THE NEXT TARGET IS YOU - AND YOU DON'T EVEN KNOW IT YET

In partnership with

🤖 Dear internet users and fellow Cyberdefenders,

In cyberspace, the war is raging. The front lines are no longer drawn on maps but in development environments, compromised firewalls, and predictable passwords.

This week, the enemy struck hard: F5, a bastion of global cybersecurity, was infiltrated by a nation-state entity.

Source code stolen. Vulnerabilities exfiltrated. A persistent threat. And all of it... went unnoticed for months.

Meanwhile, SMEs—the backbone of our economy—are falling one after another, victims of ransomware supercharged with artificial intelligence.

They have no army, no shield, no defense plan. They are crying out for help.

And if you're reading this, it means you're still standing.

The command is clear: it's no longer a matter of "if" you will be attacked, but "when."

And when that day comes, will you be ready to fight back?

To understand the flaws in passkeys, the enemy's new weapons, and the mistakes that can cost a company its entire digital life?

Join us in this exclusive situation report. Read, analyze, and equip yourself. Because cybersecurity is no longer a service.

It's a duty.

"I'm doing my part. Are you?"

Highlights :

👉 F5 Hacked: Source Code Stolen by a Nation-State Group. What's the Real Story? 🕵️

👉 Cybersecurity: The In-Demand Talent Every Company is Fighting for in 2025 🔧

👉 SMEs Under Attack: Why Small Businesses Are the New Front Line 🧨

👉 Ransomware + AI: The Ultimate Digital Weapon is Already Here 🤖

👉 Passkeys: The Uncomfortable Truth About Their Real-World Vulnerabilities 🔐

If this letter was forwarded to you, subscribe by clicking this link 

🗞️​ Guess what ?

The Gold standard for AI news

AI keeps coming up at work, but you still don't get it?

That's exactly why 1M+ professionals working at Google, Meta, and OpenAI read Superhuman AI daily.

Here's what you get:

• Daily AI news that matters for your career - Filtered from 1000s of sources so you know what affects your industry.

• Step-by-step tutorials you can use immediately - Real prompts and workflows that solve actual business problems.

• New AI tools tested and reviewed - We try everything to deliver tools that drive real results.

• All in just 3 minutes a day

Join 1M+ pros

🤓​ Would you like to know more ?

1️⃣​ F5 Hacked : Source Code Stolen by a Nation-State Group. What's the Real Story ?

Summary : F5 has admitted that a sophisticated nation-state actor maintained prolonged, clandestine access to some of its internal systems, including those related to BIG-IP development, before exfiltrating source code and information on undisclosed vulnerabilities. The attack also targeted internal knowledge management systems, compromising some customer configurations. F5 asserts that it observed no access to CRM, financial, or support systems, nor any modification of the build chain. However, the delayed disclosure and the potential for future exploitation place this compromise among the ranks of major incidents.

Details :

• Prolonged Intrusion: The entry point and the duration of the compromise have not been fully verified. F5 detected the intrusion in August, but the attacker could have been present for much longer.

• Critical Data Leak: The exfiltrated data includes source code, information on vulnerabilities under investigation, and configurations/implementations related to certain clients.

• Production Chain Intact: So far, no signs of alteration to the production chain or the implantation of backdoors in the distributed code have been found.

• Rapid Response: In response, F5 has rotated certificates, strengthened access controls, deployed monitoring tools, and engaged external firms for analysis.

• Federal Alert: The U.S. agency CISA issued an emergency directive for federal agencies to inventory their F5 systems, apply patches, and restrict exposed administrative interfaces.

What should be remembered ?

This intrusion strikes at the very heart of the trust placed in cybersecurity providers. The theft of source code and vulnerability information opens a window of opportunity for malicious actors to design targeted attacks against F5 customers. Even in the absence of an active attack today, the future risk is high: threat anticipation becomes a priority for any organization using these products.

2️⃣ Cybersecurity : The In-Demand Talent Every Company is Fighting for in 2025

Summary : The shortage of cybersecurity specialists is reaching critical proportions: with an estimated 300,000+ positions to be filled in Europe, companies—large and small—are struggling to recruit profiles capable of protecting their infrastructures. To address this deficit, a growing number of organizations are opting for freelancers or external partnerships. These external experts intervene on targeted missions (audits, pentests, compliance), injecting flexibility and specialized skills without permanently increasing fixed costs. This hybrid model represents a pragmatic lever for strengthening security in a context of exploding risks.

Details :

• Growing Demand: Digital transformations (cloud, IoT, hybrid work) are complicating architectures, requiring more versatile and specialized profiles.

• Cost & Time to Recruit: Hiring an internal expert mobilizes significant human resources, often beyond the reach of SMEs.

• Freelance or Outsourcing Model: External consultants offer rapid intervention, adaptability to peak needs, and targeted skills.

• Pooling through MSPs: Managed Service Providers allow multiple companies to share access to talent with an "on-demand" approach.

• Regulatory Ripple Effect: With standards like NIS2, compliance is becoming a prerequisite, increasing the pressure on security talent.

What should be remembered?

The skills gap is not going to shrink in the short term. The combination of internal teams and external experts is now the essential pragmatic strategy for securing critical systems. The most agile organizations will be those that can effectively orchestrate this hybrid match.

3️⃣​ SMEs Under Attack: Why Small Businesses Are the New Front Line

Summary : Once spared because they were considered unprofitable to target, SMEs are now becoming prime targets for cybercriminals. According to ENISA, 60% of European SMEs that fall victim to an attack disappear within six months. Weak defenses, a lack of internal skills, and budget constraints create an ideal playground. SaaS platforms and MSPs are positioning themselves as mutualized ramparts: they concentrate defenses to offer effective protection to isolated structures. The shift to AI and automated attacks further accentuates the vulnerability of small entities.

Details:

• Structural Vulnerability: Modest cybersecurity budgets, limited teams, and a lack of security redundancy.

• Accessibility to Tools: SaaS, MSPs, and mutualized security platforms allow SMEs to access advanced defenses at a lower cost.

• Regulatory Pressure: NIS2 and compliance obligations are imposing constraints on SMEs that were previously reserved for large corporations.

• Automated Targeting: AI-driven attacks allow for the mass scanning of fragile targets, increasing the profitability of each campaign.

• Reinforcement through Mutualization: MSPs and white-label solutions like CybaOps understand this repositioning by centralizing detection, response, and compliance for multiple SMEs.

What should be remembered ?

SMEs are no longer secondary targets: they are systematically integrated into modern attack strategies. To survive, they must adopt mutualized defenses, outsource security, automate protection, and never remain passive in the face of the attackers' technological escalation.

4️⃣​ Ransomware + AI: The Ultimate Digital Weapon is Already Here

Summary : Artificial intelligence is no longer the future; it is already the tool of cybercriminals. According to a study from MIT Sloan, 80% of recently exploited ransomware attacks use AI capabilities (code generation, targeted phishing, encryption optimization). A tool named PromptLocker, initially detected on VirusTotal, revealed how ransomware could choose its own targets and exfiltrate or encrypt data without human supervision, although it is currently an academic project. Faced with this mutation, traditional defenses are becoming insufficient: it is now necessary to integrate adaptive systems, behavioral detection, and autonomous response.

Details:

• 80% Already Automated : MIT analyzed 2,800 ransomware incidents and found that 80% already used AI capabilities to automate steps (phishing, cracking, scripts).

• PromptLocker: Ransomware 3.0 : PromptLocker relies on language models to generate malicious scripts on the fly and automatically orchestrate the attack.

• Adaptive Evolution : Traditional ransomware is adopting adaptive techniques: changing the pace of encryption, mutating code to avoid detection (e.g., EGAN).

• Defensive AI Fights Back : In response, defenses are shifting towards defensive AI: behavioral analysis systems, automated response, deception (intelligent honeypots), and security orchestration.

• The Paradigm is Changing : It is no longer the strongest attacker, but the most agile, that prevails. Resilience and adaptability are becoming the core of the strategy.

What should be remembered?

AI is no longer exclusively at the service of defense: it is now the offensive weapon of choice. This technological imbalance forces organizations to evolve towards dynamic architectures, continuous monitoring, and autonomous responses to stay in the race.

5️⃣ Passkeys : The Uncomfortable Truth About Their Real-World Vulnerabilities

Summary : Passkeys (passwordless authentication via WebAuthn) are often touted as the future of security. However, their synchronized (cloud) version has weaknesses: compromising the cloud account or recovery processes allows an attacker to introduce a new device or force an authentication downgrade. Malicious browser extensions can intercept WebAuthn calls, alter requests, and cause redirections to weaker methods. Conversely, "device-bound" passkeys (linked to a single device with non-exportable keys) are recommended for enterprise use, as they offer stronger assurance and enhanced administrative control.

Details:

• Cloud = Attack Surface : Synced passkeys expand the attack surface: the iCloud or Google account becomes a critical target.

• AiTM Attacks Made Easier : Adversary-in-the-middle (AiTM) kits can force a switch to weaker methods (OTP, SMS) if the system accepts fallbacks.

• Dangerous Extensions: Research (e.g., from SquareX) has shown that browser extensions can intercept or falsify WebAuthn requests, compromising the registration or authentication process.

• The Only Reliable Option: Hardware: The only correct path for the enterprise is to mandate hardware-bound passkeys (e.g., security keys), which are non-syncable and have no fallback options.

• Zero Tolerance for Fallbacks: On a practical level, organizations must control authorized extensions, monitor all registered devices, and eliminate any weak authentication alternatives.

What should be remembered?

Passkeys are not a universal panacea. Their synchronized version, often favored for user experience, introduces insidious risks. For professional or critical environments, hardware-bound devices remain the only truly reliable option. These require strict governance, rigorous device management, and the removal of any insecure fallback methods.⚙️​ Digital Combat Ops

LIEUTENANT'S REPORT 🏆

KnowBe4 — The Ultimate Weapon Against Human Error in Cybersecurity

Based in Clearwater, Florida, KnowBe4 is a private company founded in 2010, specializing in security awareness training. With 2,000 to 3,000 employees and an annual revenue of around $200 million, it has established itself as the global leader in behavioral defense.

Key Fact :

In February 2023, Vista Equity Partners acquired KnowBe4 for $4.6 billion, a sign of the growing strategic importance of human-centric cybersecurity. KnowBe4 built its success on a truth too often ignored: 90% of security incidents originate from human error.

By combining simulated phishing campaigns with interactive training modules, the platform transforms every employee into a first line of defense. It is now integrated into the security frameworks of thousands of organizations—from SMEs to large enterprises.

The company continues to innovate with adaptive content and advanced behavioral analysis, making awareness not only continuous but also measurable.

CYBERTRIVIA - DID YOU KNOW ? 🤔

The biggest crypto heist in history… was solved by a simple bug

In 2025, a study by Picus Security revealed that 46% of enterprise environments contain at least one cracked password during attack simulations.

Another striking statistic: when an attack relies on valid credentials (a credential-based attack), the success rate is 98%.

This brutally underscores that the greatest risk is no longer breaking a poorly protected password, but exploiting legitimate credentials that were thought to be safe...

👉️ Let me know if you need further adjustments !