Threat Vectr Weekly — week of May 25
Stories covered this week
Russia's Tech Embargo Run-Around: Shell Companies, Middlemen, and Embedded Spies
Western sanctions were supposed to starve Moscow's military-industrial base of critical components. Instead, Russian intelligence built a procurement machine to go get them anyway.
GlassWorm Is Down. The Repository Problem Isn't.
CrowdStrike, Google, and Shadowserver severed four C2 channels simultaneously. Meanwhile, 157 OSV false positives quietly eroded trust in the tools defenders depend on.
GDPR Fines and the Looming AI Regulation Battle
As AI tech faces scrutiny, GDPR's enforcement lessons underline the coming regulatory challenges.
Exploitation Industrialized: Navigating the New AI Battlefield
AI-driven attacks are reshaping the security landscape. Are defenders ready to adapt?
JINX-0164 Runs Fake-Recruiter Playbook Against Crypto Firms, Drops Custom macOS Malware
A newly catalogued threat actor is courting engineers at cryptocurrency companies with bogus job offers, then pivoting into CI/CD systems to siphon digital assets.
Shadow AI Is Now a Compliance Problem, Not Just an IT One
Employees are running unsanctioned AI assistants by the handful. Regulators are starting to ask who approved them, and under which control framework.
The 'Too Many Tools' Webinar Is a Sales Pitch. The Numbers Behind It Are Harder to Find.
Vendors keep telling network teams that consolidation and AI will fix incident response. I asked four of them for the data. None sent any.
AI-Driven OT Security Is Only as Good as the Telemetry Feeding It
Fewer than 10 percent of OT networks have meaningful monitoring in place, according to the 2026 Dragos OT Cybersecurity Year in Review. Until that changes, layering machine-learning tools on top of industrial control systems may create more risk than it resolves.
Transcript
Narrated by two AI anchors. Lightly formatted for reading.
Welcome back to Threat Vectr Weekly, the show where we cut through the noise and get straight to what matters in cybersecurity. I'm Marcus, joined as always by Elena. This week we are covering eight stories that deserve your full attention. Russia's sanctions-evasion machine has gotten a serious upgrade. A major botnet just got taken down — but the deeper problem it exposed is very much still with us. And artificial intelligence is reshaping the threat landscape in ways that are outpacing both defenders and regulators. Busy week. Let's get into it.
We start in the world of geopolitics and supply chains. Western sanctions were designed to cut Russia off from the technology its military needs. According to Western officials, that hasn't gone quite as planned. Russian intelligence services have built a layered procurement network — shell companies registered in friendly jurisdictions, witting and unwitting middlemen handling purchases, and cyber operatives embedded in those same networks to steal what can't be bought outright. The front-company playbook is old. What's new is the fusion with offensive cyber. A breach at a mid-tier electronics distributor may not just be about customer data. It may be reconnaissance for the next physical procurement run — mapping supplier contacts, product specs, and acquisition leads. Officials flagged critical infrastructure as a downstream concern, meaning components acquired through these channels could feed programs designed to attack power grids and industrial systems abroad. The takeaway: if you work in the electronics supply chain, a network intrusion may carry implications well beyond your own organization.
That's a sobering way to start the show. And it connects directly to our next story, because the line between physical supply chains and software supply chains is blurring fast. This week, CrowdStrike, Google Threat Intelligence Group, and the Shadowserver Foundation pulled off a clean coordinated takedown of a botnet called GlassWorm — severing all four of its command-and-control channels simultaneously at two in the afternoon UTC on May 26th. No new payloads. No new instructions. Operators cut off mid-operation. That is genuinely impressive coordination. Here's the but. GlassWorm was spreading through developer-facing repositories — trojanized VSCode extensions, poisoned npm packages, compromised Python libraries, targeting Windows, macOS, and Linux alike. The real prize was CI/CD pipelines. Steal a developer's credentials and you get carried into the enterprise on the next dependency update. Google's John Hultquist framed the takedown as part of a posture of bringing more pain to attackers. But ColorTokens' Agnidipta Sarkar put it plainly: this is disruption, not eradication. New account, new domain, new package name. The open-source ecosystem's near-zero identity verification makes restart costs trivially low. Check your dependencies.
Well said. And speaking of systems that were supposed to provide accountability — let's talk GDPR. The regulation turned eight years old this month, and the scoreboard is complicated. European regulators have announced around 7.1 billion euros in fines total. Sounds significant. But nearly 40 percent of that — roughly 2.8 billion euros — has been annulled or is actively under legal challenge. A 746-million-euro fine against Amazon: gone. A 15-million-euro fine against OpenAI: nullified. Meta and TikTok fines still on appeal. Large companies have proven very effective at finding the gaps. Now layer on top of that the EU's AI Act, which fully applies in August, and you start to see the pattern. The enforcement machinery that took eight years to build for data protection is going to face the same stress tests all over again for artificial intelligence. GDPR's most durable legacy may actually be its 72-hour breach notification requirement, which has now been adopted across six jurisdictions with the US moving toward a similar standard. That part worked. Whether AI regulation can replicate it is the open question.
A quick word from our sponsor, Train2Secure. Your people are your biggest cyber risk — and your strongest defence. Train2Secure runs realistic phishing simulations and short, engaging security-awareness training your team will actually finish, with compliance-ready reporting that runs on autopilot. Turn your staff into a human firewall. Start your free trial today at Train2Secure dot com — that's Train, the number two, Secure, dot com.
That breach notification standard really has had legs. But while regulators are still working out enforcement, attackers are not waiting around. Marcus, the next story is one I find genuinely unsettling because it's about a structural shift, not a single incident. AI is industrializing exploitation. What used to require elite attacker skill now requires access to computing power and off-the-shelf AI tools — both of which are increasingly easy to get. Reconnaissance that once took days now takes minutes. Attack patterns cycle faster than signature-based detection can track. And human attacker teams that once capped the scale of campaigns are being replaced by automated systems that don't sleep. The uncomfortable truth for defenders is that the answer isn't hiring more analysts or stacking more tools. The Dragos and IBM data we'll hear about later in the show underscore this. The real question is: what can an attacker actually do inside your environment right now? That reframe — from vulnerability inventory to attack path analysis — is the shift security teams need to make. Modern environments span cloud, operational technology, identity infrastructure, and third-party integrations. If your visibility doesn't span all of that, you have blind spots an AI-assisted attacker will find before you do.
Attack path analysis — that is exactly the right frame. And our next story is a very concrete example of attackers who clearly think in attack paths. A previously undocumented threat actor tracked as JINX-0164 has been running fake job offer campaigns against engineers at cryptocurrency firms. The lure is convincing — these operators apparently know how legitimate technical recruiting sounds. An engineer gets approached, goes through what looks like an interview process, and at the coding assignment or environment setup step, a custom macOS payload lands on their machine. From there, JINX-0164 doesn't go straight for the hot wallet. They move toward CI/CD infrastructure, build pipeline secrets, and signing keys — the plumbing that lets you push malicious updates or reroute funds at the protocol level. Wiz published the research and stops short of formal attribution, though the recruitment lure pattern will be familiar to anyone tracking North Korea-aligned activity like Contagious Interview. The practical takeaway if you work in crypto, or frankly any organization with valuable build pipelines: treat unsolicited recruiter outreach as a social engineering vector, and do not run code from an interview on a machine with access to your development environment.
That pivot from a developer's laptop to a build pipeline is exactly why supply-chain security can't be an afterthought. And the next story picks up on a related theme — shadow AI is now turning into a compliance problem, not just an IT headache. The average knowledge worker is using three to five generative AI tools on a given workday. Most of those tools were never reviewed by a security team. A meaningful share are connected to corporate data through OAuth scopes or browser extensions the employee installed themselves. Compliance officers are now being pulled into conversations that used to belong only to CISOs. Here's the specific pressure point: Article 4 of the EU AI Act entered into application on February 2nd, 2025. It requires that organizations ensure a sufficient level of AI literacy among staff using AI systems. That obligation doesn't distinguish between a tool the company procured and one an employee installed last Tuesday. The European Commission has been explicit — AI literacy is a precondition, not an optional add-on. So if your organization hasn't mapped what AI tools employees are actually using, you're not just facing a data leakage risk. You may be facing a regulatory exposure you don't know exists yet.
The compliance angle there is real and moving fast. Now I want to spend a moment on something a bit different — a story about vendor claims and the evidence behind them. There's a webinar making the rounds this month arguing that tool sprawl is killing incident response and that AI-assisted automation is the fix. The underlying problem is legitimate. The 2024 IBM Cost of a Data Breach report put the average breach lifecycle at 258 days and flagged security system complexity as a cost amplifier worth roughly 241,000 dollars per incident. Gartner survey data suggests the median enterprise security operations center runs between 25 and 49 discrete tools. Tool sprawl is real. But when the reporter who covered this story asked the webinar organizers who was sponsoring the event, they sent three emails over the course of two weeks and got no reply. The landing page carried no sponsor logo, which is unusual for a free industry event and, in their words, usually means the sponsor would prefer not to be quoted. The lesson here isn't that consolidation is wrong. It's that when a vendor makes a productivity claim about AI-assisted workflows, ask for the study. Ask who paid for it. If they can't tell you, that is itself a data point.
Rigor matters — in journalism and in security architecture. And our final story this week brings us back to that theme of understanding what you actually have before you build on top of it. The 2026 Dragos OT Cybersecurity Year in Review — and OT stands for operational technology, meaning industrial control systems, factory floors, power grids — contains a finding that should give any executive pause before approving an AI security initiative. Fewer than 10 percent of OT networks worldwide currently have meaningful network monitoring in place. In 30 percent of the incident response engagements Dragos handled last year, the investigation started not with a detection alert but with a plant-floor worker noticing something felt off. That is the visibility baseline you'd be asking an AI model to work with. A model trained on standard enterprise traffic — web requests, DNS queries, Windows event logs — will encounter industrial protocols like Modbus or PROFINET and misclassify routine operational traffic as a threat. If that model is connected to an automated response playbook, the consequences can be severe. In one simulation for an automotive supplier, a security automation platform attempted to isolate a critical programmable logic controller as a containment action. The plant manager estimated that if it had been real, the downtime cost would have run to six figures per hour. In OT environments, an automated isolate-host command is often functionally indistinguishable from a denial-of-service attack. Get the monitoring in place first. Then have the AI conversation.
That story is a perfect reminder that foundational visibility always comes before advanced tooling — no matter how compelling the pitch sounds. That wraps up Threat Vectr Weekly for the week of May 25th. Thank you for spending part of your week with us. If you want all eight of these stories in your inbox with links and deeper context, head to threatvectr dot com slash newsletter and sign up. We'll be back next week with whatever the threat landscape decides to throw at us. Stay sharp.