Cyber Briefing: 2025.01.31

👉 What are the latest cybersecurity alerts, incidents, and news?

DeepSeek Vulnerabilities, LLMs, Phorpiex Botnet, LockBit Ransomware, Malicious Browser Extensions, Hijack Browsers, Devices, Time Bandit Jailbreak, ChatGPT, OpenAI, Safety Features, Coyote Banking Trojan, Brazilian Banks, Crypto Platforms, Tata Technologies, Ransomware Attack, University of Notre Dame Australia, Tor Project, X Account, Cryptocurrency Scam, AngelSense, Disabled Users, Data Leak, ZAR Rehab Clinics, Germany, US Justice Department, HPE, Juniper, $14B Deal, Competition Concerns, Google AI, Nation-State Groups, Malicious Operations, Microsoft 365, Bug Bounty Program, Tenable, Vulcan Cyber, Exposure Management, AI-Driven Phishing, BEC.

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please subscribe.

🚨 Cyber Alerts

1. DeepSeek LLM Flaws Exposed by Jailbreak

Researchers have uncovered significant vulnerabilities in DeepSeek’s large language models (LLMs), specifically DeepSeek-R1, through advanced jailbreaking methods. These exploits, like “Bad Likert Judge,” “Crescendo,” and “Deceptive Delight,” demonstrate how easily attackers can bypass safety measures to generate harmful outputs. By manipulating the models, malicious actors were able to extract sensitive information or create malicious code, including keyloggers and data exfiltration scripts.

2. Phorpiex Powers LockBit Ransomware Attacks

Cybereason’s latest threat analysis uncovers the resurgence of the Phorpiex botnet, which is now being used to deliver LockBit ransomware. This marks a significant shift in cybercrime tactics as Phorpiex automates the deployment of LockBit without the usual lateral infections, making it more efficient and stealthy. Historically used for spam campaigns and cryptocurrency mining, Phorpiex’s new role in ransomware distribution highlights its evolving…