Crypto Chain Split Sparks FBI Defence — Plus AI Attacks, 2M Black Friday Strikes and Critical 9.8 CVEs That Demand Patching Now

When a blockchain splits, who calls the ambulance — and who calls the cops?

Today’s headlines have a deliciously messy mix of crypto drama, nation-scale security warnings and a fresh batch of critical vulnerabilities that look like they were cooked up by a very mischievous intern. A crypto founder has publicly defended FBI involvement after a developer’s mistake reportedly caused a blockchain split — the sort of incident that makes lawyers salivate and security teams reach for stronger coffee. Meanwhile, UK parliamentary committees are pressing for an Economic Security Bill, insurers are warning that AI is accelerating cyber risk, and the vulnerability hotlist reads like a horror story for unpatched kit.

Crypto chaos: accident or attack — and why the FBI is involved

The reported blockchain split — allegedly triggered by a developer during what was said to be penetration testing — has set off a heated debate. Was this an innocent test gone wrong, or something more pernicious? The founder’s public defence of FBI involvement suggests the situation is complex: law enforcement may be pursuing forensic clarity and damage limitation rather than simply pointing fingers.

Chain splits are painful. They can undo transactions, fragment consensus and create fertile ground for double-spend attacks or network confusion. For organisations and exchanges, the immediate priorities are containment, reconciliation of ledgers and clear communication to users — ideally before rumours do the rounds and wallets empty themselves in panic. At Synergos Consultancy we stress that transparency plus a rehearsed incident response beats ad-hoc denials every time; after all, burying bad news only makes it grow roots.

AI-driven attacks are cutting defenders’ reaction times to zero

AXA XL’s warning that the UK hasn’t seen the full scale of AI-driven cyber threats could not be timelier. Reports that a state-sponsored actor used AI to automate attacks — effectively slashing response time to zero — underline a shifting battleground. Where once attackers needed time to craft and deploy exploits, AI can now scale reconnaissance, find exploitable patterns, and orchestrate attacks at machine speed. That means defenders must automate detection and response — and move from firefighting to programmable resilience.

It’s no surprise that 69% of UK experts rank cyber among their top five risks. The Commons Committee’s call to enshrine an Economic Security Bill and appoint a dedicated minister is an acknowledgement that cyber is no longer an IT problem but an economic and national-security issue.

Black Friday and the retail assault — 2M+ attacks and counting

Retailers, take note: attackers are ramping up for seasonal shopping spikes. More than two million attacks were recorded aimed at Black Friday shoppers, exploiting payment systems, promo pages and supply-chain weaknesses. There are positive signs: retailers such as Home Bargains are consolidating network infrastructure across 650+ stores with partners like Evolve Business Group to harden payment security and support growth — the kind of proactive engineering that keeps tills ringing and fraudsters sulking.

Patch now: the CVEs you cannot ignore

This morning’s security round-up includes several critical CVEs that deserve immediate attention. These vulnerabilities carry high severity ratings and, in many cases, allow unauthenticated remote code execution or privilege escalation:

• MaLion / MaLionCloud — CVE-2025-62691 and CVE-2025-64693: stack- and heap-based buffer overflows in the Windows Security Point component (Severity 9.8). Exploitable remotely for SYSTEM-level code execution.
• ASUS — CVE-2025-59366 (AiCloud auth bypass, 9.2), CVE-2025-12003 (WebDAV path traversal, 8.2) and CVE-2025-59373 (System Control Interface local privilege escalation, 8.5). Router and management interfaces remain attractive targets.
• WordPress plugins — CVE-2025-13559 (EduKart Pro privilege escalation, 9.8) and CVE-2025-6389 (Sneeit Framework RCE, 9.8). If you run affected plugins, consider taking sites offline until patched.
• lunary-ai/lunary — CVE-2025-9803: OAuth audience verification failure allowing account takeover; update to the fixed release (1.9.35) immediately.
• Desktop Alert PingAlert — CVE-2025-54347: directory traversal with remote file-write potential (severity 9.9).
• Tuya Smart SDK — CVE-2025-56400: OAuth CSRF vulnerability enabling unauthorised Alexa linkages (8.8) — a reminder that IoT auth flows are still a liability.

Simple rules: patch urgently, isolate exposed services, apply network segmentation, and look for indicators of compromise (IOCs) such as suspicious web requests, unexpected service restarts, or new administrative users. If you can’t patch immediately, implement virtual patching via WAFs and tighten ingress controls.

Policy, quantum risk and the bigger picture

Beyond exploits and patches, several policy-level issues are bubbling up. The Commons Committee has warned that the UK is “hugely exposed” to economic coercion and wants an Economic Security Bill to provide a legislative backstop. Meanwhile, Israeli cybersecurity firms are urging Korea to adopt quantum-resistant encryption now, not later — sensible advice when you consider how rapidly quantum-ready technologies are advancing. Preparing cryptographic agility today prevents an uncomfortable rewrite of secure comms tomorrow.

Practical takeaways for boards and security teams

1. Prioritise patching of critical CVEs and validate fixes end-to-end.
2. Automate detection and response — AI speeds up attackers; don’t get lapped.
3. Rehearse incident response for chain-split scenarios and supply-chain incidents.
4. Review OAuth and third-party auth flows for audience and state validation.
5. Ensure network segmentation and zero-trust principles for retail and IoT estates.

Why Synergos Consultancy is watching closely (and with a cup of tea)

At Synergos Consultancy we’re increasingly advising clients to treat cyber as an operational continuity and economic security issue rather than a tick-box compliance task. Whether it’s advising retailers to harden payment lanes before peak trading, helping software teams adopt secure development lifecycle controls, or working with executives on crisis comms when a blockchain unexpectedly does the splits, the blend of technical rigour and calm communications pays dividends. And yes, we recommend practising your incident playbook — because when reality hits, there’s no dress rehearsal.

There’s plenty more in the detail — from quantum‑proofing strategies to plugin audits — but the short answer is simple: patch, plan and prepare. The days of treating vulnerability management as a quarterly chore are over; in 2025, it’s a daily survival skill with a side of wry humour. After all, if threat actors are going to move at machine speed, defenders should at least try to be slightly less human about it.

Stay vigilant, keep systems updated, and don’t let a pen-test become a prison sentence for your ledger — or your reputation.