption.
    👉️ Takeaway: The “AI browser” boom is outpacing security governance — expect breaches before controls.

  • 🧪 “Vibe Coding” Critique: AI Code Isn’t (Just) Buggy — It’s Judgment-Poor
    Analysts warn that AI-generated code lacks human caution, pushing insecure logic at scale under time pressure. Automation is shipping flaws faster than QA can catch them.
    👉️ Takeaway: Speed kills — enforce guardrails before your CI/CD becomes your compromise vector.

🧟‍♂️ Strange Cyber

Intro: A private company just took cyber-crime suppression into orbit.
What Happened: SpaceX remotely deactivated thousands of Starlink terminals operating in Myanmar scam compounds tied to human-trafficking and fraud. Reports suggest the networks used Starlink to evade national ISP blocks and maintain scam operations.
Why It’s Important: It’s the first major instance of a satellite ISP using technical control to combat criminal infrastructure, blending corporate policy with cross-border law enforcement.
The Other Side: The shutdown could impact nearby legitimate users and raises precedent questions over private control of global connectivity.
👉️ Takeaway: When connectivity becomes the weapon, the kill switch becomes the justice tool — and the ethical dilemma.
TL;DR: Starlink went vigilante; the scam lords just lost their Wi-Fi.

Further Reading: The Record coverage

Thanks for reading this week’s edition. Like what you see? Forward it!

Hate everything you see or have other feedback? Reply back to this email!

Keep Reading

No posts found

© 2025 Exzec Cyber's Newsletter..

Privacy policy

Terms of use

Powered by beehiiv