“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday.
This is Dain Oh reporting from South Korea, and here is your weekend briefing.
1. CISA extends MITRE-backed CVE contract hours before its lapse – NextGov
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) renewed its contract with MITRE to continue supporting the Common Vulnerabilities and Exposures (CVE) Program, just hours before federal funding was set to expire. The CVE Program, a globally relied-upon system for cataloging cybersecurity vulnerabilities, faced uncertainty when MITRE warned of a potential funding lapse, raising concerns across the cybersecurity community. CISA confirmed the contract has been extended for 11 months to avoid disruption of critical services.
The last-minute move came amid broader concerns about the sustainability and neutrality of the CVE Program being tied to a single government sponsor. In response, part of the CVE Board announced plans to form an independent organization to be called the CVE Foundation. The developments occur as CISA faces potential budget cuts and scrutiny over its role, with some lawmakers pushing for a leaner agency amid political tensions and past controversies.
2. Hacked pedestrian crossings play fake messages from Musk and Zuckerberg – BBC
In a highly unusual breach of public infrastructure, pedestrian crossings across several Silicon Valley cities — including Palo Alto, Menlo Park, and Redwood City — were hacked to play fake voice messages mimicking tech billionaires Elon Musk and Mark Zuckerberg. Instead of standard walk signals, the altered crossings broadcasted humorous and satirical messages, such as a Musk impersonator offering pedestrians a Cybertruck for friendship and a fake Zuckerberg discussing inserting AI “into every facet” of life.
The tampering affected at least 10–12 crossings, many near the headquarters of Tesla and Meta, raising security concerns in one of the world’s most high-tech regions. Local officials, including Caltrans and city staff, have since deactivated the voice systems and launched an investigation into how the systems were compromised. The exact method and perpetrators remain unknown.
While the incident appears to have been a prank with no lasting harm, it has sparked broader questions about the vulnerability of smart city infrastructure. Clips of the spoofed messages quickly went viral online, though neither Musk nor Zuckerberg has publicly responded to the hack.
3. Opinion: Emerging security risks of LLMs – The Readable
Large Language Models (LLMs), such as OpenAI’s GPT and Google’s Gemini, have made significant advancements in understanding and using human language. They now demonstrate near-expert reasoning, generation, and interaction across various domains. However, as LLMs grow more autonomous, concerns about their potential misuse, particularly in cyberattacks, are also increasing.
These concerns have grown following Google’s recent policy change, where the company reversed its previous stance against using AI for weapons or surveillance. This shift has fueled public anxiety about the possible use of LLMs in offensive operations.
LLMs like ChatGPT are now integrated with web-based tools, enabling them to autonomously navigate the internet and retrieve data with minimal human involvement. While this capability allows for powerful applications, it also poses significant privacy risks. The internet is filled with personal information, much of it publicly available on blogs and social media. Although this data is public, LLMs can leverage it to create highly targeted cyberattacks. READ MORE
4. NIS uncovers more fake Korean news sites operated by Chinese firm – The Readable
South Korea’s National Intelligence Service (NIS) has detected additional fake news websites operated by a Chinese media promotion firm, Quanmeishe, which illegally used the names of South Korean news outlets. Seven new fraudulent sites were identified, with domains registered in countries including China, the U.S., and Singapore.
This follows earlier findings in 2023, when the NIS revealed that other Chinese firms, such as Haimai and Haixun, had created over 200 websites impersonating Korean media outlets like Seoul Press. These websites were used to publish Chinese government propaganda, including content promoting its COVID-19 cooperation efforts.
While the newly discovered sites have not yet been found to have distributed problematic content, the NIS continues to monitor them closely, warning of ongoing foreign information operations that exploit the identities of legitimate Korean news organizations.
5. CISA releases guidance on credential risks associated with potential legacy Oracle cloud compromise – CISA
On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert about potential unauthorized access to a legacy Oracle Cloud environment. While the full impact is still under investigation, compromised credentials—such as usernames, passwords, tokens, and keys—could pose serious security threats if reused or embedded in systems.
CISA warns that these exposed credentials may lead to privilege escalation, unauthorized access to cloud services, phishing campaigns, and trafficking of stolen data on criminal platforms. Both organizations and individual users are at risk if proper safeguards are not in place.
To reduce exposure, CISA recommends resetting passwords for affected users, replacing hardcoded credentials in code or scripts with secure methods, monitoring for suspicious login activity—especially in privileged accounts—and enabling phishing-resistant multi-factor authentication (MFA) wherever possible.
6. Chris Krebs leaves SentinelOne after Trump targets him in executive order – CNBC
Chris Krebs, former head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), resigned from cybersecurity firm SentinelOne following an executive order by Donald Trump that directly targeted him. The order not only accused Krebs of misconduct during his government service but also called for the suspension of security clearances at organizations formally connected to him, specifically naming SentinelOne.
Krebs, who had been with SentinelOne since late 2023, stated his departure was voluntary and motivated by a desire to fully focus on defending democratic principles, free speech, and the rule of law. Nonetheless, his resignation highlights the chilling effect Trump’s actions may have on private companies with government ties, especially in sensitive fields like cybersecurity where national trust and security clearances are critical.
7. Notorious internet message board 4chan has been hacked, posts claim – Reuters
The controversial online message board 4chan appears to have been hacked, with attackers reportedly exposing internal infrastructure and leaking identifying information about the site’s moderators. The breach became evident when a previously defunct section of the site was reactivated with the message “U GOT HACKED” prominently displayed.
While the full extent and source of the hack remain unconfirmed, 4chan’s website has been experiencing intermittent outages. Attempts to reach the platform for comment have gone unanswered, and interactions with one of the allegedly exposed moderators have led only to links with unrelated explicit content, further muddying the situation.
This incident is particularly significant given 4chan’s long-standing reputation as a breeding ground for antisocial internet subcultures, online extremism, and controversial content. The potential exposure of its moderators could disrupt the anonymity that underpins its operations.
Editor’s note: Each item in this briefing was initially summarized or translated by ChatGPT-4o based on the author’s specific instructions, which included news judgment, fact-checking, and thorough editing before publication.
