Intel Insider Steals 18,000 Files

The cyber battlefield just got busier, Digital Defenders.

This week’s intel uncovers insider theft at Intel, spyware hiding in Samsung photos, AI-fueled ransomware racing across Europe, and Google’s warning of what’s coming next. 

Buckle up… the line between innovation and exploitation is vanishing fast.

Here’s what you need to know:

• Intel insider steals 18,000 confidential files before exit
• LANDFALL spyware hits Samsung via zero-day exploit
• AI-powered ransomware cuts attack time to under 24 hours
• OWASP 2025 adds supply chain and error handling risks
• Google warns of AI-driven cyber arms race ahead

Zero-Day Download 

18,000 Intel Files Stolen in Alleged Insider Breach

Intel has filed a lawsuit against a former software engineer, accusing him of stealing around 18,000 confidential files just days before his termination. 

The stolen data included top-secret source code and product roadmaps, exposing the ongoing risk of insider threats during layoffs when oversight weakens.

The outcome of the case is still pending and Intel has not been able to locate the former employee.

Limit access, monitor behavior, and secure offboarding with coordinated audits and training to detect and prevent insider threats.

LANDFALL Spyware Targets Samsung Devices via Zero-Day Exploit

Palo Alto Networks’ Unit 42 discovered LANDFALL, a commercial-grade Android spyware exploiting a zero-day flaw (CVE-2025-21042) in Samsung’s image library.

Spread via malicious DNG images on messaging apps, the spyware silently infected Galaxy devices. The spyware is being actively used in the wild.

Keep devices updated, enforce MDM policies, and combine threat detection with user training to block mobile malware and zero-click exploits.

AI Supercharges Ransomware Surge Across Europe

A new CrowdStrike report warns that cybercriminals are using artificial intelligence (AI) to dramatically speed up ransomware attacks across Europe. 

CrowdStrike found that Europe now accounts for 22% of global ransomware victims, as AI helps accelerate attacks to under 24 hours and powers social engineering, deepfakes, and espionage campaigns.

Deploy AI-enhanced defense tools, conduct continuous threat hunting, and build layered defense to counter these emerging threats.

Threat Tracker 

OWASP Flags Supply Chain, Design Flaws in 2025 Update

OWASP has released its draft list of the Top 10 Web Application Security Risks for 2025.

The update introduces two new categories — Software Supply Chain Failures and Mishandling of Exceptional Conditions — while consolidating older ones to emphasize root causes over surface-level symptoms.

The draft is currently open for community feedback.

Adopt secure-by-design principles, automate testing and configuration management, enforce strong authentication and encryption, and continuously monitor for vulnerabilities.

Google Forecasts AI-Driven Cyber Threat Surge for 2026

Google Cloud’s latest Cybersecurity Forecast report warns that AI is transforming the cyber battlefield, as attackers now operationalize it to automate reconnaissance, create deepfakes, and launch breaches at machine speed. 

This shift marks a turning point in cybersecurity, as the same AI driving innovation now powers ransomware, social engineering, and espionage — while AI-driven defenses like Google’s Agentic SOC transform how analysts detect and respond.

Treat AI systems as both assets and attack surfaces — apply identity management, monitoring, and red-team testing to your own machine learning models before adversaries do.