The art of being ungovernable

Cisco Talos warns of an active Chinese-language BadIIS commodity malware ecosystem (identifiable by embedded "demo.pdb" strings) used for SEO fraud, content hijacking, and traffic redirection, advises defenders to monitor IIS for unauthorized redirection/reverse proxying and to hunt for the demo.pdb strings and Chinese-language paths; the newsletter also highlights a public CISA repo leak of secrets, a large NYC Health + Hospitals breach exposing biometric data, several recent high-impact vulnerabilities (NGINX njs, OpenClaw chain, and vendor disclosures), and lists prevalent malware file hashes and detections.