New Video from @hak5 Highlights Critical Cybersecurity Issues

In this edition of Threat Wire, presented by Alli Diamond, several hot topics in the world of cybersecurity are discussed, with a particular focus on iOS vulnerabilities, AI-automated attacks, massive data leaks, and human errors in managing secrets. Here is a detailed summary of the key points discussed.

One of the most concerning topics is a purported zero-day vulnerability affecting iOS 26, the latest version of Apple's mobile operating system, touted as the most secure to date. Released in September 2025, iOS 26 introduced revolutionary technology called memory integrity enforcement, which uses keys to detect and block attempts to access unauthorized memory areas. This innovation had been hailed by experts as a major advancement in security, making memory corruption attacks almost impossible. However, just three months after its release, an announcement on the dark web claims to have discovered a zero-click exploit (which requires no user interaction) targeting the iOS 26 message parser. According to the seller, known by the pseudonym Researcher X, this vulnerability allows for remote code execution (RCE) via a malformed message, followed by sandbox escape and privilege escalation to the system kernel. The exploit is said to be particularly stealthy, leaving no visible traces such as crash logs or alerts. However, its authenticity remains unproven, and the community remains skeptical. Apple recently increased its bug bounty rewards for zero-click attack chains to $2 million, but dark web sales can reach $5 million, raising questions about the motivation of researchers to responsibly disclose these vulnerabilities.

Another notable topic is the emergence of nearly fully automated AI-driven attacks. Anthropic, a company specializing in AI, reported in November 2025 what it describes as the first almost entirely AI-driven attack campaign, with a 90% automation rate. Conducted by a state-sponsored Chinese group, this operation targeted around thirty organizations. The attack unfolded in five phases: first, human intervention to define targets, followed by an automated intelligence gathering and attack surface mapping phase via MCP servers using the Claude AI model. Discovered vulnerabilities were then autonomously analyzed and exploited, with occasional human validations. Subsequent phases included credential collection, data exfiltration, and backdoor installation, all orchestrated by AI with minimal human intervention to validate critical steps. However, Anthropic's report has been sharply criticized for its lack of technical details and absence of indicators of compromise (IOCs), leading many experts to question its credibility. Despite this, the U.S. Congress has invited Anthropic's CEO to testify on December 17, 2025, which could shed light on the reality of this threat.

The video also covers a series of recent data leaks and cybersecurity incidents, illustrating the frequency and impact of security breaches. Among the mentioned cases are a vulnerability in the Code Red Alert system used by the U.S. government to broadcast urgent alerts, a leak of 33.7 million customer data records at Coupang (a Korean competitor to Amazon), a breach at OpenAI via its supplier MixPanel, and a data leak at the French Football Federation. These incidents underscore the importance of regularly rotating passwords and being vigilant about third-party risks.

Finally, a lighter but equally crucial topic concerns human errors in managing secrets, particularly the accidental publication of credentials in public repositories. Security researcher Luke Marshall scanned 5.6 million public GitLab repositories using the tool Truffle Hog and discovered over 17,000 active secrets, including more than 5,000 GCP credentials. These leaks span repositories from 2010 to the present, with the majority occurring in the last five years. Through responsible disclosure, the researcher received a $9,000 reward for his findings. This type of error, though simple to avoid, remains common and can have disastrous consequences, such as unauthorized access to critical infrastructure.

In conclusion, this edition of Threat Wire highlights the constant challenges of cybersecurity, whether it be zero-day vulnerabilities, AI-automated attacks, or human negligence. It underscores the importance of transparency, collaboration between researchers and companies, and adopting best practices to mitigate risks. To stay updated on these topics and other cybersecurity news, be sure to follow future editions.