Today’s cybersecurity landscape underscores a growing convergence of risks driven by AI exploitation, critical infrastructure vulnerabilities, and the persistent rise of scams. From sophisticated AI-assisted fraud schemes to alarming security gaps in VoIP and surveillance systems, organisations face an increasingly complex threat environment requiring vigilant defence strategies.
AI and Scam Innovations
Gemini Chatbots Fuel Crypto Scams
A new scam leverages Gemini chatbots to deceive victims into purchasing a fake cryptocurrency dubbed “Google Coin.” The AI assistant mimics a polished sales pitch on a fraudulent presale site, tricking users into transferring funds directly to attackers. This highlights the increasing use of AI-driven social engineering, complicating detection and prevention efforts for security teams.
AI Platforms Abused for Stealthy Malware Communications
Researchers have revealed that AI assistants with web browsing and URL-fetching capabilities, such as Grok and Microsoft Copilot, can be exploited to facilitate covert command-and-control (C2) communications for malware. This subtle abuse of AI platforms represents a novel evasion technique, raising concerns about how emerging AI tools might be weaponised against organisations.
Defending Against AI Data Scraping
In response, a strategic playbook has been published to help CISOs manage risks associated with automated AI scraping. It advises balancing security needs with business growth objectives while safeguarding intellectual property from unauthorised AI harvesting. This guidance is timely as AI tools increasingly target corporate data assets.
Critical Vulnerabilities in Infrastructure and Devices
Grandstream VoIP Phones Expose SMB Security Blind Spots
A severe vulnerability (CVE-2026-2329) in the Grandstream GXP1600 VoIP phone series allows unauthenticated remote code execution, granting attackers root-level access. This flaw enables interception of calls, toll fraud, and user impersonation, highlighting a critical blind spot in SMB telephony security.
Honeywell CCTV Authentication Bypass
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings regarding an authentication bypass vulnerability affecting Honeywell CCTV products used in critical infrastructure. Exploiting this flaw allows unauthorised access to video feeds and potential account hijacking, posing serious risks to physical security and surveillance integrity.
Dell’s Hard-Coded Flaw and Nation-State Exploitation
A persistent vulnerability in Dell systems, exploited by a China-linked actor since mid-2024, permits lateral movement, persistent access, and malware deployment within affected networks. This incident underscores the dangers of embedded security flaws in widely deployed enterprise hardware, especially amid geopolitical tensions.
Rapid Weaponisation of Newly Disclosed Flaws
SmarterMail Vulnerabilities Targeted on Telegram
Shortly after public disclosure, exploits and stolen credentials for SmarterMail vulnerabilities (CVE-2026-24423 and CVE-2026-23760) appeared on underground Telegram channels. These developments are tied to ransomware operations, demonstrating how quickly threat actors mobilise to weaponise new flaws once details become available.
Widespread Social Engineering and Surveillance Concerns
South Africa Sees Over 40% of Population Scammed in 2025
A recent survey reveals that more than 40% of South Africans fell victim to scams last year. The findings suggest scammers favour “scalable opportunities and low friction” targets rather than high-value but well-protected victims, emphasising the need for broad-based awareness and defensive measures.
Abuse of Forensic Tools in Kenya
Citizen Lab research has uncovered the use of Cellebrite forensic extraction tools by Kenyan authorities to access the phone of a prominent dissident. This case adds to concerns about the misuse of commercial surveillance technology against civil society and human rights defenders.
Implications for Security Teams and Business Leaders
The stories of today collectively emphasise several key themes. The use of AI by attackers, both for social engineering and malware communication, demands that security teams integrate AI risk assessments into their threat models. Meanwhile, critical vulnerabilities in VoIP devices, surveillance cameras, and enterprise hardware highlight the importance of patch management and vendor scrutiny.
Rapid exploit sharing on platforms like Telegram calls for proactive threat intelligence to anticipate and mitigate emerging attack vectors. Additionally, the extensive scam impact in regions like South Africa shows that cybersecurity awareness and education remain vital components in reducing victimisation.
Finally, the ethical and security implications of forensic and surveillance technologies require ongoing scrutiny to prevent abuses that can undermine trust and human rights.
Key Takeaways
- AI technologies are being weaponised for advanced scams and stealthy malware command-and-control.
- Critical flaws in VoIP phones and CCTV systems expose significant vulnerabilities in SMB and critical infrastructure.
- Nation-state actors continue exploiting embedded hardware flaws for persistent access.
- Rapid weaponisation of disclosed vulnerabilities via underground channels demands timely patching and threat intelligence.
- High scam victimisation rates highlight the need for widespread cybersecurity education.
- The misuse of forensic tools against dissidents raises important ethical and security concerns.
- Organisations must integrate AI risk management and broaden defence strategies to address evolving threats.