Risk
-
New AI Vulnerability Discovered in Microsoft 365 Copilot: ‘EchoLeak’
A new zero-click vulnerability known as ‘EchoLeak’ has been discovered in Microsoft 365 Copilot, enabling attackers to exfiltrate sensitive data without user interaction. While Microsoft has patched the flaw, experts advise businesses to enhance their cybersecurity measures to prevent future exploits.
-
Trump Administration’s New Cybersecurity Executive Order Shifts Focus and Strategies
The Trump administration’s new cybersecurity executive order pivots sharply from past policies, introducing measures that aim to reinforce national security and tackle emerging digital threats while drawing criticism for its political implications and potential efficacy.
-
China-linked Cyber Espionage Group Targets Over 70 Organizations Across Various Sectors
A China-linked cyber espionage group has targeted over 70 organizations across various sectors, including a South Asian government and a European media organization, underlining the broad implications of recent cyber infiltration tactics.
-
Google Addresses Vulnerability Exposing Users’ Phone Numbers
A vulnerability in Google’s account recovery process allowed researchers to brute-force phone numbers linked to accounts, posing a significant risk of phishing and SIM-swapping attacks, now patched by the tech firm.
-
OpenAI Bans Accounts Used by Cybercriminals for Malicious AI-Assisted Activities
OpenAI has banned a series of ChatGPT accounts linked to malicious activities by Russian and Chinese cybercriminals, revealing the extent to which threat actors are leveraging AI technology for malware development and social media automation.
-
New Supply Chain Malware Operation Targets GlueStack Packages
A new supply chain attack has targeted GlueStack packages, affecting nearly one million downloads and allowing hackers to execute commands and steal information from compromised systems.
-
Cybersecurity Alert: Malicious Browser Extensions Target Brazilian Users in Widespread Phishing Campaign
A new phishing campaign has surfaced, aiming at Brazilian users through malicious browser extensions that stole sensitive authentication data. The operation has reportedly infected 722 systems across different countries.
-
Hackers Exploit Voice Phishing to Breach Corporate Systems
A group of hackers known as UNC6040 is exploiting voice phishing to gain access to corporate systems, particularly targeting Salesforce, with tactics that rely on manipulating employees rather than exploiting technical vulnerabilities.
-
U.S. Department of State Offers $10 Million for Information on RedLine Malware Ties
The U.S. Department of State is offering a $10 million reward for information linked to state-sponsored hackers involved with RedLine malware and its suspected creator Maxim Alexandrovich Rudometov. This initiative aims to combat malicious cyber activities targeting U.S. critical infrastructure.
