SentinelOne

🚦 Spain Arrests 34 Suspects Linked to Black Axe Cybercrime Network, BreachForums Suffers Another Data Leak, Rotterdam & Antwerp Port Systems Hacker Sentenced, “Reprompt” LLM Attack Revealed, and PLUGGYAPE Malware Targets Ukrainian Defense Sector 🚦 This is the week in cyber. This is SentinelOne’s Good, Bad & Ugly cyber news roundup. ⬇️ ✅ GOOD: Enforcement pressure hits fraud rings, hacker forums, and critical logistics • Spanish authorities arrested 34 suspects linked to the Black Axe group, and face charges for fraud including business email compromise and MiTM attacks across Europe. • The BreachForums hacking forum suffered another blow after its database was leaked, exposing details tied to roughly 324,000 accounts — weakening underground anonymity and raising the risk of identification for users. • A Dutch hacker was sentenced to seven years in prison for breaching IT systems supporting the ports of Rotterdam and Antwerp, with activity linked to attempted extortion and facilitating criminal operations. ⚠️ BAD: “Reprompt” shows how AI copilots can be hijacked for silent data theft • Researchers revealed an attack technique dubbed Reprompt that could allow adversaries to hijack a Microsoft Copilot session and trick it into exfiltrating sensitive data through prompt manipulation. 🤢 UGLY: PLUGGYAPE malware turns trusted messaging apps into a covert attack channel • Ukraine’s CERT-UA reported PLUGGYAPE malware operations targeting defense-linked victims, with attackers using Signal and WhatsApp as part of the delivery and interaction chain. Follow us for weekly GBU with practical defenses leaders can act on: https://s1.ai/GBU9-Wk3

Hacktivism, Reframed: When “Noise” Becomes a Strategic Weapon What’s new: In this #LABScon25 talk, SentinelOne’s Jim Walter breaks down how modern hacktivism is increasingly shaped by nation-state interests and, sometimes, outright driven by them. Why it matters: Not all hacktivism is equal. From low-signal “commodity craptivism” to sophisticated state-front operations, understanding who’s really behind the keyboard changes how defenders assess risk and intent. Zoom in: Walter’s talk introduces a four-tier framework that helps distinguish grassroots activism from influence operations, revealing how plausible deniability, narrative control, and ties to real-world events signal something far more strategic. The bottom line: Much of today’s high-impact hacktivism is actually fictivism — proxy operations masquerading as activism. Seeing through the persona is now a core part of threat intelligence. 🎥 Watch the full LABScon25 replay: https://s1.ai/LC25-JW

Prompt injection isn’t magic — it’s math. In this technical primer from SentinelLABS, Phil Stokes breaks down exactly how attackers exploit the gap between human semantics and machine statistics. LLM attacks aren't just “prompt injection.” They are exploits of how Transformer-based models process input — from BPE tokenization quirks to gradient-based manipulation of attention. Understanding what happens inside the LLM when attacks work is the first step to defending against them. Read the full analysis: https://s1.ai/inside-llm-1

Last month, in our 2026 cybersecurity forecast, SentinelLABS warned that a US–Venezuela flashpoint would spill into cyber and information operations, pulling in Russia, China, and Iran. A few days later, real-world events underscored how quickly those pressures can surface and reshape the threat environment. This is what our intelligence-led security research focuses on: - Tracking geopolitical pressure before it escalates or ruptures - Modeling cyber fallout before it hits networks - Calling the shape of conflict — not just reacting to it Swipe through the rest of the forecasts that could shape this year. Read the full report: https://s1.ai/Predictns

🚦 UK Launches Major Cyber Action Plan to Protect Public Services, China-Linked UAT-7290 Targets Telecom Networks in South Asia and Europe, and Critical n8n Workflow Automation Flaws Threaten Automation Infrastructure 🚦 This is the week in cyber. This is SentinelOne’s Good, Bad & Ugly cyber news roundup. ⬇️ ✅ GOOD: UK Government unveils new national cyber action plan • The UK government published a comprehensive Government Cyber Action Plan backed by £210 million to strengthen cybersecurity across government departments and digital public services. The initiative introduces a centralized Government Cyber Unit to coordinate risk management, incident response, and resilience efforts across the public sector. • The plan supports the digital transformation of public services — from benefits and healthcare access to tax systems — while aiming to improve risk visibility, incident response, and supply chain security so citizens can trust that their data and services are protected. ⚠️ BAD: China-linked UAT-7290 espionage group targets telecoms • A China-linked threat actor tracked as UAT-7290 has been actively targeting telecommunications providers and critical infrastructure organizations in South Asia. Now, they’ve extended into Southeastern Europe using Linux malware and operational relay nodes (ORBs) that may support other Chinese-based threat clusters. • The actor combines extensive reconnaissance with modular malware families like RushDrop, DriveSwitch and SilentRaid to gain deep, persistent access in victim networks. 🤢 UGLY: Multiple critical N8n vulnerabilities expose automation workflows • Multiple maximum-severity vulnerabilities have been disclosed in n8n, a widely used workflow automation platform, including a CVSS 10.0 unauthenticated remote code execution flaw (CVE-2026-21858) that can allow full takeover of vulnerable instances. • Another separate CVSS 10.0 remote code execution issue affects both self-hosted and cloud deployments (CVE-2026-21877), enabling authenticated attackers to execute arbitrary code within automation workflows. • These flaws, emerging in quick succession, highlight systemic risk in automation platforms that connect diverse tools and enterprise processes. Follow us for weekly GBU with practical defenses leaders can act on: https://s1.ai/GBU9-Wk2

Best of 2025: Tomer Weingarten’s OneCon vision wasn’t just a keynote — it became a reference point of the SentinelOne strategy for how security teams should approach AI security: not as a buzzword, but as an operating principle grounded in autonomy, intelligence, and anticipation. As we head into a new year, it’s worth a re-read. 👇

Public sector cyber resilience in the AI era starts with trust. SentinelOne’s Singularity Platform-High is a unified AI security solution that achieves GovRAMP Authorization, reinforcing our leadership in securing state and local governments. What this delivers: - Protection built to the highest compliance standards - Faster, simpler response across modern environments - Greater confidence defending critical systems and data The takeaway: For government security, compliance shouldn’t be merely a checkbox. It should be the foundation. Learn more about how SentinelOne is advancing government cyber resilience: https://s1.ai/GovRAMP

Everyone talks about “autonomous SOCs”. Our Autonomous SOC Maturity Model was the first to bring clarity to the AI security era — giving teams a clear view of where they are and what comes next. One of our most bookmarked posts of 2025, still holding up. Learn more: https://s1.ai/Atnms-SOC

This year, through our partnership with Risky Business Media, we’re doing something a bit little different 💡 👀 ▶️ How the World Got Owned is a documentary podcast series, taking a historical look at hacking throughout the decades - 80s, 90s, 00s, 10s, 20s. 🔗 Links: 🎧 Spotify - https://lnkd.in/gJ49TuNZ 🍎 Apple - https://lnkd.in/ed2pqdWE 🌐 RBM - https://risky.biz/HTWGO1/ It is hosted by Patrick Gray and Amberleigh Jack and produced by Risky Business Media, in partnership with SentinelOne. Today we dropped Episode One: The 1980s. Through the words of those that were there, the episode dives into life on the ARPANET, the 414s hacking group, the Morris Worm, the 1980s vibe inside the NSA and a parallel hunt for German hackers happening at a similar time to Cliff Stoll’s famous Cuckoo's Egg story. Thanks to Jon Callas, Mark Rasch, Timothy Winslow, Greg Chartrand and Tony Sager for sharing your memories.

AI coding assistants are quietly making decisions for you. Paired with a single malicious plug-in, those decisions could become compromised automation. What’s happening: To operate autonomously, modern coding agents rely on plugin marketplaces and third-party “skills” for tests, infra, migrations, and dependency management with dependency helpers acting as high-privilege choke points. The risk: A single, benign-looking dependency skill can quietly redirect a routine install to an attacker-controlled source, embedding a trojanized library without breaking builds or raising obvious red flags. What’s different: These skills persist across sessions. Once enabled, they continue influencing agent behavior, effectively becoming part of your software supply chain — more like compromising your package manager, rather than a one-off bad prompt. The big picture: As AI-driven development accelerates, plugin marketplaces and agent skills now sit inside the trust boundary — sometimes without teams realizing it. 📘 Read the Prompt Security blog: Get a detailed walkthrough of the attack mechanics and learn why dependency skills are a powerful, under-modeled risk in AI-assisted development. https://s1.ai/Prmpt-Plg