FILIGRAN LAUNCHES A NEW AI–AIDED PLATFORM TO AUTOMATE CYBER THREAT MANAGEMENT
Filigran, a European specialist in open-source threat management, has announced the launch of XTM One, an AI-native orchestration layer designed to automate CTEM (Continuous Threat Exposure Management) workflows on the Filigran XTM platform. The platform connects OpenCTI and OpenAEV tools within a single, continuous workflow, from raw threat intelligence to validated defensive measures, without any manual intervention between steps. According to initial feedback, user organizations have reportedly cut their detection and response cycles by up to 70%, and preparation time for offensive security tests by up to 80%.
WILL MICROSOFT TAKES INDEPENDENT CYBER RESEARCHERS ?
A researcher known under the nicknames “Nightmare Eclipse” or “Chaotic Eclipse” recently published several unpatched vulnerabilities affecting Microsoft products, including Microsoft Defender and BitLocker. However, the flaws were made public before the company released a fix. Microsoft says that these disclosures unnecessarily exposed the company’s customers because they allowed hackers to get proof of concept, meaning code that shows a vulnerability is exploitable, for flaws that haven’t been fixed yet. Basically, Microsoft’s stance follows the usual coordinated vulnerability disclosure (CVD) approach: when researchers find a vulnerability, they first report it to the software maker so it can be analyzed, fixed, and a patch released before the technical details are made public. This process aims to prevent a vulnerability from being immediately exploitable by bad actors. However Microsoft’s comments have been interpreted as a threat of legal action against researchers who would publish vulnerabilities outside the framework defined by Microsoft, which has triggered an uproar among researchers.
NOVO NORDISK, A PHARMACY GROUP HIT BY A CYBER ATTACK
Data from its clinical trials were exfiltrated without authorization from Novo Nordisk’s internal systems. The maker of Wegovy, the flagship obesity drug whose market value exceeds 400 billion euros, joins a long list of healthcare players victimized by cyberattacks, like recently Almerys in France. In fact, the sector has become a prime target for cybercriminals, ranking as the third most exposed to cyber threats in 2025, according to ANSSI. Novo Nordisk states that a “limited number” of internal IT systems were compromised, and that personal data was copied externally. Potentially exposed categories include patient ID, year of birth, gender, and health or immunogenicity data, the latter being particularly sensitive in the context of clinical trials on experimental molecules. The Danish group is quick to downplay the direct risk to patients. The data were ‘pseudonymized,’ meaning it has no name or direct identifier, and fully identifying an individual would require access to additional information that, according to Novo Nordisk, hasn’t been compromised.
In all cases, this new attack confirms the interest of hackers for the Health sector.
CHINESE GANG OUTSIDER ENTERPRISE RELIED ON GEMINI TO LAUNCH A CAMPAIGN OF FALSE MESSAGES AND STEAL SOME 2 B$
The group used Gemini to create hundreds of fake websites imitating well-known brands and institutions: Google, YouTube, as well as the U.S. Postal Service (USPS) or New York’s E-ZPass toll system. These targets were chosen precisely because they are familiar to the general public, who visit them without suspicion, often from a smartphone, often in just a few seconds. In just two weeks last May, the network sent 2.5 million messages to Android users containing links to 9,000 fake websites and over a million fraudulent internet addresses. The coordination, meanwhile, was done via Telegram, an encrypted messaging app that has become the de facto infrastructure of organized cybercrime.
Google has just filed a lawsuit in the Southern District of New York against this network. It’s the first time the Mountain View giant has coordinated a legal action of this scale while simultaneously working with the FBI and three of the biggest U.S. phone carriers, AT&T, T-Mobile, and Verizon.
