Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.

As AI continues to innovate the retail industry in areas such as supply chain management, personalizing customer experience and data insights, businesses must navigate the complex challenges of data privacy, secure and compliant AI deployment and ethical use. During this briefing, Kroll experts highlighted the key steps for building a resilient AI Governance program using real-life use cases from the retail industry that will help not only to understand, implement and monitor responsible AI but clear the way for innovation to generate successful return on investment and build consumer trust.

This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.

This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.

This week’s briefing covers: Dive deeper: Playlist of Kroll's Weekly Cyber Threat Intelligence Briefings: Cyber Threat Intelligence Briefings.

This week’s briefing covers: Critical Sudo Vulnerability Allows Priv Esc to Root The flaw arises from unsafe handling of the --chroot (-R) option, where sudo processes user-provided configurations (including nsswitch.conf) from within the chroot environment before validating user privileges. This allows a local attacker to construct a malicious chroot with crafted NSS configuration that forces sudo to load attacker-controlled shared libraries as root, effectively bypassing authentication.

This week’s briefing covers: Dive deeper.

This week’s briefing covers: New MORE_EGGS campaign continues recruiting themes KTA032 (FIN6) has begun a new campaign using the MORE_EGGS JavaScript backdoor which continues its themes surrounding fake resumes leading to the malware deployment. The actor engaged with organization recruiters which led to emails containing a malicious domain (often containing the fake applicant’s first and last name). The domain contains several defense evasion techniques to avoid automated analysis tools from scanning.

This week’s briefing covers: BruteForce Attack Against Apache TomCat Manager GreyNoise recently observed a coordinated spike in malicious activity against Apache Tomcat Manager interfaces. On June 5, 2025, GreyNoise registered well above baseline volumes, indicating a deliberate attempt to identify and access exposed Tomcat services at scale.

In this series, we chat with cybersecurity and data resilience leaders from Kroll and our partners. Our second guest is Denyl Green, Managing Director in the Cyber Risk business, based in Portland. Future episodes will cover topics such as the Cyber Threat Landscape, AI Risk Governance, and Breach Notification.