Allianz Life breach reportedly affected over a million customers.

Announcement

OT security, redefined with N2K and Frenos.

Frenos and N2K have partnered to train and benchmark the industry's first OT security platform powered by industry validated intelligence, rather than generic AI models. The partnership leverages N2K's extensive cybersecurity certification knowledge base, trusted by over 1.5 million cybersecurity professionals, to assess whether Frenos’ SAIRA (Simulated Adversarial Intelligence Reasoning Agent) truly understands complex professional concepts. This marks a significant step forward in aligning AI development with proven professional standards. Read the full announcement here.

Summary

By the CyberWire staff

At a glance.

Allianz Life breach reportedly affected over a million customers.
Researcher discovers website flaws exposing data on all Intel employees.
DPRK-aligned spearphishing campaign targets embassies.

Allianz Life breach reportedly affected over a million customers.

Have I Been Pwned has disclosed that a cyberattack against US insurance firm Allianz Life last month breached data belonging to 1.1 million customers, exposing names, addresses, phone numbers, and email addresses, Reuters reports. An Allianz Life spokesperson declined to comment on the ongoing investigation, but the company previously confirmed that the incident affected a majority of its 1.4 million customers.

BleepingComputer says the breach was part of a wave of social engineering attacks by the ShinyHunters extortion group targeting organizations' Salesforce instances.

Are You Future Ready? Secure Your Machine Future With Confidence.

CyberArk is the leader behind the world’s most comprehensive machine identity security solution. With capabilities that span secrets, certificate management and workload identities, we enable customers to secure more machine identity use cases with the right level of privilege control. Find out exactly how we’re helping modern organizations secure their machine future.

Researcher discovers website flaws exposing data on all Intel employees.

Security researcher Eaton Z discovered flaws in four of Intel's websites that allowed the researcher to download information on every Intel employee, Tom's Hardware reports. In one case, the researcher was able to bypass the login for a website operated by Intel India designed for employees to create their own business cards. Once inside, a user could return information on more than 270,000 Intel employees and workers worldwide. Other flaws affecting internal Product Hierarchy and Product Onboarding websites exposed data on all Intel employees. Another vulnerability in the company's SEIMS Supplier Site "made it possible to gain full access to the system to view large amounts of confidential information about Intel’s suppliers."

Intel acknowledged that it received the researcher's report, and the sites have since been secured.

DMV Rising, D.C.’s Premier Conference for Cyber Execs.

The Washington, D.C. Maryland, and Virginia (DMV) region has established itself as a top-tier player in the global cyber industry. Join us on September 18, 2025 to celebrate the remarkable accomplishments of the DMV's cybersecurity community, connect with the brilliant minds shaping the future of the field, and experience firsthand why the DMV region is the beating heart of cyber innovation. Register now to secure your spot.

DPRK-aligned spearphishing campaign targets embassies.

Trellix is tracking a North Korea-aligned spearphishing campaign targeting European embassies and foreign ministries in Seoul. The phishing emails contained PDF attachments designed to deliver the XenoRAT malware, leveraging the GitHub API for command-and-control.

The operation overlaps with previous activity by North Korea's Kimsuky APT, but the researchers note timing patterns that suggest the threat actor is based in China. Trellix says this "could indicate either North Korean operatives working from Chinese territory, a Chinese APT operation mimicking Kimsuky techniques, or a collaborative effort leveraging Chinese resources for DPRK intelligence objectives." The researchers attribute the campaign to Kimsuky, but assess with "medium-confidence that the operators are operating from China or are culturally Chinese."

Notes.

Today's issue includes events affecting China, India, the Democratic People's Republic of Korea, the Republic of Korea, and the United States.

Attacks, Threats, and Vulnerabilities

Drug development company Inotiv reports ransomware attack to SEC (The Record) The Indiana-based pharmaceutical company Inotiv discovered a cybersecurity incident earlier this month and found the hackers had encrypted certain systems.

Dissecting PipeMagic: Inside the architecture of a modular backdoor framework (Microsoft Security Blog) A comprehensive technical deep dive on PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application. Beneath its disguise, PipeMagic is a sophisticated malware framework designed for flexibility and persistence. Once deployed, it can dynamically execute payloads while maintaining robust command and control (C2) communication via a dedicated networking module.

Massive Allianz Life data breach impacts 1.1 million people (BleepingComputer) Hackers have stolen the personal information of 1.1 million individuals in a Salesforce data theft attack, which impacted U.S. insurance giant Allianz Life in July.

Products, Services, and Solutions

The AI ‘Big Bang’ Study 2025: Best AI Chatbots and Insights (OneLittleWeb) Explore the top 10 AI chatbots of 2025 with 55.88B web visits, media citation trends, and hundreds of statistics. Dive into the full study for in-depth insights and infographics.

Legislation, Policy, and Regulation

UK ‘agrees to drop’ demand over Apple iCloud encryption, US intelligence head claims (The Record) The United Kingdom is backing down from a controversial legal demand targeting Apple, U.S. Director of National Intelligence Tulsi Gabbard claimed on social media.

Litigation, Investigation, and Law Enforcement

Nebraska man gets 1 year in prison for $3.5M cryptojacking scheme (BleepingComputer) A Nebraska man was sentenced to one year in prison for defrauding cloud computing providers of over $3.5 million to mine cryptocurrency worth nearly $1 million.

Industry Events

For a complete running list of events, please visit the Event Tracker.

Events

HackAICon 2025 (Lisbon, Portugal, Sep 25, 2025) The first conference dedicated to combining AI and Ethical Hacking. We're bringing together OffSec pros, hackers, and leading researchers to find practical ways of using AI to secure the internet. Learn about the latest AI Hacking cosmic trends and connect with fellow professionals in engaging conversations. We banned sales pitches from the event - just knowledge sharing, leadership and technical insights.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.

Daily Briefing for 08.19.25

OT security, redefined with N2K and Frenos.

At a glance.

Allianz Life breach reportedly affected over a million customers.

Researcher discovers website flaws exposing data on all Intel employees.

DPRK-aligned spearphishing campaign targets embassies.

Notes.

Attacks, Threats, and Vulnerabilities

Products, Services, and Solutions

Legislation, Policy, and Regulation

Litigation, Investigation, and Law Enforcement

Events