MalTerminal, created before Nov 2023, shows earliest LLM-embedded malware, signaling new AI-driven cyber threats.
Get the latest international news and world events from around the world.
ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent
ShadowLeak zero-click flaw in ChatGPT Deep Research leaks Gmail data via hidden HTML prompts, bypassing security
Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability
“A deserialization vulnerability in the License Servlet of Fortra’s GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection,” Fortra said in an advisory released Thursday.
The company also noted that successful exploitation of the vulnerability is dependent on the system being publicly accessible over the internet.
Users are advised to update to the patched release – version 7.8.4, or the Sustain Release 7.6.3 – to safeguard against potential threats. If immediate patching is not possible, it’s advisable to ensure that access to the GoAnywhere Admin Console is not open to the public.
17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge
The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries.
“Phishing-as-a-Service (PhaaS) deployments have risen significantly recently,” Netcraft said in a new report. “The PhaaS operators charge a monthly fee for phishing software with pre-installed templates impersonating, in some cases, hundreds of brands from countries around the world.”
Lucid was first documented by Swiss cybersecurity company PRODAFT earlier this April, detailing the phishing kit’s ability to send smishing messages via Apple iMessage and Rich Communication Services (RCS) for Android.
Steam will stop running on Windows 32-bit in January 2026
Valve has announced that its Steam digital distribution service will drop support for 32-bit versions of Windows starting January 2026.
Two years earlier, in January 2024, Steam also dropped support for Windows 7, Windows 8, and Windows 8.1, recommending users to upgrade to a newer operating system.
Although Steam will soon stop running on Windows 10 32-bit (the only 32-bit Windows version still supported), it will continue to be supported on Windows 10 64-bit, and 32-bit games will remain playable.
Microsoft starts rolling out Gaming Copilot on Windows 11 PCs
Microsoft has begun rolling out the beta version of its AI-powered Gaming Copilot to Windows 11 systems for users aged 18 or older, excluding those in mainland China.
Tagged as a “personal gaming sidekick,” Gaming Copilot will also be pushed to Xbox mobile app users on Apple and Android devices starting next month.
To start using Gaming Copilot in the Game Bar, Windows users must install the Xbox PC app on their PC and use the Windows logo key + G keyboard shortcut to open the Game Bar. Next, they can find the Gaming Copilot icon in the Home Bar, open the widget, and log in to their Xbox account.
CISA exposes malware kits deployed in Ivanti EPMM attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).
The flaws are an authentication bypass in EPMM’s API component (CVE-2025–4427) and a code injection vulnerability (CVE-2025–4428) that allows execution of arbitrary code.
The two vulnerabilities affect the following Ivanti EPMM development branches and their earlier releases: 11.12.0.4, 12.3.0.1, 12.4.0.1, and 12.5.0.0.
Next-generation T cell immunotherapies engineered with CRISPR base and prime editing: challenges and opportunities
T cells can be reprogrammed with transgenic antigen recognition receptors, including chimeric antigen receptors and T cell receptors, to selectively recognize and kill cancer cells. Such adoptive T cell therapies are effective in patients with certain haematological cancers but challenges persist, including primary and secondary resistance, a lack of efficacy in patients with solid tumours, a narrow range of targetable antigens, and time-consuming and complex manufacturing processes. CRISPR-based genome editing is a potent strategy to enhance cellular immunotherapies. Conventional CRISPR–Cas9 systems are useful for gene editing, transgene knock-in or gene knockout but can result in undesired editing outcomes, including translocations and chromosomal truncations. Base editing and prime editing technologies constitute a new generation of CRISPR platforms and enable highly precise and programmable installation of defined nucleotide variants in primary T cells. Owing to their high precision and versatility, base editing and prime editing systems, hereafter collectively referred to as CRISPR 2.0, are advancing to become the new standard for precision-engineering of cellular immunotherapies. CRISPR 2.0 can be used to augment immune cell function, broaden the spectrum of targetable antigens and facilitate streamlined production of T cell therapies. Notably, CRISPR 2.0 is reaching clinical maturity, with multiple clinical trials of CRISPR 2.0-modified cellular therapies currently ongoing. In this Review, we discuss emerging CRISPR 2.0 technologies and their progress towards clinical translation, highlighting challenges and opportunities, and describe strategies for the use of CRISPR 2.0 to advance cellular immunotherapy for haematological malignancies and solid tumours in the future.
#CRISPR9
Several persistent challenges limit the efficacy and applicability of adoptive T cell therapies for cancer, including suboptimal function and/or persistence in vivo, a narrow range of targetable antigens and complex manufacturing processes. This Review discusses the potential of ‘CRISPR 2.0’ precision gene-editing platforms, such as base editing and prime editing to address all of these challenges, and describes the progress made towards clinical translation of these technologies.