Simply Cyber Newsletter #157

In partnership with

Start your work week off at full speed with expert analysis and actionable intel from top cybersecurity news stories. Share with your End Users, Peers, and Executives to support weekly security awareness with the Simply Cyber Newsletter!

FOR END USERS

Researchers claim 'largest leak ever' after uncovering WhatsApp enumeration flaw. Researchers discovered a flaw that let them look up personal details for 3.5 billion WhatsApp users by rapidly testing phone numbers. The issue enabled extensive scale scraping of names, photos, and profile texts before WhatsApp blocked the technique.

What you need to know: Educate your end users about how small bits of personal info can turn into big problems when attackers collect them at scale. This WhatsApp flaw demonstrated how names, photos, and profile text can be scraped by the millions, providing criminals with everything they need to create messages that appear personal and authentic. Make it clear that attackers don't need to hack an account to sound believable. All they need is a name, a face, and a little context. Encourage users to keep their profile photos private, remove personal details from their status sections, and treat unexpected messages as potential red flags. If something feels off, verify it with a call or text using a number they already trust.

FOR PEERS

Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar. Researchers observed new phishing activity using Sneaky 2FA, a PhaaS kit that now includes Browser in the Browser tricks to mimic Microsoft login pop-ups. Attackers combine bot checks, conditional loading, and spoofed authentication flows to steal credentials and session details, thereby bypassing modern authentication controls.

What you need to know: Share this story with your peers and discuss how your organization is maintaining adequate phishing controls as threat actors increasingly mimic trusted login flows. The evolution of Sneaky 2FA demonstrates how easily browser-in-the-browser tricks can hide malicious URLs and make fake Microsoft pop-ups appear legitimate. Instead of overwhelming teams with numerous new actions, focus discussions on two key essentials: hardening identity flows and minimizing exposure to browser manipulation. Reinforce the need for strict browser extension policies that block unapproved add-ons and prevent rogue scripts from intercepting authentication steps. Pair this with strong conditional access rules that evaluate context and deny logins that fall outside standard patterns.

FOR EXECUTIVES

Anthropic: China-backed hackers launch first large-scale autonomous AI cyberattack. China-linked threat actors leveraged Anthropic's agentic AI capabilities to automate significant portions of a 2025 espionage campaign, enabling rapid system mapping, exploit development, credential harvesting, and data exfiltration with minimal human intervention. The incident highlights the accelerating risks associated with autonomous AI operations and the need for stronger defensive safeguards.

What you need to know: Have conversations with your leadership about the risk of machine-speed attacks collapsing your organization's detection window. Autonomous AI enables threat actors to transition from reconnaissance to exploitation far more quickly than human analysts can observe or interpret activity. The core risk is not complexity, but speed, and the strategic question becomes whether your organization can see and respond to harm before it has a material impact. Focus discussions on continuously improving real-time visibility, strengthening detection pipelines, and investing in monitoring tools that surface anomalies within seconds rather than hours. This shift is crucial for maintaining resilience, as attackers are increasingly automating the early stages of intrusion.

Personalized Onboarding for Every User

Quarterzip makes user onboarding seamless and adaptive. No code required.

✨ Analytics and insights track onboarding progress, sentiment, and revenue opportunities
✨ Branding and personalization match the assistant’s look, tone, and language to your brand.
✨ Guardrails keep things accurate with smooth handoffs if needed

Onboarding that’s personalized, measurable, and built to grow with you.

See how it works

SIMPLY CYBER MEDIA GROUP PODCAST HIGHLIGHT

Wednesday at 9:30 AM ET on Simply Cyber Media Group

How Capture the Flags Can Set You Apart in Cybersecurity

In this episode of 2 Cyber Chicks, Jax and Erika sit down with Gwendolyn Vongkasemsiri, known online as Cyb3r Valkyrie — a rising cybersecurity leader who’s already making an impact at Microsoft 's Offensive Research and Security Engineering (MORSE) team.

From earning her private pilot license to volunteering with the Civil Air Patrol, Gwendolyn’s story is one of discipline, courage, and curiosity. She shares how aviation and cybersecurity intersect through risk awareness and decision-making under pressure, and how her passion for empowering young women through CybHER and the US Cyber Team is shaping the next generation of cyber talent.

Whether you’re just starting out or navigating your next big move in cyber, this conversation is packed with motivation, practical advice, and a powerful reminder that your path doesn’t have to be linear — it just has to be intentional.

👉 Join us: https://youtu.be/BeGWEzUi5vk

Visit https://www.youtube.com/@SimplyCyber/podcasts to catch up on all of the podcasts available on Simply Cyber Media Group!

JOIN US EVERY WEEKDAY DAILY CYBER THREAT BRIEF

Gerald Auger, Ph.D. livestreams the Daily Cyber Threat Brief on Simply Cyber on weekdays at 8:00 AM EST. It’s a party full of cybersecurity enthusiasts and professionals of all levels who enjoy learning about the latest in cybersecurity news and staying connected.

Meet #TeamSC in live chat and join the community! https://simplycyber.io/streams 

CHECK OUT THE CYBER CEO SUMMIT

🚀 Calling all cybersecurity founders, CEOs, and investors!

On Dec 10 in Austin, TX, the CyberCEO Summit is THE place to be.

Join industry leaders like Ross Haleliuk and Nick Muy, plus top security innovators, for deep dives on scaling your business, securing funding while navigating today’s complex market and GTM challenges.

It’s your chance to:

• Connect 1x1 with security analysts, investors, and influencers

• Gain real-world insights and feedback you can act on immediately

• Build powerful relationships that could accelerate your company’s next phase of growth

If you’re serious about shaping the future of cybersecurity, you don’t want to miss these conversations or the opportunity to define your next big move.

Get your pass - see you in Austin!

SC MEDIA GROUP WEEKLY EVENTS SCHEDULE

Join us for learning and networking: simplycyber.io/learn & simplycyber.io/discord

SC ACADEMY THE PLACE FOR CYBER CAREERS

BLACK FRIDAY SALE ON SIMPLY CYBER ACADEMY!

🤩 30% off all courses from November 22-29 📅 No tricks. No fake scarcity. Just straightforward pricing on training that can help you break into cybersecurity or level up your career.

Its simple. Use the code: BF30 at checkout and save 30%. That's it! https://academy.simplycyber.io

At Simply Cyber Academy, we specialize in making GRC and Cybersecurity Careers a reality. Empower your career by learning real in-demand skills from cyber experts and the theory behind those skills with Simply Cyber Academy.

The popular GRC Analyst Master Class is a must for kickstarting your GRC Cybersecurity career. In addition, we have new courses covering various areas of focus in cyber available to help you advance in your career.

Check out the NEW FREE courses available in the academy and our new blog!

LET’S CONNECT

Stay current on trending topics, tips, events and resources in cybersecurity, connect with Simply Cyber on socials for new content.

As always, please send me feedback. Which tip above is your favorite? What do you want more or less of? Other suggestions? Please let me know. Just send a DM on X with #actionableintel in the subject so I can find it.

Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Find more about what’s happening this week in the Simply Cyber community, below. Join us on the Daily Cyber Threat Brief happening every weekday morning at 8 AM Eastern on YouTube and LinkedIn.

Thank you and see you again next week, #TeamSC!

Gerry