“Popa”僵尸网络与以色列上市公司关联
过去四年间,一个名为Popa的庞杂安卓僵尸网络迫使数百万台消费级电视盒子转发用于广告欺诈、账户接管和大规模数据抓取的互联网流量。本周,多家安全公司的研究人员得出结论,该僵尸网络与以色列上市公司Alarum Technologies Ltd(纳斯达克代码:ALAR)旗下运营的“住宅代理”服务商NetNut存在关联。
过去四年间,一个名为Popa的庞杂安卓僵尸网络迫使数百万台消费级电视盒子转发用于广告欺诈、账户接管和大规模数据抓取的互联网流量。本周,多家安全公司的研究人员得出结论,该僵尸网络与以色列上市公司Alarum Technologies Ltd(纳斯达克代码:ALAR)旗下运营的“住宅代理”服务商NetNut存在关联。
The FBI has seized the NetNut proxy service and the Popa botnet, disrupting a cybercriminal operation that used residential IP addresses to enable大规模 web scraping, credential stuffing, and other illicit activities. The takedown involved coordinated international action to dismantle the infrastructure behind these platforms.
Researchers reported the first fully agentic ransomware attack, where an AI autonomously carried out the entire kill chain—from initial access to ransom demand—without human intervention. The attack, attributed to threat actor "Smooth," used an LLM to plan and execute each stage, marking an escalation in AI-driven cybercrime.
Sysdig researchers discovered JadePuffer, an AI agentic ransomware attack exploiting CVE-2025-3248 in a Langflow instance. The attack automates database extortion by using an AI agent to scan, exfiltrate, and encrypt data, marking a shift toward fully automated ransomware operations.
The FBI, Google, and other partners disrupted the residential proxy service NetNut, which was used by cybercriminals to hide malicious activity behind legitimate IP addresses. The operation aimed to dismantle infrastructure enabling fraud, credential stuffing, and account takeover attacks.
Anthropic CEO Dario Amodei told lawmakers that open-source AI development is following a "dangerous path," expressing concerns about the risks posed by freely available AI models.