cabyc Data Dump Spree, FortiBleed Campaign, AutoJack AI Agent Exploit

Events tracked
218
Critical exposure
90

Summary

Today's threat landscape is defined by two parallel pressures: a massive data-dump campaign from actor cabyc, who claims to have breached over 20 organizations across multiple continents, and critical infrastructure-level vulnerabilities that demand immediate patching. Defenders should prioritize FortiGate appliance security against the FortiBleed campaign and review AI agent deployments for the novel AutoJack attack vector. The volume of alleged breaches from a single actor signals a shift toward bulk credential and data harvesting operations.

Today's developments

The most significant event today is the broad data breach campaign attributed to actor cabyc, who claims to have compromised over 20 entities. Victims span the United States, France, Mexico, Vietnam, the Philippines, Kazakhstan, and the United Arab Emirates. Alleged targets include financial institutions such as Commercial Bank of Dubai (800,000 records) and Banorte (5.9 million), e-commerce platforms like HomeChef (5 million) and Sayweee (1 million), and professional services firms including NetProspex (8 million) and FlexBooker (2.9 million). Also claimed are breaches of Zacks.com (4 million), ExploreTalent.com (4.7 million), DriveSure (4.5 million), Vietnam Airlines (960,000 lines), ZALO Vietnam Mobile (2.34 million), and BofA Securities, Inc. The actor additionally claims a massive Twitter dataset (180 million records). Separately, actor Saturne alleges a breach of MonCompteFormation.gouv.fr (646,000 records) and Woopit.fr (256,000 records) in France, while actor rimkus11 claims a breach of French retailer Cultura (2 million records).

On the vulnerability front, industry researchers report a widespread campaign dubbed FortiBleed, with CISA warning that 86,644 internet-exposed FortiGate devices have been compromised, likely by Russian-speaking threat actors. This is not a theoretical risk -- it is an active, ongoing exploitation campaign. Separately, Microsoft researchers have published details on AutoJack, an exploit chain that allows a single malicious webpage to hijack an AI browsing agent and achieve remote code execution on the host machine. The attack abuses trust in localhost and missing authentication in AutoGen Studio's MCP WebSocket, requiring no user interaction beyond the agent loading the page.

In positive enforcement news, law enforcement from the Netherlands, Canada, Germany, and the U.S. have disrupted SocGholish infrastructure, cleaning nearly 15,000 infected WordPress sites. The operation, part of Operation Endgame, targeted the botnet linked to Russia-based cybercrime group Evil Corp. Additionally, Salesforce disabled the Klue Battlecards app integration after OAuth token abuse exposed customer data, and Apple patched a high-severity flaw (CVE-2025-20701) in Beats Studio Buds that could allow nearby attackers to eavesdrop via the microphone.

Threat landscape signals

The concentration of activity from actor cabyc is the dominant signal today. With 16 events in a single day, this actor is operating at industrial scale, targeting a wide range of industries and geographies. The pattern suggests a data broker or reseller model rather than a targeted extortion campaign. Defenders should assume that any organization with an online customer base could be in scope for future dumps.

Geographically, the United States remains the most targeted country (36 events), but the high volume of incidents in Thailand (25), Malaysia (22), and France (20) indicates that threat actors are diversifying their victim pools beyond traditional Western targets. The ransomware landscape remains active with 27 events, but the data breach category (71 events) dominates, driven largely by cabyc's campaign. The Gentlemen RaaS operation's development of the GentleKiller EDR framework, targeting 400 security processes, signals that ransomware affiliates are investing in defense evasion capabilities, which may lead to higher success rates in future attacks.

All incidents are reported as alleged claims by threat actors and have not been independently verified by GrayscaleInsight.

Threat intelligence is reported for security awareness purposes only and does not constitute endorsement of any actor, group, or activity.

Recent editions