At a glance.
- US Senate confirms Sean Cairncross as National Cyber Director.
- Threat actors abuse link-wrapping services to disguise phishing URLs.
- Dahua patches RCE flaws in smart cameras.
US Senate confirms Sean Cairncross as National Cyber Director.
The US Senate has confirmed Sean Cairncross as the National Cyber Director with a vote of 59 to 35, SecurityWeek reports. Cairncross will serve as the chief advisor to President Trump on matters of cybersecurity policy and strategy. He previously served as CEO for the RNC during the 2016 elections and later as CEO for the Millennium Challenge Corporation. He also served as senior advisor to the White House chief of staff under the first Trump administration.
Cairncross said in a statement, "As the cyber strategic environment continues to evolve, we must ensure our policy efforts and capabilities deliver results for our national security and the American people. The United States must dominate the cyber domain through strong collaboration across departments and agencies, as well as private industry. Under President Trump’s leadership, we will enter a new era of effective cybersecurity policy."
Threat actors abuse link-wrapping services to disguise phishing URLs.
Cloudflare warns that threat actors are abusing link-wrapping services from Proofpoint and Intermedia to mask phishing URLs. These link-wrapping services are designed to prevent users from visiting known malicious sites, but they aren't effective against phishing sites that haven't yet been flagged by security scanners.
Cloudflare explains, "Proofpoint link wrapping abuse is centered around gaining unauthorized access to Proofpoint-protected email accounts (i.e., accounts already leveraging Proofpoint URL wrapping). The attacker likely uses these accounts to 'launder' malicious URLs through Proofpoint’s link wrapping, distributing the newly legitimized links in phishing campaigns–either directly from the Proofpoint-protected account or via another compromised account or actor-controlled account." The attackers used similar tactics to abuse Intermedia's wrapping services.
In the campaign observed by Cloudflare, the phishing links led to credential-harvesting pages disguised as Microsoft 365 login portals.
Dahua patches RCE flaws in smart cameras.
Researchers at Bitdefender discovered two high-severity flaws affecting Dahua Hero C1 smart cameras. Both flaws (CVE-2025-31700 and CVE-2025-31701) are buffer overflow vulnerabilities that could lead to remote code execution or denial-of-service attacks. Bitdefender states, "Both vulnerabilities are unauthenticated and exploitable over the local network. Devices exposed to the internet through port forwarding or UPnP are especially at risk. Successful exploitation provides root-level access to the camera with no user interaction. Because the exploit path bypasses firmware integrity checks, attackers can load unsigned payloads or persist via custom daemons, making cleanup difficult."
Dahua issued patches for the flaws last month, and users should ensure their devices are up-to-date.
