Top stories.
- CrowdStrike shuts down the Glassworm botnet.
- Extortion group sends individuals to infiltrate organizations in person.
- Lithuania investigates breach of the Centre of Registers.
- Business news: Zscaler to acquire Symmetry Systems.
CrowdStrike shuts down the Glassworm botnet.
CrowdStrike, working with Google and the Shadowserver Foundation, yesterday dismantled the Glassworm botnet, which has been targeting software developers since early 2025. The security firms severed all four of the botnet's command-and-control channels, cutting off the operators from the infected machines.
CrowdStrike notes, "Glassworm operators have systematically targeted software developers, a population with access to source code repositories, cloud platforms, CI/CD pipelines, and package registries. Developers represent uniquely high-value targets: compromising a single developer's workstation can cascade into a supply-chain compromise that impacts thousands of downstream organizations and users."
Extortion group sends individuals to infiltrate organizations in person.
The US FBI warns that the Silent Ransom Group (SRG) is targeting law firms with phone calls and phishing emails that impersonate IT support. The threat actor uses social engineering to trick users into installing legitimate remote access tools, or sends "an individual in-person to the victim company’s location to gain physical access to computers." Once inside, the attackers exfiltrate data to hold for ransom.
The Bureau explains, "SRG actors either directly call or send phishing emails to urge employees to call the SRG actor posing as IT support. While on the phone, the SRG actor directs the employee to grant access to a remote desktop session. If that attempt fails, SRG sends a threat actor to the victim’s location to gain access to insert a storage device into the victim’s computer. In this scheme, the threat actor tells the victim they need to image the device or create a backup file to address potential impacts from the phishing email."
Lithuania investigates breach of the Centre of Registers.
Lithuanian authorities are investigating the theft of more than 600,000 records from the Centre of Registers by a foreign threat actor, the Record reports. The breach primarily affected databases containing property and corporate records, leaking personal and property-related information. Authorities said the breach began with stolen login credentials.
The head of the Centre of Registers, Adrijus Jusas, resigned earlier this week due to the breach. Some Lithuanian politicians said Russia was likely behind the attack, though no official attribution has been made.
Business news: Zscaler to acquire Symmetry Systems.
Cloud security firm Zscaler has announced its intent to acquire identity mapping company Symmetry Systems. Both companies are based in Silicon Valley. Zscaler stated, "[Symmetry Systems's] access graph works by ingesting enterprise-wide access logs from SaaS applications, public cloud services, data stores, and AI systems, using AI to correlate them into an access graph displaying which identities are accessing which data and how. Combined with the Zscaler Zero Trust Exchange™ platform, this visibility will become the foundation security teams use to build and enforce the policies governing how AI agents communicate with applications, data, and one another."
Read more in the Business Briefing at 4pm ET.
