Human Rights at Risk in the Sprint Toward AI Sovereignty
(Kian Vesteinsson and Grant Baker – Just Security) As AI tools are increasingly embedded in people’s daily lives and the global economy, policymakers worldwide have declared their pursuit of “AI sovereignty”—the idea that governments should invest in and secure control over domestic AI systems, training data, and cloud computing infrastructure. Freedom House’s recent Freedom on the Net report (which we co-authored) found that such government investments in AI may enable censorship and surveillance, particularly in authoritarian states. Policymakers and technology firms in democratic countries should work with civil society organizations to ensure that safeguards are embedded in such systems to protect people’s rights. Technology firms that contribute to the AI stack in authoritarian countries should conduct due diligence to ensure their products are not facilitating human rights violations. – https://www.justsecurity.org/132427/human-rights-ai-sovereignty/
Crypto exchanges face strict 2027 reserve rules under new Brazil framework
(DigWatch) Brazil’s central bank has introduced a regulatory framework requiring licensed crypto exchanges to prove asset sufficiency daily starting on 1 January 2027. The measures align digital asset intermediaries with banking standards on capital management, accounting, and data protection. Under the rules, exchanges must submit daily attestations confirming that platforms hold adequate fiat and token reserves. Supervisors will review the reports to ensure companies can cover operational, liquidity, and cybersecurity risks while protecting customer balances. – https://dig.watch/updates/brazil-crypto-exchanges-regulation
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group
(Jonathan Greig – The Record) Prosecutors in Taipei indicted 62 people and 13 companies for their involvement in cyber scam operations organized throughout Asia by the Prince Group. The Taipei District Prosecutors Office initiated its investigation in October after Chen Zhi, the founder of the Prince Group, was indicted by U.S. prosecutors on money laundering charges. The company is accused of running hundreds of compounds in Cambodia where workers and human trafficking victims were forced to conduct cyberscams and steal billions from people in the U.S., Europe and China. Zhi was arrested in Cambodia earlier this year and extradited to China. – https://therecord.media/62-indicted-taiwan-prince-group-scams
ContextCrush Flaw Exposes AI Development Tools to Attacks
(Alessandro Mascellino – Infosecurity Magazine) A critical vulnerability affecting the Context7 MCP Server, a widely used tool for delivering documentation to AI coding assistants, has been disclosed by security researchers. The issue, dubbed ContextCrush, could allow attackers to inject malicious instructions into AI development tools through a trusted documentation channel. The flaw was discovered by Noma Labs researchers in the Context7 platform operated by Upstash. Context7 is used by developers to provide AI assistants such as Cursor, Claude Code and Windsurf with up-to-date library documentation directly inside integrated development environments. With around 50,000 GitHub stars and more than 8 million npm downloads, the server has become a common component in AI-assisted development workflows. – https://www.infosecurity-magazine.com/news/contextcrush-ai-development-tools/
Operation Leak: FBI and Europol dismantle LeakBase Cybercrime forum
(Pierluigi Paganini – Security Affairs) The Federal Bureau of Investigation seized the LeakBase cybercrime forum (leakbase[.]la), a platform used to trade hacking tools and stolen data. The action formed part of “Operation Leak,” an international effort coordinated by Europol involving authorities from 14 countries, who took control of the forum’s domains and posted seizure notices. Active since 2021, LeakBase became a key hub in the cybercrime ecosystem, specializing in trading leaked databases and “stealer logs” containing credentials stolen by infostealer malware. Operating openly in English, the forum combined marketplace and discussion features, allowing cybercriminals to buy, sell, and exchange compromised data. – https://securityaffairs.com/188958/cyber-crime/operation-leak-fbi-and-europol-dismantle-leakbase-cybercrime-forum.html
Google uncovers Coruna iOS Exploit Kit targeting iOS 13–17.2.1
(Pierluigi Paganini – Security Affairs) Google’s Threat Intelligence Group has identified a powerful new iOS exploit kit called Coruna (also known as CryptoWaters) that targets Apple iPhones running iOS versions 13.0 through 17.2.1. The kit includes five full exploit chains and a total of 23 exploits. – https://securityaffairs.com/188928/security/google-uncovers-coruna-ios-exploit-kit-targeting-ios-13-17-2-1.html
Cisco fixes maximum-severity Secure FMC bugs threatening firewall security
(Pierluigi Paganini – Security Affairs) Cisco addressed two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) that could allow attackers to gain root access. Cisco Secure Firewall Management Center (FMC) is a centralized management platform for Cisco firewalls. It lets administrators configure, monitor, and control multiple firewalls from a single web or SSH interface. Through FMC, teams can manage policies for intrusion prevention (IPS), application control, URL filtering, advanced malware protection, logging, reporting, and overall network security posture across their environment. – https://securityaffairs.com/188921/security/cisco-fixes-maximum-severity-secure-fmc-bugs-threatening-firewall-security.html
Automate or orchestrate? Implementing a streamlined remediation program to shorten MTTR
(Pierluigi Paganini – Security Affairs) Almost all security teams want to reduce their Mean Time to Remediate (MTTR). And for good reason: research from 2024 found that it takes an average of 4.5 months to remediate critical vulnerabilities. The problem is that most organizations are going about it all wrong. Their approaches lack nuance: some teams respond to every exposure with a fire drill, others with a simple patch. Neither approach really works. This blog breaks down the critical distinction between automation and orchestration. You’ll learn when to hit the “Easy Button” for low-risk, high-volume assets, versus when to trigger a bi-directional workflow for complex misconfigurations. Then, we’ll explore how to build a unified remediation structure that puts each route into action. Armed with that knowledge, you can stop your security and IT teams fighting over “noise” – and start collaborating under a streamlined process that actually reduces risk. It’s time to put your MTTR reduction plan into action. – https://securityaffairs.com/188917/security/automate-or-orchestrate-implementing-a-streamlined-remediation-program-to-shorten-mttr.html
