#222 - Intel Chat: PurpleHaze, KEV++, ChatGPT & Mirai botnet
In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.
- Over an eight-month period beginning in July of last year, China-backed threat actors carried out a coordinated campaign that included attempts to breach cybersecurity vendor SentinelOne: https://www.darkreading.com/remote-workforce/china-hackers-target-sentinelone-purplehaze-attack
- CISA has added two newly confirmed exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild: https://thehackernews.com/2025/06/cisa-adds-erlang-ssh-and-roundcube.html
- OpenAI has banned ChatGPT accounts linked to state-sponsored threat actors, including groups affiliated with governments in China, Russia, North Korea, Iran, and others: https://www.darkreading.com/threat-intelligence/openai-bans-chatgpt-accounts-nation-state-threat-actors
- A critical vulnerability in Wazuh Server, CVE-2025-24016 (CVSS 9.9), is being actively exploited by threat actors to deliver multiple Mirai botnet variants for distributed denial-of-service (DDoS) operations: https://thehackernews.com/2025/06/botnet-wazuh-server-vulnerability.html