Welcome to the Triad Situation Report, your trusted source for the latest cybersecurity and compliance news. In this edition, we bring you crucial updates on emerging cyber threats, including data breaches, phishing schemes, and sophisticated malware campaigns. Stay informed and take proactive steps to protect your business from evolving cyber risks.
Cybercriminals Exploit X’s Grok AI to Spread Malware
Cybercriminals are abusing X’s AI assistant Grok to bypass the platform’s ad rules and deliver malicious links to millions. The method, dubbed “Grokking,” involves promoting videos with adult content to gain traction, inserting hidden links in metadata, and tagging Grok to have it echo those links. This amplifies them across feeds and search results, funneling users into scams, fake CAPTCHAs, and malware via malicious ad networks.
Read more here
Iranian Hackers Target 100+ Embassy Email Accounts
An Iranian-linked group known as “Homeland Justice” orchestrated a global spear-phishing campaign, targeting over 100 embassy and consulate email accounts across multiple regions. They used diplomatic-themed lures and malicious Word attachments that tricked recipients into enabling macros that deployed malware. Some messages even came from compromised government addresses to boost credibility.
Read more here
Disney to Pay $10M for Collecting Kids’ Data on YouTube
Disney has agreed to pay $10 million to settle FTC claims that it improperly collected personal data from children on YouTube. Mislabeling videos as “Not Made for Kids” allowed data collection in violation of COPPA, enabling targeted ads. Disney must now implement stricter verification and parental notice policies moving forward.
Read more here
Workiva Hit by Data Breach After Salesforce Attack
SaaS provider Workiva disclosed a data breach caused by the recent Salesforce compromise. Exposed information includes customer names, emails, phone numbers, and ticketing details—though Workiva’s core platform was not directly affected. The breach links back to the broader ShinyHunters campaign that’s targeting global tech providers.
Read more here
Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack
Cloudflare mitigated one of the largest-ever distributed denial-of-service (DDoS) attacks, peaking at 11.5 Tbps. The short-lived 35-second UDP flood mainly originated from cloud-hosted IPs but was automatically blocked by Cloudflare’s defenses. The event underscores the rising scale and speed of DDoS campaigns in 2025.
Read more here
How Triad InfoSec Can Assist Your Business:
Navigating the complexities of cybersecurity compliance can be challenging. Triad InfoSec is dedicated to helping businesses prepare for CMMC audits, ensuring compliance, and optimizing cybersecurity strategies. Our services include:
- CMMC Audit Preparation: Guiding your organization through the necessary steps to achieve CMMC certification.
- MSP Partnerships: Collaborating with Managed Service Providers to ensure your business remains compliant while reducing cyber insurance premiums.
- Comprehensive Cybersecurity Solutions: Offering a range of services tailored to meet all your cybersecurity needs.
Partner with Triad InfoSec to secure your business’s future
