Table of Contents
Are fake AI tools and VPNs putting your business data at risk?
Cybercriminals currently exploit the high demand for artificial intelligence tools by running malicious Google Ads for Anthropic’s Claude Code. These fraudulent advertisements direct victims to fake websites where Windows users download malware and macOS users receive backdoor Trojans. In a separate operational failure, the Claude Code platform reportedly deleted two and a half years of a user’s project data without warning.
Enterprise Software Breaches
The Cl0p ransomware group breached numerous organizations by exploiting zero-day vulnerabilities (CVE-2025-61882) in the Oracle E-Business Suite. Attackers extracted sensitive corporate data and launched massive extortion campaigns against prominent companies like Schneider Electric and Michelin. Organizations running unpatched Oracle systems face immediate risks of data theft and financial extortion.
Government Database Intrusions
A hacker successfully compromised the infrastructure of CGI Sverige AB to publish the complete source code of Sweden’s e-government platform. The attacker also claims to possess sensitive databases containing citizen data and electronic signature documents. Similarly, the United Kingdom’s Companies House disabled its corporate registry portal after a software update allowed unauthorized users to modify official records.
VPN and Infrastructure Flaws
The threat group Storm-2561 uses search engine optimization poisoning to distribute fraudulent virtual private network applications that steal legitimate login credentials. The Cybersecurity and Infrastructure Security Agency also warned organizations about a Wing FTP Server vulnerability (CVE-2025-47813) that displays local installation paths. Additionally, Google removed the popular “Save image as Type?” extension after discovering embedded malware that compromised Chrome browser security.
Qihoo 360 Security Failure
Qihoo 360 accidentally bundled a private SSL certificate key within the public installer of its new AI assistant. This severe oversight allows malicious actors to intercept user traffic, impersonate official servers, and hijack AI sessions across the platform’s infrastructure. The company revoked the compromised certificate shortly after public discovery to prevent widespread misuse.