_secpro Premium #9: Child's Play

Hello! Welcome to another premium issue of the _secpro!

July has been busy on the cybersecurity front. One story making waves is the ongoing situation with Scattered Spider. The group has been tied to a series of high-profile intrusions, raising fresh concerns about identity-based attacks and how fast threat actors are adapting. We’ve also seen an uptick in phishing campaigns and several zero-day exploits targeting cloud platforms. Many of these messages impersonate executives, weave into existing threads, and come from lookalike domains—techniques that often bypass legacy defenses. Complicating matters, Okta revealed that threat actors spun up fake login portals on platforms like Vercel using AI tools in as little as 30 seconds. These look identical to real login pages—and while there’s no proof credentials were stolen yet, Okta emphasized that rapid AI-generated phishing infrastructure is here to stay.