Cyber Threats Escalate as Scams and Hacks Target Vulnerabilities

The cybersecurity landscape is becoming increasingly treacherous, with a surge in scams, hacks, and exploits targeting vulnerabilities in software and human psychology. A recent survey found that more than 40% of South Africans were scammed in 2025, highlighting the reality that scammers often follow "scalable opportunities and low friction," rather than targeting wealthy individuals who may have better security measures in place.

This trend is echoed in the world of cybersecurity consulting, where experts like Nikoloz Kokhreidze are making the leap from in-house CISO to consulting. Kokhreidze, who launched his consulting business Mandos in August 2025, notes that the decision to go solo was driven by a desire to multiply his impact and help more businesses grow through pragmatic security leadership. However, he cautions that making the transition requires time, patience, and a willingness to stay flexible.

Meanwhile, the author of Notepad++, Don Ho, has been working to harden the update mechanism of the popular open-source text editor. Following a recent compromise, Ho released version 8.9.2, which includes a double-lock verification process to ensure the authenticity of downloads. While Ho acknowledges that no system can be declared absolutely unbreakable, he believes the new measures make the update mechanism "effectively unexploitable."

However, not all software developers are as proactive in addressing vulnerabilities. A Chinese cyberespionage group was found to have exploited a zero-day flaw in Dell's RecoverPoint for Virtual Machines for 1.5 years, allowing unauthenticated attackers to gain command execution on the underlying OS as root. The vulnerability, tracked as CVE-2026-22769, was patched by Dell this week.

In another example of sophisticated tactics, a scam has been identified that abuses Gemini chatbots to convince people to buy fake cryptocurrency. The scam features an AI assistant that engages victims with a slick sales pitch, funneling payment to attackers. This type of scam highlights the need for users to be vigilant and cautious when interacting with online services.

As cyber threats continue to escalate, it is clear that a proactive and multi-faceted approach is needed to stay safe. This includes staying informed about the latest vulnerabilities and exploits, being cautious when interacting with online services, and implementing robust security measures to protect against scams and hacks.

In the words of Kokhreidze, "You have to be ready to pivot when you have new ideas, or when things don't go as planned." As the cybersecurity landscape continues to evolve, it is essential to remain adaptable and proactive in the face of emerging threats.

Sources:

• "More Than 40% of South Africans Were Scammed in 2025"
• "From in-house CISO to consultant. What you need to know before making the leap"
• "Notepad++ author says fixes make update mechanism ‘effectively unexploitable’"
• "Scam Abuses Gemini Chatbots to Convince People to Buy Fake Crypto"
• "Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years"