Cybersecurity News: X Raid, Crypto Seizure, Zero Trust, and AI Coding Risks

X's Algorithmic Probe

• 🇫🇷 French police raided X's Paris offices as part of an investigation into potential foreign manipulation of its algorithm.
• ⚖️ The probe, initiated in January 2025, examines allegations of organized interference and fraudulent data extraction, expanding to include X's Grock chatbot for alleged Holocaust denial and explicit deep fakes.
• 🗣️ Elon Musk and Linda Yaccarino have been summoned for voluntary interviews, while X criticizes the probe as a politically motivated attack on free speech.

Financial and Security Seizures

• 💰 The US government seized over $400 million in assets tied to Helix, a dark web cryptocurrency mixer used for laundering illicit funds from 2014 to 2017.
• 🔒 The NSA released updated zero trust guidance, urging agencies to adopt continuous, behavior-driven security models that go beyond simple authentication.
• 📧 Researchers warn of a multi-stage phishing campaign targeting Dropbox credentials, using convincing fake login pages to steal user data.

Exploited Vulnerabilities and Data Exposure

• 💻 A new GlassWorm campaign targets macOS developers by hijacking legitimate developer accounts and distributing malicious updates through compromised extensions.
• 🚨 Critical zero-day vulnerabilities in Ivanti Endpoint Manager Mobile are under active exploitation, allowing unauthenticated remote code execution.
• 📈 Researchers disclosed a major data exposure on Moltbook, a social network for AI agents, due to an exposed API key that granted broad database access.

Ransomware and Password Security

• 💥 The Nitrogen ransomware's ESXi variant contains a fatal flaw that permanently destroys data, making decryption impossible even for attackers.
• 🍟 McDonald's Netherlands campaign humorously highlights the poor security of common passwords like "Big Mac" and "Happy Meal," urging users to adopt stronger security practices.

AI in Cybersecurity and Development

• 🤖 On Threat Vector, Dr. Aaron Isaksen discusses the risks of "vibe coding", where AI writes, tests, and deploys code without human oversight.
• 💡 Isaksen emphasizes that engineering excellence must precede ethical AI debates, and enterprises cannot blindly trust AI for secure code generation.
• 🛠️ While AI can improve code quality through automated testing and documentation, pushing too much code too quickly can increase the overall number of issues.