The Good, the Bad and the Ugly in Cybersecurity – Week 20

The report summarizes coordinated law‑enforcement takedowns and arrests of operators running major dark‑web marketplaces, a GTIG finding that adversaries are using LLMs to discover and weaponize zero‑day vulnerabilities (including an active 2FA bypass and Android backdoor PromptSpy), and a major ShinyHunters breach/extortion of Instructure’s Canvas LMS that exposed ~3.6 TB and roughly 280 million records; it highlights accelerated attack timelines due to AI, nation‑state interest in LLM-based discovery, ongoing investigations, and seized criminal assets.